123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393123941239512396123971239812399124001240112402124031240412405124061240712408124091241012411124121241312414124151241612417124181241912420124211242212423124241242512426124271242812429124301243112432124331243412435124361243712438124391244012441124421244312444124451244612447124481244912450124511245212453124541245512456124571245812459124601246112462124631246412465124661246712468124691247012471124721247312474124751247612477124781247912480124811248212483124841248512486124871248812489124901249112492124931249412495124961249712498124991250012501125021250312504125051250612507125081250912510125111251212513125141251512516125171251812519125201252112522125231252412525125261252712528125291253012531125321253312534125351253612537125381253912540125411254212543125441254512546125471254812549125501255112552125531255412555125561255712558125591256012561125621256312564125651256612567125681256912570125711257212573125741257512576125771257812579125801258112582125831258412585125861258712588125891259012591125921259312594125951259612597125981259912600126011260212603126041260512606126071260812609126101261112612126131261412615126161261712618126191262012621126221262312624126251262612627126281262912630126311263212633126341263512636126371263812639126401264112642126431264412645126461264712648126491265012651126521265312654126551265612657126581265912660126611266212663126641266512666126671266812669126701267112672126731267412675126761267712678126791268012681126821268312684126851268612687126881268912690126911269212693126941269512696126971269812699127001270112702127031270412705127061270712708127091271012711127121271312714127151271612717127181271912720127211272212723127241272512726127271272812729127301273112732127331273412735127361273712738127391274012741127421274312744127451274612747127481274912750127511275212753127541275512756127571275812759127601276112762127631276412765127661276712768127691277012771127721277312774127751277612777127781277912780127811278212783127841278512786127871278812789127901279112792127931279412795127961279712798127991280012801128021280312804128051280612807128081280912810128111281212813128141281512816128171281812819128201282112822128231282412825128261282712828128291283012831128321283312834128351283612837128381283912840128411284212843128441284512846128471284812849128501285112852128531285412855128561285712858128591286012861128621286312864128651286612867128681286912870128711287212873128741287512876128771287812879128801288112882128831288412885128861288712888128891289012891128921289312894128951289612897128981289912900129011290212903129041290512906129071290812909129101291112912129131291412915129161291712918129191292012921129221292312924129251292612927129281292912930129311293212933129341293512936129371293812939129401294112942129431294412945129461294712948129491295012951129521295312954129551295612957129581295912960129611296212963129641296512966129671296812969129701297112972129731297412975129761297712978129791298012981129821298312984129851298612987129881298912990129911299212993129941299512996129971299812999130001300113002130031300413005130061300713008130091301013011130121301313014130151301613017130181301913020130211302213023130241302513026130271302813029130301303113032130331303413035130361303713038130391304013041130421304313044130451304613047130481304913050130511305213053130541305513056130571305813059130601306113062130631306413065130661306713068130691307013071130721307313074130751307613077130781307913080130811308213083130841308513086130871308813089130901309113092130931309413095130961309713098130991310013101131021310313104131051310613107131081310913110131111311213113131141311513116131171311813119131201312113122131231312413125131261312713128131291313013131131321313313134131351313613137131381313913140131411314213143131441314513146131471314813149131501315113152131531315413155131561315713158131591316013161131621316313164131651316613167131681316913170131711317213173131741317513176131771317813179131801318113182131831318413185131861318713188131891319013191131921319313194131951319613197131981319913200132011320213203132041320513206132071320813209132101321113212132131321413215132161321713218132191322013221132221322313224132251322613227132281322913230132311323213233132341323513236132371323813239132401324113242132431324413245132461324713248132491325013251132521325313254132551325613257132581325913260132611326213263132641326513266132671326813269132701327113272132731327413275132761327713278132791328013281132821328313284132851328613287132881328913290132911329213293132941329513296132971329813299133001330113302133031330413305133061330713308133091331013311133121331313314133151331613317133181331913320133211332213323133241332513326133271332813329133301333113332133331333413335133361333713338133391334013341133421334313344133451334613347133481334913350133511335213353133541335513356133571335813359133601336113362133631336413365133661336713368133691337013371133721337313374133751337613377133781337913380133811338213383133841338513386133871338813389133901339113392133931339413395133961339713398133991340013401134021340313404134051340613407134081340913410134111341213413134141341513416134171341813419134201342113422134231342413425134261342713428134291343013431134321343313434134351343613437134381343913440134411344213443134441344513446134471344813449134501345113452134531345413455134561345713458134591346013461134621346313464134651346613467134681346913470134711347213473134741347513476134771347813479134801348113482134831348413485134861348713488134891349013491134921349313494134951349613497134981349913500135011350213503135041350513506135071350813509135101351113512135131351413515135161351713518135191352013521135221352313524135251352613527135281352913530135311353213533135341353513536135371353813539135401354113542135431354413545135461354713548135491355013551135521355313554135551355613557135581355913560135611356213563135641356513566135671356813569135701357113572135731357413575135761357713578135791358013581135821358313584135851358613587135881358913590135911359213593135941359513596135971359813599136001360113602136031360413605136061360713608136091361013611136121361313614136151361613617136181361913620136211362213623136241362513626136271362813629136301363113632136331363413635136361363713638136391364013641136421364313644136451364613647136481364913650136511365213653136541365513656136571365813659136601366113662136631366413665136661366713668136691367013671136721367313674136751367613677136781367913680136811368213683136841368513686136871368813689136901369113692136931369413695136961369713698136991370013701137021370313704137051370613707137081370913710137111371213713137141371513716137171371813719137201372113722137231372413725137261372713728137291373013731137321373313734137351373613737137381373913740137411374213743137441374513746137471374813749137501375113752137531375413755137561375713758137591376013761137621376313764137651376613767137681376913770137711377213773137741377513776137771377813779137801378113782137831378413785137861378713788137891379013791137921379313794137951379613797137981379913800138011380213803138041380513806138071380813809138101381113812138131381413815138161381713818138191382013821138221382313824138251382613827138281382913830138311383213833138341383513836138371383813839138401384113842138431384413845138461384713848138491385013851138521385313854138551385613857138581385913860138611386213863138641386513866138671386813869138701387113872138731387413875138761387713878138791388013881138821388313884138851388613887138881388913890138911389213893138941389513896138971389813899139001390113902139031390413905139061390713908139091391013911139121391313914139151391613917139181391913920139211392213923139241392513926139271392813929139301393113932139331393413935139361393713938139391394013941139421394313944139451394613947139481394913950139511395213953139541395513956139571395813959139601396113962139631396413965139661396713968139691397013971139721397313974139751397613977139781397913980139811398213983139841398513986139871398813989139901399113992139931399413995139961399713998139991400014001140021400314004140051400614007140081400914010140111401214013140141401514016140171401814019140201402114022140231402414025140261402714028140291403014031140321403314034140351403614037140381403914040140411404214043140441404514046140471404814049140501405114052140531405414055140561405714058140591406014061140621406314064140651406614067140681406914070140711407214073140741407514076140771407814079140801408114082140831408414085140861408714088140891409014091140921409314094140951409614097140981409914100141011410214103141041410514106141071410814109141101411114112141131411414115141161411714118141191412014121141221412314124141251412614127141281412914130141311413214133141341413514136141371413814139141401414114142141431414414145141461414714148141491415014151141521415314154141551415614157141581415914160141611416214163141641416514166141671416814169141701417114172141731417414175141761417714178141791418014181141821418314184141851418614187141881418914190141911419214193141941419514196141971419814199142001420114202142031420414205142061420714208142091421014211142121421314214142151421614217142181421914220142211422214223142241422514226142271422814229142301423114232142331423414235142361423714238142391424014241142421424314244142451424614247142481424914250142511425214253142541425514256142571425814259142601426114262142631426414265142661426714268142691427014271142721427314274142751427614277142781427914280142811428214283142841428514286142871428814289142901429114292142931429414295142961429714298142991430014301143021430314304143051430614307143081430914310143111431214313143141431514316143171431814319143201432114322143231432414325143261432714328143291433014331143321433314334143351433614337143381433914340143411434214343143441434514346143471434814349143501435114352143531435414355143561435714358143591436014361143621436314364143651436614367143681436914370143711437214373143741437514376143771437814379143801438114382143831438414385143861438714388143891439014391143921439314394143951439614397143981439914400144011440214403144041440514406144071440814409144101441114412144131441414415144161441714418144191442014421144221442314424144251442614427144281442914430144311443214433144341443514436144371443814439144401444114442144431444414445144461444714448144491445014451144521445314454144551445614457144581445914460144611446214463144641446514466144671446814469144701447114472144731447414475144761447714478144791448014481144821448314484144851448614487144881448914490144911449214493144941449514496144971449814499145001450114502145031450414505145061450714508145091451014511145121451314514145151451614517145181451914520145211452214523145241452514526145271452814529145301453114532145331453414535145361453714538145391454014541145421454314544145451454614547145481454914550145511455214553145541455514556145571455814559145601456114562145631456414565145661456714568145691457014571145721457314574145751457614577145781457914580145811458214583145841458514586145871458814589145901459114592145931459414595145961459714598145991460014601146021460314604146051460614607146081460914610146111461214613146141461514616146171461814619146201462114622146231462414625146261462714628146291463014631146321463314634146351463614637146381463914640146411464214643146441464514646146471464814649146501465114652146531465414655146561465714658146591466014661146621466314664146651466614667146681466914670146711467214673146741467514676146771467814679146801468114682146831468414685146861468714688146891469014691146921469314694146951469614697146981469914700147011470214703147041470514706147071470814709147101471114712147131471414715147161471714718147191472014721147221472314724147251472614727147281472914730147311473214733147341473514736147371473814739147401474114742147431474414745147461474714748147491475014751147521475314754147551475614757147581475914760147611476214763147641476514766147671476814769147701477114772147731477414775147761477714778147791478014781147821478314784147851478614787147881478914790147911479214793147941479514796147971479814799148001480114802148031480414805148061480714808148091481014811148121481314814148151481614817148181481914820148211482214823148241482514826148271482814829148301483114832148331483414835148361483714838148391484014841148421484314844148451484614847148481484914850148511485214853148541485514856148571485814859148601486114862148631486414865148661486714868148691487014871148721487314874148751487614877148781487914880148811488214883148841488514886148871488814889148901489114892148931489414895148961489714898148991490014901149021490314904149051490614907149081490914910149111491214913149141491514916149171491814919149201492114922149231492414925149261492714928149291493014931149321493314934149351493614937149381493914940149411494214943149441494514946149471494814949149501495114952149531495414955149561495714958149591496014961149621496314964149651496614967149681496914970149711497214973149741497514976149771497814979149801498114982149831498414985149861498714988149891499014991149921499314994149951499614997149981499915000150011500215003150041500515006150071500815009150101501115012150131501415015150161501715018150191502015021150221502315024150251502615027150281502915030150311503215033150341503515036150371503815039150401504115042150431504415045150461504715048150491505015051150521505315054150551505615057150581505915060150611506215063150641506515066150671506815069150701507115072150731507415075150761507715078150791508015081150821508315084150851508615087150881508915090150911509215093150941509515096150971509815099151001510115102151031510415105151061510715108151091511015111151121511315114151151511615117151181511915120151211512215123151241512515126151271512815129151301513115132151331513415135151361513715138151391514015141151421514315144151451514615147151481514915150151511515215153151541515515156151571515815159151601516115162151631516415165151661516715168151691517015171151721517315174151751517615177151781517915180151811518215183151841518515186151871518815189151901519115192151931519415195151961519715198151991520015201152021520315204152051520615207152081520915210152111521215213152141521515216152171521815219152201522115222152231522415225152261522715228152291523015231152321523315234152351523615237152381523915240152411524215243152441524515246152471524815249152501525115252152531525415255152561525715258152591526015261152621526315264152651526615267152681526915270152711527215273152741527515276152771527815279152801528115282152831528415285152861528715288152891529015291152921529315294152951529615297152981529915300153011530215303153041530515306153071530815309153101531115312153131531415315153161531715318153191532015321153221532315324153251532615327153281532915330153311533215333153341533515336153371533815339153401534115342153431534415345153461534715348153491535015351153521535315354153551535615357153581535915360153611536215363153641536515366153671536815369153701537115372153731537415375153761537715378153791538015381153821538315384153851538615387153881538915390153911539215393153941539515396153971539815399154001540115402154031540415405154061540715408154091541015411154121541315414154151541615417154181541915420154211542215423154241542515426154271542815429154301543115432154331543415435154361543715438154391544015441154421544315444154451544615447154481544915450154511545215453154541545515456154571545815459154601546115462154631546415465154661546715468154691547015471154721547315474154751547615477154781547915480154811548215483154841548515486154871548815489154901549115492154931549415495154961549715498154991550015501155021550315504155051550615507155081550915510155111551215513155141551515516155171551815519155201552115522155231552415525155261552715528155291553015531155321553315534155351553615537155381553915540155411554215543155441554515546155471554815549155501555115552155531555415555155561555715558155591556015561155621556315564155651556615567155681556915570155711557215573155741557515576155771557815579155801558115582155831558415585155861558715588155891559015591155921559315594155951559615597155981559915600156011560215603156041560515606156071560815609156101561115612156131561415615156161561715618156191562015621156221562315624156251562615627156281562915630156311563215633156341563515636156371563815639156401564115642156431564415645156461564715648156491565015651156521565315654156551565615657156581565915660156611566215663156641566515666156671566815669156701567115672156731567415675156761567715678156791568015681156821568315684156851568615687156881568915690156911569215693156941569515696156971569815699157001570115702157031570415705157061570715708157091571015711157121571315714157151571615717157181571915720157211572215723157241572515726157271572815729157301573115732157331573415735157361573715738157391574015741157421574315744157451574615747157481574915750157511575215753157541575515756157571575815759157601576115762157631576415765157661576715768157691577015771157721577315774157751577615777157781577915780157811578215783157841578515786157871578815789157901579115792157931579415795157961579715798157991580015801158021580315804158051580615807158081580915810158111581215813158141581515816158171581815819158201582115822158231582415825158261582715828158291583015831158321583315834158351583615837158381583915840158411584215843158441584515846158471584815849158501585115852158531585415855158561585715858158591586015861158621586315864158651586615867158681586915870158711587215873158741587515876158771587815879158801588115882158831588415885158861588715888158891589015891158921589315894158951589615897158981589915900159011590215903159041590515906159071590815909159101591115912159131591415915159161591715918159191592015921159221592315924159251592615927159281592915930159311593215933159341593515936159371593815939159401594115942159431594415945159461594715948159491595015951159521595315954159551595615957159581595915960159611596215963159641596515966159671596815969159701597115972159731597415975159761597715978159791598015981159821598315984159851598615987159881598915990159911599215993159941599515996159971599815999160001600116002160031600416005160061600716008160091601016011160121601316014160151601616017160181601916020160211602216023160241602516026160271602816029160301603116032160331603416035160361603716038160391604016041160421604316044160451604616047160481604916050160511605216053160541605516056160571605816059160601606116062160631606416065160661606716068160691607016071160721607316074160751607616077160781607916080160811608216083160841608516086160871608816089160901609116092160931609416095160961609716098160991610016101161021610316104161051610616107161081610916110161111611216113161141611516116161171611816119161201612116122161231612416125161261612716128161291613016131161321613316134161351613616137161381613916140161411614216143161441614516146161471614816149161501615116152161531615416155161561615716158161591616016161161621616316164161651616616167161681616916170161711617216173161741617516176161771617816179161801618116182161831618416185161861618716188161891619016191161921619316194161951619616197161981619916200162011620216203162041620516206162071620816209162101621116212162131621416215162161621716218162191622016221162221622316224162251622616227162281622916230162311623216233162341623516236162371623816239162401624116242162431624416245162461624716248162491625016251162521625316254162551625616257162581625916260162611626216263162641626516266162671626816269162701627116272162731627416275162761627716278162791628016281162821628316284162851628616287162881628916290162911629216293162941629516296162971629816299163001630116302163031630416305163061630716308163091631016311163121631316314163151631616317163181631916320163211632216323163241632516326163271632816329163301633116332163331633416335163361633716338163391634016341163421634316344163451634616347163481634916350163511635216353163541635516356163571635816359163601636116362163631636416365163661636716368163691637016371163721637316374163751637616377163781637916380163811638216383163841638516386163871638816389163901639116392163931639416395163961639716398163991640016401164021640316404164051640616407164081640916410164111641216413164141641516416164171641816419164201642116422164231642416425164261642716428164291643016431164321643316434164351643616437164381643916440164411644216443164441644516446164471644816449164501645116452164531645416455164561645716458164591646016461164621646316464164651646616467164681646916470164711647216473164741647516476164771647816479164801648116482164831648416485164861648716488164891649016491164921649316494164951649616497164981649916500165011650216503165041650516506165071650816509165101651116512165131651416515165161651716518165191652016521165221652316524165251652616527165281652916530165311653216533165341653516536165371653816539165401654116542165431654416545165461654716548165491655016551165521655316554165551655616557165581655916560165611656216563165641656516566165671656816569165701657116572165731657416575165761657716578165791658016581165821658316584165851658616587165881658916590165911659216593165941659516596165971659816599166001660116602166031660416605166061660716608166091661016611166121661316614166151661616617166181661916620166211662216623166241662516626166271662816629166301663116632166331663416635166361663716638166391664016641166421664316644166451664616647166481664916650166511665216653166541665516656166571665816659166601666116662166631666416665166661666716668166691667016671166721667316674166751667616677166781667916680166811668216683166841668516686166871668816689166901669116692166931669416695166961669716698166991670016701167021670316704167051670616707167081670916710167111671216713167141671516716167171671816719167201672116722167231672416725167261672716728167291673016731167321673316734167351673616737167381673916740167411674216743167441674516746167471674816749167501675116752167531675416755167561675716758167591676016761167621676316764167651676616767167681676916770167711677216773167741677516776167771677816779167801678116782167831678416785167861678716788167891679016791167921679316794167951679616797167981679916800168011680216803168041680516806168071680816809168101681116812168131681416815168161681716818168191682016821168221682316824168251682616827168281682916830168311683216833168341683516836168371683816839168401684116842168431684416845168461684716848168491685016851168521685316854168551685616857168581685916860168611686216863168641686516866168671686816869168701687116872168731687416875168761687716878168791688016881168821688316884168851688616887168881688916890168911689216893168941689516896168971689816899169001690116902169031690416905169061690716908169091691016911169121691316914169151691616917169181691916920169211692216923169241692516926169271692816929169301693116932169331693416935169361693716938169391694016941169421694316944169451694616947169481694916950169511695216953169541695516956169571695816959169601696116962169631696416965169661696716968169691697016971169721697316974169751697616977169781697916980169811698216983169841698516986169871698816989169901699116992169931699416995169961699716998169991700017001170021700317004170051700617007170081700917010170111701217013170141701517016170171701817019170201702117022170231702417025170261702717028170291703017031170321703317034170351703617037170381703917040170411704217043170441704517046170471704817049170501705117052170531705417055170561705717058170591706017061170621706317064170651706617067170681706917070170711707217073170741707517076170771707817079170801708117082170831708417085170861708717088170891709017091170921709317094170951709617097170981709917100171011710217103171041710517106171071710817109171101711117112171131711417115171161711717118171191712017121171221712317124171251712617127171281712917130171311713217133171341713517136171371713817139171401714117142171431714417145171461714717148171491715017151171521715317154171551715617157171581715917160171611716217163171641716517166171671716817169171701717117172171731717417175171761717717178171791718017181171821718317184171851718617187171881718917190171911719217193171941719517196171971719817199172001720117202172031720417205172061720717208172091721017211172121721317214172151721617217172181721917220172211722217223172241722517226172271722817229172301723117232172331723417235172361723717238172391724017241172421724317244172451724617247172481724917250172511725217253172541725517256172571725817259172601726117262172631726417265172661726717268172691727017271172721727317274172751727617277172781727917280172811728217283172841728517286172871728817289172901729117292172931729417295172961729717298172991730017301173021730317304173051730617307173081730917310173111731217313173141731517316173171731817319173201732117322173231732417325173261732717328173291733017331173321733317334173351733617337173381733917340173411734217343173441734517346173471734817349173501735117352173531735417355173561735717358173591736017361173621736317364173651736617367173681736917370173711737217373173741737517376173771737817379173801738117382173831738417385173861738717388173891739017391173921739317394173951739617397173981739917400174011740217403174041740517406174071740817409174101741117412174131741417415174161741717418174191742017421174221742317424174251742617427174281742917430174311743217433174341743517436174371743817439174401744117442174431744417445174461744717448174491745017451174521745317454174551745617457174581745917460174611746217463174641746517466174671746817469174701747117472174731747417475174761747717478174791748017481174821748317484174851748617487174881748917490174911749217493174941749517496174971749817499175001750117502175031750417505175061750717508175091751017511175121751317514175151751617517175181751917520175211752217523175241752517526175271752817529175301753117532175331753417535175361753717538175391754017541175421754317544175451754617547175481754917550175511755217553175541755517556175571755817559175601756117562175631756417565175661756717568175691757017571175721757317574175751757617577175781757917580175811758217583175841758517586175871758817589175901759117592175931759417595175961759717598175991760017601176021760317604176051760617607176081760917610176111761217613176141761517616176171761817619176201762117622176231762417625176261762717628176291763017631176321763317634176351763617637176381763917640176411764217643176441764517646176471764817649176501765117652176531765417655176561765717658176591766017661176621766317664176651766617667176681766917670176711767217673176741767517676176771767817679176801768117682176831768417685176861768717688176891769017691176921769317694176951769617697176981769917700177011770217703177041770517706177071770817709177101771117712177131771417715177161771717718177191772017721177221772317724177251772617727177281772917730177311773217733177341773517736177371773817739177401774117742177431774417745177461774717748177491775017751177521775317754177551775617757177581775917760177611776217763177641776517766177671776817769177701777117772177731777417775177761777717778177791778017781177821778317784177851778617787177881778917790177911779217793177941779517796177971779817799178001780117802178031780417805178061780717808178091781017811178121781317814178151781617817178181781917820178211782217823178241782517826178271782817829178301783117832178331783417835178361783717838178391784017841178421784317844178451784617847178481784917850178511785217853178541785517856178571785817859178601786117862178631786417865178661786717868178691787017871178721787317874178751787617877178781787917880178811788217883178841788517886178871788817889178901789117892178931789417895178961789717898178991790017901179021790317904179051790617907179081790917910179111791217913179141791517916179171791817919179201792117922179231792417925179261792717928179291793017931179321793317934179351793617937179381793917940179411794217943179441794517946179471794817949179501795117952179531795417955179561795717958179591796017961179621796317964179651796617967179681796917970179711797217973179741797517976179771797817979179801798117982179831798417985179861798717988179891799017991179921799317994179951799617997179981799918000180011800218003180041800518006180071800818009180101801118012180131801418015180161801718018180191802018021180221802318024180251802618027180281802918030180311803218033180341803518036180371803818039180401804118042180431804418045180461804718048180491805018051180521805318054180551805618057180581805918060180611806218063180641806518066180671806818069180701807118072180731807418075180761807718078180791808018081180821808318084180851808618087180881808918090180911809218093180941809518096180971809818099181001810118102181031810418105181061810718108181091811018111181121811318114181151811618117181181811918120181211812218123181241812518126181271812818129181301813118132181331813418135181361813718138181391814018141181421814318144181451814618147181481814918150181511815218153181541815518156181571815818159181601816118162181631816418165181661816718168181691817018171181721817318174181751817618177181781817918180181811818218183181841818518186181871818818189181901819118192181931819418195181961819718198181991820018201182021820318204182051820618207182081820918210182111821218213182141821518216182171821818219182201822118222182231822418225182261822718228182291823018231182321823318234182351823618237182381823918240182411824218243182441824518246182471824818249182501825118252182531825418255182561825718258182591826018261182621826318264182651826618267182681826918270182711827218273182741827518276182771827818279182801828118282182831828418285182861828718288182891829018291182921829318294182951829618297182981829918300183011830218303183041830518306183071830818309183101831118312183131831418315183161831718318183191832018321183221832318324183251832618327183281832918330183311833218333183341833518336183371833818339183401834118342183431834418345183461834718348183491835018351183521835318354183551835618357183581835918360183611836218363183641836518366183671836818369183701837118372183731837418375183761837718378183791838018381183821838318384183851838618387183881838918390183911839218393183941839518396183971839818399184001840118402184031840418405184061840718408184091841018411184121841318414184151841618417184181841918420184211842218423184241842518426184271842818429184301843118432184331843418435184361843718438184391844018441184421844318444184451844618447184481844918450184511845218453184541845518456184571845818459184601846118462184631846418465184661846718468184691847018471184721847318474184751847618477184781847918480184811848218483184841848518486184871848818489184901849118492184931849418495184961849718498184991850018501185021850318504185051850618507185081850918510185111851218513185141851518516185171851818519185201852118522185231852418525185261852718528185291853018531185321853318534185351853618537185381853918540185411854218543185441854518546185471854818549185501855118552185531855418555185561855718558185591856018561185621856318564185651856618567185681856918570185711857218573185741857518576185771857818579185801858118582185831858418585185861858718588185891859018591185921859318594185951859618597185981859918600186011860218603186041860518606186071860818609186101861118612186131861418615186161861718618186191862018621186221862318624186251862618627186281862918630186311863218633186341863518636186371863818639186401864118642186431864418645186461864718648186491865018651186521865318654186551865618657186581865918660186611866218663186641866518666186671866818669186701867118672186731867418675186761867718678186791868018681186821868318684186851868618687186881868918690186911869218693186941869518696186971869818699187001870118702187031870418705187061870718708187091871018711187121871318714187151871618717187181871918720187211872218723187241872518726187271872818729187301873118732187331873418735187361873718738187391874018741187421874318744187451874618747187481874918750187511875218753187541875518756187571875818759187601876118762187631876418765187661876718768187691877018771187721877318774187751877618777187781877918780187811878218783187841878518786187871878818789187901879118792187931879418795187961879718798187991880018801188021880318804188051880618807188081880918810188111881218813188141881518816188171881818819188201882118822188231882418825188261882718828188291883018831188321883318834188351883618837188381883918840188411884218843188441884518846188471884818849188501885118852188531885418855188561885718858188591886018861188621886318864188651886618867188681886918870188711887218873188741887518876188771887818879188801888118882188831888418885188861888718888188891889018891188921889318894188951889618897188981889918900189011890218903189041890518906189071890818909189101891118912189131891418915189161891718918189191892018921189221892318924189251892618927189281892918930189311893218933189341893518936189371893818939189401894118942189431894418945189461894718948189491895018951189521895318954189551895618957189581895918960189611896218963189641896518966189671896818969189701897118972189731897418975189761897718978189791898018981189821898318984189851898618987189881898918990189911899218993189941899518996189971899818999190001900119002190031900419005190061900719008190091901019011190121901319014190151901619017190181901919020190211902219023190241902519026190271902819029190301903119032190331903419035190361903719038190391904019041190421904319044190451904619047190481904919050190511905219053190541905519056190571905819059190601906119062190631906419065190661906719068190691907019071190721907319074190751907619077190781907919080190811908219083190841908519086190871908819089190901909119092190931909419095190961909719098190991910019101191021910319104191051910619107191081910919110191111911219113191141911519116191171911819119191201912119122191231912419125191261912719128191291913019131191321913319134191351913619137191381913919140191411914219143191441914519146191471914819149191501915119152191531915419155191561915719158191591916019161191621916319164191651916619167191681916919170191711917219173191741917519176191771917819179191801918119182191831918419185191861918719188191891919019191191921919319194191951919619197191981919919200192011920219203192041920519206192071920819209192101921119212192131921419215192161921719218192191922019221192221922319224192251922619227192281922919230192311923219233192341923519236192371923819239192401924119242192431924419245192461924719248192491925019251192521925319254192551925619257192581925919260192611926219263192641926519266192671926819269192701927119272192731927419275192761927719278192791928019281192821928319284192851928619287192881928919290192911929219293192941929519296192971929819299193001930119302193031930419305193061930719308193091931019311193121931319314193151931619317193181931919320193211932219323193241932519326193271932819329193301933119332193331933419335193361933719338193391934019341193421934319344193451934619347193481934919350193511935219353193541935519356193571935819359193601936119362193631936419365193661936719368193691937019371193721937319374193751937619377193781937919380193811938219383193841938519386193871938819389193901939119392193931939419395193961939719398193991940019401194021940319404194051940619407194081940919410194111941219413194141941519416194171941819419194201942119422194231942419425194261942719428194291943019431194321943319434194351943619437194381943919440194411944219443194441944519446194471944819449194501945119452194531945419455194561945719458194591946019461194621946319464194651946619467194681946919470194711947219473194741947519476194771947819479194801948119482194831948419485194861948719488194891949019491194921949319494194951949619497194981949919500195011950219503195041950519506195071950819509195101951119512195131951419515195161951719518195191952019521195221952319524195251952619527195281952919530195311953219533195341953519536195371953819539195401954119542195431954419545195461954719548195491955019551195521955319554195551955619557195581955919560195611956219563195641956519566195671956819569195701957119572195731957419575195761957719578195791958019581195821958319584195851958619587195881958919590195911959219593195941959519596195971959819599196001960119602196031960419605196061960719608196091961019611196121961319614196151961619617196181961919620196211962219623196241962519626196271962819629196301963119632196331963419635196361963719638196391964019641196421964319644196451964619647196481964919650196511965219653196541965519656196571965819659196601966119662196631966419665196661966719668196691967019671196721967319674196751967619677196781967919680196811968219683196841968519686196871968819689196901969119692196931969419695196961969719698196991970019701197021970319704197051970619707197081970919710197111971219713197141971519716197171971819719197201972119722197231972419725197261972719728197291973019731197321973319734197351973619737197381973919740197411974219743197441974519746197471974819749197501975119752197531975419755197561975719758197591976019761197621976319764197651976619767197681976919770197711977219773197741977519776197771977819779197801978119782197831978419785197861978719788197891979019791197921979319794197951979619797197981979919800198011980219803198041980519806198071980819809198101981119812198131981419815198161981719818198191982019821198221982319824198251982619827198281982919830198311983219833198341983519836198371983819839198401984119842198431984419845198461984719848198491985019851198521985319854198551985619857198581985919860198611986219863198641986519866198671986819869198701987119872198731987419875198761987719878198791988019881198821988319884198851988619887198881988919890198911989219893198941989519896198971989819899199001990119902199031990419905199061990719908199091991019911199121991319914199151991619917199181991919920199211992219923199241992519926199271992819929199301993119932199331993419935199361993719938199391994019941199421994319944199451994619947199481994919950199511995219953199541995519956199571995819959199601996119962199631996419965199661996719968199691997019971199721997319974199751997619977199781997919980199811998219983199841998519986199871998819989199901999119992199931999419995199961999719998199992000020001200022000320004200052000620007200082000920010200112001220013200142001520016200172001820019200202002120022200232002420025200262002720028200292003020031200322003320034200352003620037200382003920040200412004220043200442004520046200472004820049200502005120052200532005420055200562005720058200592006020061200622006320064200652006620067200682006920070200712007220073200742007520076200772007820079200802008120082200832008420085200862008720088200892009020091200922009320094200952009620097200982009920100201012010220103201042010520106201072010820109201102011120112201132011420115201162011720118201192012020121201222012320124201252012620127201282012920130201312013220133201342013520136201372013820139201402014120142201432014420145201462014720148201492015020151201522015320154201552015620157201582015920160201612016220163201642016520166201672016820169201702017120172201732017420175201762017720178201792018020181201822018320184201852018620187201882018920190201912019220193201942019520196201972019820199202002020120202202032020420205202062020720208202092021020211202122021320214202152021620217202182021920220202212022220223202242022520226202272022820229202302023120232202332023420235202362023720238202392024020241202422024320244202452024620247202482024920250202512025220253202542025520256202572025820259202602026120262202632026420265202662026720268202692027020271202722027320274202752027620277202782027920280202812028220283202842028520286202872028820289202902029120292202932029420295202962029720298202992030020301203022030320304203052030620307203082030920310203112031220313203142031520316203172031820319203202032120322203232032420325203262032720328203292033020331203322033320334203352033620337203382033920340203412034220343203442034520346203472034820349203502035120352203532035420355203562035720358203592036020361203622036320364203652036620367203682036920370203712037220373203742037520376203772037820379203802038120382203832038420385203862038720388203892039020391203922039320394203952039620397203982039920400204012040220403204042040520406204072040820409204102041120412204132041420415204162041720418204192042020421204222042320424204252042620427204282042920430204312043220433204342043520436204372043820439204402044120442204432044420445204462044720448204492045020451204522045320454204552045620457204582045920460204612046220463204642046520466204672046820469204702047120472204732047420475204762047720478204792048020481204822048320484204852048620487204882048920490204912049220493204942049520496204972049820499205002050120502205032050420505205062050720508205092051020511205122051320514205152051620517205182051920520205212052220523205242052520526205272052820529205302053120532205332053420535205362053720538205392054020541205422054320544205452054620547205482054920550205512055220553205542055520556205572055820559205602056120562205632056420565205662056720568205692057020571205722057320574205752057620577205782057920580205812058220583205842058520586205872058820589205902059120592205932059420595205962059720598205992060020601206022060320604206052060620607206082060920610206112061220613206142061520616206172061820619206202062120622206232062420625206262062720628206292063020631206322063320634206352063620637206382063920640206412064220643206442064520646206472064820649206502065120652206532065420655206562065720658206592066020661206622066320664206652066620667206682066920670206712067220673206742067520676206772067820679206802068120682206832068420685206862068720688206892069020691206922069320694206952069620697206982069920700207012070220703207042070520706207072070820709207102071120712207132071420715207162071720718207192072020721207222072320724207252072620727207282072920730207312073220733207342073520736207372073820739207402074120742207432074420745207462074720748207492075020751207522075320754207552075620757207582075920760207612076220763207642076520766207672076820769207702077120772207732077420775207762077720778207792078020781207822078320784207852078620787207882078920790207912079220793207942079520796207972079820799208002080120802208032080420805208062080720808208092081020811208122081320814208152081620817208182081920820208212082220823208242082520826208272082820829208302083120832208332083420835208362083720838208392084020841208422084320844208452084620847208482084920850208512085220853208542085520856208572085820859208602086120862208632086420865208662086720868208692087020871208722087320874208752087620877208782087920880208812088220883208842088520886208872088820889208902089120892208932089420895208962089720898208992090020901209022090320904209052090620907209082090920910209112091220913209142091520916209172091820919209202092120922209232092420925209262092720928209292093020931209322093320934209352093620937209382093920940209412094220943209442094520946209472094820949209502095120952209532095420955209562095720958209592096020961209622096320964209652096620967209682096920970209712097220973209742097520976209772097820979209802098120982209832098420985209862098720988209892099020991209922099320994209952099620997209982099921000210012100221003210042100521006210072100821009210102101121012210132101421015210162101721018210192102021021210222102321024210252102621027210282102921030210312103221033210342103521036210372103821039210402104121042210432104421045210462104721048210492105021051210522105321054210552105621057210582105921060210612106221063210642106521066210672106821069210702107121072210732107421075210762107721078210792108021081210822108321084210852108621087210882108921090210912109221093210942109521096210972109821099211002110121102211032110421105211062110721108211092111021111211122111321114211152111621117211182111921120211212112221123211242112521126211272112821129211302113121132211332113421135211362113721138211392114021141211422114321144211452114621147211482114921150211512115221153211542115521156211572115821159211602116121162211632116421165211662116721168211692117021171211722117321174211752117621177211782117921180211812118221183211842118521186211872118821189211902119121192211932119421195211962119721198211992120021201212022120321204212052120621207212082120921210212112121221213212142121521216212172121821219212202122121222212232122421225212262122721228212292123021231212322123321234212352123621237212382123921240212412124221243212442124521246212472124821249212502125121252212532125421255212562125721258212592126021261212622126321264212652126621267212682126921270212712127221273212742127521276212772127821279212802128121282212832128421285212862128721288212892129021291212922129321294212952129621297212982129921300213012130221303213042130521306213072130821309213102131121312213132131421315213162131721318213192132021321213222132321324213252132621327213282132921330213312133221333213342133521336213372133821339213402134121342213432134421345213462134721348213492135021351213522135321354213552135621357213582135921360213612136221363213642136521366213672136821369213702137121372213732137421375213762137721378213792138021381213822138321384213852138621387213882138921390213912139221393213942139521396213972139821399214002140121402214032140421405214062140721408214092141021411214122141321414214152141621417214182141921420214212142221423214242142521426214272142821429214302143121432214332143421435214362143721438214392144021441214422144321444214452144621447214482144921450214512145221453214542145521456214572145821459214602146121462214632146421465214662146721468214692147021471214722147321474214752147621477214782147921480214812148221483214842148521486214872148821489214902149121492214932149421495214962149721498214992150021501215022150321504215052150621507215082150921510215112151221513215142151521516215172151821519215202152121522215232152421525215262152721528215292153021531215322153321534215352153621537215382153921540215412154221543215442154521546215472154821549215502155121552215532155421555215562155721558215592156021561215622156321564215652156621567215682156921570215712157221573215742157521576215772157821579215802158121582215832158421585215862158721588215892159021591215922159321594215952159621597215982159921600216012160221603216042160521606216072160821609216102161121612216132161421615216162161721618216192162021621216222162321624216252162621627216282162921630216312163221633216342163521636216372163821639216402164121642216432164421645216462164721648216492165021651216522165321654216552165621657216582165921660216612166221663216642166521666216672166821669216702167121672216732167421675216762167721678216792168021681216822168321684216852168621687216882168921690216912169221693216942169521696216972169821699217002170121702217032170421705217062170721708217092171021711217122171321714217152171621717217182171921720217212172221723217242172521726217272172821729217302173121732217332173421735217362173721738217392174021741217422174321744217452174621747217482174921750217512175221753217542175521756217572175821759217602176121762217632176421765217662176721768217692177021771217722177321774217752177621777217782177921780217812178221783217842178521786217872178821789217902179121792217932179421795217962179721798217992180021801218022180321804218052180621807218082180921810218112181221813218142181521816218172181821819218202182121822218232182421825218262182721828218292183021831218322183321834218352183621837218382183921840218412184221843218442184521846218472184821849218502185121852218532185421855218562185721858218592186021861218622186321864218652186621867218682186921870218712187221873218742187521876218772187821879218802188121882218832188421885218862188721888218892189021891218922189321894218952189621897218982189921900219012190221903219042190521906219072190821909219102191121912219132191421915219162191721918219192192021921219222192321924219252192621927219282192921930219312193221933219342193521936219372193821939219402194121942219432194421945219462194721948219492195021951219522195321954219552195621957219582195921960219612196221963219642196521966219672196821969219702197121972219732197421975219762197721978219792198021981219822198321984219852198621987219882198921990219912199221993219942199521996219972199821999220002200122002220032200422005220062200722008220092201022011220122201322014220152201622017220182201922020220212202222023220242202522026220272202822029220302203122032220332203422035220362203722038220392204022041220422204322044220452204622047220482204922050220512205222053220542205522056220572205822059220602206122062220632206422065220662206722068220692207022071220722207322074220752207622077220782207922080220812208222083220842208522086220872208822089220902209122092220932209422095220962209722098220992210022101221022210322104221052210622107221082210922110221112211222113221142211522116221172211822119221202212122122221232212422125221262212722128221292213022131221322213322134221352213622137221382213922140221412214222143221442214522146221472214822149221502215122152221532215422155221562215722158221592216022161221622216322164221652216622167221682216922170221712217222173221742217522176221772217822179221802218122182221832218422185221862218722188221892219022191221922219322194221952219622197221982219922200222012220222203222042220522206222072220822209222102221122212222132221422215222162221722218222192222022221222222222322224222252222622227222282222922230222312223222233222342223522236222372223822239222402224122242222432224422245222462224722248222492225022251222522225322254222552225622257222582225922260222612226222263222642226522266222672226822269222702227122272222732227422275222762227722278222792228022281222822228322284222852228622287222882228922290222912229222293222942229522296222972229822299223002230122302223032230422305223062230722308223092231022311223122231322314223152231622317223182231922320223212232222323223242232522326223272232822329223302233122332223332233422335223362233722338223392234022341223422234322344223452234622347223482234922350223512235222353223542235522356223572235822359223602236122362223632236422365223662236722368223692237022371223722237322374223752237622377223782237922380223812238222383223842238522386223872238822389223902239122392223932239422395223962239722398223992240022401224022240322404224052240622407224082240922410224112241222413224142241522416224172241822419224202242122422224232242422425224262242722428224292243022431224322243322434224352243622437224382243922440224412244222443224442244522446224472244822449224502245122452224532245422455224562245722458224592246022461224622246322464224652246622467224682246922470224712247222473224742247522476224772247822479224802248122482224832248422485224862248722488224892249022491224922249322494224952249622497224982249922500225012250222503225042250522506225072250822509225102251122512225132251422515225162251722518225192252022521225222252322524225252252622527225282252922530225312253222533225342253522536225372253822539225402254122542225432254422545225462254722548225492255022551225522255322554225552255622557225582255922560225612256222563225642256522566225672256822569225702257122572225732257422575225762257722578225792258022581225822258322584225852258622587225882258922590225912259222593225942259522596225972259822599226002260122602226032260422605226062260722608226092261022611226122261322614226152261622617226182261922620226212262222623226242262522626226272262822629226302263122632226332263422635226362263722638226392264022641226422264322644226452264622647226482264922650226512265222653226542265522656226572265822659226602266122662226632266422665226662266722668226692267022671226722267322674226752267622677226782267922680226812268222683226842268522686226872268822689226902269122692226932269422695226962269722698226992270022701227022270322704227052270622707227082270922710227112271222713227142271522716227172271822719227202272122722227232272422725227262272722728227292273022731227322273322734227352273622737227382273922740227412274222743227442274522746227472274822749227502275122752227532275422755227562275722758227592276022761227622276322764227652276622767227682276922770227712277222773227742277522776227772277822779227802278122782227832278422785227862278722788227892279022791227922279322794227952279622797227982279922800228012280222803228042280522806228072280822809228102281122812228132281422815228162281722818228192282022821228222282322824228252282622827228282282922830228312283222833228342283522836228372283822839228402284122842228432284422845228462284722848228492285022851228522285322854228552285622857228582285922860228612286222863228642286522866228672286822869228702287122872228732287422875228762287722878228792288022881228822288322884228852288622887228882288922890228912289222893228942289522896228972289822899229002290122902229032290422905229062290722908229092291022911229122291322914229152291622917229182291922920229212292222923229242292522926229272292822929229302293122932229332293422935229362293722938229392294022941229422294322944229452294622947229482294922950229512295222953229542295522956229572295822959229602296122962229632296422965229662296722968229692297022971229722297322974229752297622977229782297922980229812298222983229842298522986229872298822989229902299122992229932299422995229962299722998229992300023001230022300323004230052300623007230082300923010230112301223013230142301523016230172301823019230202302123022230232302423025230262302723028230292303023031230322303323034230352303623037230382303923040230412304223043230442304523046230472304823049230502305123052230532305423055230562305723058230592306023061230622306323064230652306623067230682306923070230712307223073230742307523076230772307823079230802308123082230832308423085230862308723088230892309023091230922309323094230952309623097230982309923100231012310223103231042310523106231072310823109231102311123112231132311423115231162311723118231192312023121231222312323124231252312623127231282312923130231312313223133231342313523136231372313823139231402314123142231432314423145231462314723148231492315023151231522315323154231552315623157231582315923160231612316223163231642316523166231672316823169231702317123172231732317423175231762317723178231792318023181231822318323184231852318623187231882318923190231912319223193231942319523196231972319823199232002320123202232032320423205232062320723208232092321023211232122321323214232152321623217232182321923220232212322223223232242322523226232272322823229232302323123232232332323423235232362323723238232392324023241232422324323244232452324623247232482324923250232512325223253232542325523256232572325823259232602326123262232632326423265232662326723268232692327023271232722327323274232752327623277232782327923280232812328223283232842328523286232872328823289232902329123292232932329423295232962329723298232992330023301233022330323304233052330623307233082330923310233112331223313233142331523316233172331823319233202332123322233232332423325233262332723328233292333023331233322333323334233352333623337233382333923340233412334223343233442334523346233472334823349233502335123352233532335423355233562335723358233592336023361233622336323364233652336623367233682336923370233712337223373233742337523376233772337823379233802338123382233832338423385233862338723388233892339023391233922339323394233952339623397233982339923400234012340223403234042340523406234072340823409234102341123412234132341423415234162341723418234192342023421234222342323424234252342623427234282342923430234312343223433234342343523436234372343823439234402344123442234432344423445234462344723448234492345023451234522345323454234552345623457234582345923460234612346223463234642346523466234672346823469234702347123472234732347423475234762347723478234792348023481234822348323484234852348623487234882348923490234912349223493234942349523496234972349823499235002350123502235032350423505235062350723508235092351023511235122351323514235152351623517235182351923520235212352223523235242352523526235272352823529235302353123532235332353423535235362353723538235392354023541235422354323544235452354623547235482354923550235512355223553235542355523556235572355823559235602356123562235632356423565235662356723568235692357023571235722357323574235752357623577235782357923580235812358223583235842358523586235872358823589235902359123592235932359423595235962359723598235992360023601236022360323604236052360623607236082360923610236112361223613236142361523616236172361823619236202362123622236232362423625236262362723628236292363023631236322363323634236352363623637236382363923640236412364223643236442364523646236472364823649236502365123652236532365423655236562365723658236592366023661236622366323664236652366623667236682366923670236712367223673236742367523676236772367823679236802368123682236832368423685236862368723688236892369023691236922369323694236952369623697236982369923700237012370223703237042370523706237072370823709237102371123712237132371423715237162371723718237192372023721237222372323724237252372623727237282372923730237312373223733237342373523736237372373823739237402374123742237432374423745237462374723748237492375023751237522375323754237552375623757237582375923760237612376223763237642376523766237672376823769237702377123772237732377423775237762377723778237792378023781237822378323784237852378623787237882378923790237912379223793237942379523796237972379823799238002380123802238032380423805238062380723808238092381023811238122381323814238152381623817238182381923820238212382223823238242382523826238272382823829238302383123832238332383423835238362383723838238392384023841238422384323844238452384623847238482384923850238512385223853238542385523856238572385823859238602386123862238632386423865238662386723868238692387023871238722387323874238752387623877238782387923880238812388223883238842388523886238872388823889238902389123892238932389423895238962389723898238992390023901239022390323904239052390623907239082390923910239112391223913239142391523916239172391823919239202392123922239232392423925239262392723928239292393023931239322393323934239352393623937239382393923940239412394223943239442394523946239472394823949239502395123952239532395423955239562395723958239592396023961239622396323964239652396623967239682396923970239712397223973239742397523976239772397823979239802398123982239832398423985239862398723988239892399023991239922399323994239952399623997239982399924000240012400224003240042400524006240072400824009240102401124012240132401424015240162401724018240192402024021240222402324024240252402624027240282402924030240312403224033240342403524036240372403824039240402404124042240432404424045240462404724048240492405024051240522405324054240552405624057240582405924060240612406224063240642406524066240672406824069240702407124072240732407424075240762407724078240792408024081240822408324084240852408624087240882408924090240912409224093240942409524096240972409824099241002410124102241032410424105241062410724108241092411024111241122411324114241152411624117241182411924120241212412224123241242412524126241272412824129241302413124132241332413424135241362413724138241392414024141241422414324144241452414624147241482414924150241512415224153241542415524156241572415824159241602416124162241632416424165241662416724168241692417024171241722417324174241752417624177241782417924180241812418224183241842418524186241872418824189241902419124192241932419424195241962419724198241992420024201242022420324204242052420624207242082420924210242112421224213242142421524216242172421824219242202422124222242232422424225242262422724228242292423024231242322423324234242352423624237242382423924240242412424224243242442424524246242472424824249242502425124252242532425424255242562425724258242592426024261242622426324264242652426624267242682426924270242712427224273242742427524276242772427824279242802428124282242832428424285242862428724288242892429024291242922429324294242952429624297242982429924300243012430224303243042430524306243072430824309243102431124312243132431424315243162431724318243192432024321243222432324324243252432624327243282432924330243312433224333243342433524336243372433824339243402434124342243432434424345243462434724348243492435024351243522435324354243552435624357243582435924360243612436224363243642436524366243672436824369243702437124372243732437424375243762437724378243792438024381243822438324384243852438624387243882438924390243912439224393243942439524396243972439824399244002440124402244032440424405244062440724408244092441024411244122441324414244152441624417244182441924420244212442224423244242442524426244272442824429244302443124432244332443424435244362443724438244392444024441244422444324444244452444624447244482444924450244512445224453244542445524456244572445824459244602446124462244632446424465244662446724468244692447024471244722447324474244752447624477244782447924480244812448224483244842448524486244872448824489244902449124492244932449424495244962449724498244992450024501245022450324504245052450624507245082450924510245112451224513245142451524516245172451824519245202452124522245232452424525245262452724528245292453024531245322453324534245352453624537245382453924540245412454224543245442454524546245472454824549245502455124552245532455424555245562455724558245592456024561245622456324564245652456624567245682456924570245712457224573245742457524576245772457824579245802458124582245832458424585245862458724588245892459024591245922459324594245952459624597245982459924600246012460224603246042460524606246072460824609246102461124612246132461424615246162461724618246192462024621246222462324624246252462624627246282462924630246312463224633246342463524636246372463824639246402464124642246432464424645246462464724648246492465024651246522465324654246552465624657246582465924660246612466224663246642466524666246672466824669246702467124672246732467424675246762467724678246792468024681246822468324684246852468624687246882468924690246912469224693246942469524696246972469824699247002470124702247032470424705247062470724708247092471024711247122471324714247152471624717247182471924720247212472224723247242472524726247272472824729247302473124732247332473424735247362473724738247392474024741247422474324744247452474624747247482474924750247512475224753247542475524756247572475824759247602476124762247632476424765247662476724768247692477024771247722477324774247752477624777247782477924780247812478224783247842478524786247872478824789247902479124792247932479424795247962479724798247992480024801248022480324804248052480624807248082480924810248112481224813248142481524816248172481824819248202482124822248232482424825248262482724828248292483024831248322483324834248352483624837248382483924840248412484224843248442484524846248472484824849248502485124852248532485424855248562485724858248592486024861248622486324864248652486624867248682486924870248712487224873248742487524876248772487824879248802488124882248832488424885248862488724888248892489024891248922489324894248952489624897248982489924900249012490224903249042490524906249072490824909249102491124912249132491424915249162491724918249192492024921249222492324924249252492624927249282492924930249312493224933249342493524936249372493824939249402494124942249432494424945249462494724948249492495024951249522495324954249552495624957249582495924960249612496224963249642496524966249672496824969249702497124972249732497424975249762497724978249792498024981249822498324984249852498624987249882498924990249912499224993249942499524996249972499824999250002500125002250032500425005250062500725008250092501025011250122501325014250152501625017250182501925020250212502225023250242502525026250272502825029250302503125032250332503425035250362503725038250392504025041250422504325044250452504625047250482504925050250512505225053250542505525056250572505825059250602506125062250632506425065250662506725068250692507025071250722507325074250752507625077250782507925080250812508225083250842508525086250872508825089250902509125092250932509425095250962509725098250992510025101251022510325104251052510625107251082510925110251112511225113251142511525116251172511825119251202512125122251232512425125251262512725128251292513025131251322513325134251352513625137251382513925140251412514225143251442514525146251472514825149251502515125152251532515425155251562515725158251592516025161251622516325164251652516625167251682516925170251712517225173251742517525176251772517825179251802518125182251832518425185251862518725188251892519025191251922519325194251952519625197251982519925200252012520225203252042520525206252072520825209252102521125212252132521425215252162521725218252192522025221252222522325224252252522625227252282522925230252312523225233252342523525236252372523825239252402524125242252432524425245252462524725248252492525025251252522525325254252552525625257252582525925260252612526225263252642526525266252672526825269252702527125272252732527425275252762527725278252792528025281252822528325284252852528625287252882528925290252912529225293252942529525296252972529825299253002530125302253032530425305253062530725308253092531025311253122531325314253152531625317253182531925320253212532225323253242532525326253272532825329253302533125332253332533425335253362533725338253392534025341253422534325344253452534625347253482534925350253512535225353253542535525356253572535825359253602536125362253632536425365253662536725368253692537025371253722537325374253752537625377253782537925380253812538225383253842538525386253872538825389253902539125392253932539425395253962539725398253992540025401254022540325404254052540625407254082540925410254112541225413254142541525416254172541825419254202542125422254232542425425254262542725428254292543025431254322543325434254352543625437254382543925440254412544225443254442544525446254472544825449254502545125452254532545425455254562545725458254592546025461254622546325464254652546625467254682546925470254712547225473254742547525476254772547825479254802548125482254832548425485254862548725488254892549025491254922549325494254952549625497254982549925500255012550225503255042550525506255072550825509255102551125512255132551425515255162551725518255192552025521255222552325524255252552625527255282552925530255312553225533255342553525536255372553825539255402554125542255432554425545255462554725548255492555025551255522555325554255552555625557255582555925560255612556225563255642556525566255672556825569255702557125572255732557425575255762557725578255792558025581255822558325584255852558625587255882558925590255912559225593255942559525596255972559825599256002560125602256032560425605256062560725608256092561025611256122561325614256152561625617256182561925620256212562225623256242562525626256272562825629256302563125632256332563425635256362563725638256392564025641256422564325644256452564625647256482564925650256512565225653256542565525656256572565825659256602566125662256632566425665256662566725668256692567025671256722567325674256752567625677256782567925680256812568225683256842568525686256872568825689256902569125692256932569425695256962569725698256992570025701257022570325704257052570625707257082570925710257112571225713257142571525716257172571825719257202572125722257232572425725257262572725728257292573025731257322573325734257352573625737257382573925740257412574225743257442574525746257472574825749257502575125752257532575425755257562575725758257592576025761257622576325764257652576625767257682576925770257712577225773257742577525776257772577825779257802578125782257832578425785257862578725788257892579025791257922579325794257952579625797257982579925800258012580225803258042580525806258072580825809258102581125812258132581425815258162581725818258192582025821258222582325824258252582625827258282582925830258312583225833258342583525836258372583825839258402584125842258432584425845258462584725848258492585025851258522585325854258552585625857258582585925860258612586225863258642586525866258672586825869258702587125872258732587425875258762587725878258792588025881258822588325884258852588625887258882588925890258912589225893258942589525896258972589825899259002590125902259032590425905259062590725908259092591025911259122591325914259152591625917259182591925920259212592225923259242592525926259272592825929259302593125932259332593425935259362593725938259392594025941259422594325944259452594625947259482594925950259512595225953259542595525956259572595825959259602596125962259632596425965259662596725968259692597025971259722597325974259752597625977259782597925980259812598225983259842598525986259872598825989259902599125992259932599425995259962599725998259992600026001260022600326004260052600626007260082600926010260112601226013260142601526016260172601826019260202602126022260232602426025260262602726028260292603026031260322603326034260352603626037260382603926040260412604226043260442604526046260472604826049260502605126052260532605426055260562605726058260592606026061260622606326064260652606626067260682606926070260712607226073260742607526076260772607826079260802608126082260832608426085260862608726088260892609026091260922609326094260952609626097260982609926100261012610226103261042610526106261072610826109261102611126112261132611426115261162611726118261192612026121261222612326124261252612626127261282612926130261312613226133261342613526136261372613826139261402614126142261432614426145261462614726148261492615026151261522615326154261552615626157261582615926160261612616226163261642616526166261672616826169261702617126172261732617426175261762617726178261792618026181261822618326184261852618626187261882618926190261912619226193261942619526196261972619826199262002620126202262032620426205262062620726208262092621026211262122621326214262152621626217262182621926220262212622226223262242622526226262272622826229262302623126232262332623426235262362623726238262392624026241262422624326244262452624626247262482624926250262512625226253262542625526256262572625826259262602626126262262632626426265262662626726268262692627026271262722627326274262752627626277262782627926280262812628226283262842628526286262872628826289262902629126292262932629426295262962629726298262992630026301263022630326304263052630626307263082630926310263112631226313263142631526316263172631826319263202632126322263232632426325263262632726328263292633026331263322633326334263352633626337263382633926340263412634226343263442634526346263472634826349263502635126352263532635426355263562635726358263592636026361263622636326364263652636626367263682636926370263712637226373263742637526376263772637826379263802638126382263832638426385263862638726388263892639026391263922639326394263952639626397263982639926400264012640226403264042640526406264072640826409264102641126412264132641426415264162641726418264192642026421264222642326424264252642626427264282642926430264312643226433264342643526436264372643826439264402644126442264432644426445264462644726448264492645026451264522645326454264552645626457264582645926460264612646226463264642646526466264672646826469264702647126472264732647426475264762647726478264792648026481264822648326484264852648626487264882648926490264912649226493264942649526496264972649826499265002650126502265032650426505265062650726508265092651026511265122651326514265152651626517265182651926520265212652226523265242652526526265272652826529265302653126532265332653426535265362653726538265392654026541265422654326544265452654626547265482654926550265512655226553265542655526556265572655826559265602656126562265632656426565265662656726568265692657026571265722657326574265752657626577265782657926580265812658226583265842658526586265872658826589265902659126592265932659426595265962659726598265992660026601266022660326604266052660626607266082660926610266112661226613266142661526616266172661826619266202662126622266232662426625266262662726628266292663026631266322663326634266352663626637266382663926640266412664226643266442664526646266472664826649266502665126652266532665426655266562665726658266592666026661266622666326664266652666626667266682666926670266712667226673266742667526676266772667826679266802668126682266832668426685266862668726688266892669026691266922669326694266952669626697266982669926700267012670226703267042670526706267072670826709267102671126712267132671426715267162671726718267192672026721267222672326724267252672626727267282672926730267312673226733267342673526736267372673826739267402674126742267432674426745267462674726748267492675026751267522675326754267552675626757267582675926760267612676226763267642676526766267672676826769267702677126772267732677426775267762677726778267792678026781267822678326784267852678626787267882678926790267912679226793267942679526796267972679826799268002680126802268032680426805268062680726808268092681026811268122681326814268152681626817268182681926820268212682226823268242682526826268272682826829268302683126832268332683426835268362683726838268392684026841268422684326844268452684626847268482684926850268512685226853268542685526856268572685826859268602686126862268632686426865268662686726868268692687026871268722687326874268752687626877268782687926880268812688226883268842688526886268872688826889268902689126892268932689426895268962689726898268992690026901269022690326904269052690626907269082690926910269112691226913269142691526916269172691826919269202692126922269232692426925269262692726928269292693026931269322693326934269352693626937269382693926940269412694226943269442694526946269472694826949269502695126952269532695426955269562695726958269592696026961269622696326964269652696626967269682696926970269712697226973269742697526976269772697826979269802698126982269832698426985269862698726988269892699026991269922699326994269952699626997269982699927000270012700227003270042700527006270072700827009270102701127012270132701427015270162701727018270192702027021270222702327024270252702627027270282702927030270312703227033270342703527036270372703827039270402704127042270432704427045270462704727048270492705027051270522705327054270552705627057270582705927060270612706227063270642706527066270672706827069270702707127072270732707427075270762707727078270792708027081270822708327084270852708627087270882708927090270912709227093270942709527096270972709827099271002710127102271032710427105271062710727108271092711027111271122711327114271152711627117271182711927120271212712227123271242712527126271272712827129271302713127132271332713427135271362713727138271392714027141271422714327144271452714627147271482714927150271512715227153271542715527156271572715827159271602716127162271632716427165271662716727168271692717027171271722717327174271752717627177271782717927180271812718227183271842718527186271872718827189271902719127192271932719427195271962719727198271992720027201272022720327204272052720627207272082720927210272112721227213272142721527216272172721827219272202722127222272232722427225272262722727228272292723027231272322723327234272352723627237272382723927240272412724227243272442724527246272472724827249272502725127252272532725427255272562725727258272592726027261272622726327264272652726627267272682726927270272712727227273272742727527276272772727827279272802728127282272832728427285272862728727288272892729027291272922729327294272952729627297272982729927300273012730227303273042730527306273072730827309273102731127312273132731427315273162731727318273192732027321273222732327324273252732627327273282732927330273312733227333273342733527336273372733827339273402734127342273432734427345273462734727348273492735027351273522735327354273552735627357273582735927360273612736227363273642736527366273672736827369273702737127372273732737427375273762737727378273792738027381273822738327384273852738627387273882738927390273912739227393273942739527396273972739827399274002740127402274032740427405274062740727408274092741027411274122741327414274152741627417274182741927420274212742227423274242742527426274272742827429274302743127432274332743427435274362743727438274392744027441274422744327444274452744627447274482744927450274512745227453274542745527456274572745827459274602746127462274632746427465274662746727468274692747027471274722747327474274752747627477274782747927480274812748227483274842748527486274872748827489274902749127492274932749427495274962749727498274992750027501275022750327504275052750627507275082750927510275112751227513275142751527516275172751827519275202752127522275232752427525275262752727528275292753027531275322753327534275352753627537275382753927540275412754227543275442754527546275472754827549275502755127552275532755427555275562755727558275592756027561275622756327564275652756627567275682756927570275712757227573275742757527576275772757827579275802758127582275832758427585275862758727588275892759027591275922759327594275952759627597275982759927600276012760227603276042760527606276072760827609276102761127612276132761427615276162761727618276192762027621276222762327624276252762627627276282762927630276312763227633276342763527636276372763827639276402764127642276432764427645276462764727648276492765027651276522765327654276552765627657276582765927660276612766227663276642766527666276672766827669276702767127672276732767427675276762767727678276792768027681276822768327684276852768627687276882768927690276912769227693276942769527696276972769827699277002770127702277032770427705277062770727708277092771027711277122771327714277152771627717277182771927720277212772227723277242772527726277272772827729277302773127732277332773427735277362773727738277392774027741277422774327744277452774627747277482774927750277512775227753277542775527756277572775827759277602776127762277632776427765277662776727768277692777027771277722777327774277752777627777277782777927780277812778227783277842778527786277872778827789277902779127792277932779427795277962779727798277992780027801278022780327804278052780627807278082780927810278112781227813278142781527816278172781827819278202782127822278232782427825278262782727828278292783027831278322783327834278352783627837278382783927840278412784227843278442784527846278472784827849278502785127852278532785427855278562785727858278592786027861278622786327864278652786627867278682786927870278712787227873278742787527876278772787827879278802788127882278832788427885278862788727888278892789027891278922789327894278952789627897278982789927900279012790227903279042790527906279072790827909279102791127912279132791427915279162791727918279192792027921279222792327924279252792627927279282792927930279312793227933279342793527936279372793827939279402794127942279432794427945279462794727948279492795027951279522795327954279552795627957279582795927960279612796227963279642796527966279672796827969279702797127972279732797427975279762797727978279792798027981279822798327984279852798627987279882798927990279912799227993279942799527996279972799827999280002800128002280032800428005280062800728008280092801028011280122801328014280152801628017280182801928020280212802228023280242802528026280272802828029280302803128032280332803428035280362803728038280392804028041280422804328044280452804628047280482804928050280512805228053280542805528056280572805828059280602806128062280632806428065280662806728068280692807028071280722807328074280752807628077280782807928080280812808228083280842808528086280872808828089280902809128092280932809428095280962809728098280992810028101281022810328104281052810628107281082810928110281112811228113281142811528116281172811828119281202812128122281232812428125281262812728128281292813028131281322813328134281352813628137281382813928140281412814228143281442814528146281472814828149281502815128152281532815428155281562815728158281592816028161281622816328164281652816628167281682816928170281712817228173281742817528176281772817828179281802818128182281832818428185281862818728188281892819028191281922819328194281952819628197281982819928200282012820228203282042820528206282072820828209282102821128212282132821428215282162821728218282192822028221282222822328224282252822628227282282822928230282312823228233282342823528236282372823828239282402824128242282432824428245282462824728248282492825028251282522825328254282552825628257282582825928260282612826228263282642826528266282672826828269282702827128272282732827428275282762827728278282792828028281282822828328284282852828628287282882828928290282912829228293282942829528296282972829828299283002830128302283032830428305283062830728308283092831028311283122831328314283152831628317283182831928320283212832228323283242832528326283272832828329283302833128332283332833428335283362833728338283392834028341283422834328344283452834628347283482834928350283512835228353283542835528356283572835828359283602836128362283632836428365283662836728368283692837028371283722837328374283752837628377283782837928380283812838228383283842838528386283872838828389283902839128392283932839428395283962839728398283992840028401284022840328404284052840628407284082840928410284112841228413284142841528416284172841828419284202842128422284232842428425284262842728428284292843028431284322843328434284352843628437284382843928440284412844228443284442844528446284472844828449284502845128452284532845428455284562845728458284592846028461284622846328464284652846628467284682846928470284712847228473284742847528476284772847828479284802848128482284832848428485284862848728488284892849028491284922849328494284952849628497284982849928500285012850228503285042850528506285072850828509285102851128512285132851428515285162851728518285192852028521285222852328524285252852628527285282852928530285312853228533285342853528536285372853828539285402854128542285432854428545285462854728548285492855028551285522855328554285552855628557285582855928560285612856228563285642856528566285672856828569285702857128572285732857428575285762857728578285792858028581285822858328584285852858628587285882858928590285912859228593285942859528596285972859828599286002860128602286032860428605286062860728608286092861028611286122861328614286152861628617286182861928620286212862228623286242862528626286272862828629286302863128632286332863428635286362863728638286392864028641286422864328644286452864628647286482864928650286512865228653286542865528656286572865828659286602866128662286632866428665286662866728668286692867028671286722867328674286752867628677286782867928680286812868228683286842868528686286872868828689286902869128692286932869428695286962869728698286992870028701287022870328704287052870628707287082870928710287112871228713287142871528716287172871828719287202872128722287232872428725287262872728728287292873028731287322873328734287352873628737287382873928740287412874228743287442874528746287472874828749287502875128752287532875428755287562875728758287592876028761287622876328764287652876628767287682876928770287712877228773287742877528776287772877828779287802878128782287832878428785287862878728788287892879028791287922879328794287952879628797287982879928800288012880228803288042880528806288072880828809288102881128812288132881428815288162881728818288192882028821288222882328824288252882628827288282882928830288312883228833288342883528836288372883828839288402884128842288432884428845288462884728848288492885028851288522885328854288552885628857288582885928860288612886228863288642886528866288672886828869288702887128872288732887428875288762887728878288792888028881288822888328884288852888628887288882888928890288912889228893288942889528896288972889828899289002890128902289032890428905289062890728908289092891028911289122891328914289152891628917289182891928920289212892228923289242892528926289272892828929289302893128932289332893428935289362893728938289392894028941289422894328944289452894628947289482894928950289512895228953289542895528956289572895828959289602896128962289632896428965289662896728968289692897028971289722897328974289752897628977289782897928980289812898228983289842898528986289872898828989289902899128992289932899428995289962899728998289992900029001290022900329004290052900629007290082900929010290112901229013290142901529016290172901829019290202902129022290232902429025290262902729028290292903029031290322903329034290352903629037290382903929040290412904229043290442904529046290472904829049290502905129052290532905429055290562905729058290592906029061290622906329064290652906629067290682906929070290712907229073290742907529076290772907829079290802908129082290832908429085290862908729088290892909029091290922909329094290952909629097290982909929100291012910229103291042910529106291072910829109291102911129112291132911429115291162911729118291192912029121291222912329124291252912629127291282912929130291312913229133291342913529136291372913829139291402914129142291432914429145291462914729148291492915029151291522915329154291552915629157291582915929160291612916229163291642916529166291672916829169291702917129172291732917429175291762917729178291792918029181291822918329184291852918629187291882918929190291912919229193291942919529196291972919829199292002920129202292032920429205292062920729208292092921029211292122921329214292152921629217292182921929220292212922229223292242922529226292272922829229292302923129232292332923429235292362923729238292392924029241292422924329244292452924629247292482924929250292512925229253292542925529256292572925829259292602926129262292632926429265292662926729268292692927029271292722927329274292752927629277292782927929280292812928229283292842928529286292872928829289292902929129292292932929429295292962929729298292992930029301293022930329304293052930629307293082930929310293112931229313293142931529316293172931829319293202932129322293232932429325293262932729328293292933029331293322933329334293352933629337293382933929340293412934229343293442934529346293472934829349293502935129352293532935429355293562935729358293592936029361293622936329364293652936629367293682936929370293712937229373293742937529376293772937829379293802938129382293832938429385293862938729388293892939029391293922939329394293952939629397293982939929400294012940229403294042940529406294072940829409294102941129412294132941429415294162941729418294192942029421294222942329424294252942629427294282942929430294312943229433294342943529436294372943829439294402944129442294432944429445294462944729448294492945029451294522945329454294552945629457294582945929460294612946229463294642946529466294672946829469294702947129472294732947429475294762947729478294792948029481294822948329484294852948629487294882948929490294912949229493294942949529496294972949829499295002950129502295032950429505295062950729508295092951029511295122951329514295152951629517295182951929520295212952229523295242952529526295272952829529295302953129532295332953429535295362953729538295392954029541295422954329544295452954629547295482954929550295512955229553295542955529556295572955829559295602956129562295632956429565295662956729568295692957029571295722957329574295752957629577295782957929580295812958229583295842958529586295872958829589295902959129592295932959429595295962959729598295992960029601296022960329604296052960629607296082960929610296112961229613296142961529616296172961829619296202962129622296232962429625296262962729628296292963029631296322963329634296352963629637296382963929640296412964229643296442964529646296472964829649296502965129652296532965429655296562965729658296592966029661296622966329664296652966629667296682966929670296712967229673296742967529676296772967829679296802968129682296832968429685296862968729688296892969029691296922969329694296952969629697296982969929700297012970229703297042970529706297072970829709297102971129712297132971429715297162971729718297192972029721297222972329724297252972629727297282972929730297312973229733297342973529736297372973829739297402974129742297432974429745297462974729748297492975029751297522975329754297552975629757297582975929760297612976229763297642976529766297672976829769297702977129772297732977429775297762977729778297792978029781297822978329784297852978629787297882978929790297912979229793297942979529796297972979829799298002980129802298032980429805298062980729808298092981029811298122981329814298152981629817298182981929820298212982229823298242982529826298272982829829298302983129832298332983429835298362983729838298392984029841298422984329844298452984629847298482984929850298512985229853298542985529856298572985829859298602986129862298632986429865298662986729868298692987029871298722987329874298752987629877298782987929880298812988229883298842988529886298872988829889298902989129892298932989429895298962989729898298992990029901299022990329904299052990629907299082990929910299112991229913299142991529916299172991829919299202992129922299232992429925299262992729928299292993029931299322993329934299352993629937299382993929940299412994229943299442994529946299472994829949299502995129952299532995429955299562995729958299592996029961299622996329964299652996629967299682996929970299712997229973299742997529976299772997829979299802998129982299832998429985299862998729988299892999029991299922999329994299952999629997299982999930000300013000230003300043000530006300073000830009300103001130012300133001430015300163001730018300193002030021300223002330024300253002630027300283002930030300313003230033300343003530036300373003830039300403004130042300433004430045300463004730048300493005030051300523005330054300553005630057300583005930060300613006230063300643006530066300673006830069300703007130072300733007430075300763007730078300793008030081300823008330084300853008630087300883008930090300913009230093300943009530096300973009830099301003010130102301033010430105301063010730108301093011030111301123011330114301153011630117301183011930120301213012230123301243012530126301273012830129301303013130132301333013430135301363013730138301393014030141301423014330144301453014630147301483014930150301513015230153301543015530156301573015830159301603016130162301633016430165301663016730168301693017030171301723017330174301753017630177301783017930180301813018230183301843018530186301873018830189301903019130192301933019430195301963019730198301993020030201302023020330204302053020630207302083020930210302113021230213302143021530216302173021830219302203022130222302233022430225302263022730228302293023030231302323023330234302353023630237302383023930240302413024230243302443024530246302473024830249302503025130252302533025430255302563025730258302593026030261302623026330264302653026630267302683026930270302713027230273302743027530276302773027830279302803028130282302833028430285302863028730288302893029030291302923029330294302953029630297302983029930300303013030230303303043030530306303073030830309303103031130312303133031430315303163031730318303193032030321303223032330324303253032630327303283032930330303313033230333303343033530336303373033830339303403034130342303433034430345303463034730348303493035030351303523035330354303553035630357303583035930360303613036230363303643036530366303673036830369303703037130372303733037430375303763037730378303793038030381303823038330384303853038630387303883038930390303913039230393303943039530396303973039830399304003040130402304033040430405304063040730408304093041030411304123041330414304153041630417304183041930420304213042230423304243042530426304273042830429304303043130432304333043430435304363043730438304393044030441304423044330444304453044630447304483044930450304513045230453304543045530456304573045830459304603046130462304633046430465304663046730468304693047030471304723047330474304753047630477304783047930480304813048230483304843048530486304873048830489304903049130492304933049430495304963049730498304993050030501305023050330504305053050630507305083050930510305113051230513305143051530516305173051830519305203052130522305233052430525305263052730528305293053030531305323053330534305353053630537305383053930540305413054230543305443054530546305473054830549305503055130552305533055430555305563055730558305593056030561305623056330564305653056630567305683056930570305713057230573305743057530576305773057830579305803058130582305833058430585305863058730588305893059030591305923059330594305953059630597305983059930600306013060230603306043060530606306073060830609306103061130612306133061430615306163061730618306193062030621306223062330624306253062630627306283062930630306313063230633306343063530636306373063830639306403064130642306433064430645306463064730648306493065030651306523065330654306553065630657306583065930660306613066230663306643066530666306673066830669306703067130672306733067430675306763067730678306793068030681306823068330684306853068630687306883068930690306913069230693306943069530696306973069830699307003070130702307033070430705307063070730708307093071030711307123071330714307153071630717307183071930720307213072230723307243072530726307273072830729307303073130732307333073430735307363073730738307393074030741307423074330744307453074630747307483074930750307513075230753307543075530756307573075830759307603076130762307633076430765307663076730768307693077030771307723077330774307753077630777307783077930780307813078230783307843078530786307873078830789307903079130792307933079430795307963079730798307993080030801308023080330804308053080630807308083080930810308113081230813308143081530816308173081830819308203082130822308233082430825308263082730828308293083030831308323083330834308353083630837308383083930840308413084230843308443084530846308473084830849308503085130852308533085430855308563085730858308593086030861308623086330864308653086630867308683086930870308713087230873308743087530876308773087830879308803088130882308833088430885308863088730888308893089030891308923089330894308953089630897308983089930900309013090230903309043090530906309073090830909309103091130912309133091430915309163091730918309193092030921309223092330924309253092630927309283092930930309313093230933309343093530936309373093830939309403094130942309433094430945309463094730948309493095030951309523095330954309553095630957309583095930960309613096230963309643096530966309673096830969309703097130972309733097430975309763097730978309793098030981309823098330984309853098630987309883098930990309913099230993309943099530996309973099830999310003100131002310033100431005310063100731008310093101031011310123101331014310153101631017310183101931020310213102231023310243102531026310273102831029310303103131032310333103431035310363103731038310393104031041310423104331044310453104631047310483104931050310513105231053310543105531056310573105831059310603106131062310633106431065310663106731068310693107031071310723107331074310753107631077310783107931080310813108231083310843108531086310873108831089310903109131092310933109431095310963109731098310993110031101311023110331104311053110631107311083110931110311113111231113311143111531116311173111831119311203112131122311233112431125311263112731128311293113031131311323113331134311353113631137311383113931140311413114231143311443114531146311473114831149311503115131152311533115431155311563115731158311593116031161311623116331164311653116631167311683116931170311713117231173311743117531176311773117831179311803118131182311833118431185311863118731188311893119031191311923119331194311953119631197311983119931200312013120231203312043120531206312073120831209312103121131212312133121431215312163121731218312193122031221312223122331224312253122631227312283122931230312313123231233312343123531236312373123831239312403124131242312433124431245312463124731248312493125031251312523125331254312553125631257312583125931260312613126231263312643126531266312673126831269312703127131272312733127431275312763127731278312793128031281312823128331284312853128631287312883128931290312913129231293312943129531296312973129831299313003130131302313033130431305313063130731308313093131031311313123131331314313153131631317313183131931320313213132231323313243132531326313273132831329313303133131332313333133431335313363133731338313393134031341313423134331344313453134631347313483134931350313513135231353313543135531356313573135831359313603136131362313633136431365313663136731368313693137031371313723137331374313753137631377313783137931380313813138231383313843138531386313873138831389313903139131392313933139431395313963139731398313993140031401314023140331404314053140631407314083140931410314113141231413314143141531416314173141831419314203142131422314233142431425314263142731428314293143031431314323143331434314353143631437314383143931440314413144231443314443144531446314473144831449314503145131452314533145431455314563145731458314593146031461314623146331464314653146631467314683146931470314713147231473314743147531476314773147831479314803148131482314833148431485314863148731488314893149031491314923149331494314953149631497314983149931500315013150231503315043150531506315073150831509315103151131512315133151431515315163151731518315193152031521315223152331524315253152631527315283152931530315313153231533315343153531536315373153831539315403154131542315433154431545315463154731548315493155031551315523155331554315553155631557315583155931560315613156231563315643156531566315673156831569315703157131572315733157431575315763157731578315793158031581315823158331584315853158631587315883158931590315913159231593315943159531596315973159831599316003160131602316033160431605316063160731608316093161031611316123161331614316153161631617316183161931620316213162231623316243162531626316273162831629316303163131632316333163431635316363163731638316393164031641316423164331644316453164631647316483164931650316513165231653316543165531656316573165831659316603166131662316633166431665316663166731668316693167031671316723167331674316753167631677316783167931680316813168231683316843168531686316873168831689316903169131692316933169431695316963169731698316993170031701317023170331704317053170631707317083170931710317113171231713317143171531716317173171831719317203172131722317233172431725317263172731728317293173031731317323173331734317353173631737317383173931740317413174231743317443174531746317473174831749317503175131752317533175431755317563175731758317593176031761317623176331764317653176631767317683176931770317713177231773317743177531776317773177831779317803178131782317833178431785317863178731788317893179031791317923179331794317953179631797317983179931800318013180231803318043180531806318073180831809318103181131812318133181431815318163181731818318193182031821318223182331824318253182631827318283182931830318313183231833318343183531836318373183831839318403184131842318433184431845318463184731848318493185031851318523185331854318553185631857318583185931860318613186231863318643186531866318673186831869318703187131872318733187431875318763187731878318793188031881318823188331884318853188631887318883188931890318913189231893318943189531896318973189831899319003190131902319033190431905319063190731908319093191031911319123191331914319153191631917319183191931920319213192231923319243192531926319273192831929319303193131932319333193431935319363193731938319393194031941319423194331944319453194631947319483194931950319513195231953319543195531956319573195831959319603196131962319633196431965319663196731968319693197031971319723197331974319753197631977319783197931980319813198231983319843198531986319873198831989319903199131992319933199431995319963199731998319993200032001320023200332004320053200632007320083200932010320113201232013320143201532016320173201832019320203202132022320233202432025320263202732028320293203032031320323203332034320353203632037320383203932040320413204232043320443204532046320473204832049320503205132052320533205432055320563205732058320593206032061320623206332064320653206632067320683206932070320713207232073320743207532076320773207832079320803208132082320833208432085320863208732088320893209032091320923209332094320953209632097320983209932100321013210232103321043210532106321073210832109321103211132112321133211432115321163211732118321193212032121321223212332124321253212632127321283212932130321313213232133321343213532136321373213832139321403214132142321433214432145321463214732148321493215032151321523215332154321553215632157321583215932160321613216232163321643216532166321673216832169321703217132172321733217432175321763217732178321793218032181321823218332184321853218632187321883218932190321913219232193321943219532196321973219832199322003220132202322033220432205322063220732208322093221032211322123221332214322153221632217322183221932220322213222232223322243222532226322273222832229322303223132232322333223432235322363223732238322393224032241322423224332244322453224632247322483224932250322513225232253322543225532256322573225832259322603226132262322633226432265322663226732268322693227032271322723227332274322753227632277322783227932280322813228232283322843228532286322873228832289322903229132292322933229432295322963229732298322993230032301323023230332304323053230632307323083230932310323113231232313323143231532316323173231832319323203232132322323233232432325323263232732328323293233032331323323233332334323353233632337323383233932340323413234232343323443234532346323473234832349323503235132352323533235432355323563235732358323593236032361323623236332364323653236632367323683236932370323713237232373323743237532376323773237832379323803238132382323833238432385323863238732388323893239032391323923239332394323953239632397323983239932400324013240232403324043240532406324073240832409324103241132412324133241432415324163241732418324193242032421324223242332424324253242632427324283242932430324313243232433324343243532436324373243832439324403244132442324433244432445324463244732448324493245032451324523245332454324553245632457324583245932460324613246232463324643246532466324673246832469324703247132472324733247432475324763247732478324793248032481324823248332484324853248632487324883248932490324913249232493324943249532496324973249832499325003250132502325033250432505325063250732508325093251032511325123251332514325153251632517325183251932520325213252232523325243252532526325273252832529325303253132532325333253432535325363253732538325393254032541325423254332544325453254632547325483254932550325513255232553325543255532556325573255832559325603256132562325633256432565325663256732568325693257032571325723257332574325753257632577325783257932580325813258232583325843258532586325873258832589325903259132592325933259432595325963259732598325993260032601326023260332604326053260632607326083260932610326113261232613326143261532616326173261832619326203262132622326233262432625326263262732628326293263032631326323263332634326353263632637326383263932640326413264232643326443264532646326473264832649326503265132652326533265432655326563265732658326593266032661326623266332664326653266632667326683266932670326713267232673326743267532676326773267832679326803268132682326833268432685326863268732688326893269032691326923269332694326953269632697326983269932700327013270232703327043270532706327073270832709327103271132712327133271432715327163271732718327193272032721327223272332724327253272632727327283272932730327313273232733327343273532736327373273832739327403274132742327433274432745327463274732748327493275032751327523275332754327553275632757327583275932760327613276232763327643276532766327673276832769327703277132772327733277432775327763277732778327793278032781327823278332784327853278632787327883278932790327913279232793327943279532796327973279832799328003280132802328033280432805328063280732808328093281032811328123281332814328153281632817328183281932820328213282232823328243282532826328273282832829328303283132832328333283432835328363283732838328393284032841328423284332844328453284632847328483284932850328513285232853328543285532856328573285832859328603286132862328633286432865328663286732868328693287032871328723287332874328753287632877328783287932880328813288232883328843288532886328873288832889328903289132892328933289432895328963289732898328993290032901329023290332904329053290632907329083290932910329113291232913329143291532916329173291832919329203292132922329233292432925329263292732928329293293032931329323293332934329353293632937329383293932940329413294232943329443294532946329473294832949329503295132952329533295432955329563295732958329593296032961329623296332964329653296632967329683296932970329713297232973329743297532976329773297832979329803298132982329833298432985329863298732988329893299032991329923299332994329953299632997329983299933000330013300233003330043300533006330073300833009330103301133012330133301433015330163301733018330193302033021330223302333024330253302633027330283302933030330313303233033330343303533036330373303833039330403304133042330433304433045330463304733048330493305033051330523305333054330553305633057330583305933060330613306233063330643306533066330673306833069330703307133072330733307433075330763307733078330793308033081330823308333084330853308633087330883308933090330913309233093330943309533096330973309833099331003310133102331033310433105331063310733108331093311033111331123311333114331153311633117331183311933120331213312233123331243312533126331273312833129331303313133132331333313433135331363313733138331393314033141331423314333144331453314633147331483314933150331513315233153331543315533156331573315833159331603316133162331633316433165331663316733168331693317033171331723317333174331753317633177331783317933180331813318233183331843318533186331873318833189331903319133192331933319433195331963319733198331993320033201332023320333204332053320633207332083320933210332113321233213332143321533216332173321833219332203322133222332233322433225332263322733228332293323033231332323323333234332353323633237332383323933240332413324233243332443324533246332473324833249332503325133252332533325433255332563325733258332593326033261332623326333264332653326633267332683326933270332713327233273332743327533276332773327833279332803328133282332833328433285332863328733288332893329033291332923329333294332953329633297332983329933300333013330233303333043330533306333073330833309333103331133312333133331433315333163331733318333193332033321333223332333324333253332633327333283332933330333313333233333333343333533336333373333833339333403334133342333433334433345333463334733348333493335033351333523335333354333553335633357333583335933360333613336233363333643336533366333673336833369333703337133372333733337433375333763337733378333793338033381333823338333384333853338633387333883338933390333913339233393333943339533396333973339833399334003340133402334033340433405334063340733408334093341033411334123341333414334153341633417334183341933420334213342233423334243342533426334273342833429334303343133432334333343433435334363343733438334393344033441334423344333444334453344633447334483344933450334513345233453334543345533456334573345833459334603346133462334633346433465334663346733468334693347033471334723347333474334753347633477334783347933480334813348233483334843348533486334873348833489334903349133492334933349433495334963349733498334993350033501335023350333504335053350633507335083350933510335113351233513335143351533516335173351833519335203352133522335233352433525335263352733528335293353033531335323353333534335353353633537335383353933540335413354233543335443354533546335473354833549335503355133552335533355433555335563355733558335593356033561335623356333564335653356633567335683356933570335713357233573335743357533576335773357833579335803358133582335833358433585335863358733588335893359033591335923359333594335953359633597335983359933600336013360233603336043360533606336073360833609336103361133612336133361433615336163361733618336193362033621336223362333624336253362633627336283362933630336313363233633336343363533636336373363833639336403364133642336433364433645336463364733648336493365033651336523365333654336553365633657336583365933660336613366233663336643366533666336673366833669336703367133672336733367433675336763367733678336793368033681336823368333684336853368633687336883368933690336913369233693336943369533696336973369833699337003370133702337033370433705337063370733708337093371033711337123371333714337153371633717337183371933720337213372233723337243372533726337273372833729337303373133732337333373433735337363373733738337393374033741337423374333744337453374633747337483374933750337513375233753337543375533756337573375833759337603376133762337633376433765337663376733768337693377033771337723377333774337753377633777337783377933780337813378233783337843378533786337873378833789337903379133792337933379433795337963379733798337993380033801338023380333804338053380633807338083380933810338113381233813338143381533816338173381833819338203382133822338233382433825338263382733828338293383033831338323383333834338353383633837338383383933840338413384233843338443384533846338473384833849338503385133852338533385433855338563385733858338593386033861338623386333864338653386633867338683386933870338713387233873338743387533876338773387833879338803388133882338833388433885338863388733888338893389033891338923389333894338953389633897338983389933900339013390233903339043390533906339073390833909339103391133912339133391433915339163391733918339193392033921339223392333924339253392633927339283392933930339313393233933339343393533936339373393833939339403394133942339433394433945339463394733948339493395033951339523395333954339553395633957339583395933960339613396233963339643396533966339673396833969339703397133972339733397433975339763397733978339793398033981339823398333984339853398633987339883398933990339913399233993339943399533996339973399833999340003400134002340033400434005340063400734008340093401034011340123401334014340153401634017340183401934020340213402234023340243402534026340273402834029340303403134032340333403434035340363403734038340393404034041340423404334044340453404634047340483404934050340513405234053340543405534056340573405834059340603406134062340633406434065340663406734068340693407034071340723407334074340753407634077340783407934080340813408234083340843408534086340873408834089340903409134092340933409434095340963409734098340993410034101341023410334104341053410634107341083410934110341113411234113341143411534116341173411834119341203412134122341233412434125341263412734128341293413034131341323413334134341353413634137341383413934140341413414234143341443414534146341473414834149341503415134152341533415434155341563415734158341593416034161341623416334164341653416634167341683416934170341713417234173341743417534176341773417834179341803418134182341833418434185341863418734188341893419034191341923419334194341953419634197341983419934200342013420234203342043420534206342073420834209342103421134212342133421434215342163421734218342193422034221342223422334224342253422634227342283422934230342313423234233342343423534236342373423834239342403424134242342433424434245342463424734248342493425034251342523425334254342553425634257342583425934260342613426234263342643426534266342673426834269342703427134272342733427434275342763427734278342793428034281342823428334284342853428634287342883428934290342913429234293342943429534296342973429834299343003430134302343033430434305343063430734308343093431034311343123431334314343153431634317343183431934320343213432234323343243432534326343273432834329343303433134332343333433434335343363433734338343393434034341343423434334344343453434634347343483434934350343513435234353343543435534356343573435834359343603436134362343633436434365343663436734368343693437034371343723437334374343753437634377343783437934380343813438234383343843438534386343873438834389343903439134392343933439434395343963439734398343993440034401344023440334404344053440634407344083440934410344113441234413344143441534416344173441834419344203442134422344233442434425344263442734428344293443034431344323443334434344353443634437344383443934440344413444234443344443444534446344473444834449344503445134452344533445434455344563445734458344593446034461344623446334464344653446634467344683446934470344713447234473344743447534476344773447834479344803448134482344833448434485344863448734488344893449034491344923449334494344953449634497344983449934500345013450234503345043450534506345073450834509345103451134512345133451434515345163451734518345193452034521345223452334524345253452634527345283452934530345313453234533345343453534536345373453834539345403454134542345433454434545345463454734548345493455034551345523455334554345553455634557345583455934560345613456234563345643456534566345673456834569345703457134572345733457434575345763457734578345793458034581345823458334584345853458634587345883458934590345913459234593345943459534596345973459834599346003460134602346033460434605346063460734608346093461034611346123461334614346153461634617346183461934620346213462234623346243462534626346273462834629346303463134632346333463434635346363463734638346393464034641346423464334644346453464634647346483464934650346513465234653346543465534656346573465834659346603466134662346633466434665346663466734668346693467034671346723467334674346753467634677346783467934680346813468234683346843468534686346873468834689346903469134692346933469434695346963469734698346993470034701347023470334704347053470634707347083470934710347113471234713347143471534716347173471834719347203472134722347233472434725347263472734728347293473034731347323473334734347353473634737347383473934740347413474234743347443474534746347473474834749347503475134752347533475434755347563475734758347593476034761347623476334764347653476634767347683476934770347713477234773347743477534776347773477834779347803478134782347833478434785347863478734788347893479034791347923479334794347953479634797347983479934800348013480234803348043480534806348073480834809348103481134812348133481434815348163481734818348193482034821348223482334824348253482634827348283482934830348313483234833348343483534836348373483834839348403484134842348433484434845348463484734848348493485034851348523485334854348553485634857348583485934860348613486234863348643486534866348673486834869348703487134872348733487434875348763487734878348793488034881348823488334884348853488634887348883488934890348913489234893348943489534896348973489834899349003490134902349033490434905349063490734908349093491034911349123491334914349153491634917349183491934920349213492234923349243492534926349273492834929349303493134932349333493434935349363493734938349393494034941349423494334944349453494634947349483494934950349513495234953349543495534956349573495834959349603496134962349633496434965349663496734968349693497034971349723497334974349753497634977349783497934980349813498234983349843498534986349873498834989349903499134992349933499434995349963499734998349993500035001350023500335004350053500635007350083500935010350113501235013350143501535016350173501835019350203502135022350233502435025350263502735028350293503035031350323503335034350353503635037350383503935040350413504235043350443504535046350473504835049350503505135052350533505435055350563505735058350593506035061350623506335064350653506635067350683506935070350713507235073350743507535076350773507835079350803508135082350833508435085350863508735088350893509035091350923509335094350953509635097350983509935100351013510235103351043510535106351073510835109351103511135112351133511435115351163511735118351193512035121351223512335124351253512635127351283512935130351313513235133351343513535136351373513835139351403514135142351433514435145351463514735148351493515035151351523515335154351553515635157351583515935160351613516235163351643516535166351673516835169351703517135172351733517435175351763517735178351793518035181351823518335184351853518635187351883518935190351913519235193351943519535196351973519835199352003520135202352033520435205352063520735208352093521035211352123521335214352153521635217352183521935220352213522235223352243522535226352273522835229352303523135232352333523435235352363523735238352393524035241352423524335244352453524635247352483524935250352513525235253352543525535256352573525835259352603526135262352633526435265352663526735268352693527035271352723527335274352753527635277352783527935280352813528235283352843528535286352873528835289352903529135292352933529435295352963529735298352993530035301353023530335304353053530635307353083530935310353113531235313353143531535316353173531835319353203532135322353233532435325353263532735328353293533035331353323533335334353353533635337353383533935340353413534235343353443534535346353473534835349353503535135352353533535435355353563535735358353593536035361353623536335364353653536635367353683536935370353713537235373353743537535376353773537835379353803538135382353833538435385353863538735388353893539035391353923539335394353953539635397353983539935400354013540235403354043540535406354073540835409354103541135412354133541435415354163541735418354193542035421354223542335424354253542635427354283542935430354313543235433354343543535436354373543835439354403544135442354433544435445354463544735448354493545035451354523545335454354553545635457354583545935460354613546235463354643546535466354673546835469354703547135472354733547435475354763547735478354793548035481354823548335484354853548635487354883548935490354913549235493354943549535496354973549835499355003550135502355033550435505355063550735508355093551035511355123551335514355153551635517355183551935520355213552235523355243552535526355273552835529355303553135532355333553435535355363553735538355393554035541355423554335544355453554635547355483554935550355513555235553355543555535556355573555835559355603556135562355633556435565355663556735568355693557035571355723557335574355753557635577355783557935580355813558235583355843558535586355873558835589355903559135592355933559435595355963559735598355993560035601356023560335604356053560635607356083560935610356113561235613356143561535616356173561835619356203562135622356233562435625356263562735628356293563035631356323563335634356353563635637356383563935640356413564235643356443564535646356473564835649356503565135652356533565435655356563565735658356593566035661356623566335664356653566635667356683566935670356713567235673356743567535676356773567835679356803568135682356833568435685356863568735688356893569035691356923569335694356953569635697356983569935700357013570235703357043570535706357073570835709357103571135712357133571435715357163571735718357193572035721357223572335724357253572635727357283572935730357313573235733357343573535736357373573835739357403574135742357433574435745357463574735748357493575035751357523575335754357553575635757357583575935760357613576235763357643576535766357673576835769357703577135772357733577435775357763577735778357793578035781357823578335784357853578635787357883578935790357913579235793357943579535796357973579835799358003580135802358033580435805358063580735808358093581035811358123581335814358153581635817358183581935820358213582235823358243582535826358273582835829358303583135832358333583435835358363583735838358393584035841358423584335844358453584635847358483584935850358513585235853358543585535856358573585835859358603586135862358633586435865358663586735868358693587035871358723587335874358753587635877358783587935880358813588235883358843588535886358873588835889358903589135892358933589435895358963589735898358993590035901359023590335904359053590635907359083590935910359113591235913359143591535916359173591835919359203592135922359233592435925359263592735928359293593035931359323593335934359353593635937359383593935940359413594235943359443594535946359473594835949359503595135952359533595435955359563595735958359593596035961359623596335964359653596635967359683596935970359713597235973359743597535976359773597835979359803598135982359833598435985359863598735988359893599035991359923599335994359953599635997359983599936000360013600236003360043600536006360073600836009360103601136012360133601436015360163601736018360193602036021360223602336024360253602636027360283602936030360313603236033360343603536036360373603836039360403604136042360433604436045360463604736048360493605036051360523605336054360553605636057360583605936060360613606236063360643606536066360673606836069360703607136072360733607436075360763607736078360793608036081360823608336084360853608636087360883608936090360913609236093360943609536096360973609836099361003610136102361033610436105361063610736108361093611036111361123611336114361153611636117361183611936120361213612236123361243612536126361273612836129361303613136132361333613436135361363613736138361393614036141361423614336144361453614636147361483614936150361513615236153361543615536156361573615836159361603616136162361633616436165361663616736168361693617036171361723617336174361753617636177361783617936180361813618236183361843618536186361873618836189361903619136192361933619436195361963619736198361993620036201362023620336204362053620636207362083620936210362113621236213362143621536216362173621836219362203622136222362233622436225362263622736228362293623036231362323623336234362353623636237362383623936240362413624236243362443624536246362473624836249362503625136252362533625436255362563625736258362593626036261362623626336264362653626636267362683626936270362713627236273362743627536276362773627836279362803628136282362833628436285362863628736288362893629036291362923629336294362953629636297362983629936300363013630236303363043630536306363073630836309363103631136312363133631436315363163631736318363193632036321363223632336324363253632636327363283632936330363313633236333363343633536336363373633836339363403634136342363433634436345363463634736348363493635036351363523635336354363553635636357363583635936360363613636236363363643636536366363673636836369363703637136372363733637436375363763637736378363793638036381363823638336384363853638636387363883638936390363913639236393363943639536396363973639836399364003640136402364033640436405364063640736408364093641036411364123641336414364153641636417364183641936420364213642236423364243642536426364273642836429364303643136432364333643436435364363643736438364393644036441364423644336444364453644636447364483644936450364513645236453364543645536456364573645836459364603646136462364633646436465364663646736468364693647036471364723647336474364753647636477364783647936480364813648236483364843648536486364873648836489364903649136492364933649436495364963649736498364993650036501365023650336504365053650636507365083650936510365113651236513365143651536516365173651836519365203652136522365233652436525365263652736528365293653036531365323653336534365353653636537365383653936540365413654236543365443654536546365473654836549365503655136552365533655436555365563655736558365593656036561365623656336564365653656636567365683656936570365713657236573365743657536576365773657836579365803658136582365833658436585365863658736588365893659036591365923659336594365953659636597365983659936600366013660236603366043660536606366073660836609366103661136612366133661436615366163661736618366193662036621366223662336624366253662636627366283662936630366313663236633366343663536636366373663836639366403664136642366433664436645366463664736648366493665036651366523665336654366553665636657366583665936660366613666236663366643666536666366673666836669366703667136672366733667436675366763667736678366793668036681366823668336684366853668636687366883668936690366913669236693366943669536696366973669836699367003670136702367033670436705367063670736708367093671036711367123671336714367153671636717367183671936720367213672236723367243672536726367273672836729367303673136732367333673436735367363673736738367393674036741367423674336744367453674636747367483674936750367513675236753367543675536756367573675836759367603676136762367633676436765367663676736768367693677036771367723677336774367753677636777367783677936780367813678236783367843678536786367873678836789367903679136792367933679436795367963679736798367993680036801368023680336804368053680636807368083680936810368113681236813368143681536816368173681836819368203682136822368233682436825368263682736828368293683036831368323683336834368353683636837368383683936840368413684236843368443684536846368473684836849368503685136852368533685436855368563685736858368593686036861368623686336864368653686636867368683686936870368713687236873368743687536876368773687836879368803688136882368833688436885368863688736888368893689036891368923689336894368953689636897368983689936900369013690236903369043690536906369073690836909369103691136912369133691436915369163691736918369193692036921369223692336924369253692636927369283692936930369313693236933369343693536936369373693836939369403694136942369433694436945369463694736948369493695036951369523695336954369553695636957369583695936960369613696236963369643696536966369673696836969369703697136972369733697436975369763697736978369793698036981369823698336984369853698636987369883698936990369913699236993369943699536996369973699836999370003700137002370033700437005370063700737008370093701037011370123701337014370153701637017370183701937020370213702237023370243702537026370273702837029370303703137032370333703437035370363703737038370393704037041370423704337044370453704637047370483704937050370513705237053370543705537056370573705837059370603706137062370633706437065370663706737068370693707037071370723707337074370753707637077370783707937080370813708237083370843708537086370873708837089370903709137092370933709437095370963709737098370993710037101371023710337104371053710637107371083710937110371113711237113371143711537116371173711837119371203712137122371233712437125371263712737128371293713037131371323713337134371353713637137371383713937140371413714237143371443714537146371473714837149371503715137152371533715437155371563715737158371593716037161371623716337164371653716637167371683716937170371713717237173371743717537176371773717837179371803718137182371833718437185371863718737188371893719037191371923719337194371953719637197371983719937200372013720237203372043720537206372073720837209372103721137212372133721437215372163721737218372193722037221372223722337224372253722637227372283722937230372313723237233372343723537236372373723837239372403724137242372433724437245372463724737248372493725037251372523725337254372553725637257372583725937260372613726237263372643726537266372673726837269372703727137272372733727437275372763727737278372793728037281372823728337284372853728637287372883728937290372913729237293372943729537296372973729837299373003730137302373033730437305373063730737308373093731037311373123731337314373153731637317373183731937320373213732237323373243732537326373273732837329373303733137332373333733437335373363733737338373393734037341373423734337344373453734637347373483734937350373513735237353373543735537356373573735837359373603736137362373633736437365373663736737368373693737037371373723737337374373753737637377373783737937380373813738237383373843738537386373873738837389373903739137392373933739437395373963739737398373993740037401374023740337404374053740637407374083740937410374113741237413374143741537416374173741837419374203742137422374233742437425374263742737428374293743037431374323743337434374353743637437374383743937440374413744237443374443744537446374473744837449374503745137452374533745437455374563745737458374593746037461374623746337464374653746637467374683746937470374713747237473374743747537476374773747837479374803748137482374833748437485374863748737488374893749037491374923749337494374953749637497374983749937500375013750237503375043750537506375073750837509375103751137512375133751437515375163751737518375193752037521375223752337524375253752637527375283752937530375313753237533375343753537536375373753837539375403754137542375433754437545375463754737548375493755037551375523755337554375553755637557375583755937560375613756237563375643756537566375673756837569375703757137572375733757437575375763757737578375793758037581375823758337584375853758637587375883758937590375913759237593375943759537596375973759837599376003760137602376033760437605376063760737608376093761037611376123761337614376153761637617376183761937620376213762237623376243762537626376273762837629376303763137632376333763437635376363763737638376393764037641376423764337644376453764637647376483764937650376513765237653376543765537656376573765837659376603766137662376633766437665376663766737668376693767037671376723767337674376753767637677376783767937680376813768237683376843768537686376873768837689376903769137692376933769437695376963769737698376993770037701377023770337704377053770637707377083770937710377113771237713377143771537716377173771837719377203772137722377233772437725377263772737728377293773037731377323773337734377353773637737377383773937740377413774237743377443774537746377473774837749377503775137752377533775437755377563775737758377593776037761377623776337764377653776637767377683776937770377713777237773377743777537776377773777837779377803778137782377833778437785377863778737788377893779037791377923779337794377953779637797377983779937800378013780237803378043780537806378073780837809378103781137812378133781437815378163781737818378193782037821378223782337824378253782637827378283782937830378313783237833378343783537836378373783837839378403784137842378433784437845378463784737848378493785037851378523785337854378553785637857378583785937860378613786237863378643786537866378673786837869378703787137872378733787437875378763787737878378793788037881378823788337884378853788637887378883788937890378913789237893378943789537896378973789837899379003790137902379033790437905379063790737908379093791037911379123791337914379153791637917379183791937920379213792237923379243792537926379273792837929379303793137932379333793437935379363793737938379393794037941379423794337944379453794637947379483794937950379513795237953379543795537956379573795837959379603796137962379633796437965379663796737968379693797037971379723797337974379753797637977379783797937980379813798237983379843798537986379873798837989379903799137992379933799437995379963799737998379993800038001380023800338004380053800638007380083800938010380113801238013380143801538016380173801838019380203802138022380233802438025380263802738028380293803038031380323803338034380353803638037380383803938040380413804238043380443804538046380473804838049380503805138052380533805438055380563805738058380593806038061380623806338064380653806638067380683806938070380713807238073380743807538076380773807838079380803808138082380833808438085380863808738088380893809038091380923809338094380953809638097380983809938100381013810238103381043810538106381073810838109381103811138112381133811438115381163811738118381193812038121381223812338124381253812638127381283812938130381313813238133381343813538136381373813838139381403814138142381433814438145381463814738148381493815038151381523815338154381553815638157381583815938160381613816238163381643816538166381673816838169381703817138172381733817438175381763817738178381793818038181381823818338184381853818638187381883818938190381913819238193381943819538196381973819838199382003820138202382033820438205382063820738208382093821038211382123821338214382153821638217382183821938220382213822238223382243822538226382273822838229382303823138232382333823438235382363823738238382393824038241382423824338244382453824638247382483824938250382513825238253382543825538256382573825838259382603826138262382633826438265382663826738268382693827038271382723827338274382753827638277382783827938280382813828238283382843828538286382873828838289382903829138292382933829438295382963829738298382993830038301383023830338304383053830638307383083830938310383113831238313383143831538316383173831838319383203832138322383233832438325383263832738328383293833038331383323833338334383353833638337383383833938340383413834238343383443834538346383473834838349383503835138352383533835438355383563835738358383593836038361383623836338364383653836638367383683836938370383713837238373383743837538376383773837838379383803838138382383833838438385383863838738388383893839038391383923839338394383953839638397383983839938400384013840238403384043840538406384073840838409384103841138412384133841438415384163841738418384193842038421384223842338424384253842638427384283842938430384313843238433384343843538436384373843838439384403844138442384433844438445384463844738448384493845038451384523845338454384553845638457384583845938460384613846238463384643846538466384673846838469384703847138472384733847438475384763847738478384793848038481384823848338484384853848638487384883848938490384913849238493384943849538496384973849838499385003850138502385033850438505385063850738508385093851038511385123851338514385153851638517385183851938520385213852238523385243852538526385273852838529385303853138532385333853438535385363853738538385393854038541385423854338544385453854638547385483854938550385513855238553385543855538556385573855838559385603856138562385633856438565385663856738568385693857038571385723857338574385753857638577385783857938580385813858238583385843858538586385873858838589385903859138592385933859438595385963859738598385993860038601386023860338604386053860638607386083860938610386113861238613386143861538616386173861838619386203862138622386233862438625386263862738628386293863038631386323863338634386353863638637386383863938640386413864238643386443864538646386473864838649386503865138652386533865438655386563865738658386593866038661386623866338664386653866638667386683866938670386713867238673386743867538676386773867838679386803868138682386833868438685386863868738688386893869038691386923869338694386953869638697386983869938700387013870238703387043870538706387073870838709387103871138712387133871438715387163871738718387193872038721387223872338724387253872638727387283872938730387313873238733387343873538736387373873838739387403874138742387433874438745387463874738748387493875038751387523875338754387553875638757387583875938760387613876238763387643876538766387673876838769387703877138772387733877438775387763877738778387793878038781387823878338784387853878638787387883878938790387913879238793387943879538796387973879838799388003880138802388033880438805388063880738808388093881038811388123881338814388153881638817388183881938820388213882238823388243882538826388273882838829388303883138832388333883438835388363883738838388393884038841388423884338844388453884638847388483884938850388513885238853388543885538856388573885838859388603886138862388633886438865388663886738868388693887038871388723887338874388753887638877388783887938880388813888238883388843888538886388873888838889388903889138892388933889438895388963889738898388993890038901389023890338904389053890638907389083890938910389113891238913389143891538916389173891838919389203892138922389233892438925389263892738928389293893038931389323893338934389353893638937389383893938940389413894238943389443894538946389473894838949389503895138952389533895438955389563895738958389593896038961389623896338964389653896638967389683896938970389713897238973389743897538976389773897838979389803898138982389833898438985389863898738988389893899038991389923899338994389953899638997389983899939000390013900239003390043900539006390073900839009390103901139012390133901439015390163901739018390193902039021390223902339024390253902639027390283902939030390313903239033390343903539036390373903839039390403904139042390433904439045390463904739048390493905039051390523905339054390553905639057390583905939060390613906239063390643906539066390673906839069390703907139072390733907439075390763907739078390793908039081390823908339084390853908639087390883908939090390913909239093390943909539096390973909839099391003910139102391033910439105391063910739108391093911039111391123911339114391153911639117391183911939120391213912239123391243912539126391273912839129391303913139132391333913439135391363913739138391393914039141391423914339144391453914639147391483914939150391513915239153391543915539156391573915839159391603916139162391633916439165391663916739168391693917039171391723917339174391753917639177391783917939180391813918239183391843918539186391873918839189391903919139192391933919439195391963919739198391993920039201392023920339204392053920639207392083920939210392113921239213392143921539216392173921839219392203922139222392233922439225392263922739228392293923039231392323923339234392353923639237392383923939240392413924239243392443924539246392473924839249392503925139252392533925439255392563925739258392593926039261392623926339264392653926639267392683926939270392713927239273392743927539276392773927839279392803928139282392833928439285392863928739288392893929039291392923929339294392953929639297392983929939300393013930239303393043930539306393073930839309393103931139312393133931439315393163931739318393193932039321393223932339324393253932639327393283932939330393313933239333393343933539336393373933839339393403934139342393433934439345393463934739348393493935039351393523935339354393553935639357393583935939360393613936239363393643936539366393673936839369393703937139372393733937439375393763937739378393793938039381393823938339384393853938639387393883938939390393913939239393393943939539396393973939839399394003940139402394033940439405394063940739408394093941039411394123941339414394153941639417394183941939420394213942239423394243942539426394273942839429394303943139432394333943439435394363943739438394393944039441394423944339444394453944639447394483944939450394513945239453394543945539456394573945839459394603946139462394633946439465394663946739468394693947039471394723947339474394753947639477394783947939480394813948239483394843948539486394873948839489394903949139492394933949439495394963949739498394993950039501395023950339504395053950639507395083950939510395113951239513395143951539516395173951839519395203952139522395233952439525395263952739528395293953039531395323953339534395353953639537395383953939540395413954239543395443954539546395473954839549395503955139552395533955439555395563955739558395593956039561395623956339564395653956639567395683956939570395713957239573395743957539576395773957839579395803958139582395833958439585395863958739588395893959039591395923959339594395953959639597395983959939600396013960239603396043960539606396073960839609396103961139612396133961439615396163961739618396193962039621396223962339624396253962639627396283962939630396313963239633396343963539636396373963839639396403964139642396433964439645396463964739648396493965039651396523965339654396553965639657396583965939660396613966239663396643966539666396673966839669396703967139672396733967439675396763967739678396793968039681396823968339684396853968639687396883968939690396913969239693396943969539696396973969839699397003970139702397033970439705397063970739708397093971039711397123971339714397153971639717397183971939720397213972239723397243972539726397273972839729397303973139732397333973439735397363973739738397393974039741397423974339744397453974639747397483974939750397513975239753397543975539756397573975839759397603976139762397633976439765397663976739768397693977039771397723977339774397753977639777397783977939780397813978239783397843978539786397873978839789397903979139792397933979439795397963979739798397993980039801398023980339804398053980639807398083980939810398113981239813398143981539816398173981839819398203982139822398233982439825398263982739828398293983039831398323983339834398353983639837398383983939840398413984239843398443984539846398473984839849398503985139852398533985439855398563985739858398593986039861398623986339864398653986639867398683986939870398713987239873398743987539876398773987839879398803988139882398833988439885398863988739888398893989039891398923989339894398953989639897398983989939900399013990239903399043990539906399073990839909399103991139912399133991439915399163991739918399193992039921399223992339924399253992639927399283992939930399313993239933399343993539936399373993839939399403994139942399433994439945399463994739948399493995039951399523995339954399553995639957399583995939960399613996239963399643996539966399673996839969399703997139972399733997439975399763997739978399793998039981399823998339984399853998639987399883998939990399913999239993399943999539996399973999839999400004000140002400034000440005400064000740008400094001040011400124001340014400154001640017400184001940020400214002240023400244002540026400274002840029400304003140032400334003440035400364003740038400394004040041400424004340044400454004640047400484004940050400514005240053400544005540056400574005840059400604006140062400634006440065400664006740068400694007040071400724007340074400754007640077400784007940080400814008240083400844008540086400874008840089400904009140092400934009440095400964009740098400994010040101401024010340104401054010640107401084010940110401114011240113401144011540116401174011840119401204012140122401234012440125401264012740128401294013040131401324013340134401354013640137401384013940140401414014240143401444014540146401474014840149401504015140152401534015440155401564015740158401594016040161401624016340164401654016640167401684016940170401714017240173401744017540176401774017840179401804018140182401834018440185401864018740188401894019040191401924019340194401954019640197401984019940200402014020240203402044020540206402074020840209402104021140212402134021440215402164021740218402194022040221402224022340224402254022640227402284022940230402314023240233402344023540236402374023840239402404024140242402434024440245402464024740248402494025040251402524025340254402554025640257402584025940260402614026240263402644026540266402674026840269402704027140272402734027440275402764027740278402794028040281402824028340284402854028640287402884028940290402914029240293402944029540296402974029840299403004030140302403034030440305403064030740308403094031040311403124031340314403154031640317403184031940320403214032240323403244032540326403274032840329403304033140332403334033440335403364033740338403394034040341403424034340344403454034640347403484034940350403514035240353403544035540356403574035840359403604036140362403634036440365403664036740368403694037040371403724037340374403754037640377403784037940380403814038240383403844038540386403874038840389403904039140392403934039440395403964039740398403994040040401404024040340404404054040640407404084040940410404114041240413404144041540416404174041840419404204042140422404234042440425404264042740428404294043040431404324043340434404354043640437404384043940440404414044240443404444044540446404474044840449404504045140452404534045440455404564045740458404594046040461404624046340464404654046640467404684046940470404714047240473404744047540476404774047840479404804048140482404834048440485404864048740488404894049040491404924049340494404954049640497404984049940500405014050240503405044050540506405074050840509405104051140512405134051440515405164051740518405194052040521405224052340524405254052640527405284052940530405314053240533405344053540536405374053840539405404054140542405434054440545405464054740548405494055040551405524055340554405554055640557405584055940560405614056240563405644056540566405674056840569405704057140572405734057440575405764057740578405794058040581405824058340584405854058640587405884058940590405914059240593405944059540596405974059840599406004060140602406034060440605406064060740608406094061040611406124061340614406154061640617406184061940620406214062240623406244062540626406274062840629406304063140632406334063440635406364063740638406394064040641406424064340644406454064640647406484064940650406514065240653406544065540656406574065840659406604066140662406634066440665406664066740668406694067040671406724067340674406754067640677406784067940680406814068240683406844068540686406874068840689406904069140692406934069440695406964069740698406994070040701407024070340704407054070640707407084070940710407114071240713407144071540716407174071840719407204072140722407234072440725407264072740728407294073040731407324073340734407354073640737407384073940740407414074240743407444074540746407474074840749407504075140752407534075440755407564075740758407594076040761407624076340764407654076640767407684076940770407714077240773407744077540776407774077840779407804078140782407834078440785407864078740788407894079040791407924079340794407954079640797407984079940800408014080240803408044080540806408074080840809408104081140812408134081440815408164081740818408194082040821408224082340824408254082640827408284082940830408314083240833408344083540836408374083840839408404084140842408434084440845408464084740848408494085040851408524085340854408554085640857408584085940860408614086240863408644086540866408674086840869408704087140872408734087440875408764087740878408794088040881408824088340884408854088640887408884088940890408914089240893408944089540896408974089840899409004090140902409034090440905409064090740908409094091040911409124091340914409154091640917409184091940920409214092240923409244092540926409274092840929409304093140932409334093440935409364093740938409394094040941409424094340944409454094640947409484094940950409514095240953409544095540956409574095840959409604096140962409634096440965409664096740968409694097040971409724097340974409754097640977409784097940980409814098240983409844098540986409874098840989409904099140992409934099440995409964099740998409994100041001410024100341004410054100641007410084100941010410114101241013410144101541016410174101841019410204102141022410234102441025410264102741028410294103041031410324103341034410354103641037410384103941040410414104241043410444104541046410474104841049410504105141052410534105441055410564105741058410594106041061410624106341064410654106641067410684106941070410714107241073410744107541076410774107841079410804108141082410834108441085410864108741088410894109041091410924109341094410954109641097410984109941100411014110241103411044110541106411074110841109411104111141112411134111441115411164111741118411194112041121411224112341124411254112641127411284112941130411314113241133411344113541136411374113841139411404114141142411434114441145411464114741148411494115041151411524115341154411554115641157411584115941160411614116241163411644116541166411674116841169411704117141172411734117441175411764117741178411794118041181411824118341184411854118641187411884118941190411914119241193411944119541196411974119841199412004120141202412034120441205412064120741208412094121041211412124121341214412154121641217412184121941220412214122241223412244122541226412274122841229412304123141232412334123441235412364123741238412394124041241412424124341244412454124641247412484124941250412514125241253412544125541256412574125841259412604126141262412634126441265412664126741268412694127041271412724127341274412754127641277412784127941280412814128241283412844128541286412874128841289412904129141292412934129441295412964129741298412994130041301413024130341304413054130641307413084130941310413114131241313413144131541316413174131841319413204132141322413234132441325413264132741328413294133041331413324133341334413354133641337413384133941340413414134241343413444134541346413474134841349413504135141352413534135441355413564135741358413594136041361413624136341364413654136641367413684136941370413714137241373413744137541376413774137841379413804138141382413834138441385413864138741388413894139041391413924139341394413954139641397413984139941400414014140241403414044140541406414074140841409414104141141412414134141441415414164141741418414194142041421414224142341424414254142641427414284142941430414314143241433414344143541436414374143841439414404144141442414434144441445414464144741448414494145041451414524145341454414554145641457414584145941460414614146241463414644146541466414674146841469414704147141472414734147441475414764147741478414794148041481414824148341484414854148641487414884148941490414914149241493414944149541496414974149841499415004150141502415034150441505415064150741508415094151041511415124151341514415154151641517415184151941520415214152241523415244152541526415274152841529415304153141532415334153441535415364153741538415394154041541415424154341544415454154641547415484154941550415514155241553415544155541556415574155841559415604156141562415634156441565415664156741568415694157041571415724157341574415754157641577415784157941580415814158241583415844158541586415874158841589415904159141592415934159441595415964159741598415994160041601416024160341604416054160641607416084160941610416114161241613416144161541616416174161841619416204162141622416234162441625416264162741628416294163041631416324163341634416354163641637416384163941640416414164241643416444164541646416474164841649416504165141652416534165441655416564165741658416594166041661416624166341664416654166641667416684166941670416714167241673416744167541676416774167841679416804168141682416834168441685416864168741688416894169041691416924169341694416954169641697416984169941700417014170241703417044170541706417074170841709417104171141712417134171441715417164171741718417194172041721417224172341724417254172641727417284172941730417314173241733417344173541736417374173841739417404174141742417434174441745417464174741748417494175041751417524175341754417554175641757417584175941760417614176241763417644176541766417674176841769417704177141772417734177441775417764177741778417794178041781417824178341784417854178641787417884178941790417914179241793417944179541796417974179841799418004180141802418034180441805418064180741808418094181041811418124181341814418154181641817418184181941820418214182241823418244182541826418274182841829418304183141832418334183441835418364183741838418394184041841418424184341844418454184641847418484184941850418514185241853418544185541856418574185841859418604186141862418634186441865418664186741868418694187041871418724187341874418754187641877418784187941880418814188241883418844188541886418874188841889418904189141892418934189441895418964189741898418994190041901419024190341904419054190641907419084190941910419114191241913419144191541916419174191841919419204192141922419234192441925419264192741928419294193041931419324193341934419354193641937419384193941940419414194241943419444194541946419474194841949419504195141952419534195441955419564195741958419594196041961419624196341964419654196641967419684196941970419714197241973419744197541976419774197841979419804198141982419834198441985419864198741988419894199041991419924199341994419954199641997419984199942000420014200242003420044200542006420074200842009420104201142012420134201442015420164201742018420194202042021420224202342024420254202642027420284202942030420314203242033420344203542036420374203842039420404204142042420434204442045420464204742048420494205042051420524205342054420554205642057420584205942060420614206242063420644206542066420674206842069420704207142072420734207442075420764207742078420794208042081420824208342084420854208642087420884208942090420914209242093420944209542096420974209842099421004210142102421034210442105421064210742108421094211042111421124211342114421154211642117421184211942120421214212242123421244212542126421274212842129421304213142132421334213442135421364213742138421394214042141421424214342144421454214642147421484214942150421514215242153421544215542156421574215842159421604216142162421634216442165421664216742168421694217042171421724217342174421754217642177421784217942180421814218242183421844218542186421874218842189421904219142192421934219442195421964219742198421994220042201422024220342204422054220642207422084220942210422114221242213422144221542216422174221842219422204222142222422234222442225422264222742228422294223042231422324223342234422354223642237422384223942240422414224242243422444224542246422474224842249422504225142252422534225442255422564225742258422594226042261422624226342264422654226642267422684226942270422714227242273422744227542276422774227842279422804228142282422834228442285422864228742288422894229042291422924229342294422954229642297422984229942300423014230242303423044230542306423074230842309423104231142312423134231442315423164231742318423194232042321423224232342324423254232642327423284232942330423314233242333423344233542336423374233842339423404234142342423434234442345423464234742348423494235042351423524235342354423554235642357423584235942360423614236242363423644236542366423674236842369423704237142372423734237442375423764237742378423794238042381423824238342384423854238642387423884238942390423914239242393423944239542396423974239842399424004240142402424034240442405424064240742408424094241042411424124241342414424154241642417424184241942420424214242242423424244242542426424274242842429424304243142432424334243442435424364243742438424394244042441424424244342444424454244642447424484244942450424514245242453424544245542456424574245842459424604246142462424634246442465424664246742468424694247042471424724247342474424754247642477424784247942480424814248242483424844248542486424874248842489424904249142492424934249442495424964249742498424994250042501425024250342504425054250642507425084250942510425114251242513425144251542516425174251842519425204252142522425234252442525425264252742528425294253042531425324253342534425354253642537425384253942540425414254242543425444254542546425474254842549425504255142552425534255442555425564255742558425594256042561425624256342564425654256642567425684256942570425714257242573425744257542576425774257842579425804258142582425834258442585425864258742588425894259042591425924259342594425954259642597425984259942600426014260242603426044260542606426074260842609426104261142612426134261442615426164261742618426194262042621426224262342624426254262642627426284262942630426314263242633426344263542636426374263842639426404264142642426434264442645426464264742648426494265042651426524265342654426554265642657426584265942660426614266242663426644266542666426674266842669426704267142672426734267442675426764267742678426794268042681426824268342684426854268642687426884268942690426914269242693426944269542696426974269842699427004270142702427034270442705427064270742708427094271042711427124271342714427154271642717427184271942720427214272242723427244272542726427274272842729427304273142732427334273442735427364273742738427394274042741427424274342744427454274642747427484274942750427514275242753427544275542756427574275842759427604276142762427634276442765427664276742768427694277042771427724277342774427754277642777427784277942780427814278242783427844278542786427874278842789427904279142792427934279442795427964279742798427994280042801428024280342804428054280642807428084280942810428114281242813428144281542816428174281842819428204282142822428234282442825428264282742828428294283042831428324283342834428354283642837428384283942840428414284242843428444284542846428474284842849428504285142852428534285442855428564285742858428594286042861428624286342864428654286642867428684286942870428714287242873428744287542876428774287842879428804288142882428834288442885428864288742888428894289042891428924289342894428954289642897428984289942900429014290242903429044290542906429074290842909429104291142912429134291442915429164291742918429194292042921429224292342924429254292642927429284292942930429314293242933429344293542936429374293842939429404294142942429434294442945429464294742948429494295042951429524295342954429554295642957429584295942960429614296242963429644296542966429674296842969429704297142972429734297442975429764297742978429794298042981429824298342984429854298642987429884298942990429914299242993429944299542996429974299842999430004300143002430034300443005430064300743008430094301043011430124301343014430154301643017430184301943020430214302243023430244302543026430274302843029430304303143032430334303443035430364303743038430394304043041430424304343044430454304643047430484304943050430514305243053430544305543056430574305843059430604306143062430634306443065430664306743068430694307043071430724307343074430754307643077430784307943080430814308243083430844308543086430874308843089430904309143092430934309443095430964309743098430994310043101431024310343104431054310643107431084310943110431114311243113431144311543116431174311843119431204312143122431234312443125431264312743128431294313043131431324313343134431354313643137431384313943140431414314243143431444314543146431474314843149431504315143152431534315443155431564315743158431594316043161431624316343164431654316643167431684316943170431714317243173431744317543176431774317843179431804318143182431834318443185431864318743188431894319043191431924319343194431954319643197431984319943200432014320243203432044320543206432074320843209432104321143212432134321443215432164321743218432194322043221432224322343224432254322643227432284322943230432314323243233432344323543236432374323843239432404324143242432434324443245432464324743248432494325043251432524325343254432554325643257432584325943260432614326243263432644326543266432674326843269432704327143272432734327443275432764327743278432794328043281432824328343284432854328643287432884328943290432914329243293432944329543296432974329843299433004330143302433034330443305433064330743308433094331043311433124331343314433154331643317433184331943320433214332243323433244332543326433274332843329433304333143332433334333443335433364333743338433394334043341433424334343344433454334643347433484334943350433514335243353433544335543356433574335843359433604336143362433634336443365433664336743368433694337043371433724337343374433754337643377433784337943380433814338243383433844338543386433874338843389433904339143392433934339443395433964339743398433994340043401434024340343404434054340643407434084340943410434114341243413434144341543416434174341843419434204342143422434234342443425434264342743428434294343043431434324343343434434354343643437434384343943440434414344243443434444344543446434474344843449434504345143452434534345443455434564345743458434594346043461434624346343464434654346643467434684346943470434714347243473434744347543476434774347843479434804348143482434834348443485434864348743488434894349043491434924349343494434954349643497434984349943500435014350243503435044350543506435074350843509435104351143512435134351443515435164351743518435194352043521435224352343524435254352643527435284352943530435314353243533435344353543536435374353843539435404354143542435434354443545435464354743548435494355043551435524355343554435554355643557 |
- (function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.openpgp = f()}})(function(){var define,module,exports;return (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){
- (function (global){
- "use strict";
- !function (e, t) {
- "object" == typeof exports && "undefined" != typeof module ? t(exports) : "function" == typeof define && define.amd ? define(["exports"], t) : t((e = e || self).WebStreamsPolyfill = {});
- }(undefined, function (e) {
- "use strict";
- const t = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? Symbol : e => `Symbol(${e})`;const r = "undefined" != typeof self ? self : "undefined" != typeof window ? window : "undefined" != typeof global ? global : void 0,
- o = Number.isNaN || function (e) {
- return e != e;
- };function n(e) {
- return "object" == typeof e && null !== e || "function" == typeof e;
- }function i(e, t, r) {
- Object.defineProperty(e, t, { value: r, writable: !0, enumerable: !0, configurable: !0 });
- }function a(e) {
- return e.slice();
- }function s(e, t, r, o, n) {
- new Uint8Array(e).set(new Uint8Array(r, o, n), t);
- }function l(e) {
- return !1 !== function (e) {
- if ("number" != typeof e) return !1;if (o(e)) return !1;if (e < 0) return !1;return !0;
- }(e) && e !== 1 / 0;
- }function c(e, t, r) {
- if ("function" != typeof e) throw new TypeError("Argument is not a function");return Function.prototype.apply.call(e, t, r);
- }function u(e, t, r, o) {
- const n = e[t];if (void 0 !== n) {
- if ("function" != typeof n) throw new TypeError(`${n} is not a method`);switch (r) {case 0:
- return () => f(n, e, o);case 1:
- return t => {
- const r = [t].concat(o);return f(n, e, r);
- };}
- }return () => Promise.resolve();
- }function d(e, t, r) {
- const o = e[t];if (void 0 !== o) return c(o, e, r);
- }function f(e, t, r) {
- try {
- return Promise.resolve(c(e, t, r));
- } catch (e) {
- return Promise.reject(e);
- }
- }function _(e) {
- return e;
- }function h(e) {
- if (e = Number(e), o(e) || e < 0) throw new RangeError("highWaterMark property of a queuing strategy must be non-negative and non-NaN");return e;
- }function b(e) {
- if (void 0 === e) return () => 1;if ("function" != typeof e) throw new TypeError("size property of a queuing strategy must be a function");return t => e(t);
- }function m(e, t, r) {
- return Promise.prototype.then.call(e, t, r);
- }function y(e, t, r) {
- let o, n;const i = new Promise((e, t) => {
- o = e, n = t;
- });void 0 === r && (r = e => {
- throw e;
- });return function (e, t, r) {
- let o = !1;const n = e => {
- !1 === o && (o = !0, r(e));
- };let i = 0,
- a = 0;const s = e.length,
- l = new Array(s);for (const r of e) {
- const e = i;m(r, r => {
- l[e] = r, ++a === s && t(l);
- }, n), ++i;
- }
- }(e, e => {
- try {
- const r = t(e);o(r);
- } catch (e) {
- n(e);
- }
- }, e => {
- try {
- const t = r(e);o(t);
- } catch (e) {
- n(e);
- }
- }), i;
- }function p(e) {}function w(e) {
- e && e instanceof p.AssertionError && setTimeout(() => {
- throw e;
- }, 0);
- }function g(e) {
- const t = e._queue.shift();return e._queueTotalSize -= t.size, e._queueTotalSize < 0 && (e._queueTotalSize = 0), t.value;
- }function S(e, t, r) {
- if (!l(r = Number(r))) throw new RangeError("Size must be a finite, non-NaN, non-negative number.");e._queue.push({ value: t, size: r }), e._queueTotalSize += r;
- }function v(e) {
- e._queue = [], e._queueTotalSize = 0;
- }p.AssertionError = function () {};const R = t("[[AbortSteps]]"),
- P = t("[[ErrorSteps]]");class WritableStream {
- constructor(e = {}, t = {}) {
- q(this);const r = t.size;let o = t.highWaterMark;if (void 0 !== e.type) throw new RangeError("Invalid type is specified");const n = b(r);void 0 === o && (o = 1), function (e, t, r, o) {
- const n = Object.create(WritableStreamDefaultController.prototype);const i = u(t, "write", 1, [n]),
- a = u(t, "close", 0, []),
- s = u(t, "abort", 1, []);$(e, n, function () {
- return d(t, "start", [n]);
- }, i, a, s, r, o);
- }(this, e, o = h(o), n);
- }get locked() {
- if (!1 === E(this)) throw G("locked");return C(this);
- }abort(e) {
- return !1 === E(this) ? Promise.reject(G("abort")) : !0 === C(this) ? Promise.reject(new TypeError("Cannot abort a stream that already has a writer")) : j(this, e);
- }getWriter() {
- if (!1 === E(this)) throw G("getWriter");return T(this);
- }
- }function T(e) {
- return new WritableStreamDefaultWriter(e);
- }function q(e) {
- e._state = "writable", e._storedError = void 0, e._writer = void 0, e._writableStreamController = void 0, e._writeRequests = [], e._inFlightWriteRequest = void 0, e._closeRequest = void 0, e._inFlightCloseRequest = void 0, e._pendingAbortRequest = void 0, e._backpressure = !1;
- }function E(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_writableStreamController");
- }function C(e) {
- return void 0 !== e._writer;
- }function j(e, t) {
- const r = e._state;if ("closed" === r || "errored" === r) return Promise.resolve(void 0);if (void 0 !== e._pendingAbortRequest) return e._pendingAbortRequest._promise;let o = !1;"erroring" === r && (o = !0, t = void 0);const n = new Promise((r, n) => {
- e._pendingAbortRequest = { _promise: void 0, _resolve: r, _reject: n, _reason: t, _wasAlreadyErroring: o };
- });return e._pendingAbortRequest._promise = n, !1 === o && W(e, t), n;
- }function A(e, t) {
- "writable" !== e._state ? B(e) : W(e, t);
- }function W(e, t) {
- const r = e._writableStreamController;e._state = "erroring", e._storedError = t;const o = e._writer;void 0 !== o && D(o, t), !1 === function (e) {
- if (void 0 === e._inFlightWriteRequest && void 0 === e._inFlightCloseRequest) return !1;return !0;
- }(e) && !0 === r._started && B(e);
- }function B(e) {
- e._state = "errored", e._writableStreamController[P]();const t = e._storedError;for (const r of e._writeRequests) r._reject(t);if (e._writeRequests = [], void 0 === e._pendingAbortRequest) return void z(e);const r = e._pendingAbortRequest;if (e._pendingAbortRequest = void 0, !0 === r._wasAlreadyErroring) return r._reject(t), void z(e);e._writableStreamController[R](r._reason).then(() => {
- r._resolve(), z(e);
- }, t => {
- r._reject(t), z(e);
- });
- }function O(e) {
- return void 0 !== e._closeRequest || void 0 !== e._inFlightCloseRequest;
- }function z(e) {
- void 0 !== e._closeRequest && (e._closeRequest._reject(e._storedError), e._closeRequest = void 0);const t = e._writer;void 0 !== t && ee(t, e._storedError);
- }function k(e, t) {
- const r = e._writer;void 0 !== r && t !== e._backpressure && (!0 === t ? function (e) {
- re(e);
- }(r) : ae(r)), e._backpressure = t;
- }class WritableStreamDefaultWriter {
- constructor(e) {
- if (!1 === E(e)) throw new TypeError("WritableStreamDefaultWriter can only be constructed with a WritableStream instance");if (!0 === C(e)) throw new TypeError("This stream has already been locked for exclusive writing by another writer");this._ownerWritableStream = e, e._writer = this;const t = e._state;if ("writable" === t) !1 === O(e) && !0 === e._backpressure ? re(this) : ne(this), X(this);else if ("erroring" === t) oe(this, e._storedError), X(this);else if ("closed" === t) ne(this), function (e) {
- X(e), te(e);
- }(this);else {
- const t = e._storedError;oe(this, t), Z(this, t);
- }
- }get closed() {
- return !1 === F(this) ? Promise.reject(J("closed")) : this._closedPromise;
- }get desiredSize() {
- if (!1 === F(this)) throw J("desiredSize");if (void 0 === this._ownerWritableStream) throw K("desiredSize");return function (e) {
- const t = e._ownerWritableStream,
- r = t._state;if ("errored" === r || "erroring" === r) return null;if ("closed" === r) return 0;return Q(t._writableStreamController);
- }(this);
- }get ready() {
- return !1 === F(this) ? Promise.reject(J("ready")) : this._readyPromise;
- }abort(e) {
- return !1 === F(this) ? Promise.reject(J("abort")) : void 0 === this._ownerWritableStream ? Promise.reject(K("abort")) : function (e, t) {
- return j(e._ownerWritableStream, t);
- }(this, e);
- }close() {
- if (!1 === F(this)) return Promise.reject(J("close"));const e = this._ownerWritableStream;return void 0 === e ? Promise.reject(K("close")) : !0 === O(e) ? Promise.reject(new TypeError("cannot close an already-closing stream")) : L(this);
- }releaseLock() {
- if (!1 === F(this)) throw J("releaseLock");void 0 !== this._ownerWritableStream && M(this);
- }write(e) {
- return !1 === F(this) ? Promise.reject(J("write")) : void 0 === this._ownerWritableStream ? Promise.reject(K("write to")) : Y(this, e);
- }
- }function F(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_ownerWritableStream");
- }function L(e) {
- const t = e._ownerWritableStream,
- r = t._state;if ("closed" === r || "errored" === r) return Promise.reject(new TypeError(`The stream (in ${r} state) is not in the writable state and cannot be closed`));const o = new Promise((e, r) => {
- const o = { _resolve: e, _reject: r };t._closeRequest = o;
- });return !0 === t._backpressure && "writable" === r && ae(e), function (e) {
- S(e, "close", 0), x(e);
- }(t._writableStreamController), o;
- }function I(e, t) {
- "pending" === e._closedPromiseState ? ee(e, t) : function (e, t) {
- Z(e, t);
- }(e, t);
- }function D(e, t) {
- "pending" === e._readyPromiseState ? ie(e, t) : function (e, t) {
- oe(e, t);
- }(e, t);
- }function M(e) {
- const t = e._ownerWritableStream,
- r = new TypeError("Writer was released and can no longer be used to monitor the stream's closedness");D(e, r), I(e, r), t._writer = void 0, e._ownerWritableStream = void 0;
- }function Y(e, t) {
- const r = e._ownerWritableStream,
- o = r._writableStreamController,
- n = function (e, t) {
- try {
- return e._strategySizeAlgorithm(t);
- } catch (t) {
- return H(e, t), 1;
- }
- }(o, t);if (r !== e._ownerWritableStream) return Promise.reject(K("write to"));const i = r._state;if ("errored" === i) return Promise.reject(r._storedError);if (!0 === O(r) || "closed" === i) return Promise.reject(new TypeError("The stream is closing or closed and cannot be written to"));if ("erroring" === i) return Promise.reject(r._storedError);const a = function (e) {
- return new Promise((t, r) => {
- const o = { _resolve: t, _reject: r };e._writeRequests.push(o);
- });
- }(r);return function (e, t, r) {
- const o = { chunk: t };try {
- S(e, o, r);
- } catch (t) {
- return void H(e, t);
- }const n = e._controlledWritableStream;if (!1 === O(n) && "writable" === n._state) {
- const t = U(e);k(n, t);
- }x(e);
- }(o, t, n), a;
- }class WritableStreamDefaultController {
- constructor() {
- throw new TypeError("WritableStreamDefaultController cannot be constructed explicitly");
- }error(e) {
- if (!1 === function (e) {
- if (!n(e)) return !1;if (!Object.prototype.hasOwnProperty.call(e, "_controlledWritableStream")) return !1;return !0;
- }(this)) throw new TypeError("WritableStreamDefaultController.prototype.error can only be used on a WritableStreamDefaultController");"writable" === this._controlledWritableStream._state && V(this, e);
- }[R](e) {
- const t = this._abortAlgorithm(e);return N(this), t;
- }[P]() {
- v(this);
- }
- }function $(e, t, r, o, n, i, a, s) {
- t._controlledWritableStream = e, e._writableStreamController = t, t._queue = void 0, t._queueTotalSize = void 0, v(t), t._started = !1, t._strategySizeAlgorithm = s, t._strategyHWM = a, t._writeAlgorithm = o, t._closeAlgorithm = n, t._abortAlgorithm = i;const l = U(t);k(e, l);const c = r();Promise.resolve(c).then(() => {
- t._started = !0, x(t);
- }, r => {
- t._started = !0, A(e, r);
- }).catch(w);
- }function N(e) {
- e._writeAlgorithm = void 0, e._closeAlgorithm = void 0, e._abortAlgorithm = void 0, e._strategySizeAlgorithm = void 0;
- }function Q(e) {
- return e._strategyHWM - e._queueTotalSize;
- }function x(e) {
- const t = e._controlledWritableStream;if (!1 === e._started) return;if (void 0 !== t._inFlightWriteRequest) return;const r = t._state;if ("closed" === r || "errored" === r) return;if ("erroring" === r) return void B(t);if (0 === e._queue.length) return;const o = function (e) {
- return e._queue[0].value;
- }(e);"close" === o ? function (e) {
- const t = e._controlledWritableStream;(function (e) {
- e._inFlightCloseRequest = e._closeRequest, e._closeRequest = void 0;
- })(t), g(e);const r = e._closeAlgorithm();N(e), r.then(() => {
- !function (e) {
- e._inFlightCloseRequest._resolve(void 0), e._inFlightCloseRequest = void 0, "erroring" === e._state && (e._storedError = void 0, void 0 !== e._pendingAbortRequest && (e._pendingAbortRequest._resolve(), e._pendingAbortRequest = void 0)), e._state = "closed";const t = e._writer;void 0 !== t && te(t);
- }(t);
- }, e => {
- !function (e, t) {
- e._inFlightCloseRequest._reject(t), e._inFlightCloseRequest = void 0, void 0 !== e._pendingAbortRequest && (e._pendingAbortRequest._reject(t), e._pendingAbortRequest = void 0), A(e, t);
- }(t, e);
- }).catch(w);
- }(e) : function (e, t) {
- const r = e._controlledWritableStream;(function (e) {
- e._inFlightWriteRequest = e._writeRequests.shift();
- })(r), e._writeAlgorithm(t).then(() => {
- !function (e) {
- e._inFlightWriteRequest._resolve(void 0), e._inFlightWriteRequest = void 0;
- }(r);const t = r._state;if (g(e), !1 === O(r) && "writable" === t) {
- const t = U(e);k(r, t);
- }x(e);
- }, t => {
- "writable" === r._state && N(e), function (e, t) {
- e._inFlightWriteRequest._reject(t), e._inFlightWriteRequest = void 0, A(e, t);
- }(r, t);
- }).catch(w);
- }(e, o.chunk);
- }function H(e, t) {
- "writable" === e._controlledWritableStream._state && V(e, t);
- }function U(e) {
- return Q(e) <= 0;
- }function V(e, t) {
- const r = e._controlledWritableStream;N(e), W(r, t);
- }function G(e) {
- return new TypeError(`WritableStream.prototype.${e} can only be used on a WritableStream`);
- }function J(e) {
- return new TypeError(`WritableStreamDefaultWriter.prototype.${e} can only be used on a WritableStreamDefaultWriter`);
- }function K(e) {
- return new TypeError("Cannot " + e + " a stream using a released writer");
- }function X(e) {
- e._closedPromise = new Promise((t, r) => {
- e._closedPromise_resolve = t, e._closedPromise_reject = r, e._closedPromiseState = "pending";
- });
- }function Z(e, t) {
- X(e), ee(e, t);
- }function ee(e, t) {
- e._closedPromise.catch(() => {}), e._closedPromise_reject(t), e._closedPromise_resolve = void 0, e._closedPromise_reject = void 0, e._closedPromiseState = "rejected";
- }function te(e) {
- e._closedPromise_resolve(void 0), e._closedPromise_resolve = void 0, e._closedPromise_reject = void 0, e._closedPromiseState = "resolved";
- }function re(e) {
- e._readyPromise = new Promise((t, r) => {
- e._readyPromise_resolve = t, e._readyPromise_reject = r;
- }), e._readyPromiseState = "pending";
- }function oe(e, t) {
- re(e), ie(e, t);
- }function ne(e) {
- re(e), ae(e);
- }function ie(e, t) {
- e._readyPromise.catch(() => {}), e._readyPromise_reject(t), e._readyPromise_resolve = void 0, e._readyPromise_reject = void 0, e._readyPromiseState = "rejected";
- }function ae(e) {
- e._readyPromise_resolve(void 0), e._readyPromise_resolve = void 0, e._readyPromise_reject = void 0, e._readyPromiseState = "fulfilled";
- }const se = Number.isInteger || function (e) {
- return "number" == typeof e && isFinite(e) && Math.floor(e) === e;
- },
- le = t("[[CancelSteps]]"),
- ce = t("[[PullSteps]]");class ReadableStream {
- constructor(e = {}, t = {}) {
- fe(this);const r = t.size;let o = t.highWaterMark;const n = e.type;if ("bytes" === String(n)) {
- if (void 0 !== r) throw new RangeError("The strategy for a byte stream cannot have a size function");void 0 === o && (o = 0), function (e, t, r) {
- const o = Object.create(ReadableByteStreamController.prototype);const n = u(t, "pull", 0, [o]),
- i = u(t, "cancel", 1, []);let a = t.autoAllocateChunkSize;if (void 0 !== a && (a = Number(a), !1 === se(a) || a <= 0)) throw new RangeError("autoAllocateChunkSize must be a positive integer");!function (e, t, r, o, n, i, a) {
- t._controlledReadableByteStream = e, t._pullAgain = !1, t._pulling = !1, He(t), t._queue = t._queueTotalSize = void 0, v(t), t._closeRequested = !1, t._started = !1, t._strategyHWM = h(i), t._pullAlgorithm = o, t._cancelAlgorithm = n, t._autoAllocateChunkSize = a, t._pendingPullIntos = [], e._readableStreamController = t;const s = r();Promise.resolve(s).then(() => {
- t._started = !0, xe(t);
- }, e => {
- nt(t, e);
- }).catch(w);
- }(e, o, function () {
- return d(t, "start", [o]);
- }, n, i, r, a);
- }(this, e, o = h(o));
- } else {
- if (void 0 !== n) throw new RangeError("Invalid type is specified");{
- const t = b(r);void 0 === o && (o = 1), function (e, t, r, o) {
- const n = Object.create(ReadableStreamDefaultController.prototype);const i = u(t, "pull", 0, [n]),
- a = u(t, "cancel", 1, []);$e(e, n, function () {
- return d(t, "start", [n]);
- }, i, a, r, o);
- }(this, e, o = h(o), t);
- }
- }
- }get locked() {
- if (!1 === _e(this)) throw st("locked");return he(this);
- }cancel(e) {
- return !1 === _e(this) ? Promise.reject(st("cancel")) : !0 === he(this) ? Promise.reject(new TypeError("Cannot cancel a stream that already has a reader")) : pe(this, e);
- }getReader({ mode: e } = {}) {
- if (!1 === _e(this)) throw st("getReader");if (void 0 === e) return ue(this);if ("byob" === (e = String(e))) return function (e) {
- return new ReadableStreamBYOBReader(e);
- }(this);throw new RangeError("Invalid mode is specified");
- }pipeThrough({ writable: e, readable: t }, { preventClose: r, preventAbort: o, preventCancel: n, signal: i } = {}) {
- if (!1 === _e(this)) throw st("pipeThrough");if (!1 === E(e)) throw new TypeError("writable argument to pipeThrough must be a WritableStream");if (!1 === _e(t)) throw new TypeError("readable argument to pipeThrough must be a ReadableStream");if (r = Boolean(r), o = Boolean(o), n = Boolean(n), void 0 !== i && !at(i)) throw new TypeError("ReadableStream.prototype.pipeThrough's signal option must be an AbortSignal");if (!0 === he(this)) throw new TypeError("ReadableStream.prototype.pipeThrough cannot be used on a locked ReadableStream");if (!0 === C(e)) throw new TypeError("ReadableStream.prototype.pipeThrough cannot be used on a locked WritableStream");return be(this, e, r, o, n, i).catch(() => {}), t;
- }pipeTo(e, { preventClose: t, preventAbort: r, preventCancel: o, signal: n } = {}) {
- return !1 === _e(this) ? Promise.reject(st("pipeTo")) : !1 === E(e) ? Promise.reject(new TypeError("ReadableStream.prototype.pipeTo's first argument must be a WritableStream")) : (t = Boolean(t), r = Boolean(r), o = Boolean(o), void 0 === n || at(n) ? !0 === he(this) ? Promise.reject(new TypeError("ReadableStream.prototype.pipeTo cannot be used on a locked ReadableStream")) : !0 === C(e) ? Promise.reject(new TypeError("ReadableStream.prototype.pipeTo cannot be used on a locked WritableStream")) : be(this, e, t, r, o, n) : Promise.reject(new TypeError("ReadableStream.prototype.pipeTo's signal option must be an AbortSignal")));
- }tee() {
- if (!1 === _e(this)) throw st("tee");const e = function (e, t) {
- const r = ue(e);let o,
- n,
- i,
- s,
- l,
- c = !1,
- u = !1,
- d = !1;const f = new Promise(e => {
- l = e;
- });function _() {
- return Be(r).then(e => {
- const t = e.value,
- r = e.done;if (!0 === r && !1 === c && (!1 === u && Le(i._readableStreamController), !1 === d && Le(s._readableStreamController), c = !0), !0 === c) return;const o = t,
- n = t;!1 === u && Ie(i._readableStreamController, o), !1 === d && Ie(s._readableStreamController, n);
- });
- }function h() {}return i = de(h, _, function (t) {
- if (u = !0, o = t, !0 === d) {
- const t = a([o, n]),
- r = pe(e, t);l(r);
- }return f;
- }), s = de(h, _, function (t) {
- if (d = !0, n = t, !0 === u) {
- const t = a([o, n]),
- r = pe(e, t);l(r);
- }return f;
- }), r._closedPromise.catch(e => {
- !0 !== c && (De(i._readableStreamController, e), De(s._readableStreamController, e), c = !0);
- }), [i, s];
- }(this);return a(e);
- }
- }function ue(e) {
- return new ReadableStreamDefaultReader(e);
- }function de(e, t, r, o = 1, n = () => 1) {
- const i = Object.create(ReadableStream.prototype);return fe(i), $e(i, Object.create(ReadableStreamDefaultController.prototype), e, t, r, o, n), i;
- }function fe(e) {
- e._state = "readable", e._reader = void 0, e._storedError = void 0, e._disturbed = !1;
- }function _e(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_readableStreamController");
- }function he(e) {
- return void 0 !== e._reader;
- }function be(e, t, r, o, n, i) {
- const a = ue(e),
- s = T(t);let l = !1,
- c = Promise.resolve();return new Promise((u, d) => {
- let f;if (void 0 !== i) {
- if (f = () => {
- const r = new DOMException("Aborted", "AbortError"),
- i = [];!1 === o && i.push(() => "writable" === t._state ? j(t, r) : Promise.resolve()), !1 === n && i.push(() => "readable" === e._state ? pe(e, r) : Promise.resolve()), b(() => y(i.map(e => e()), e => e), !0, r);
- }, !0 === i.aborted) return void f();i.addEventListener("abort", f);
- }if (h(e, a._closedPromise, e => {
- !1 === o ? b(() => j(t, e), !0, e) : m(!0, e);
- }), h(t, s._closedPromise, t => {
- !1 === n ? b(() => pe(e, t), !0, t) : m(!0, t);
- }), function (e, t, r) {
- "closed" === e._state ? r() : t.then(r).catch(w);
- }(e, a._closedPromise, () => {
- !1 === r ? b(() => function (e) {
- const t = e._ownerWritableStream,
- r = t._state;return !0 === O(t) || "closed" === r ? Promise.resolve() : "errored" === r ? Promise.reject(t._storedError) : L(e);
- }(s)) : m();
- }), !0 === O(t) || "closed" === t._state) {
- const t = new TypeError("the destination writable stream closed before all data could be piped to it");!1 === n ? b(() => pe(e, t), !0, t) : m(!0, t);
- }function _() {
- const e = c;return c.then(() => e !== c ? _() : void 0);
- }function h(e, t, r) {
- "errored" === e._state ? r(e._storedError) : t.catch(r).catch(w);
- }function b(e, r, o) {
- function n() {
- e().then(() => p(r, o), e => p(!0, e)).catch(w);
- }!0 !== l && (l = !0, "writable" === t._state && !1 === O(t) ? _().then(n) : n());
- }function m(e, r) {
- !0 !== l && (l = !0, "writable" === t._state && !1 === O(t) ? _().then(() => p(e, r)).catch(w) : p(e, r));
- }function p(e, t) {
- M(s), We(a), void 0 !== i && i.removeEventListener("abort", f), e ? d(t) : u(void 0);
- }new Promise((e, t) => {
- !function r(o) {
- o ? e() : (!0 === l ? Promise.resolve(!0) : s._readyPromise.then(() => Be(a).then(({ value: e, done: t }) => !0 === t || (c = Y(s, e).catch(() => {}), !1)))).then(r, t);
- }(!1);
- }).catch(e => {
- c = Promise.resolve(), w(e);
- });
- });
- }function me(e, t) {
- return new Promise((r, o) => {
- const n = { _resolve: r, _reject: o, _forAuthorCode: t };e._reader._readIntoRequests.push(n);
- });
- }function ye(e, t) {
- return new Promise((r, o) => {
- const n = { _resolve: r, _reject: o, _forAuthorCode: t };e._reader._readRequests.push(n);
- });
- }function pe(e, t) {
- if (e._disturbed = !0, "closed" === e._state) return Promise.resolve(void 0);if ("errored" === e._state) return Promise.reject(e._storedError);return we(e), e._readableStreamController[le](t).then(() => void 0);
- }function we(e) {
- e._state = "closed";const t = e._reader;if (void 0 !== t) {
- if (Ce(t)) {
- for (const _ref of t._readRequests) {
- const e = _ref._resolve;
- const r = _ref._forAuthorCode;
- e(ge(void 0, !0, r));
- }t._readRequests = [];
- }_t(t);
- }
- }function ge(e, t, r) {
- let o = null;!0 === r && (o = Object.prototype);const n = Object.create(o);return Object.defineProperty(n, "value", { value: e, enumerable: !0, writable: !0, configurable: !0 }), Object.defineProperty(n, "done", { value: t, enumerable: !0, writable: !0, configurable: !0 }), n;
- }function Se(e, t) {
- e._state = "errored", e._storedError = t;const r = e._reader;if (void 0 !== r) {
- if (Ce(r)) {
- for (const e of r._readRequests) e._reject(t);r._readRequests = [];
- } else {
- for (const e of r._readIntoRequests) e._reject(t);r._readIntoRequests = [];
- }ft(r, t);
- }
- }function ve(e, t, r) {
- const o = e._reader._readRequests.shift();o._resolve(ge(t, r, o._forAuthorCode));
- }function Re(e) {
- return e._reader._readIntoRequests.length;
- }function Pe(e) {
- return e._reader._readRequests.length;
- }function Te(e) {
- const t = e._reader;return void 0 !== t && !!Ee(t);
- }function qe(e) {
- const t = e._reader;return void 0 !== t && !!Ce(t);
- }class ReadableStreamDefaultReader {
- constructor(e) {
- if (!1 === _e(e)) throw new TypeError("ReadableStreamDefaultReader can only be constructed with a ReadableStream instance");if (!0 === he(e)) throw new TypeError("This stream has already been locked for exclusive reading by another reader");je(this, e), this._readRequests = [];
- }get closed() {
- return Ce(this) ? this._closedPromise : Promise.reject(ct("closed"));
- }cancel(e) {
- return Ce(this) ? void 0 === this._ownerReadableStream ? Promise.reject(lt("cancel")) : Ae(this, e) : Promise.reject(ct("cancel"));
- }read() {
- return Ce(this) ? void 0 === this._ownerReadableStream ? Promise.reject(lt("read from")) : Be(this, !0) : Promise.reject(ct("read"));
- }releaseLock() {
- if (!Ce(this)) throw ct("releaseLock");if (void 0 !== this._ownerReadableStream) {
- if (this._readRequests.length > 0) throw new TypeError("Tried to release a reader lock when that reader has pending read() calls un-settled");We(this);
- }
- }
- }class ReadableStreamBYOBReader {
- constructor(e) {
- if (!_e(e)) throw new TypeError("ReadableStreamBYOBReader can only be constructed with a ReadableStream instance given a byte source");if (!1 === Ne(e._readableStreamController)) throw new TypeError("Cannot construct a ReadableStreamBYOBReader for a stream not constructed with a byte source");if (he(e)) throw new TypeError("This stream has already been locked for exclusive reading by another reader");je(this, e), this._readIntoRequests = [];
- }get closed() {
- return Ee(this) ? this._closedPromise : Promise.reject(ht("closed"));
- }cancel(e) {
- return Ee(this) ? void 0 === this._ownerReadableStream ? Promise.reject(lt("cancel")) : Ae(this, e) : Promise.reject(ht("cancel"));
- }read(e) {
- return Ee(this) ? void 0 === this._ownerReadableStream ? Promise.reject(lt("read from")) : ArrayBuffer.isView(e) ? (e.buffer, 0 === e.byteLength ? Promise.reject(new TypeError("view must have non-zero byteLength")) : function (e, t, r = !1) {
- const o = e._ownerReadableStream;if (o._disturbed = !0, "errored" === o._state) return Promise.reject(o._storedError);return function (e, t, r) {
- const o = e._controlledReadableByteStream;let n = 1;t.constructor !== DataView && (n = t.constructor.BYTES_PER_ELEMENT);const i = t.constructor,
- a = { buffer: _(t.buffer), byteOffset: t.byteOffset, byteLength: t.byteLength, bytesFilled: 0, elementSize: n, ctor: i, readerType: "byob" };if (e._pendingPullIntos.length > 0) return e._pendingPullIntos.push(a), me(o, r);if ("closed" === o._state) {
- const e = new i(a.buffer, a.byteOffset, 0);return Promise.resolve(ge(e, !0, r));
- }if (e._queueTotalSize > 0) {
- if (!0 === Je(e, a)) {
- const t = Ve(a);return Xe(e), Promise.resolve(ge(t, !1, r));
- }if (!0 === e._closeRequested) {
- const t = new TypeError("Insufficient bytes to fill elements in the given buffer");return nt(e, t), Promise.reject(t);
- }
- }e._pendingPullIntos.push(a);const s = me(o, r);return xe(e), s;
- }(o._readableStreamController, t, r);
- }(this, e, !0)) : Promise.reject(new TypeError("view must be an array buffer view")) : Promise.reject(ht("read"));
- }releaseLock() {
- if (!Ee(this)) throw ht("releaseLock");if (void 0 !== this._ownerReadableStream) {
- if (this._readIntoRequests.length > 0) throw new TypeError("Tried to release a reader lock when that reader has pending read() calls un-settled");We(this);
- }
- }
- }function Ee(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_readIntoRequests");
- }function Ce(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_readRequests");
- }function je(e, t) {
- e._ownerReadableStream = t, t._reader = e, "readable" === t._state ? ut(e) : "closed" === t._state ? function (e) {
- ut(e), _t(e);
- }(e) : dt(e, t._storedError);
- }function Ae(e, t) {
- return pe(e._ownerReadableStream, t);
- }function We(e) {
- "readable" === e._ownerReadableStream._state ? ft(e, new TypeError("Reader was released and can no longer be used to monitor the stream's closedness")) : function (e, t) {
- dt(e, t);
- }(e, new TypeError("Reader was released and can no longer be used to monitor the stream's closedness")), e._ownerReadableStream._reader = void 0, e._ownerReadableStream = void 0;
- }function Be(e, t = !1) {
- const r = e._ownerReadableStream;return r._disturbed = !0, "closed" === r._state ? Promise.resolve(ge(void 0, !0, t)) : "errored" === r._state ? Promise.reject(r._storedError) : r._readableStreamController[ce](t);
- }class ReadableStreamDefaultController {
- constructor() {
- throw new TypeError();
- }get desiredSize() {
- if (!1 === Oe(this)) throw bt("desiredSize");return Me(this);
- }close() {
- if (!1 === Oe(this)) throw bt("close");if (!1 === Ye(this)) throw new TypeError("The stream is not in a state that permits close");Le(this);
- }enqueue(e) {
- if (!1 === Oe(this)) throw bt("enqueue");if (!1 === Ye(this)) throw new TypeError("The stream is not in a state that permits enqueue");return Ie(this, e);
- }error(e) {
- if (!1 === Oe(this)) throw bt("error");De(this, e);
- }[le](e) {
- v(this);const t = this._cancelAlgorithm(e);return Fe(this), t;
- }[ce](e) {
- const t = this._controlledReadableStream;if (this._queue.length > 0) {
- const r = g(this);return !0 === this._closeRequested && 0 === this._queue.length ? (Fe(this), we(t)) : ze(this), Promise.resolve(ge(r, !1, e));
- }const r = ye(t, e);return ze(this), r;
- }
- }function Oe(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_controlledReadableStream");
- }function ze(e) {
- !1 !== ke(e) && (!0 !== e._pulling ? (e._pulling = !0, e._pullAlgorithm().then(() => {
- if (e._pulling = !1, !0 === e._pullAgain) return e._pullAgain = !1, ze(e);
- }, t => {
- De(e, t);
- }).catch(w)) : e._pullAgain = !0);
- }function ke(e) {
- const t = e._controlledReadableStream;return !1 !== Ye(e) && !1 !== e._started && (!0 === he(t) && Pe(t) > 0 || Me(e) > 0);
- }function Fe(e) {
- e._pullAlgorithm = void 0, e._cancelAlgorithm = void 0, e._strategySizeAlgorithm = void 0;
- }function Le(e) {
- const t = e._controlledReadableStream;e._closeRequested = !0, 0 === e._queue.length && (Fe(e), we(t));
- }function Ie(e, t) {
- const r = e._controlledReadableStream;if (!0 === he(r) && Pe(r) > 0) ve(r, t, !1);else {
- let r;try {
- r = e._strategySizeAlgorithm(t);
- } catch (t) {
- throw De(e, t), t;
- }try {
- S(e, t, r);
- } catch (t) {
- throw De(e, t), t;
- }
- }ze(e);
- }function De(e, t) {
- const r = e._controlledReadableStream;"readable" === r._state && (v(e), Fe(e), Se(r, t));
- }function Me(e) {
- const t = e._controlledReadableStream._state;return "errored" === t ? null : "closed" === t ? 0 : e._strategyHWM - e._queueTotalSize;
- }function Ye(e) {
- const t = e._controlledReadableStream._state;return !1 === e._closeRequested && "readable" === t;
- }function $e(e, t, r, o, n, i, a) {
- t._controlledReadableStream = e, t._queue = void 0, t._queueTotalSize = void 0, v(t), t._started = !1, t._closeRequested = !1, t._pullAgain = !1, t._pulling = !1, t._strategySizeAlgorithm = a, t._strategyHWM = i, t._pullAlgorithm = o, t._cancelAlgorithm = n, e._readableStreamController = t;const s = r();Promise.resolve(s).then(() => {
- t._started = !0, ze(t);
- }, e => {
- De(t, e);
- }).catch(w);
- }class ReadableStreamBYOBRequest {
- constructor() {
- throw new TypeError("ReadableStreamBYOBRequest cannot be used directly");
- }get view() {
- if (!1 === Qe(this)) throw mt("view");return this._view;
- }respond(e) {
- if (!1 === Qe(this)) throw mt("respond");if (void 0 === this._associatedReadableByteStreamController) throw new TypeError("This BYOB request has been invalidated");this._view.buffer, function (e, t) {
- if (!1 === l(t = Number(t))) throw new RangeError("bytesWritten must be a finite");tt(e, t);
- }(this._associatedReadableByteStreamController, e);
- }respondWithNewView(e) {
- if (!1 === Qe(this)) throw mt("respond");if (void 0 === this._associatedReadableByteStreamController) throw new TypeError("This BYOB request has been invalidated");if (!ArrayBuffer.isView(e)) throw new TypeError("You can only respond with array buffer views");e.buffer, function (e, t) {
- const r = e._pendingPullIntos[0];if (r.byteOffset + r.bytesFilled !== t.byteOffset) throw new RangeError("The region specified by view does not match byobRequest");if (r.byteLength !== t.byteLength) throw new RangeError("The buffer of view has different capacity than byobRequest");r.buffer = t.buffer, tt(e, t.byteLength);
- }(this._associatedReadableByteStreamController, e);
- }
- }class ReadableByteStreamController {
- constructor() {
- throw new TypeError("ReadableByteStreamController constructor cannot be used directly");
- }get byobRequest() {
- if (!1 === Ne(this)) throw yt("byobRequest");if (void 0 === this._byobRequest && this._pendingPullIntos.length > 0) {
- const e = this._pendingPullIntos[0],
- t = new Uint8Array(e.buffer, e.byteOffset + e.bytesFilled, e.byteLength - e.bytesFilled),
- r = Object.create(ReadableStreamBYOBRequest.prototype);!function (e, t, r) {
- e._associatedReadableByteStreamController = t, e._view = r;
- }(r, this, t), this._byobRequest = r;
- }return this._byobRequest;
- }get desiredSize() {
- if (!1 === Ne(this)) throw yt("desiredSize");return it(this);
- }close() {
- if (!1 === Ne(this)) throw yt("close");if (!0 === this._closeRequested) throw new TypeError("The stream has already been closed; do not close it again!");const e = this._controlledReadableByteStream._state;if ("readable" !== e) throw new TypeError(`The stream (in ${e} state) is not in the readable state and cannot be closed`);!function (e) {
- const t = e._controlledReadableByteStream;if (e._queueTotalSize > 0) return void (e._closeRequested = !0);if (e._pendingPullIntos.length > 0) {
- const t = e._pendingPullIntos[0];if (t.bytesFilled > 0) {
- const t = new TypeError("Insufficient bytes to fill elements in the given buffer");throw nt(e, t), t;
- }
- }ot(e), we(t);
- }(this);
- }enqueue(e) {
- if (!1 === Ne(this)) throw yt("enqueue");if (!0 === this._closeRequested) throw new TypeError("stream is closed or draining");const t = this._controlledReadableByteStream._state;if ("readable" !== t) throw new TypeError(`The stream (in ${t} state) is not in the readable state and cannot be enqueued to`);if (!ArrayBuffer.isView(e)) throw new TypeError("You can only enqueue array buffer views when using a ReadableByteStreamController");e.buffer, function (e, t) {
- const r = e._controlledReadableByteStream,
- o = t.buffer,
- n = t.byteOffset,
- i = t.byteLength,
- a = _(o);if (!0 === qe(r)) {
- if (0 === Pe(r)) Ge(e, a, n, i);else {
- const e = new Uint8Array(a, n, i);ve(r, e, !1);
- }
- } else !0 === Te(r) ? (Ge(e, a, n, i), et(e)) : Ge(e, a, n, i);xe(e);
- }(this, e);
- }error(e) {
- if (!1 === Ne(this)) throw yt("error");nt(this, e);
- }[le](e) {
- if (this._pendingPullIntos.length > 0) {
- this._pendingPullIntos[0].bytesFilled = 0;
- }v(this);const t = this._cancelAlgorithm(e);return ot(this), t;
- }[ce](e) {
- const t = this._controlledReadableByteStream;if (this._queueTotalSize > 0) {
- const t = this._queue.shift();let r;this._queueTotalSize -= t.byteLength, Xe(this);try {
- r = new Uint8Array(t.buffer, t.byteOffset, t.byteLength);
- } catch (e) {
- return Promise.reject(e);
- }return Promise.resolve(ge(r, !1, e));
- }const r = this._autoAllocateChunkSize;if (void 0 !== r) {
- let e;try {
- e = new ArrayBuffer(r);
- } catch (e) {
- return Promise.reject(e);
- }const t = { buffer: e, byteOffset: 0, byteLength: r, bytesFilled: 0, elementSize: 1, ctor: Uint8Array, readerType: "default" };this._pendingPullIntos.push(t);
- }const o = ye(t, e);return xe(this), o;
- }
- }function Ne(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_controlledReadableByteStream");
- }function Qe(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_associatedReadableByteStreamController");
- }function xe(e) {
- !1 !== function (e) {
- const t = e._controlledReadableByteStream;if ("readable" !== t._state) return !1;if (!0 === e._closeRequested) return !1;if (!1 === e._started) return !1;if (!0 === qe(t) && Pe(t) > 0) return !0;if (!0 === Te(t) && Re(t) > 0) return !0;if (it(e) > 0) return !0;return !1;
- }(e) && (!0 !== e._pulling ? (e._pulling = !0, e._pullAlgorithm().then(() => {
- e._pulling = !1, !0 === e._pullAgain && (e._pullAgain = !1, xe(e));
- }, t => {
- nt(e, t);
- }).catch(w)) : e._pullAgain = !0);
- }function He(e) {
- Ze(e), e._pendingPullIntos = [];
- }function Ue(e, t) {
- let r = !1;"closed" === e._state && (r = !0);const o = Ve(t);"default" === t.readerType ? ve(e, o, r) : function (e, t, r) {
- const o = e._reader._readIntoRequests.shift();o._resolve(ge(t, r, o._forAuthorCode));
- }(e, o, r);
- }function Ve(e) {
- const t = e.bytesFilled,
- r = e.elementSize;return new e.ctor(e.buffer, e.byteOffset, t / r);
- }function Ge(e, t, r, o) {
- e._queue.push({ buffer: t, byteOffset: r, byteLength: o }), e._queueTotalSize += o;
- }function Je(e, t) {
- const r = t.elementSize,
- o = t.bytesFilled - t.bytesFilled % r,
- n = Math.min(e._queueTotalSize, t.byteLength - t.bytesFilled),
- i = t.bytesFilled + n,
- a = i - i % r;let l = n,
- c = !1;a > o && (l = a - t.bytesFilled, c = !0);const u = e._queue;for (; l > 0;) {
- const r = u[0],
- o = Math.min(l, r.byteLength),
- n = t.byteOffset + t.bytesFilled;s(t.buffer, n, r.buffer, r.byteOffset, o), r.byteLength === o ? u.shift() : (r.byteOffset += o, r.byteLength -= o), e._queueTotalSize -= o, Ke(e, o, t), l -= o;
- }return c;
- }function Ke(e, t, r) {
- Ze(e), r.bytesFilled += t;
- }function Xe(e) {
- 0 === e._queueTotalSize && !0 === e._closeRequested ? (ot(e), we(e._controlledReadableByteStream)) : xe(e);
- }function Ze(e) {
- void 0 !== e._byobRequest && (e._byobRequest._associatedReadableByteStreamController = void 0, e._byobRequest._view = void 0, e._byobRequest = void 0);
- }function et(e) {
- for (; e._pendingPullIntos.length > 0;) {
- if (0 === e._queueTotalSize) return;const t = e._pendingPullIntos[0];!0 === Je(e, t) && (rt(e), Ue(e._controlledReadableByteStream, t));
- }
- }function tt(e, t) {
- const r = e._pendingPullIntos[0];if ("closed" === e._controlledReadableByteStream._state) {
- if (0 !== t) throw new TypeError("bytesWritten must be 0 when calling respond() on a closed stream");!function (e, t) {
- t.buffer = _(t.buffer);const r = e._controlledReadableByteStream;if (!0 === Te(r)) for (; Re(r) > 0;) Ue(r, rt(e));
- }(e, r);
- } else !function (e, t, r) {
- if (r.bytesFilled + t > r.byteLength) throw new RangeError("bytesWritten out of range");if (Ke(e, t, r), r.bytesFilled < r.elementSize) return;rt(e);const o = r.bytesFilled % r.elementSize;if (o > 0) {
- const t = r.byteOffset + r.bytesFilled,
- n = r.buffer.slice(t - o, t);Ge(e, n, 0, n.byteLength);
- }r.buffer = _(r.buffer), r.bytesFilled -= o, Ue(e._controlledReadableByteStream, r), et(e);
- }(e, t, r);xe(e);
- }function rt(e) {
- const t = e._pendingPullIntos.shift();return Ze(e), t;
- }function ot(e) {
- e._pullAlgorithm = void 0, e._cancelAlgorithm = void 0;
- }function nt(e, t) {
- const r = e._controlledReadableByteStream;"readable" === r._state && (He(e), v(e), ot(e), Se(r, t));
- }function it(e) {
- const t = e._controlledReadableByteStream._state;return "errored" === t ? null : "closed" === t ? 0 : e._strategyHWM - e._queueTotalSize;
- }function at(e) {
- if ("object" != typeof e || null === e) return !1;const t = Object.getOwnPropertyDescriptor(AbortSignal.prototype, "aborted").get;try {
- return t.call(e), !0;
- } catch (e) {
- return !1;
- }
- }function st(e) {
- return new TypeError(`ReadableStream.prototype.${e} can only be used on a ReadableStream`);
- }function lt(e) {
- return new TypeError("Cannot " + e + " a stream using a released reader");
- }function ct(e) {
- return new TypeError(`ReadableStreamDefaultReader.prototype.${e} can only be used on a ReadableStreamDefaultReader`);
- }function ut(e) {
- e._closedPromise = new Promise((t, r) => {
- e._closedPromise_resolve = t, e._closedPromise_reject = r;
- });
- }function dt(e, t) {
- ut(e), ft(e, t);
- }function ft(e, t) {
- e._closedPromise.catch(() => {}), e._closedPromise_reject(t), e._closedPromise_resolve = void 0, e._closedPromise_reject = void 0;
- }function _t(e) {
- e._closedPromise_resolve(void 0), e._closedPromise_resolve = void 0, e._closedPromise_reject = void 0;
- }function ht(e) {
- return new TypeError(`ReadableStreamBYOBReader.prototype.${e} can only be used on a ReadableStreamBYOBReader`);
- }function bt(e) {
- return new TypeError(`ReadableStreamDefaultController.prototype.${e} can only be used on a ReadableStreamDefaultController`);
- }function mt(e) {
- return new TypeError(`ReadableStreamBYOBRequest.prototype.${e} can only be used on a ReadableStreamBYOBRequest`);
- }function yt(e) {
- return new TypeError(`ReadableByteStreamController.prototype.${e} can only be used on a ReadableByteStreamController`);
- }class ByteLengthQueuingStrategy {
- constructor({ highWaterMark: e }) {
- i(this, "highWaterMark", e);
- }size(e) {
- return e.byteLength;
- }
- }class CountQueuingStrategy {
- constructor({ highWaterMark: e }) {
- i(this, "highWaterMark", e);
- }size() {
- return 1;
- }
- }class TransformStream {
- constructor(e = {}, t = {}, r = {}) {
- const o = t.size;let n = t.highWaterMark;const i = r.size;let a = r.highWaterMark;if (void 0 !== e.writableType) throw new RangeError("Invalid writable type specified");const s = b(o);if (void 0 === n && (n = 1), n = h(n), void 0 !== e.readableType) throw new RangeError("Invalid readable type specified");const l = b(i);let c;void 0 === a && (a = 0), a = h(a), function (e, t, r, o, n, i) {
- function a() {
- return t;
- }e._writable = function (e, t, r, o, n = 1, i = () => 1) {
- const a = Object.create(WritableStream.prototype);return q(a), $(a, Object.create(WritableStreamDefaultController.prototype), e, t, r, o, n, i), a;
- }(a, function (t) {
- return function (e, t) {
- const r = e._transformStreamController;if (!0 === e._backpressure) {
- const o = e._backpressureChangePromise;return o.then(() => {
- const o = e._writable,
- n = o._state;if ("erroring" === n) throw o._storedError;return Tt(r, t);
- });
- }return Tt(r, t);
- }(e, t);
- }, function () {
- return function (e) {
- const t = e._readable,
- r = e._transformStreamController,
- o = r._flushAlgorithm();return Rt(r), o.then(() => {
- if ("errored" === t._state) throw t._storedError;const e = t._readableStreamController;!0 === Ye(e) && Le(e);
- }).catch(r => {
- throw wt(e, r), t._storedError;
- });
- }(e);
- }, function (t) {
- return function (e, t) {
- return wt(e, t), Promise.resolve();
- }(e, t);
- }, r, o), e._readable = de(a, function () {
- return function (e) {
- return St(e, !1), e._backpressureChangePromise;
- }(e);
- }, function (t) {
- return gt(e, t), Promise.resolve();
- }, n, i), e._backpressure = void 0, e._backpressureChangePromise = void 0, e._backpressureChangePromise_resolve = void 0, St(e, !0), e._transformStreamController = void 0;
- }(this, new Promise(e => {
- c = e;
- }), n, s, a, l), function (e, t) {
- const r = Object.create(TransformStreamDefaultController.prototype);let o = e => {
- try {
- return Pt(r, e), Promise.resolve();
- } catch (e) {
- return Promise.reject(e);
- }
- };const n = t.transform;if (void 0 !== n) {
- if ("function" != typeof n) throw new TypeError("transform is not a method");o = e => f(n, t, [e, r]);
- }const i = u(t, "flush", 0, [r]);!function (e, t, r, o) {
- t._controlledTransformStream = e, e._transformStreamController = t, t._transformAlgorithm = r, t._flushAlgorithm = o;
- }(e, r, o, i);
- }(this, e);const _ = d(e, "start", [this._transformStreamController]);c(_);
- }get readable() {
- if (!1 === pt(this)) throw Et("readable");return this._readable;
- }get writable() {
- if (!1 === pt(this)) throw Et("writable");return this._writable;
- }
- }function pt(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_transformStreamController");
- }function wt(e, t) {
- De(e._readable._readableStreamController, t), gt(e, t);
- }function gt(e, t) {
- Rt(e._transformStreamController), H(e._writable._writableStreamController, t), !0 === e._backpressure && St(e, !1);
- }function St(e, t) {
- void 0 !== e._backpressureChangePromise && e._backpressureChangePromise_resolve(), e._backpressureChangePromise = new Promise(t => {
- e._backpressureChangePromise_resolve = t;
- }), e._backpressure = t;
- }class TransformStreamDefaultController {
- constructor() {
- throw new TypeError("TransformStreamDefaultController instances cannot be created directly");
- }get desiredSize() {
- if (!1 === vt(this)) throw qt("desiredSize");return Me(this._controlledTransformStream._readable._readableStreamController);
- }enqueue(e) {
- if (!1 === vt(this)) throw qt("enqueue");Pt(this, e);
- }error(e) {
- if (!1 === vt(this)) throw qt("error");!function (e, t) {
- wt(e._controlledTransformStream, t);
- }(this, e);
- }terminate() {
- if (!1 === vt(this)) throw qt("terminate");!function (e) {
- const t = e._controlledTransformStream,
- r = t._readable._readableStreamController;!0 === Ye(r) && Le(r);const o = new TypeError("TransformStream terminated");gt(t, o);
- }(this);
- }
- }function vt(e) {
- return !!n(e) && !!Object.prototype.hasOwnProperty.call(e, "_controlledTransformStream");
- }function Rt(e) {
- e._transformAlgorithm = void 0, e._flushAlgorithm = void 0;
- }function Pt(e, t) {
- const r = e._controlledTransformStream,
- o = r._readable._readableStreamController;if (!1 === Ye(o)) throw new TypeError("Readable side is not in a state that permits enqueue");try {
- Ie(o, t);
- } catch (e) {
- throw gt(r, e), r._readable._storedError;
- }(function (e) {
- return !0 !== ke(e);
- })(o) !== r._backpressure && St(r, !0);
- }function Tt(e, t) {
- return e._transformAlgorithm(t).catch(t => {
- throw wt(e._controlledTransformStream, t), t;
- });
- }function qt(e) {
- return new TypeError(`TransformStreamDefaultController.prototype.${e} can only be used on a TransformStreamDefaultController`);
- }function Et(e) {
- return new TypeError(`TransformStream.prototype.${e} can only be used on a TransformStream`);
- }const Ct = { ReadableStream: ReadableStream, WritableStream: WritableStream, ByteLengthQueuingStrategy: ByteLengthQueuingStrategy, CountQueuingStrategy: CountQueuingStrategy, TransformStream: TransformStream };void 0 !== r && Object.assign(r, Ct), e.ReadableStream = ReadableStream, e.WritableStream = WritableStream, e.ByteLengthQueuingStrategy = ByteLengthQueuingStrategy, e.CountQueuingStrategy = CountQueuingStrategy, e.TransformStream = TransformStream, Object.defineProperty(e, "__esModule", { value: !0 });
- });
- }).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
- },{}],2:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- /**
- * @file {@link http://asmjs.org Asm.js} implementation of the {@link https://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard}.
- * @author Artem S Vybornov <vybornov@gmail.com>
- * @license MIT
- */
- var AES_asm = exports.AES_asm = function () {
- "use strict";
- /**
- * Galois Field stuff init flag
- */
- var ginit_done = false;
- /**
- * Galois Field exponentiation and logarithm tables for 3 (the generator)
- */
- var gexp3, glog3;
- /**
- * Init Galois Field tables
- */
- function ginit() {
- gexp3 = [], glog3 = [];
- var a = 1,
- c,
- d;
- for (c = 0; c < 255; c++) {
- gexp3[c] = a;
- // Multiply by three
- d = a & 0x80, a <<= 1, a &= 255;
- if (d === 0x80) a ^= 0x1b;
- a ^= gexp3[c];
- // Set the log table value
- glog3[gexp3[c]] = c;
- }
- gexp3[255] = gexp3[0];
- glog3[0] = 0;
- ginit_done = true;
- }
- /**
- * Galois Field multiplication
- * @param {number} a
- * @param {number} b
- * @return {number}
- */
- function gmul(a, b) {
- var c = gexp3[(glog3[a] + glog3[b]) % 255];
- if (a === 0 || b === 0) c = 0;
- return c;
- }
- /**
- * Galois Field reciprocal
- * @param {number} a
- * @return {number}
- */
- function ginv(a) {
- var i = gexp3[255 - glog3[a]];
- if (a === 0) i = 0;
- return i;
- }
- /**
- * AES stuff init flag
- */
- var aes_init_done = false;
- /**
- * Encryption, Decryption, S-Box and KeyTransform tables
- *
- * @type {number[]}
- */
- var aes_sbox;
- /**
- * @type {number[]}
- */
- var aes_sinv;
- /**
- * @type {number[][]}
- */
- var aes_enc;
- /**
- * @type {number[][]}
- */
- var aes_dec;
- /**
- * Init AES tables
- */
- function aes_init() {
- if (!ginit_done) ginit();
- // Calculates AES S-Box value
- function _s(a) {
- var c, s, x;
- s = x = ginv(a);
- for (c = 0; c < 4; c++) {
- s = (s << 1 | s >>> 7) & 255;
- x ^= s;
- }
- x ^= 99;
- return x;
- }
- // Tables
- aes_sbox = [], aes_sinv = [], aes_enc = [[], [], [], []], aes_dec = [[], [], [], []];
- for (var i = 0; i < 256; i++) {
- var s = _s(i);
- // S-Box and its inverse
- aes_sbox[i] = s;
- aes_sinv[s] = i;
- // Ecryption and Decryption tables
- aes_enc[0][i] = gmul(2, s) << 24 | s << 16 | s << 8 | gmul(3, s);
- aes_dec[0][s] = gmul(14, i) << 24 | gmul(9, i) << 16 | gmul(13, i) << 8 | gmul(11, i);
- // Rotate tables
- for (var t = 1; t < 4; t++) {
- aes_enc[t][i] = aes_enc[t - 1][i] >>> 8 | aes_enc[t - 1][i] << 24;
- aes_dec[t][s] = aes_dec[t - 1][s] >>> 8 | aes_dec[t - 1][s] << 24;
- }
- }
- aes_init_done = true;
- }
- /**
- * Asm.js module constructor.
- *
- * <p>
- * Heap buffer layout by offset:
- * <pre>
- * 0x0000 encryption key schedule
- * 0x0400 decryption key schedule
- * 0x0800 sbox
- * 0x0c00 inv sbox
- * 0x1000 encryption tables
- * 0x2000 decryption tables
- * 0x3000 reserved (future GCM multiplication lookup table)
- * 0x4000 data
- * </pre>
- * Don't touch anything before <code>0x400</code>.
- * </p>
- *
- * @alias AES_asm
- * @class
- * @param foreign - <i>ignored</i>
- * @param buffer - heap buffer to link with
- */
- var wrapper = function wrapper(foreign, buffer) {
- // Init AES stuff for the first time
- if (!aes_init_done) aes_init();
- // Fill up AES tables
- var heap = new Uint32Array(buffer);
- heap.set(aes_sbox, 0x0800 >> 2);
- heap.set(aes_sinv, 0x0c00 >> 2);
- for (var i = 0; i < 4; i++) {
- heap.set(aes_enc[i], 0x1000 + 0x400 * i >> 2);
- heap.set(aes_dec[i], 0x2000 + 0x400 * i >> 2);
- }
- /**
- * Calculate AES key schedules.
- * @instance
- * @memberof AES_asm
- * @param {number} ks - key size, 4/6/8 (for 128/192/256-bit key correspondingly)
- * @param {number} k0 - key vector components
- * @param {number} k1 - key vector components
- * @param {number} k2 - key vector components
- * @param {number} k3 - key vector components
- * @param {number} k4 - key vector components
- * @param {number} k5 - key vector components
- * @param {number} k6 - key vector components
- * @param {number} k7 - key vector components
- */
- function set_key(ks, k0, k1, k2, k3, k4, k5, k6, k7) {
- var ekeys = heap.subarray(0x000, 60),
- dkeys = heap.subarray(0x100, 0x100 + 60);
- // Encryption key schedule
- ekeys.set([k0, k1, k2, k3, k4, k5, k6, k7]);
- for (var i = ks, rcon = 1; i < 4 * ks + 28; i++) {
- var k = ekeys[i - 1];
- if (i % ks === 0 || ks === 8 && i % ks === 4) {
- k = aes_sbox[k >>> 24] << 24 ^ aes_sbox[k >>> 16 & 255] << 16 ^ aes_sbox[k >>> 8 & 255] << 8 ^ aes_sbox[k & 255];
- }
- if (i % ks === 0) {
- k = k << 8 ^ k >>> 24 ^ rcon << 24;
- rcon = rcon << 1 ^ (rcon & 0x80 ? 0x1b : 0);
- }
- ekeys[i] = ekeys[i - ks] ^ k;
- }
- // Decryption key schedule
- for (var j = 0; j < i; j += 4) {
- for (var jj = 0; jj < 4; jj++) {
- var k = ekeys[i - (4 + j) + (4 - jj) % 4];
- if (j < 4 || j >= i - 4) {
- dkeys[j + jj] = k;
- } else {
- dkeys[j + jj] = aes_dec[0][aes_sbox[k >>> 24]] ^ aes_dec[1][aes_sbox[k >>> 16 & 255]] ^ aes_dec[2][aes_sbox[k >>> 8 & 255]] ^ aes_dec[3][aes_sbox[k & 255]];
- }
- }
- }
- // Set rounds number
- asm.set_rounds(ks + 5);
- }
- // create library object with necessary properties
- var stdlib = { Uint8Array: Uint8Array, Uint32Array: Uint32Array };
- var asm = function (stdlib, foreign, buffer) {
- "use asm";
- var S0 = 0,
- S1 = 0,
- S2 = 0,
- S3 = 0,
- I0 = 0,
- I1 = 0,
- I2 = 0,
- I3 = 0,
- N0 = 0,
- N1 = 0,
- N2 = 0,
- N3 = 0,
- M0 = 0,
- M1 = 0,
- M2 = 0,
- M3 = 0,
- H0 = 0,
- H1 = 0,
- H2 = 0,
- H3 = 0,
- R = 0;
- var HEAP = new stdlib.Uint32Array(buffer),
- DATA = new stdlib.Uint8Array(buffer);
- /**
- * AES core
- * @param {number} k - precomputed key schedule offset
- * @param {number} s - precomputed sbox table offset
- * @param {number} t - precomputed round table offset
- * @param {number} r - number of inner rounds to perform
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _core(k, s, t, r, x0, x1, x2, x3) {
- k = k | 0;
- s = s | 0;
- t = t | 0;
- r = r | 0;
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- var t1 = 0,
- t2 = 0,
- t3 = 0,
- y0 = 0,
- y1 = 0,
- y2 = 0,
- y3 = 0,
- i = 0;
- t1 = t | 0x400, t2 = t | 0x800, t3 = t | 0xc00;
- // round 0
- x0 = x0 ^ HEAP[(k | 0) >> 2], x1 = x1 ^ HEAP[(k | 4) >> 2], x2 = x2 ^ HEAP[(k | 8) >> 2], x3 = x3 ^ HEAP[(k | 12) >> 2];
- // round 1..r
- for (i = 16; (i | 0) <= r << 4; i = i + 16 | 0) {
- y0 = HEAP[(t | x0 >> 22 & 1020) >> 2] ^ HEAP[(t1 | x1 >> 14 & 1020) >> 2] ^ HEAP[(t2 | x2 >> 6 & 1020) >> 2] ^ HEAP[(t3 | x3 << 2 & 1020) >> 2] ^ HEAP[(k | i | 0) >> 2], y1 = HEAP[(t | x1 >> 22 & 1020) >> 2] ^ HEAP[(t1 | x2 >> 14 & 1020) >> 2] ^ HEAP[(t2 | x3 >> 6 & 1020) >> 2] ^ HEAP[(t3 | x0 << 2 & 1020) >> 2] ^ HEAP[(k | i | 4) >> 2], y2 = HEAP[(t | x2 >> 22 & 1020) >> 2] ^ HEAP[(t1 | x3 >> 14 & 1020) >> 2] ^ HEAP[(t2 | x0 >> 6 & 1020) >> 2] ^ HEAP[(t3 | x1 << 2 & 1020) >> 2] ^ HEAP[(k | i | 8) >> 2], y3 = HEAP[(t | x3 >> 22 & 1020) >> 2] ^ HEAP[(t1 | x0 >> 14 & 1020) >> 2] ^ HEAP[(t2 | x1 >> 6 & 1020) >> 2] ^ HEAP[(t3 | x2 << 2 & 1020) >> 2] ^ HEAP[(k | i | 12) >> 2];
- x0 = y0, x1 = y1, x2 = y2, x3 = y3;
- }
- // final round
- S0 = HEAP[(s | x0 >> 22 & 1020) >> 2] << 24 ^ HEAP[(s | x1 >> 14 & 1020) >> 2] << 16 ^ HEAP[(s | x2 >> 6 & 1020) >> 2] << 8 ^ HEAP[(s | x3 << 2 & 1020) >> 2] ^ HEAP[(k | i | 0) >> 2], S1 = HEAP[(s | x1 >> 22 & 1020) >> 2] << 24 ^ HEAP[(s | x2 >> 14 & 1020) >> 2] << 16 ^ HEAP[(s | x3 >> 6 & 1020) >> 2] << 8 ^ HEAP[(s | x0 << 2 & 1020) >> 2] ^ HEAP[(k | i | 4) >> 2], S2 = HEAP[(s | x2 >> 22 & 1020) >> 2] << 24 ^ HEAP[(s | x3 >> 14 & 1020) >> 2] << 16 ^ HEAP[(s | x0 >> 6 & 1020) >> 2] << 8 ^ HEAP[(s | x1 << 2 & 1020) >> 2] ^ HEAP[(k | i | 8) >> 2], S3 = HEAP[(s | x3 >> 22 & 1020) >> 2] << 24 ^ HEAP[(s | x0 >> 14 & 1020) >> 2] << 16 ^ HEAP[(s | x1 >> 6 & 1020) >> 2] << 8 ^ HEAP[(s | x2 << 2 & 1020) >> 2] ^ HEAP[(k | i | 12) >> 2];
- }
- /**
- * ECB mode encryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _ecb_enc(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, x0, x1, x2, x3);
- }
- /**
- * ECB mode decryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _ecb_dec(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- var t = 0;
- _core(0x0400, 0x0c00, 0x2000, R, x0, x3, x2, x1);
- t = S1, S1 = S3, S3 = t;
- }
- /**
- * CBC mode encryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _cbc_enc(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, I0 ^ x0, I1 ^ x1, I2 ^ x2, I3 ^ x3);
- I0 = S0, I1 = S1, I2 = S2, I3 = S3;
- }
- /**
- * CBC mode decryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _cbc_dec(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- var t = 0;
- _core(0x0400, 0x0c00, 0x2000, R, x0, x3, x2, x1);
- t = S1, S1 = S3, S3 = t;
- S0 = S0 ^ I0, S1 = S1 ^ I1, S2 = S2 ^ I2, S3 = S3 ^ I3;
- I0 = x0, I1 = x1, I2 = x2, I3 = x3;
- }
- /**
- * CFB mode encryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _cfb_enc(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, I0, I1, I2, I3);
- I0 = S0 = S0 ^ x0, I1 = S1 = S1 ^ x1, I2 = S2 = S2 ^ x2, I3 = S3 = S3 ^ x3;
- }
- /**
- * CFB mode decryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _cfb_dec(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, I0, I1, I2, I3);
- S0 = S0 ^ x0, S1 = S1 ^ x1, S2 = S2 ^ x2, S3 = S3 ^ x3;
- I0 = x0, I1 = x1, I2 = x2, I3 = x3;
- }
- /**
- * OFB mode encryption / decryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _ofb(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, I0, I1, I2, I3);
- I0 = S0, I1 = S1, I2 = S2, I3 = S3;
- S0 = S0 ^ x0, S1 = S1 ^ x1, S2 = S2 ^ x2, S3 = S3 ^ x3;
- }
- /**
- * CTR mode encryption / decryption
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _ctr(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- _core(0x0000, 0x0800, 0x1000, R, N0, N1, N2, N3);
- N3 = ~M3 & N3 | M3 & N3 + 1;
- N2 = ~M2 & N2 | M2 & N2 + ((N3 | 0) == 0);
- N1 = ~M1 & N1 | M1 & N1 + ((N2 | 0) == 0);
- N0 = ~M0 & N0 | M0 & N0 + ((N1 | 0) == 0);
- S0 = S0 ^ x0;
- S1 = S1 ^ x1;
- S2 = S2 ^ x2;
- S3 = S3 ^ x3;
- }
- /**
- * GCM mode MAC calculation
- * @param {number} x0 - 128-bit input block vector
- * @param {number} x1 - 128-bit input block vector
- * @param {number} x2 - 128-bit input block vector
- * @param {number} x3 - 128-bit input block vector
- */
- function _gcm_mac(x0, x1, x2, x3) {
- x0 = x0 | 0;
- x1 = x1 | 0;
- x2 = x2 | 0;
- x3 = x3 | 0;
- var y0 = 0,
- y1 = 0,
- y2 = 0,
- y3 = 0,
- z0 = 0,
- z1 = 0,
- z2 = 0,
- z3 = 0,
- i = 0,
- c = 0;
- x0 = x0 ^ I0, x1 = x1 ^ I1, x2 = x2 ^ I2, x3 = x3 ^ I3;
- y0 = H0 | 0, y1 = H1 | 0, y2 = H2 | 0, y3 = H3 | 0;
- for (; (i | 0) < 128; i = i + 1 | 0) {
- if (y0 >>> 31) {
- z0 = z0 ^ x0, z1 = z1 ^ x1, z2 = z2 ^ x2, z3 = z3 ^ x3;
- }
- y0 = y0 << 1 | y1 >>> 31, y1 = y1 << 1 | y2 >>> 31, y2 = y2 << 1 | y3 >>> 31, y3 = y3 << 1;
- c = x3 & 1;
- x3 = x3 >>> 1 | x2 << 31, x2 = x2 >>> 1 | x1 << 31, x1 = x1 >>> 1 | x0 << 31, x0 = x0 >>> 1;
- if (c) x0 = x0 ^ 0xe1000000;
- }
- I0 = z0, I1 = z1, I2 = z2, I3 = z3;
- }
- /**
- * Set the internal rounds number.
- * @instance
- * @memberof AES_asm
- * @param {number} r - number if inner AES rounds
- */
- function set_rounds(r) {
- r = r | 0;
- R = r;
- }
- /**
- * Populate the internal state of the module.
- * @instance
- * @memberof AES_asm
- * @param {number} s0 - state vector
- * @param {number} s1 - state vector
- * @param {number} s2 - state vector
- * @param {number} s3 - state vector
- */
- function set_state(s0, s1, s2, s3) {
- s0 = s0 | 0;
- s1 = s1 | 0;
- s2 = s2 | 0;
- s3 = s3 | 0;
- S0 = s0, S1 = s1, S2 = s2, S3 = s3;
- }
- /**
- * Populate the internal iv of the module.
- * @instance
- * @memberof AES_asm
- * @param {number} i0 - iv vector
- * @param {number} i1 - iv vector
- * @param {number} i2 - iv vector
- * @param {number} i3 - iv vector
- */
- function set_iv(i0, i1, i2, i3) {
- i0 = i0 | 0;
- i1 = i1 | 0;
- i2 = i2 | 0;
- i3 = i3 | 0;
- I0 = i0, I1 = i1, I2 = i2, I3 = i3;
- }
- /**
- * Set nonce for CTR-family modes.
- * @instance
- * @memberof AES_asm
- * @param {number} n0 - nonce vector
- * @param {number} n1 - nonce vector
- * @param {number} n2 - nonce vector
- * @param {number} n3 - nonce vector
- */
- function set_nonce(n0, n1, n2, n3) {
- n0 = n0 | 0;
- n1 = n1 | 0;
- n2 = n2 | 0;
- n3 = n3 | 0;
- N0 = n0, N1 = n1, N2 = n2, N3 = n3;
- }
- /**
- * Set counter mask for CTR-family modes.
- * @instance
- * @memberof AES_asm
- * @param {number} m0 - counter mask vector
- * @param {number} m1 - counter mask vector
- * @param {number} m2 - counter mask vector
- * @param {number} m3 - counter mask vector
- */
- function set_mask(m0, m1, m2, m3) {
- m0 = m0 | 0;
- m1 = m1 | 0;
- m2 = m2 | 0;
- m3 = m3 | 0;
- M0 = m0, M1 = m1, M2 = m2, M3 = m3;
- }
- /**
- * Set counter for CTR-family modes.
- * @instance
- * @memberof AES_asm
- * @param {number} c0 - counter vector
- * @param {number} c1 - counter vector
- * @param {number} c2 - counter vector
- * @param {number} c3 - counter vector
- */
- function set_counter(c0, c1, c2, c3) {
- c0 = c0 | 0;
- c1 = c1 | 0;
- c2 = c2 | 0;
- c3 = c3 | 0;
- N3 = ~M3 & N3 | M3 & c3, N2 = ~M2 & N2 | M2 & c2, N1 = ~M1 & N1 | M1 & c1, N0 = ~M0 & N0 | M0 & c0;
- }
- /**
- * Store the internal state vector into the heap.
- * @instance
- * @memberof AES_asm
- * @param {number} pos - offset where to put the data
- * @return {number} The number of bytes have been written into the heap, always 16.
- */
- function get_state(pos) {
- pos = pos | 0;
- if (pos & 15) return -1;
- DATA[pos | 0] = S0 >>> 24, DATA[pos | 1] = S0 >>> 16 & 255, DATA[pos | 2] = S0 >>> 8 & 255, DATA[pos | 3] = S0 & 255, DATA[pos | 4] = S1 >>> 24, DATA[pos | 5] = S1 >>> 16 & 255, DATA[pos | 6] = S1 >>> 8 & 255, DATA[pos | 7] = S1 & 255, DATA[pos | 8] = S2 >>> 24, DATA[pos | 9] = S2 >>> 16 & 255, DATA[pos | 10] = S2 >>> 8 & 255, DATA[pos | 11] = S2 & 255, DATA[pos | 12] = S3 >>> 24, DATA[pos | 13] = S3 >>> 16 & 255, DATA[pos | 14] = S3 >>> 8 & 255, DATA[pos | 15] = S3 & 255;
- return 16;
- }
- /**
- * Store the internal iv vector into the heap.
- * @instance
- * @memberof AES_asm
- * @param {number} pos - offset where to put the data
- * @return {number} The number of bytes have been written into the heap, always 16.
- */
- function get_iv(pos) {
- pos = pos | 0;
- if (pos & 15) return -1;
- DATA[pos | 0] = I0 >>> 24, DATA[pos | 1] = I0 >>> 16 & 255, DATA[pos | 2] = I0 >>> 8 & 255, DATA[pos | 3] = I0 & 255, DATA[pos | 4] = I1 >>> 24, DATA[pos | 5] = I1 >>> 16 & 255, DATA[pos | 6] = I1 >>> 8 & 255, DATA[pos | 7] = I1 & 255, DATA[pos | 8] = I2 >>> 24, DATA[pos | 9] = I2 >>> 16 & 255, DATA[pos | 10] = I2 >>> 8 & 255, DATA[pos | 11] = I2 & 255, DATA[pos | 12] = I3 >>> 24, DATA[pos | 13] = I3 >>> 16 & 255, DATA[pos | 14] = I3 >>> 8 & 255, DATA[pos | 15] = I3 & 255;
- return 16;
- }
- /**
- * GCM initialization.
- * @instance
- * @memberof AES_asm
- */
- function gcm_init() {
- _ecb_enc(0, 0, 0, 0);
- H0 = S0, H1 = S1, H2 = S2, H3 = S3;
- }
- /**
- * Perform ciphering operation on the supplied data.
- * @instance
- * @memberof AES_asm
- * @param {number} mode - block cipher mode (see {@link AES_asm} mode constants)
- * @param {number} pos - offset of the data being processed
- * @param {number} len - length of the data being processed
- * @return {number} Actual amount of data have been processed.
- */
- function cipher(mode, pos, len) {
- mode = mode | 0;
- pos = pos | 0;
- len = len | 0;
- var ret = 0;
- if (pos & 15) return -1;
- while ((len | 0) >= 16) {
- _cipher_modes[mode & 7](DATA[pos | 0] << 24 | DATA[pos | 1] << 16 | DATA[pos | 2] << 8 | DATA[pos | 3], DATA[pos | 4] << 24 | DATA[pos | 5] << 16 | DATA[pos | 6] << 8 | DATA[pos | 7], DATA[pos | 8] << 24 | DATA[pos | 9] << 16 | DATA[pos | 10] << 8 | DATA[pos | 11], DATA[pos | 12] << 24 | DATA[pos | 13] << 16 | DATA[pos | 14] << 8 | DATA[pos | 15]);
- DATA[pos | 0] = S0 >>> 24, DATA[pos | 1] = S0 >>> 16 & 255, DATA[pos | 2] = S0 >>> 8 & 255, DATA[pos | 3] = S0 & 255, DATA[pos | 4] = S1 >>> 24, DATA[pos | 5] = S1 >>> 16 & 255, DATA[pos | 6] = S1 >>> 8 & 255, DATA[pos | 7] = S1 & 255, DATA[pos | 8] = S2 >>> 24, DATA[pos | 9] = S2 >>> 16 & 255, DATA[pos | 10] = S2 >>> 8 & 255, DATA[pos | 11] = S2 & 255, DATA[pos | 12] = S3 >>> 24, DATA[pos | 13] = S3 >>> 16 & 255, DATA[pos | 14] = S3 >>> 8 & 255, DATA[pos | 15] = S3 & 255;
- ret = ret + 16 | 0, pos = pos + 16 | 0, len = len - 16 | 0;
- }
- return ret | 0;
- }
- /**
- * Calculates MAC of the supplied data.
- * @instance
- * @memberof AES_asm
- * @param {number} mode - block cipher mode (see {@link AES_asm} mode constants)
- * @param {number} pos - offset of the data being processed
- * @param {number} len - length of the data being processed
- * @return {number} Actual amount of data have been processed.
- */
- function mac(mode, pos, len) {
- mode = mode | 0;
- pos = pos | 0;
- len = len | 0;
- var ret = 0;
- if (pos & 15) return -1;
- while ((len | 0) >= 16) {
- _mac_modes[mode & 1](DATA[pos | 0] << 24 | DATA[pos | 1] << 16 | DATA[pos | 2] << 8 | DATA[pos | 3], DATA[pos | 4] << 24 | DATA[pos | 5] << 16 | DATA[pos | 6] << 8 | DATA[pos | 7], DATA[pos | 8] << 24 | DATA[pos | 9] << 16 | DATA[pos | 10] << 8 | DATA[pos | 11], DATA[pos | 12] << 24 | DATA[pos | 13] << 16 | DATA[pos | 14] << 8 | DATA[pos | 15]);
- ret = ret + 16 | 0, pos = pos + 16 | 0, len = len - 16 | 0;
- }
- return ret | 0;
- }
- /**
- * AES cipher modes table (virual methods)
- */
- var _cipher_modes = [_ecb_enc, _ecb_dec, _cbc_enc, _cbc_dec, _cfb_enc, _cfb_dec, _ofb, _ctr];
- /**
- * AES MAC modes table (virual methods)
- */
- var _mac_modes = [_cbc_enc, _gcm_mac];
- /**
- * Asm.js module exports
- */
- return {
- set_rounds: set_rounds,
- set_state: set_state,
- set_iv: set_iv,
- set_nonce: set_nonce,
- set_mask: set_mask,
- set_counter: set_counter,
- get_state: get_state,
- get_iv: get_iv,
- gcm_init: gcm_init,
- cipher: cipher,
- mac: mac
- };
- }(stdlib, foreign, buffer);
- asm.set_key = set_key;
- return asm;
- };
- /**
- * AES enciphering mode constants
- * @enum {number}
- * @const
- */
- wrapper.ENC = {
- ECB: 0,
- CBC: 2,
- CFB: 4,
- OFB: 6,
- CTR: 7
- },
- /**
- * AES deciphering mode constants
- * @enum {number}
- * @const
- */
- wrapper.DEC = {
- ECB: 1,
- CBC: 3,
- CFB: 5,
- OFB: 6,
- CTR: 7
- },
- /**
- * AES MAC mode constants
- * @enum {number}
- * @const
- */
- wrapper.MAC = {
- CBC: 0,
- GCM: 1
- };
- /**
- * Heap data offset
- * @type {number}
- * @const
- */
- wrapper.HEAP_DATA = 0x4000;
- return wrapper;
- }();
- },{}],3:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES = undefined;
- var _aes = require('./aes.asm');
- var _utils = require('../other/utils');
- var _errors = require('../other/errors');
- var heap_pool = [];
- var asm_pool = [];
- var AES = /** @class */function () {
- function AES(key, iv, padding, mode) {
- if (padding === void 0) {
- padding = true;
- }
- this.pos = 0;
- this.len = 0;
- this.mode = mode;
- // The AES object state
- this.pos = 0;
- this.len = 0;
- this.key = key;
- this.iv = iv;
- this.padding = padding;
- // The AES "worker"
- this.acquire_asm();
- }
- AES.prototype.acquire_asm = function () {
- if (this.heap === undefined && this.asm === undefined) {
- this.heap = heap_pool.pop() || (0, _utils._heap_init)().subarray(_aes.AES_asm.HEAP_DATA);
- this.asm = asm_pool.pop() || (0, _aes.AES_asm)(null, this.heap.buffer);
- this.reset(this.key, this.iv);
- }
- };
- AES.prototype.release_asm = function () {
- heap_pool.push(this.heap);
- ;
- asm_pool.push(this.asm);
- this.heap = undefined;
- this.asm = undefined;
- };
- AES.prototype.reset = function (key, iv) {
- // Key
- var keylen = key.length;
- if (keylen !== 16 && keylen !== 24 && keylen !== 32) throw new _errors.IllegalArgumentError('illegal key size');
- var keyview = new DataView(key.buffer, key.byteOffset, key.byteLength);
- this.asm.set_key(keylen >> 2, keyview.getUint32(0), keyview.getUint32(4), keyview.getUint32(8), keyview.getUint32(12), keylen > 16 ? keyview.getUint32(16) : 0, keylen > 16 ? keyview.getUint32(20) : 0, keylen > 24 ? keyview.getUint32(24) : 0, keylen > 24 ? keyview.getUint32(28) : 0);
- // IV
- if (iv !== undefined) {
- if (iv.length !== 16) throw new _errors.IllegalArgumentError('illegal iv size');
- var ivview = new DataView(iv.buffer, iv.byteOffset, iv.byteLength);
- this.asm.set_iv(ivview.getUint32(0), ivview.getUint32(4), ivview.getUint32(8), ivview.getUint32(12));
- } else {
- this.asm.set_iv(0, 0, 0, 0);
- }
- };
- AES.prototype.AES_Encrypt_process = function (data) {
- if (!(0, _utils.is_bytes)(data)) throw new TypeError("data isn't of expected type");
- this.acquire_asm();
- var asm = this.asm;
- var heap = this.heap;
- var amode = _aes.AES_asm.ENC[this.mode];
- var hpos = _aes.AES_asm.HEAP_DATA;
- var pos = this.pos;
- var len = this.len;
- var dpos = 0;
- var dlen = data.length || 0;
- var rpos = 0;
- var rlen = len + dlen & -16;
- var wlen = 0;
- var result = new Uint8Array(rlen);
- while (dlen > 0) {
- wlen = (0, _utils._heap_write)(heap, pos + len, data, dpos, dlen);
- len += wlen;
- dpos += wlen;
- dlen -= wlen;
- wlen = asm.cipher(amode, hpos + pos, len);
- if (wlen) result.set(heap.subarray(pos, pos + wlen), rpos);
- rpos += wlen;
- if (wlen < len) {
- pos += wlen;
- len -= wlen;
- } else {
- pos = 0;
- len = 0;
- }
- }
- this.pos = pos;
- this.len = len;
- return result;
- };
- AES.prototype.AES_Encrypt_finish = function () {
- this.acquire_asm();
- var asm = this.asm;
- var heap = this.heap;
- var amode = _aes.AES_asm.ENC[this.mode];
- var hpos = _aes.AES_asm.HEAP_DATA;
- var pos = this.pos;
- var len = this.len;
- var plen = 16 - len % 16;
- var rlen = len;
- if (this.hasOwnProperty('padding')) {
- if (this.padding) {
- for (var p = 0; p < plen; ++p) {
- heap[pos + len + p] = plen;
- }
- len += plen;
- rlen = len;
- } else if (len % 16) {
- throw new _errors.IllegalArgumentError('data length must be a multiple of the block size');
- }
- } else {
- len += plen;
- }
- var result = new Uint8Array(rlen);
- if (len) asm.cipher(amode, hpos + pos, len);
- if (rlen) result.set(heap.subarray(pos, pos + rlen));
- this.pos = 0;
- this.len = 0;
- this.release_asm();
- return result;
- };
- AES.prototype.AES_Decrypt_process = function (data) {
- if (!(0, _utils.is_bytes)(data)) throw new TypeError("data isn't of expected type");
- this.acquire_asm();
- var asm = this.asm;
- var heap = this.heap;
- var amode = _aes.AES_asm.DEC[this.mode];
- var hpos = _aes.AES_asm.HEAP_DATA;
- var pos = this.pos;
- var len = this.len;
- var dpos = 0;
- var dlen = data.length || 0;
- var rpos = 0;
- var rlen = len + dlen & -16;
- var plen = 0;
- var wlen = 0;
- if (this.padding) {
- plen = len + dlen - rlen || 16;
- rlen -= plen;
- }
- var result = new Uint8Array(rlen);
- while (dlen > 0) {
- wlen = (0, _utils._heap_write)(heap, pos + len, data, dpos, dlen);
- len += wlen;
- dpos += wlen;
- dlen -= wlen;
- wlen = asm.cipher(amode, hpos + pos, len - (!dlen ? plen : 0));
- if (wlen) result.set(heap.subarray(pos, pos + wlen), rpos);
- rpos += wlen;
- if (wlen < len) {
- pos += wlen;
- len -= wlen;
- } else {
- pos = 0;
- len = 0;
- }
- }
- this.pos = pos;
- this.len = len;
- return result;
- };
- AES.prototype.AES_Decrypt_finish = function () {
- this.acquire_asm();
- var asm = this.asm;
- var heap = this.heap;
- var amode = _aes.AES_asm.DEC[this.mode];
- var hpos = _aes.AES_asm.HEAP_DATA;
- var pos = this.pos;
- var len = this.len;
- var rlen = len;
- if (len > 0) {
- if (len % 16) {
- if (this.hasOwnProperty('padding')) {
- throw new _errors.IllegalArgumentError('data length must be a multiple of the block size');
- } else {
- len += 16 - len % 16;
- }
- }
- asm.cipher(amode, hpos + pos, len);
- if (this.hasOwnProperty('padding') && this.padding) {
- var pad = heap[pos + rlen - 1];
- if (pad < 1 || pad > 16 || pad > rlen) throw new _errors.SecurityError('bad padding');
- var pcheck = 0;
- for (var i = pad; i > 1; i--) pcheck |= pad ^ heap[pos + rlen - i];
- if (pcheck) throw new _errors.SecurityError('bad padding');
- rlen -= pad;
- }
- }
- var result = new Uint8Array(rlen);
- if (rlen > 0) {
- result.set(heap.subarray(pos, pos + rlen));
- }
- this.pos = 0;
- this.len = 0;
- this.release_asm();
- return result;
- };
- return AES;
- }();
- exports.AES = AES;
- },{"../other/errors":14,"../other/utils":15,"./aes.asm":2}],4:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES_CBC = undefined;
- var _aes = require('./aes');
- var _utils = require('../other/utils');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var AES_CBC = /** @class */function (_super) {
- __extends(AES_CBC, _super);
- function AES_CBC(key, iv, padding) {
- if (padding === void 0) {
- padding = true;
- }
- return _super.call(this, key, iv, padding, 'CBC') || this;
- }
- AES_CBC.encrypt = function (data, key, padding, iv) {
- if (padding === void 0) {
- padding = true;
- }
- return new AES_CBC(key, iv, padding).encrypt(data);
- };
- AES_CBC.decrypt = function (data, key, padding, iv) {
- if (padding === void 0) {
- padding = true;
- }
- return new AES_CBC(key, iv, padding).decrypt(data);
- };
- AES_CBC.prototype.encrypt = function (data) {
- var r1 = this.AES_Encrypt_process(data);
- var r2 = this.AES_Encrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- AES_CBC.prototype.decrypt = function (data) {
- var r1 = this.AES_Decrypt_process(data);
- var r2 = this.AES_Decrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- return AES_CBC;
- }(_aes.AES);
- exports.AES_CBC = AES_CBC;
- },{"../other/utils":15,"./aes":3}],5:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES_CFB = undefined;
- var _aes = require('./aes');
- var _utils = require('../other/utils');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var AES_CFB = /** @class */function (_super) {
- __extends(AES_CFB, _super);
- function AES_CFB(key, iv) {
- var _this = _super.call(this, key, iv, true, 'CFB') || this;
- delete _this.padding;
- return _this;
- }
- AES_CFB.encrypt = function (data, key, iv) {
- return new AES_CFB(key, iv).encrypt(data);
- };
- AES_CFB.decrypt = function (data, key, iv) {
- return new AES_CFB(key, iv).decrypt(data);
- };
- AES_CFB.prototype.encrypt = function (data) {
- var r1 = this.AES_Encrypt_process(data);
- var r2 = this.AES_Encrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- AES_CFB.prototype.decrypt = function (data) {
- var r1 = this.AES_Decrypt_process(data);
- var r2 = this.AES_Decrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- return AES_CFB;
- }(_aes.AES);
- exports.AES_CFB = AES_CFB;
- },{"../other/utils":15,"./aes":3}],6:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES_CTR = undefined;
- var _aes = require('./aes');
- var _errors = require('../other/errors');
- var _utils = require('../other/utils');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var AES_CTR = /** @class */function (_super) {
- __extends(AES_CTR, _super);
- function AES_CTR(key, nonce) {
- var _this = _super.call(this, key, undefined, false, 'CTR') || this;
- delete _this.padding;
- _this.AES_CTR_set_options(nonce);
- return _this;
- }
- AES_CTR.encrypt = function (data, key, nonce) {
- return new AES_CTR(key, nonce).encrypt(data);
- };
- AES_CTR.decrypt = function (data, key, nonce) {
- return new AES_CTR(key, nonce).encrypt(data);
- };
- AES_CTR.prototype.encrypt = function (data) {
- var r1 = this.AES_Encrypt_process(data);
- var r2 = this.AES_Encrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- AES_CTR.prototype.decrypt = function (data) {
- var r1 = this.AES_Encrypt_process(data);
- var r2 = this.AES_Encrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- AES_CTR.prototype.AES_CTR_set_options = function (nonce, counter, size) {
- if (size !== undefined) {
- if (size < 8 || size > 48) throw new _errors.IllegalArgumentError('illegal counter size');
- var mask = Math.pow(2, size) - 1;
- this.asm.set_mask(0, 0, mask / 0x100000000 | 0, mask | 0);
- } else {
- size = 48;
- this.asm.set_mask(0, 0, 0xffff, 0xffffffff);
- }
- if (nonce !== undefined) {
- var len = nonce.length;
- if (!len || len > 16) throw new _errors.IllegalArgumentError('illegal nonce size');
- var view = new DataView(new ArrayBuffer(16));
- new Uint8Array(view.buffer).set(nonce);
- this.asm.set_nonce(view.getUint32(0), view.getUint32(4), view.getUint32(8), view.getUint32(12));
- } else {
- throw new Error('nonce is required');
- }
- if (counter !== undefined) {
- if (counter < 0 || counter >= Math.pow(2, size)) throw new _errors.IllegalArgumentError('illegal counter value');
- this.asm.set_counter(0, 0, counter / 0x100000000 | 0, counter | 0);
- }
- };
- return AES_CTR;
- }(_aes.AES);
- exports.AES_CTR = AES_CTR;
- },{"../other/errors":14,"../other/utils":15,"./aes":3}],7:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES_ECB = undefined;
- var _aes = require('./aes');
- var _utils = require('../other/utils');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var AES_ECB = /** @class */function (_super) {
- __extends(AES_ECB, _super);
- function AES_ECB(key, padding) {
- if (padding === void 0) {
- padding = false;
- }
- return _super.call(this, key, undefined, padding, 'ECB') || this;
- }
- AES_ECB.encrypt = function (data, key, padding) {
- if (padding === void 0) {
- padding = false;
- }
- return new AES_ECB(key, padding).encrypt(data);
- };
- AES_ECB.decrypt = function (data, key, padding) {
- if (padding === void 0) {
- padding = false;
- }
- return new AES_ECB(key, padding).decrypt(data);
- };
- AES_ECB.prototype.encrypt = function (data) {
- var r1 = this.AES_Encrypt_process(data);
- var r2 = this.AES_Encrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- AES_ECB.prototype.decrypt = function (data) {
- var r1 = this.AES_Decrypt_process(data);
- var r2 = this.AES_Decrypt_finish();
- return (0, _utils.joinBytes)(r1, r2);
- };
- return AES_ECB;
- }(_aes.AES);
- exports.AES_ECB = AES_ECB;
- },{"../other/utils":15,"./aes":3}],8:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.AES_GCM = undefined;
- var _errors = require('../other/errors');
- var _utils = require('../other/utils');
- var _aes = require('./aes');
- var _aes2 = require('./aes.asm');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var _AES_GCM_data_maxLength = 68719476704; // 2^36 - 2^5
- var AES_GCM = /** @class */function (_super) {
- __extends(AES_GCM, _super);
- function AES_GCM(key, nonce, adata, tagSize) {
- if (tagSize === void 0) {
- tagSize = 16;
- }
- var _this = _super.call(this, key, undefined, false, 'CTR') || this;
- _this.tagSize = tagSize;
- _this.gamma0 = 0;
- _this.counter = 1;
- // Init GCM
- _this.asm.gcm_init();
- // Tag size
- if (_this.tagSize < 4 || _this.tagSize > 16) throw new _errors.IllegalArgumentError('illegal tagSize value');
- // Nonce
- var noncelen = nonce.length || 0;
- var noncebuf = new Uint8Array(16);
- if (noncelen !== 12) {
- _this._gcm_mac_process(nonce);
- _this.heap[0] = 0;
- _this.heap[1] = 0;
- _this.heap[2] = 0;
- _this.heap[3] = 0;
- _this.heap[4] = 0;
- _this.heap[5] = 0;
- _this.heap[6] = 0;
- _this.heap[7] = 0;
- _this.heap[8] = 0;
- _this.heap[9] = 0;
- _this.heap[10] = 0;
- _this.heap[11] = noncelen >>> 29;
- _this.heap[12] = noncelen >>> 21 & 255;
- _this.heap[13] = noncelen >>> 13 & 255;
- _this.heap[14] = noncelen >>> 5 & 255;
- _this.heap[15] = noncelen << 3 & 255;
- _this.asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA, 16);
- _this.asm.get_iv(_aes2.AES_asm.HEAP_DATA);
- _this.asm.set_iv(0, 0, 0, 0);
- noncebuf.set(_this.heap.subarray(0, 16));
- } else {
- noncebuf.set(nonce);
- noncebuf[15] = 1;
- }
- var nonceview = new DataView(noncebuf.buffer);
- _this.gamma0 = nonceview.getUint32(12);
- _this.asm.set_nonce(nonceview.getUint32(0), nonceview.getUint32(4), nonceview.getUint32(8), 0);
- _this.asm.set_mask(0, 0, 0, 0xffffffff);
- // Associated data
- if (adata !== undefined) {
- if (adata.length > _AES_GCM_data_maxLength) throw new _errors.IllegalArgumentError('illegal adata length');
- if (adata.length) {
- _this.adata = adata;
- _this._gcm_mac_process(adata);
- } else {
- _this.adata = undefined;
- }
- } else {
- _this.adata = undefined;
- }
- // Counter
- if (_this.counter < 1 || _this.counter > 0xffffffff) throw new RangeError('counter must be a positive 32-bit integer');
- _this.asm.set_counter(0, 0, 0, _this.gamma0 + _this.counter | 0);
- return _this;
- }
- AES_GCM.encrypt = function (cleartext, key, nonce, adata, tagsize) {
- return new AES_GCM(key, nonce, adata, tagsize).encrypt(cleartext);
- };
- AES_GCM.decrypt = function (ciphertext, key, nonce, adata, tagsize) {
- return new AES_GCM(key, nonce, adata, tagsize).decrypt(ciphertext);
- };
- AES_GCM.prototype.encrypt = function (data) {
- return this.AES_GCM_encrypt(data);
- };
- AES_GCM.prototype.decrypt = function (data) {
- return this.AES_GCM_decrypt(data);
- };
- AES_GCM.prototype.AES_GCM_Encrypt_process = function (data) {
- var dpos = 0;
- var dlen = data.length || 0;
- var asm = this.asm;
- var heap = this.heap;
- var counter = this.counter;
- var pos = this.pos;
- var len = this.len;
- var rpos = 0;
- var rlen = len + dlen & -16;
- var wlen = 0;
- if ((counter - 1 << 4) + len + dlen > _AES_GCM_data_maxLength) throw new RangeError('counter overflow');
- var result = new Uint8Array(rlen);
- while (dlen > 0) {
- wlen = (0, _utils._heap_write)(heap, pos + len, data, dpos, dlen);
- len += wlen;
- dpos += wlen;
- dlen -= wlen;
- wlen = asm.cipher(_aes2.AES_asm.ENC.CTR, _aes2.AES_asm.HEAP_DATA + pos, len);
- wlen = asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA + pos, wlen);
- if (wlen) result.set(heap.subarray(pos, pos + wlen), rpos);
- counter += wlen >>> 4;
- rpos += wlen;
- if (wlen < len) {
- pos += wlen;
- len -= wlen;
- } else {
- pos = 0;
- len = 0;
- }
- }
- this.counter = counter;
- this.pos = pos;
- this.len = len;
- return result;
- };
- AES_GCM.prototype.AES_GCM_Encrypt_finish = function () {
- var asm = this.asm;
- var heap = this.heap;
- var counter = this.counter;
- var tagSize = this.tagSize;
- var adata = this.adata;
- var pos = this.pos;
- var len = this.len;
- var result = new Uint8Array(len + tagSize);
- asm.cipher(_aes2.AES_asm.ENC.CTR, _aes2.AES_asm.HEAP_DATA + pos, len + 15 & -16);
- if (len) result.set(heap.subarray(pos, pos + len));
- var i = len;
- for (; i & 15; i++) heap[pos + i] = 0;
- asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA + pos, i);
- var alen = adata !== undefined ? adata.length : 0;
- var clen = (counter - 1 << 4) + len;
- heap[0] = 0;
- heap[1] = 0;
- heap[2] = 0;
- heap[3] = alen >>> 29;
- heap[4] = alen >>> 21;
- heap[5] = alen >>> 13 & 255;
- heap[6] = alen >>> 5 & 255;
- heap[7] = alen << 3 & 255;
- heap[8] = heap[9] = heap[10] = 0;
- heap[11] = clen >>> 29;
- heap[12] = clen >>> 21 & 255;
- heap[13] = clen >>> 13 & 255;
- heap[14] = clen >>> 5 & 255;
- heap[15] = clen << 3 & 255;
- asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA, 16);
- asm.get_iv(_aes2.AES_asm.HEAP_DATA);
- asm.set_counter(0, 0, 0, this.gamma0);
- asm.cipher(_aes2.AES_asm.ENC.CTR, _aes2.AES_asm.HEAP_DATA, 16);
- result.set(heap.subarray(0, tagSize), len);
- this.counter = 1;
- this.pos = 0;
- this.len = 0;
- return result;
- };
- AES_GCM.prototype.AES_GCM_Decrypt_process = function (data) {
- var dpos = 0;
- var dlen = data.length || 0;
- var asm = this.asm;
- var heap = this.heap;
- var counter = this.counter;
- var tagSize = this.tagSize;
- var pos = this.pos;
- var len = this.len;
- var rpos = 0;
- var rlen = len + dlen > tagSize ? len + dlen - tagSize & -16 : 0;
- var tlen = len + dlen - rlen;
- var wlen = 0;
- if ((counter - 1 << 4) + len + dlen > _AES_GCM_data_maxLength) throw new RangeError('counter overflow');
- var result = new Uint8Array(rlen);
- while (dlen > tlen) {
- wlen = (0, _utils._heap_write)(heap, pos + len, data, dpos, dlen - tlen);
- len += wlen;
- dpos += wlen;
- dlen -= wlen;
- wlen = asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA + pos, wlen);
- wlen = asm.cipher(_aes2.AES_asm.DEC.CTR, _aes2.AES_asm.HEAP_DATA + pos, wlen);
- if (wlen) result.set(heap.subarray(pos, pos + wlen), rpos);
- counter += wlen >>> 4;
- rpos += wlen;
- pos = 0;
- len = 0;
- }
- if (dlen > 0) {
- len += (0, _utils._heap_write)(heap, 0, data, dpos, dlen);
- }
- this.counter = counter;
- this.pos = pos;
- this.len = len;
- return result;
- };
- AES_GCM.prototype.AES_GCM_Decrypt_finish = function () {
- var asm = this.asm;
- var heap = this.heap;
- var tagSize = this.tagSize;
- var adata = this.adata;
- var counter = this.counter;
- var pos = this.pos;
- var len = this.len;
- var rlen = len - tagSize;
- if (len < tagSize) throw new _errors.IllegalStateError('authentication tag not found');
- var result = new Uint8Array(rlen);
- var atag = new Uint8Array(heap.subarray(pos + rlen, pos + len));
- var i = rlen;
- for (; i & 15; i++) heap[pos + i] = 0;
- asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA + pos, i);
- asm.cipher(_aes2.AES_asm.DEC.CTR, _aes2.AES_asm.HEAP_DATA + pos, i);
- if (rlen) result.set(heap.subarray(pos, pos + rlen));
- var alen = adata !== undefined ? adata.length : 0;
- var clen = (counter - 1 << 4) + len - tagSize;
- heap[0] = 0;
- heap[1] = 0;
- heap[2] = 0;
- heap[3] = alen >>> 29;
- heap[4] = alen >>> 21;
- heap[5] = alen >>> 13 & 255;
- heap[6] = alen >>> 5 & 255;
- heap[7] = alen << 3 & 255;
- heap[8] = heap[9] = heap[10] = 0;
- heap[11] = clen >>> 29;
- heap[12] = clen >>> 21 & 255;
- heap[13] = clen >>> 13 & 255;
- heap[14] = clen >>> 5 & 255;
- heap[15] = clen << 3 & 255;
- asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA, 16);
- asm.get_iv(_aes2.AES_asm.HEAP_DATA);
- asm.set_counter(0, 0, 0, this.gamma0);
- asm.cipher(_aes2.AES_asm.ENC.CTR, _aes2.AES_asm.HEAP_DATA, 16);
- var acheck = 0;
- for (var i_1 = 0; i_1 < tagSize; ++i_1) acheck |= atag[i_1] ^ heap[i_1];
- if (acheck) throw new _errors.SecurityError('data integrity check failed');
- this.counter = 1;
- this.pos = 0;
- this.len = 0;
- return result;
- };
- AES_GCM.prototype.AES_GCM_decrypt = function (data) {
- var result1 = this.AES_GCM_Decrypt_process(data);
- var result2 = this.AES_GCM_Decrypt_finish();
- var result = new Uint8Array(result1.length + result2.length);
- if (result1.length) result.set(result1);
- if (result2.length) result.set(result2, result1.length);
- return result;
- };
- AES_GCM.prototype.AES_GCM_encrypt = function (data) {
- var result1 = this.AES_GCM_Encrypt_process(data);
- var result2 = this.AES_GCM_Encrypt_finish();
- var result = new Uint8Array(result1.length + result2.length);
- if (result1.length) result.set(result1);
- if (result2.length) result.set(result2, result1.length);
- return result;
- };
- AES_GCM.prototype._gcm_mac_process = function (data) {
- var heap = this.heap;
- var asm = this.asm;
- var dpos = 0;
- var dlen = data.length || 0;
- var wlen = 0;
- while (dlen > 0) {
- wlen = (0, _utils._heap_write)(heap, 0, data, dpos, dlen);
- dpos += wlen;
- dlen -= wlen;
- while (wlen & 15) heap[wlen++] = 0;
- asm.mac(_aes2.AES_asm.MAC.GCM, _aes2.AES_asm.HEAP_DATA, wlen);
- }
- };
- return AES_GCM;
- }(_aes.AES);
- exports.AES_GCM = AES_GCM;
- },{"../other/errors":14,"../other/utils":15,"./aes":3,"./aes.asm":2}],9:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Hash = undefined;
- var _utils = require('../other/utils');
- var _errors = require('../other/errors');
- var Hash = /** @class */function () {
- function Hash() {
- this.pos = 0;
- this.len = 0;
- this.acquire_asm();
- }
- Hash.prototype.acquire_asm = function () {
- if (this.heap === undefined && this.asm === undefined) {
- this.heap = this.constructor.heap_pool.pop() || (0, _utils._heap_init)();
- this.asm = this.constructor.asm_pool.pop() || this.constructor.asm_function({ Uint8Array: Uint8Array }, null, this.heap.buffer);
- this.reset();
- }
- };
- Hash.prototype.release_asm = function () {
- this.constructor.heap_pool.push(this.heap);
- ;
- this.constructor.asm_pool.push(this.asm);
- this.heap = undefined;
- this.asm = undefined;
- };
- Hash.prototype.reset = function () {
- this.acquire_asm();
- this.result = null;
- this.pos = 0;
- this.len = 0;
- this.asm.reset();
- return this;
- };
- Hash.prototype.process = function (data) {
- if (this.result !== null) throw new _errors.IllegalStateError('state must be reset before processing new data');
- this.acquire_asm();
- var asm = this.asm;
- var heap = this.heap;
- var hpos = this.pos;
- var hlen = this.len;
- var dpos = 0;
- var dlen = data.length;
- var wlen = 0;
- while (dlen > 0) {
- wlen = (0, _utils._heap_write)(heap, hpos + hlen, data, dpos, dlen);
- hlen += wlen;
- dpos += wlen;
- dlen -= wlen;
- wlen = asm.process(hpos, hlen);
- hpos += wlen;
- hlen -= wlen;
- if (!hlen) hpos = 0;
- }
- this.pos = hpos;
- this.len = hlen;
- return this;
- };
- Hash.prototype.finish = function () {
- if (this.result !== null) throw new _errors.IllegalStateError('state must be reset before processing new data');
- this.acquire_asm();
- this.asm.finish(this.pos, this.len, 0);
- this.result = new Uint8Array(this.HASH_SIZE);
- this.result.set(this.heap.subarray(0, this.HASH_SIZE));
- this.pos = 0;
- this.len = 0;
- this.release_asm();
- return this;
- };
- return Hash;
- }();
- exports.Hash = Hash;
- },{"../other/errors":14,"../other/utils":15}],10:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.sha1_asm = sha1_asm;
- function sha1_asm(stdlib, foreign, buffer) {
- "use asm";
- // SHA256 state
- var H0 = 0,
- H1 = 0,
- H2 = 0,
- H3 = 0,
- H4 = 0,
- TOTAL0 = 0,
- TOTAL1 = 0;
- // HMAC state
- var I0 = 0,
- I1 = 0,
- I2 = 0,
- I3 = 0,
- I4 = 0,
- O0 = 0,
- O1 = 0,
- O2 = 0,
- O3 = 0,
- O4 = 0;
- // I/O buffer
- var HEAP = new stdlib.Uint8Array(buffer);
- function _core(w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15) {
- w0 = w0 | 0;
- w1 = w1 | 0;
- w2 = w2 | 0;
- w3 = w3 | 0;
- w4 = w4 | 0;
- w5 = w5 | 0;
- w6 = w6 | 0;
- w7 = w7 | 0;
- w8 = w8 | 0;
- w9 = w9 | 0;
- w10 = w10 | 0;
- w11 = w11 | 0;
- w12 = w12 | 0;
- w13 = w13 | 0;
- w14 = w14 | 0;
- w15 = w15 | 0;
- var a = 0,
- b = 0,
- c = 0,
- d = 0,
- e = 0,
- n = 0,
- t = 0,
- w16 = 0,
- w17 = 0,
- w18 = 0,
- w19 = 0,
- w20 = 0,
- w21 = 0,
- w22 = 0,
- w23 = 0,
- w24 = 0,
- w25 = 0,
- w26 = 0,
- w27 = 0,
- w28 = 0,
- w29 = 0,
- w30 = 0,
- w31 = 0,
- w32 = 0,
- w33 = 0,
- w34 = 0,
- w35 = 0,
- w36 = 0,
- w37 = 0,
- w38 = 0,
- w39 = 0,
- w40 = 0,
- w41 = 0,
- w42 = 0,
- w43 = 0,
- w44 = 0,
- w45 = 0,
- w46 = 0,
- w47 = 0,
- w48 = 0,
- w49 = 0,
- w50 = 0,
- w51 = 0,
- w52 = 0,
- w53 = 0,
- w54 = 0,
- w55 = 0,
- w56 = 0,
- w57 = 0,
- w58 = 0,
- w59 = 0,
- w60 = 0,
- w61 = 0,
- w62 = 0,
- w63 = 0,
- w64 = 0,
- w65 = 0,
- w66 = 0,
- w67 = 0,
- w68 = 0,
- w69 = 0,
- w70 = 0,
- w71 = 0,
- w72 = 0,
- w73 = 0,
- w74 = 0,
- w75 = 0,
- w76 = 0,
- w77 = 0,
- w78 = 0,
- w79 = 0;
- a = H0;
- b = H1;
- c = H2;
- d = H3;
- e = H4;
- // 0
- t = w0 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 1
- t = w1 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 2
- t = w2 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 3
- t = w3 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 4
- t = w4 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 5
- t = w5 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 6
- t = w6 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 7
- t = w7 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 8
- t = w8 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 9
- t = w9 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 10
- t = w10 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 11
- t = w11 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 12
- t = w12 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 13
- t = w13 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 14
- t = w14 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 15
- t = w15 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 16
- n = w13 ^ w8 ^ w2 ^ w0;
- w16 = n << 1 | n >>> 31;
- t = w16 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 17
- n = w14 ^ w9 ^ w3 ^ w1;
- w17 = n << 1 | n >>> 31;
- t = w17 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 18
- n = w15 ^ w10 ^ w4 ^ w2;
- w18 = n << 1 | n >>> 31;
- t = w18 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 19
- n = w16 ^ w11 ^ w5 ^ w3;
- w19 = n << 1 | n >>> 31;
- t = w19 + (a << 5 | a >>> 27) + e + (b & c | ~b & d) + 0x5a827999 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 20
- n = w17 ^ w12 ^ w6 ^ w4;
- w20 = n << 1 | n >>> 31;
- t = w20 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 21
- n = w18 ^ w13 ^ w7 ^ w5;
- w21 = n << 1 | n >>> 31;
- t = w21 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 22
- n = w19 ^ w14 ^ w8 ^ w6;
- w22 = n << 1 | n >>> 31;
- t = w22 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 23
- n = w20 ^ w15 ^ w9 ^ w7;
- w23 = n << 1 | n >>> 31;
- t = w23 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 24
- n = w21 ^ w16 ^ w10 ^ w8;
- w24 = n << 1 | n >>> 31;
- t = w24 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 25
- n = w22 ^ w17 ^ w11 ^ w9;
- w25 = n << 1 | n >>> 31;
- t = w25 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 26
- n = w23 ^ w18 ^ w12 ^ w10;
- w26 = n << 1 | n >>> 31;
- t = w26 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 27
- n = w24 ^ w19 ^ w13 ^ w11;
- w27 = n << 1 | n >>> 31;
- t = w27 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 28
- n = w25 ^ w20 ^ w14 ^ w12;
- w28 = n << 1 | n >>> 31;
- t = w28 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 29
- n = w26 ^ w21 ^ w15 ^ w13;
- w29 = n << 1 | n >>> 31;
- t = w29 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 30
- n = w27 ^ w22 ^ w16 ^ w14;
- w30 = n << 1 | n >>> 31;
- t = w30 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 31
- n = w28 ^ w23 ^ w17 ^ w15;
- w31 = n << 1 | n >>> 31;
- t = w31 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 32
- n = w29 ^ w24 ^ w18 ^ w16;
- w32 = n << 1 | n >>> 31;
- t = w32 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 33
- n = w30 ^ w25 ^ w19 ^ w17;
- w33 = n << 1 | n >>> 31;
- t = w33 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 34
- n = w31 ^ w26 ^ w20 ^ w18;
- w34 = n << 1 | n >>> 31;
- t = w34 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 35
- n = w32 ^ w27 ^ w21 ^ w19;
- w35 = n << 1 | n >>> 31;
- t = w35 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 36
- n = w33 ^ w28 ^ w22 ^ w20;
- w36 = n << 1 | n >>> 31;
- t = w36 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 37
- n = w34 ^ w29 ^ w23 ^ w21;
- w37 = n << 1 | n >>> 31;
- t = w37 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 38
- n = w35 ^ w30 ^ w24 ^ w22;
- w38 = n << 1 | n >>> 31;
- t = w38 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 39
- n = w36 ^ w31 ^ w25 ^ w23;
- w39 = n << 1 | n >>> 31;
- t = w39 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) + 0x6ed9eba1 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 40
- n = w37 ^ w32 ^ w26 ^ w24;
- w40 = n << 1 | n >>> 31;
- t = w40 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 41
- n = w38 ^ w33 ^ w27 ^ w25;
- w41 = n << 1 | n >>> 31;
- t = w41 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 42
- n = w39 ^ w34 ^ w28 ^ w26;
- w42 = n << 1 | n >>> 31;
- t = w42 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 43
- n = w40 ^ w35 ^ w29 ^ w27;
- w43 = n << 1 | n >>> 31;
- t = w43 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 44
- n = w41 ^ w36 ^ w30 ^ w28;
- w44 = n << 1 | n >>> 31;
- t = w44 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 45
- n = w42 ^ w37 ^ w31 ^ w29;
- w45 = n << 1 | n >>> 31;
- t = w45 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 46
- n = w43 ^ w38 ^ w32 ^ w30;
- w46 = n << 1 | n >>> 31;
- t = w46 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 47
- n = w44 ^ w39 ^ w33 ^ w31;
- w47 = n << 1 | n >>> 31;
- t = w47 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 48
- n = w45 ^ w40 ^ w34 ^ w32;
- w48 = n << 1 | n >>> 31;
- t = w48 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 49
- n = w46 ^ w41 ^ w35 ^ w33;
- w49 = n << 1 | n >>> 31;
- t = w49 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 50
- n = w47 ^ w42 ^ w36 ^ w34;
- w50 = n << 1 | n >>> 31;
- t = w50 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 51
- n = w48 ^ w43 ^ w37 ^ w35;
- w51 = n << 1 | n >>> 31;
- t = w51 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 52
- n = w49 ^ w44 ^ w38 ^ w36;
- w52 = n << 1 | n >>> 31;
- t = w52 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 53
- n = w50 ^ w45 ^ w39 ^ w37;
- w53 = n << 1 | n >>> 31;
- t = w53 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 54
- n = w51 ^ w46 ^ w40 ^ w38;
- w54 = n << 1 | n >>> 31;
- t = w54 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 55
- n = w52 ^ w47 ^ w41 ^ w39;
- w55 = n << 1 | n >>> 31;
- t = w55 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 56
- n = w53 ^ w48 ^ w42 ^ w40;
- w56 = n << 1 | n >>> 31;
- t = w56 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 57
- n = w54 ^ w49 ^ w43 ^ w41;
- w57 = n << 1 | n >>> 31;
- t = w57 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 58
- n = w55 ^ w50 ^ w44 ^ w42;
- w58 = n << 1 | n >>> 31;
- t = w58 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 59
- n = w56 ^ w51 ^ w45 ^ w43;
- w59 = n << 1 | n >>> 31;
- t = w59 + (a << 5 | a >>> 27) + e + (b & c | b & d | c & d) - 0x70e44324 | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 60
- n = w57 ^ w52 ^ w46 ^ w44;
- w60 = n << 1 | n >>> 31;
- t = w60 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 61
- n = w58 ^ w53 ^ w47 ^ w45;
- w61 = n << 1 | n >>> 31;
- t = w61 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 62
- n = w59 ^ w54 ^ w48 ^ w46;
- w62 = n << 1 | n >>> 31;
- t = w62 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 63
- n = w60 ^ w55 ^ w49 ^ w47;
- w63 = n << 1 | n >>> 31;
- t = w63 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 64
- n = w61 ^ w56 ^ w50 ^ w48;
- w64 = n << 1 | n >>> 31;
- t = w64 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 65
- n = w62 ^ w57 ^ w51 ^ w49;
- w65 = n << 1 | n >>> 31;
- t = w65 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 66
- n = w63 ^ w58 ^ w52 ^ w50;
- w66 = n << 1 | n >>> 31;
- t = w66 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 67
- n = w64 ^ w59 ^ w53 ^ w51;
- w67 = n << 1 | n >>> 31;
- t = w67 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 68
- n = w65 ^ w60 ^ w54 ^ w52;
- w68 = n << 1 | n >>> 31;
- t = w68 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 69
- n = w66 ^ w61 ^ w55 ^ w53;
- w69 = n << 1 | n >>> 31;
- t = w69 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 70
- n = w67 ^ w62 ^ w56 ^ w54;
- w70 = n << 1 | n >>> 31;
- t = w70 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 71
- n = w68 ^ w63 ^ w57 ^ w55;
- w71 = n << 1 | n >>> 31;
- t = w71 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 72
- n = w69 ^ w64 ^ w58 ^ w56;
- w72 = n << 1 | n >>> 31;
- t = w72 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 73
- n = w70 ^ w65 ^ w59 ^ w57;
- w73 = n << 1 | n >>> 31;
- t = w73 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 74
- n = w71 ^ w66 ^ w60 ^ w58;
- w74 = n << 1 | n >>> 31;
- t = w74 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 75
- n = w72 ^ w67 ^ w61 ^ w59;
- w75 = n << 1 | n >>> 31;
- t = w75 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 76
- n = w73 ^ w68 ^ w62 ^ w60;
- w76 = n << 1 | n >>> 31;
- t = w76 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 77
- n = w74 ^ w69 ^ w63 ^ w61;
- w77 = n << 1 | n >>> 31;
- t = w77 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 78
- n = w75 ^ w70 ^ w64 ^ w62;
- w78 = n << 1 | n >>> 31;
- t = w78 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- // 79
- n = w76 ^ w71 ^ w65 ^ w63;
- w79 = n << 1 | n >>> 31;
- t = w79 + (a << 5 | a >>> 27) + e + (b ^ c ^ d) - 0x359d3e2a | 0;
- e = d;d = c;c = b << 30 | b >>> 2;b = a;a = t;
- H0 = H0 + a | 0;
- H1 = H1 + b | 0;
- H2 = H2 + c | 0;
- H3 = H3 + d | 0;
- H4 = H4 + e | 0;
- }
- function _core_heap(offset) {
- offset = offset | 0;
- _core(HEAP[offset | 0] << 24 | HEAP[offset | 1] << 16 | HEAP[offset | 2] << 8 | HEAP[offset | 3], HEAP[offset | 4] << 24 | HEAP[offset | 5] << 16 | HEAP[offset | 6] << 8 | HEAP[offset | 7], HEAP[offset | 8] << 24 | HEAP[offset | 9] << 16 | HEAP[offset | 10] << 8 | HEAP[offset | 11], HEAP[offset | 12] << 24 | HEAP[offset | 13] << 16 | HEAP[offset | 14] << 8 | HEAP[offset | 15], HEAP[offset | 16] << 24 | HEAP[offset | 17] << 16 | HEAP[offset | 18] << 8 | HEAP[offset | 19], HEAP[offset | 20] << 24 | HEAP[offset | 21] << 16 | HEAP[offset | 22] << 8 | HEAP[offset | 23], HEAP[offset | 24] << 24 | HEAP[offset | 25] << 16 | HEAP[offset | 26] << 8 | HEAP[offset | 27], HEAP[offset | 28] << 24 | HEAP[offset | 29] << 16 | HEAP[offset | 30] << 8 | HEAP[offset | 31], HEAP[offset | 32] << 24 | HEAP[offset | 33] << 16 | HEAP[offset | 34] << 8 | HEAP[offset | 35], HEAP[offset | 36] << 24 | HEAP[offset | 37] << 16 | HEAP[offset | 38] << 8 | HEAP[offset | 39], HEAP[offset | 40] << 24 | HEAP[offset | 41] << 16 | HEAP[offset | 42] << 8 | HEAP[offset | 43], HEAP[offset | 44] << 24 | HEAP[offset | 45] << 16 | HEAP[offset | 46] << 8 | HEAP[offset | 47], HEAP[offset | 48] << 24 | HEAP[offset | 49] << 16 | HEAP[offset | 50] << 8 | HEAP[offset | 51], HEAP[offset | 52] << 24 | HEAP[offset | 53] << 16 | HEAP[offset | 54] << 8 | HEAP[offset | 55], HEAP[offset | 56] << 24 | HEAP[offset | 57] << 16 | HEAP[offset | 58] << 8 | HEAP[offset | 59], HEAP[offset | 60] << 24 | HEAP[offset | 61] << 16 | HEAP[offset | 62] << 8 | HEAP[offset | 63]);
- }
- // offset — multiple of 32
- function _state_to_heap(output) {
- output = output | 0;
- HEAP[output | 0] = H0 >>> 24;
- HEAP[output | 1] = H0 >>> 16 & 255;
- HEAP[output | 2] = H0 >>> 8 & 255;
- HEAP[output | 3] = H0 & 255;
- HEAP[output | 4] = H1 >>> 24;
- HEAP[output | 5] = H1 >>> 16 & 255;
- HEAP[output | 6] = H1 >>> 8 & 255;
- HEAP[output | 7] = H1 & 255;
- HEAP[output | 8] = H2 >>> 24;
- HEAP[output | 9] = H2 >>> 16 & 255;
- HEAP[output | 10] = H2 >>> 8 & 255;
- HEAP[output | 11] = H2 & 255;
- HEAP[output | 12] = H3 >>> 24;
- HEAP[output | 13] = H3 >>> 16 & 255;
- HEAP[output | 14] = H3 >>> 8 & 255;
- HEAP[output | 15] = H3 & 255;
- HEAP[output | 16] = H4 >>> 24;
- HEAP[output | 17] = H4 >>> 16 & 255;
- HEAP[output | 18] = H4 >>> 8 & 255;
- HEAP[output | 19] = H4 & 255;
- }
- function reset() {
- H0 = 0x67452301;
- H1 = 0xefcdab89;
- H2 = 0x98badcfe;
- H3 = 0x10325476;
- H4 = 0xc3d2e1f0;
- TOTAL0 = TOTAL1 = 0;
- }
- function init(h0, h1, h2, h3, h4, total0, total1) {
- h0 = h0 | 0;
- h1 = h1 | 0;
- h2 = h2 | 0;
- h3 = h3 | 0;
- h4 = h4 | 0;
- total0 = total0 | 0;
- total1 = total1 | 0;
- H0 = h0;
- H1 = h1;
- H2 = h2;
- H3 = h3;
- H4 = h4;
- TOTAL0 = total0;
- TOTAL1 = total1;
- }
- // offset — multiple of 64
- function process(offset, length) {
- offset = offset | 0;
- length = length | 0;
- var hashed = 0;
- if (offset & 63) return -1;
- while ((length | 0) >= 64) {
- _core_heap(offset);
- offset = offset + 64 | 0;
- length = length - 64 | 0;
- hashed = hashed + 64 | 0;
- }
- TOTAL0 = TOTAL0 + hashed | 0;
- if (TOTAL0 >>> 0 < hashed >>> 0) TOTAL1 = TOTAL1 + 1 | 0;
- return hashed | 0;
- }
- // offset — multiple of 64
- // output — multiple of 32
- function finish(offset, length, output) {
- offset = offset | 0;
- length = length | 0;
- output = output | 0;
- var hashed = 0,
- i = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- if ((length | 0) >= 64) {
- hashed = process(offset, length) | 0;
- if ((hashed | 0) == -1) return -1;
- offset = offset + hashed | 0;
- length = length - hashed | 0;
- }
- hashed = hashed + length | 0;
- TOTAL0 = TOTAL0 + length | 0;
- if (TOTAL0 >>> 0 < length >>> 0) TOTAL1 = TOTAL1 + 1 | 0;
- HEAP[offset | length] = 0x80;
- if ((length | 0) >= 56) {
- for (i = length + 1 | 0; (i | 0) < 64; i = i + 1 | 0) HEAP[offset | i] = 0x00;
- _core_heap(offset);
- length = 0;
- HEAP[offset | 0] = 0;
- }
- for (i = length + 1 | 0; (i | 0) < 59; i = i + 1 | 0) HEAP[offset | i] = 0;
- HEAP[offset | 56] = TOTAL1 >>> 21 & 255;
- HEAP[offset | 57] = TOTAL1 >>> 13 & 255;
- HEAP[offset | 58] = TOTAL1 >>> 5 & 255;
- HEAP[offset | 59] = TOTAL1 << 3 & 255 | TOTAL0 >>> 29;
- HEAP[offset | 60] = TOTAL0 >>> 21 & 255;
- HEAP[offset | 61] = TOTAL0 >>> 13 & 255;
- HEAP[offset | 62] = TOTAL0 >>> 5 & 255;
- HEAP[offset | 63] = TOTAL0 << 3 & 255;
- _core_heap(offset);
- if (~output) _state_to_heap(output);
- return hashed | 0;
- }
- function hmac_reset() {
- H0 = I0;
- H1 = I1;
- H2 = I2;
- H3 = I3;
- H4 = I4;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- function _hmac_opad() {
- H0 = O0;
- H1 = O1;
- H2 = O2;
- H3 = O3;
- H4 = O4;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- function hmac_init(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, p10, p11, p12, p13, p14, p15) {
- p0 = p0 | 0;
- p1 = p1 | 0;
- p2 = p2 | 0;
- p3 = p3 | 0;
- p4 = p4 | 0;
- p5 = p5 | 0;
- p6 = p6 | 0;
- p7 = p7 | 0;
- p8 = p8 | 0;
- p9 = p9 | 0;
- p10 = p10 | 0;
- p11 = p11 | 0;
- p12 = p12 | 0;
- p13 = p13 | 0;
- p14 = p14 | 0;
- p15 = p15 | 0;
- // opad
- reset();
- _core(p0 ^ 0x5c5c5c5c, p1 ^ 0x5c5c5c5c, p2 ^ 0x5c5c5c5c, p3 ^ 0x5c5c5c5c, p4 ^ 0x5c5c5c5c, p5 ^ 0x5c5c5c5c, p6 ^ 0x5c5c5c5c, p7 ^ 0x5c5c5c5c, p8 ^ 0x5c5c5c5c, p9 ^ 0x5c5c5c5c, p10 ^ 0x5c5c5c5c, p11 ^ 0x5c5c5c5c, p12 ^ 0x5c5c5c5c, p13 ^ 0x5c5c5c5c, p14 ^ 0x5c5c5c5c, p15 ^ 0x5c5c5c5c);
- O0 = H0;
- O1 = H1;
- O2 = H2;
- O3 = H3;
- O4 = H4;
- // ipad
- reset();
- _core(p0 ^ 0x36363636, p1 ^ 0x36363636, p2 ^ 0x36363636, p3 ^ 0x36363636, p4 ^ 0x36363636, p5 ^ 0x36363636, p6 ^ 0x36363636, p7 ^ 0x36363636, p8 ^ 0x36363636, p9 ^ 0x36363636, p10 ^ 0x36363636, p11 ^ 0x36363636, p12 ^ 0x36363636, p13 ^ 0x36363636, p14 ^ 0x36363636, p15 ^ 0x36363636);
- I0 = H0;
- I1 = H1;
- I2 = H2;
- I3 = H3;
- I4 = H4;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- // offset — multiple of 64
- // output — multiple of 32
- function hmac_finish(offset, length, output) {
- offset = offset | 0;
- length = length | 0;
- output = output | 0;
- var t0 = 0,
- t1 = 0,
- t2 = 0,
- t3 = 0,
- t4 = 0,
- hashed = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- hashed = finish(offset, length, -1) | 0;
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4;
- _hmac_opad();
- _core(t0, t1, t2, t3, t4, 0x80000000, 0, 0, 0, 0, 0, 0, 0, 0, 0, 672);
- if (~output) _state_to_heap(output);
- return hashed | 0;
- }
- // salt is assumed to be already processed
- // offset — multiple of 64
- // output — multiple of 32
- function pbkdf2_generate_block(offset, length, block, count, output) {
- offset = offset | 0;
- length = length | 0;
- block = block | 0;
- count = count | 0;
- output = output | 0;
- var h0 = 0,
- h1 = 0,
- h2 = 0,
- h3 = 0,
- h4 = 0,
- t0 = 0,
- t1 = 0,
- t2 = 0,
- t3 = 0,
- t4 = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- // pad block number into heap
- // FIXME probable OOB write
- HEAP[offset + length | 0] = block >>> 24;
- HEAP[offset + length + 1 | 0] = block >>> 16 & 255;
- HEAP[offset + length + 2 | 0] = block >>> 8 & 255;
- HEAP[offset + length + 3 | 0] = block & 255;
- // finish first iteration
- hmac_finish(offset, length + 4 | 0, -1) | 0;
- h0 = t0 = H0, h1 = t1 = H1, h2 = t2 = H2, h3 = t3 = H3, h4 = t4 = H4;
- count = count - 1 | 0;
- // perform the rest iterations
- while ((count | 0) > 0) {
- hmac_reset();
- _core(t0, t1, t2, t3, t4, 0x80000000, 0, 0, 0, 0, 0, 0, 0, 0, 0, 672);
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4;
- _hmac_opad();
- _core(t0, t1, t2, t3, t4, 0x80000000, 0, 0, 0, 0, 0, 0, 0, 0, 0, 672);
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4;
- h0 = h0 ^ H0;
- h1 = h1 ^ H1;
- h2 = h2 ^ H2;
- h3 = h3 ^ H3;
- h4 = h4 ^ H4;
- count = count - 1 | 0;
- }
- H0 = h0;
- H1 = h1;
- H2 = h2;
- H3 = h3;
- H4 = h4;
- if (~output) _state_to_heap(output);
- return 0;
- }
- return {
- // SHA1
- reset: reset,
- init: init,
- process: process,
- finish: finish,
- // HMAC-SHA1
- hmac_reset: hmac_reset,
- hmac_init: hmac_init,
- hmac_finish: hmac_finish,
- // PBKDF2-HMAC-SHA1
- pbkdf2_generate_block: pbkdf2_generate_block
- };
- }
- },{}],11:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Sha1 = exports._sha1_hash_size = exports._sha1_block_size = undefined;
- var _sha = require('./sha1.asm');
- var _hash = require('../hash');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var _sha1_block_size = exports._sha1_block_size = 64;
- var _sha1_hash_size = exports._sha1_hash_size = 20;
- var Sha1 = /** @class */function (_super) {
- __extends(Sha1, _super);
- function Sha1() {
- var _this = _super !== null && _super.apply(this, arguments) || this;
- _this.NAME = 'sha1';
- _this.BLOCK_SIZE = _sha1_block_size;
- _this.HASH_SIZE = _sha1_hash_size;
- return _this;
- }
- Sha1.bytes = function (data) {
- return new Sha1().process(data).finish().result;
- };
- Sha1.NAME = 'sha1';
- Sha1.heap_pool = [];
- Sha1.asm_pool = [];
- Sha1.asm_function = _sha.sha1_asm;
- return Sha1;
- }(_hash.Hash);
- exports.Sha1 = Sha1;
- },{"../hash":9,"./sha1.asm":10}],12:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.sha256_asm = sha256_asm;
- function sha256_asm(stdlib, foreign, buffer) {
- "use asm";
- // SHA256 state
- var H0 = 0,
- H1 = 0,
- H2 = 0,
- H3 = 0,
- H4 = 0,
- H5 = 0,
- H6 = 0,
- H7 = 0,
- TOTAL0 = 0,
- TOTAL1 = 0;
- // HMAC state
- var I0 = 0,
- I1 = 0,
- I2 = 0,
- I3 = 0,
- I4 = 0,
- I5 = 0,
- I6 = 0,
- I7 = 0,
- O0 = 0,
- O1 = 0,
- O2 = 0,
- O3 = 0,
- O4 = 0,
- O5 = 0,
- O6 = 0,
- O7 = 0;
- // I/O buffer
- var HEAP = new stdlib.Uint8Array(buffer);
- function _core(w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15) {
- w0 = w0 | 0;
- w1 = w1 | 0;
- w2 = w2 | 0;
- w3 = w3 | 0;
- w4 = w4 | 0;
- w5 = w5 | 0;
- w6 = w6 | 0;
- w7 = w7 | 0;
- w8 = w8 | 0;
- w9 = w9 | 0;
- w10 = w10 | 0;
- w11 = w11 | 0;
- w12 = w12 | 0;
- w13 = w13 | 0;
- w14 = w14 | 0;
- w15 = w15 | 0;
- var a = 0,
- b = 0,
- c = 0,
- d = 0,
- e = 0,
- f = 0,
- g = 0,
- h = 0;
- a = H0;
- b = H1;
- c = H2;
- d = H3;
- e = H4;
- f = H5;
- g = H6;
- h = H7;
- // 0
- h = w0 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0x428a2f98 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 1
- g = w1 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0x71374491 | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 2
- f = w2 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0xb5c0fbcf | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 3
- e = w3 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0xe9b5dba5 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 4
- d = w4 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x3956c25b | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 5
- c = w5 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0x59f111f1 | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 6
- b = w6 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x923f82a4 | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 7
- a = w7 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0xab1c5ed5 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 8
- h = w8 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0xd807aa98 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 9
- g = w9 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0x12835b01 | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 10
- f = w10 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0x243185be | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 11
- e = w11 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0x550c7dc3 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 12
- d = w12 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x72be5d74 | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 13
- c = w13 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0x80deb1fe | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 14
- b = w14 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x9bdc06a7 | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 15
- a = w15 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0xc19bf174 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 16
- w0 = (w1 >>> 7 ^ w1 >>> 18 ^ w1 >>> 3 ^ w1 << 25 ^ w1 << 14) + (w14 >>> 17 ^ w14 >>> 19 ^ w14 >>> 10 ^ w14 << 15 ^ w14 << 13) + w0 + w9 | 0;
- h = w0 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0xe49b69c1 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 17
- w1 = (w2 >>> 7 ^ w2 >>> 18 ^ w2 >>> 3 ^ w2 << 25 ^ w2 << 14) + (w15 >>> 17 ^ w15 >>> 19 ^ w15 >>> 10 ^ w15 << 15 ^ w15 << 13) + w1 + w10 | 0;
- g = w1 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0xefbe4786 | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 18
- w2 = (w3 >>> 7 ^ w3 >>> 18 ^ w3 >>> 3 ^ w3 << 25 ^ w3 << 14) + (w0 >>> 17 ^ w0 >>> 19 ^ w0 >>> 10 ^ w0 << 15 ^ w0 << 13) + w2 + w11 | 0;
- f = w2 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0x0fc19dc6 | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 19
- w3 = (w4 >>> 7 ^ w4 >>> 18 ^ w4 >>> 3 ^ w4 << 25 ^ w4 << 14) + (w1 >>> 17 ^ w1 >>> 19 ^ w1 >>> 10 ^ w1 << 15 ^ w1 << 13) + w3 + w12 | 0;
- e = w3 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0x240ca1cc | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 20
- w4 = (w5 >>> 7 ^ w5 >>> 18 ^ w5 >>> 3 ^ w5 << 25 ^ w5 << 14) + (w2 >>> 17 ^ w2 >>> 19 ^ w2 >>> 10 ^ w2 << 15 ^ w2 << 13) + w4 + w13 | 0;
- d = w4 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x2de92c6f | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 21
- w5 = (w6 >>> 7 ^ w6 >>> 18 ^ w6 >>> 3 ^ w6 << 25 ^ w6 << 14) + (w3 >>> 17 ^ w3 >>> 19 ^ w3 >>> 10 ^ w3 << 15 ^ w3 << 13) + w5 + w14 | 0;
- c = w5 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0x4a7484aa | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 22
- w6 = (w7 >>> 7 ^ w7 >>> 18 ^ w7 >>> 3 ^ w7 << 25 ^ w7 << 14) + (w4 >>> 17 ^ w4 >>> 19 ^ w4 >>> 10 ^ w4 << 15 ^ w4 << 13) + w6 + w15 | 0;
- b = w6 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x5cb0a9dc | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 23
- w7 = (w8 >>> 7 ^ w8 >>> 18 ^ w8 >>> 3 ^ w8 << 25 ^ w8 << 14) + (w5 >>> 17 ^ w5 >>> 19 ^ w5 >>> 10 ^ w5 << 15 ^ w5 << 13) + w7 + w0 | 0;
- a = w7 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0x76f988da | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 24
- w8 = (w9 >>> 7 ^ w9 >>> 18 ^ w9 >>> 3 ^ w9 << 25 ^ w9 << 14) + (w6 >>> 17 ^ w6 >>> 19 ^ w6 >>> 10 ^ w6 << 15 ^ w6 << 13) + w8 + w1 | 0;
- h = w8 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0x983e5152 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 25
- w9 = (w10 >>> 7 ^ w10 >>> 18 ^ w10 >>> 3 ^ w10 << 25 ^ w10 << 14) + (w7 >>> 17 ^ w7 >>> 19 ^ w7 >>> 10 ^ w7 << 15 ^ w7 << 13) + w9 + w2 | 0;
- g = w9 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0xa831c66d | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 26
- w10 = (w11 >>> 7 ^ w11 >>> 18 ^ w11 >>> 3 ^ w11 << 25 ^ w11 << 14) + (w8 >>> 17 ^ w8 >>> 19 ^ w8 >>> 10 ^ w8 << 15 ^ w8 << 13) + w10 + w3 | 0;
- f = w10 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0xb00327c8 | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 27
- w11 = (w12 >>> 7 ^ w12 >>> 18 ^ w12 >>> 3 ^ w12 << 25 ^ w12 << 14) + (w9 >>> 17 ^ w9 >>> 19 ^ w9 >>> 10 ^ w9 << 15 ^ w9 << 13) + w11 + w4 | 0;
- e = w11 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0xbf597fc7 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 28
- w12 = (w13 >>> 7 ^ w13 >>> 18 ^ w13 >>> 3 ^ w13 << 25 ^ w13 << 14) + (w10 >>> 17 ^ w10 >>> 19 ^ w10 >>> 10 ^ w10 << 15 ^ w10 << 13) + w12 + w5 | 0;
- d = w12 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0xc6e00bf3 | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 29
- w13 = (w14 >>> 7 ^ w14 >>> 18 ^ w14 >>> 3 ^ w14 << 25 ^ w14 << 14) + (w11 >>> 17 ^ w11 >>> 19 ^ w11 >>> 10 ^ w11 << 15 ^ w11 << 13) + w13 + w6 | 0;
- c = w13 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0xd5a79147 | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 30
- w14 = (w15 >>> 7 ^ w15 >>> 18 ^ w15 >>> 3 ^ w15 << 25 ^ w15 << 14) + (w12 >>> 17 ^ w12 >>> 19 ^ w12 >>> 10 ^ w12 << 15 ^ w12 << 13) + w14 + w7 | 0;
- b = w14 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x06ca6351 | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 31
- w15 = (w0 >>> 7 ^ w0 >>> 18 ^ w0 >>> 3 ^ w0 << 25 ^ w0 << 14) + (w13 >>> 17 ^ w13 >>> 19 ^ w13 >>> 10 ^ w13 << 15 ^ w13 << 13) + w15 + w8 | 0;
- a = w15 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0x14292967 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 32
- w0 = (w1 >>> 7 ^ w1 >>> 18 ^ w1 >>> 3 ^ w1 << 25 ^ w1 << 14) + (w14 >>> 17 ^ w14 >>> 19 ^ w14 >>> 10 ^ w14 << 15 ^ w14 << 13) + w0 + w9 | 0;
- h = w0 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0x27b70a85 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 33
- w1 = (w2 >>> 7 ^ w2 >>> 18 ^ w2 >>> 3 ^ w2 << 25 ^ w2 << 14) + (w15 >>> 17 ^ w15 >>> 19 ^ w15 >>> 10 ^ w15 << 15 ^ w15 << 13) + w1 + w10 | 0;
- g = w1 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0x2e1b2138 | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 34
- w2 = (w3 >>> 7 ^ w3 >>> 18 ^ w3 >>> 3 ^ w3 << 25 ^ w3 << 14) + (w0 >>> 17 ^ w0 >>> 19 ^ w0 >>> 10 ^ w0 << 15 ^ w0 << 13) + w2 + w11 | 0;
- f = w2 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0x4d2c6dfc | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 35
- w3 = (w4 >>> 7 ^ w4 >>> 18 ^ w4 >>> 3 ^ w4 << 25 ^ w4 << 14) + (w1 >>> 17 ^ w1 >>> 19 ^ w1 >>> 10 ^ w1 << 15 ^ w1 << 13) + w3 + w12 | 0;
- e = w3 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0x53380d13 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 36
- w4 = (w5 >>> 7 ^ w5 >>> 18 ^ w5 >>> 3 ^ w5 << 25 ^ w5 << 14) + (w2 >>> 17 ^ w2 >>> 19 ^ w2 >>> 10 ^ w2 << 15 ^ w2 << 13) + w4 + w13 | 0;
- d = w4 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x650a7354 | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 37
- w5 = (w6 >>> 7 ^ w6 >>> 18 ^ w6 >>> 3 ^ w6 << 25 ^ w6 << 14) + (w3 >>> 17 ^ w3 >>> 19 ^ w3 >>> 10 ^ w3 << 15 ^ w3 << 13) + w5 + w14 | 0;
- c = w5 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0x766a0abb | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 38
- w6 = (w7 >>> 7 ^ w7 >>> 18 ^ w7 >>> 3 ^ w7 << 25 ^ w7 << 14) + (w4 >>> 17 ^ w4 >>> 19 ^ w4 >>> 10 ^ w4 << 15 ^ w4 << 13) + w6 + w15 | 0;
- b = w6 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x81c2c92e | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 39
- w7 = (w8 >>> 7 ^ w8 >>> 18 ^ w8 >>> 3 ^ w8 << 25 ^ w8 << 14) + (w5 >>> 17 ^ w5 >>> 19 ^ w5 >>> 10 ^ w5 << 15 ^ w5 << 13) + w7 + w0 | 0;
- a = w7 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0x92722c85 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 40
- w8 = (w9 >>> 7 ^ w9 >>> 18 ^ w9 >>> 3 ^ w9 << 25 ^ w9 << 14) + (w6 >>> 17 ^ w6 >>> 19 ^ w6 >>> 10 ^ w6 << 15 ^ w6 << 13) + w8 + w1 | 0;
- h = w8 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0xa2bfe8a1 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 41
- w9 = (w10 >>> 7 ^ w10 >>> 18 ^ w10 >>> 3 ^ w10 << 25 ^ w10 << 14) + (w7 >>> 17 ^ w7 >>> 19 ^ w7 >>> 10 ^ w7 << 15 ^ w7 << 13) + w9 + w2 | 0;
- g = w9 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0xa81a664b | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 42
- w10 = (w11 >>> 7 ^ w11 >>> 18 ^ w11 >>> 3 ^ w11 << 25 ^ w11 << 14) + (w8 >>> 17 ^ w8 >>> 19 ^ w8 >>> 10 ^ w8 << 15 ^ w8 << 13) + w10 + w3 | 0;
- f = w10 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0xc24b8b70 | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 43
- w11 = (w12 >>> 7 ^ w12 >>> 18 ^ w12 >>> 3 ^ w12 << 25 ^ w12 << 14) + (w9 >>> 17 ^ w9 >>> 19 ^ w9 >>> 10 ^ w9 << 15 ^ w9 << 13) + w11 + w4 | 0;
- e = w11 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0xc76c51a3 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 44
- w12 = (w13 >>> 7 ^ w13 >>> 18 ^ w13 >>> 3 ^ w13 << 25 ^ w13 << 14) + (w10 >>> 17 ^ w10 >>> 19 ^ w10 >>> 10 ^ w10 << 15 ^ w10 << 13) + w12 + w5 | 0;
- d = w12 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0xd192e819 | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 45
- w13 = (w14 >>> 7 ^ w14 >>> 18 ^ w14 >>> 3 ^ w14 << 25 ^ w14 << 14) + (w11 >>> 17 ^ w11 >>> 19 ^ w11 >>> 10 ^ w11 << 15 ^ w11 << 13) + w13 + w6 | 0;
- c = w13 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0xd6990624 | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 46
- w14 = (w15 >>> 7 ^ w15 >>> 18 ^ w15 >>> 3 ^ w15 << 25 ^ w15 << 14) + (w12 >>> 17 ^ w12 >>> 19 ^ w12 >>> 10 ^ w12 << 15 ^ w12 << 13) + w14 + w7 | 0;
- b = w14 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0xf40e3585 | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 47
- w15 = (w0 >>> 7 ^ w0 >>> 18 ^ w0 >>> 3 ^ w0 << 25 ^ w0 << 14) + (w13 >>> 17 ^ w13 >>> 19 ^ w13 >>> 10 ^ w13 << 15 ^ w13 << 13) + w15 + w8 | 0;
- a = w15 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0x106aa070 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 48
- w0 = (w1 >>> 7 ^ w1 >>> 18 ^ w1 >>> 3 ^ w1 << 25 ^ w1 << 14) + (w14 >>> 17 ^ w14 >>> 19 ^ w14 >>> 10 ^ w14 << 15 ^ w14 << 13) + w0 + w9 | 0;
- h = w0 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0x19a4c116 | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 49
- w1 = (w2 >>> 7 ^ w2 >>> 18 ^ w2 >>> 3 ^ w2 << 25 ^ w2 << 14) + (w15 >>> 17 ^ w15 >>> 19 ^ w15 >>> 10 ^ w15 << 15 ^ w15 << 13) + w1 + w10 | 0;
- g = w1 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0x1e376c08 | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 50
- w2 = (w3 >>> 7 ^ w3 >>> 18 ^ w3 >>> 3 ^ w3 << 25 ^ w3 << 14) + (w0 >>> 17 ^ w0 >>> 19 ^ w0 >>> 10 ^ w0 << 15 ^ w0 << 13) + w2 + w11 | 0;
- f = w2 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0x2748774c | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 51
- w3 = (w4 >>> 7 ^ w4 >>> 18 ^ w4 >>> 3 ^ w4 << 25 ^ w4 << 14) + (w1 >>> 17 ^ w1 >>> 19 ^ w1 >>> 10 ^ w1 << 15 ^ w1 << 13) + w3 + w12 | 0;
- e = w3 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0x34b0bcb5 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 52
- w4 = (w5 >>> 7 ^ w5 >>> 18 ^ w5 >>> 3 ^ w5 << 25 ^ w5 << 14) + (w2 >>> 17 ^ w2 >>> 19 ^ w2 >>> 10 ^ w2 << 15 ^ w2 << 13) + w4 + w13 | 0;
- d = w4 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x391c0cb3 | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 53
- w5 = (w6 >>> 7 ^ w6 >>> 18 ^ w6 >>> 3 ^ w6 << 25 ^ w6 << 14) + (w3 >>> 17 ^ w3 >>> 19 ^ w3 >>> 10 ^ w3 << 15 ^ w3 << 13) + w5 + w14 | 0;
- c = w5 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0x4ed8aa4a | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 54
- w6 = (w7 >>> 7 ^ w7 >>> 18 ^ w7 >>> 3 ^ w7 << 25 ^ w7 << 14) + (w4 >>> 17 ^ w4 >>> 19 ^ w4 >>> 10 ^ w4 << 15 ^ w4 << 13) + w6 + w15 | 0;
- b = w6 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0x5b9cca4f | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 55
- w7 = (w8 >>> 7 ^ w8 >>> 18 ^ w8 >>> 3 ^ w8 << 25 ^ w8 << 14) + (w5 >>> 17 ^ w5 >>> 19 ^ w5 >>> 10 ^ w5 << 15 ^ w5 << 13) + w7 + w0 | 0;
- a = w7 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0x682e6ff3 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- // 56
- w8 = (w9 >>> 7 ^ w9 >>> 18 ^ w9 >>> 3 ^ w9 << 25 ^ w9 << 14) + (w6 >>> 17 ^ w6 >>> 19 ^ w6 >>> 10 ^ w6 << 15 ^ w6 << 13) + w8 + w1 | 0;
- h = w8 + h + (e >>> 6 ^ e >>> 11 ^ e >>> 25 ^ e << 26 ^ e << 21 ^ e << 7) + (g ^ e & (f ^ g)) + 0x748f82ee | 0;
- d = d + h | 0;
- h = h + (a & b ^ c & (a ^ b)) + (a >>> 2 ^ a >>> 13 ^ a >>> 22 ^ a << 30 ^ a << 19 ^ a << 10) | 0;
- // 57
- w9 = (w10 >>> 7 ^ w10 >>> 18 ^ w10 >>> 3 ^ w10 << 25 ^ w10 << 14) + (w7 >>> 17 ^ w7 >>> 19 ^ w7 >>> 10 ^ w7 << 15 ^ w7 << 13) + w9 + w2 | 0;
- g = w9 + g + (d >>> 6 ^ d >>> 11 ^ d >>> 25 ^ d << 26 ^ d << 21 ^ d << 7) + (f ^ d & (e ^ f)) + 0x78a5636f | 0;
- c = c + g | 0;
- g = g + (h & a ^ b & (h ^ a)) + (h >>> 2 ^ h >>> 13 ^ h >>> 22 ^ h << 30 ^ h << 19 ^ h << 10) | 0;
- // 58
- w10 = (w11 >>> 7 ^ w11 >>> 18 ^ w11 >>> 3 ^ w11 << 25 ^ w11 << 14) + (w8 >>> 17 ^ w8 >>> 19 ^ w8 >>> 10 ^ w8 << 15 ^ w8 << 13) + w10 + w3 | 0;
- f = w10 + f + (c >>> 6 ^ c >>> 11 ^ c >>> 25 ^ c << 26 ^ c << 21 ^ c << 7) + (e ^ c & (d ^ e)) + 0x84c87814 | 0;
- b = b + f | 0;
- f = f + (g & h ^ a & (g ^ h)) + (g >>> 2 ^ g >>> 13 ^ g >>> 22 ^ g << 30 ^ g << 19 ^ g << 10) | 0;
- // 59
- w11 = (w12 >>> 7 ^ w12 >>> 18 ^ w12 >>> 3 ^ w12 << 25 ^ w12 << 14) + (w9 >>> 17 ^ w9 >>> 19 ^ w9 >>> 10 ^ w9 << 15 ^ w9 << 13) + w11 + w4 | 0;
- e = w11 + e + (b >>> 6 ^ b >>> 11 ^ b >>> 25 ^ b << 26 ^ b << 21 ^ b << 7) + (d ^ b & (c ^ d)) + 0x8cc70208 | 0;
- a = a + e | 0;
- e = e + (f & g ^ h & (f ^ g)) + (f >>> 2 ^ f >>> 13 ^ f >>> 22 ^ f << 30 ^ f << 19 ^ f << 10) | 0;
- // 60
- w12 = (w13 >>> 7 ^ w13 >>> 18 ^ w13 >>> 3 ^ w13 << 25 ^ w13 << 14) + (w10 >>> 17 ^ w10 >>> 19 ^ w10 >>> 10 ^ w10 << 15 ^ w10 << 13) + w12 + w5 | 0;
- d = w12 + d + (a >>> 6 ^ a >>> 11 ^ a >>> 25 ^ a << 26 ^ a << 21 ^ a << 7) + (c ^ a & (b ^ c)) + 0x90befffa | 0;
- h = h + d | 0;
- d = d + (e & f ^ g & (e ^ f)) + (e >>> 2 ^ e >>> 13 ^ e >>> 22 ^ e << 30 ^ e << 19 ^ e << 10) | 0;
- // 61
- w13 = (w14 >>> 7 ^ w14 >>> 18 ^ w14 >>> 3 ^ w14 << 25 ^ w14 << 14) + (w11 >>> 17 ^ w11 >>> 19 ^ w11 >>> 10 ^ w11 << 15 ^ w11 << 13) + w13 + w6 | 0;
- c = w13 + c + (h >>> 6 ^ h >>> 11 ^ h >>> 25 ^ h << 26 ^ h << 21 ^ h << 7) + (b ^ h & (a ^ b)) + 0xa4506ceb | 0;
- g = g + c | 0;
- c = c + (d & e ^ f & (d ^ e)) + (d >>> 2 ^ d >>> 13 ^ d >>> 22 ^ d << 30 ^ d << 19 ^ d << 10) | 0;
- // 62
- w14 = (w15 >>> 7 ^ w15 >>> 18 ^ w15 >>> 3 ^ w15 << 25 ^ w15 << 14) + (w12 >>> 17 ^ w12 >>> 19 ^ w12 >>> 10 ^ w12 << 15 ^ w12 << 13) + w14 + w7 | 0;
- b = w14 + b + (g >>> 6 ^ g >>> 11 ^ g >>> 25 ^ g << 26 ^ g << 21 ^ g << 7) + (a ^ g & (h ^ a)) + 0xbef9a3f7 | 0;
- f = f + b | 0;
- b = b + (c & d ^ e & (c ^ d)) + (c >>> 2 ^ c >>> 13 ^ c >>> 22 ^ c << 30 ^ c << 19 ^ c << 10) | 0;
- // 63
- w15 = (w0 >>> 7 ^ w0 >>> 18 ^ w0 >>> 3 ^ w0 << 25 ^ w0 << 14) + (w13 >>> 17 ^ w13 >>> 19 ^ w13 >>> 10 ^ w13 << 15 ^ w13 << 13) + w15 + w8 | 0;
- a = w15 + a + (f >>> 6 ^ f >>> 11 ^ f >>> 25 ^ f << 26 ^ f << 21 ^ f << 7) + (h ^ f & (g ^ h)) + 0xc67178f2 | 0;
- e = e + a | 0;
- a = a + (b & c ^ d & (b ^ c)) + (b >>> 2 ^ b >>> 13 ^ b >>> 22 ^ b << 30 ^ b << 19 ^ b << 10) | 0;
- H0 = H0 + a | 0;
- H1 = H1 + b | 0;
- H2 = H2 + c | 0;
- H3 = H3 + d | 0;
- H4 = H4 + e | 0;
- H5 = H5 + f | 0;
- H6 = H6 + g | 0;
- H7 = H7 + h | 0;
- }
- function _core_heap(offset) {
- offset = offset | 0;
- _core(HEAP[offset | 0] << 24 | HEAP[offset | 1] << 16 | HEAP[offset | 2] << 8 | HEAP[offset | 3], HEAP[offset | 4] << 24 | HEAP[offset | 5] << 16 | HEAP[offset | 6] << 8 | HEAP[offset | 7], HEAP[offset | 8] << 24 | HEAP[offset | 9] << 16 | HEAP[offset | 10] << 8 | HEAP[offset | 11], HEAP[offset | 12] << 24 | HEAP[offset | 13] << 16 | HEAP[offset | 14] << 8 | HEAP[offset | 15], HEAP[offset | 16] << 24 | HEAP[offset | 17] << 16 | HEAP[offset | 18] << 8 | HEAP[offset | 19], HEAP[offset | 20] << 24 | HEAP[offset | 21] << 16 | HEAP[offset | 22] << 8 | HEAP[offset | 23], HEAP[offset | 24] << 24 | HEAP[offset | 25] << 16 | HEAP[offset | 26] << 8 | HEAP[offset | 27], HEAP[offset | 28] << 24 | HEAP[offset | 29] << 16 | HEAP[offset | 30] << 8 | HEAP[offset | 31], HEAP[offset | 32] << 24 | HEAP[offset | 33] << 16 | HEAP[offset | 34] << 8 | HEAP[offset | 35], HEAP[offset | 36] << 24 | HEAP[offset | 37] << 16 | HEAP[offset | 38] << 8 | HEAP[offset | 39], HEAP[offset | 40] << 24 | HEAP[offset | 41] << 16 | HEAP[offset | 42] << 8 | HEAP[offset | 43], HEAP[offset | 44] << 24 | HEAP[offset | 45] << 16 | HEAP[offset | 46] << 8 | HEAP[offset | 47], HEAP[offset | 48] << 24 | HEAP[offset | 49] << 16 | HEAP[offset | 50] << 8 | HEAP[offset | 51], HEAP[offset | 52] << 24 | HEAP[offset | 53] << 16 | HEAP[offset | 54] << 8 | HEAP[offset | 55], HEAP[offset | 56] << 24 | HEAP[offset | 57] << 16 | HEAP[offset | 58] << 8 | HEAP[offset | 59], HEAP[offset | 60] << 24 | HEAP[offset | 61] << 16 | HEAP[offset | 62] << 8 | HEAP[offset | 63]);
- }
- // offset — multiple of 32
- function _state_to_heap(output) {
- output = output | 0;
- HEAP[output | 0] = H0 >>> 24;
- HEAP[output | 1] = H0 >>> 16 & 255;
- HEAP[output | 2] = H0 >>> 8 & 255;
- HEAP[output | 3] = H0 & 255;
- HEAP[output | 4] = H1 >>> 24;
- HEAP[output | 5] = H1 >>> 16 & 255;
- HEAP[output | 6] = H1 >>> 8 & 255;
- HEAP[output | 7] = H1 & 255;
- HEAP[output | 8] = H2 >>> 24;
- HEAP[output | 9] = H2 >>> 16 & 255;
- HEAP[output | 10] = H2 >>> 8 & 255;
- HEAP[output | 11] = H2 & 255;
- HEAP[output | 12] = H3 >>> 24;
- HEAP[output | 13] = H3 >>> 16 & 255;
- HEAP[output | 14] = H3 >>> 8 & 255;
- HEAP[output | 15] = H3 & 255;
- HEAP[output | 16] = H4 >>> 24;
- HEAP[output | 17] = H4 >>> 16 & 255;
- HEAP[output | 18] = H4 >>> 8 & 255;
- HEAP[output | 19] = H4 & 255;
- HEAP[output | 20] = H5 >>> 24;
- HEAP[output | 21] = H5 >>> 16 & 255;
- HEAP[output | 22] = H5 >>> 8 & 255;
- HEAP[output | 23] = H5 & 255;
- HEAP[output | 24] = H6 >>> 24;
- HEAP[output | 25] = H6 >>> 16 & 255;
- HEAP[output | 26] = H6 >>> 8 & 255;
- HEAP[output | 27] = H6 & 255;
- HEAP[output | 28] = H7 >>> 24;
- HEAP[output | 29] = H7 >>> 16 & 255;
- HEAP[output | 30] = H7 >>> 8 & 255;
- HEAP[output | 31] = H7 & 255;
- }
- function reset() {
- H0 = 0x6a09e667;
- H1 = 0xbb67ae85;
- H2 = 0x3c6ef372;
- H3 = 0xa54ff53a;
- H4 = 0x510e527f;
- H5 = 0x9b05688c;
- H6 = 0x1f83d9ab;
- H7 = 0x5be0cd19;
- TOTAL0 = TOTAL1 = 0;
- }
- function init(h0, h1, h2, h3, h4, h5, h6, h7, total0, total1) {
- h0 = h0 | 0;
- h1 = h1 | 0;
- h2 = h2 | 0;
- h3 = h3 | 0;
- h4 = h4 | 0;
- h5 = h5 | 0;
- h6 = h6 | 0;
- h7 = h7 | 0;
- total0 = total0 | 0;
- total1 = total1 | 0;
- H0 = h0;
- H1 = h1;
- H2 = h2;
- H3 = h3;
- H4 = h4;
- H5 = h5;
- H6 = h6;
- H7 = h7;
- TOTAL0 = total0;
- TOTAL1 = total1;
- }
- // offset — multiple of 64
- function process(offset, length) {
- offset = offset | 0;
- length = length | 0;
- var hashed = 0;
- if (offset & 63) return -1;
- while ((length | 0) >= 64) {
- _core_heap(offset);
- offset = offset + 64 | 0;
- length = length - 64 | 0;
- hashed = hashed + 64 | 0;
- }
- TOTAL0 = TOTAL0 + hashed | 0;
- if (TOTAL0 >>> 0 < hashed >>> 0) TOTAL1 = TOTAL1 + 1 | 0;
- return hashed | 0;
- }
- // offset — multiple of 64
- // output — multiple of 32
- function finish(offset, length, output) {
- offset = offset | 0;
- length = length | 0;
- output = output | 0;
- var hashed = 0,
- i = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- if ((length | 0) >= 64) {
- hashed = process(offset, length) | 0;
- if ((hashed | 0) == -1) return -1;
- offset = offset + hashed | 0;
- length = length - hashed | 0;
- }
- hashed = hashed + length | 0;
- TOTAL0 = TOTAL0 + length | 0;
- if (TOTAL0 >>> 0 < length >>> 0) TOTAL1 = TOTAL1 + 1 | 0;
- HEAP[offset | length] = 0x80;
- if ((length | 0) >= 56) {
- for (i = length + 1 | 0; (i | 0) < 64; i = i + 1 | 0) HEAP[offset | i] = 0x00;
- _core_heap(offset);
- length = 0;
- HEAP[offset | 0] = 0;
- }
- for (i = length + 1 | 0; (i | 0) < 59; i = i + 1 | 0) HEAP[offset | i] = 0;
- HEAP[offset | 56] = TOTAL1 >>> 21 & 255;
- HEAP[offset | 57] = TOTAL1 >>> 13 & 255;
- HEAP[offset | 58] = TOTAL1 >>> 5 & 255;
- HEAP[offset | 59] = TOTAL1 << 3 & 255 | TOTAL0 >>> 29;
- HEAP[offset | 60] = TOTAL0 >>> 21 & 255;
- HEAP[offset | 61] = TOTAL0 >>> 13 & 255;
- HEAP[offset | 62] = TOTAL0 >>> 5 & 255;
- HEAP[offset | 63] = TOTAL0 << 3 & 255;
- _core_heap(offset);
- if (~output) _state_to_heap(output);
- return hashed | 0;
- }
- function hmac_reset() {
- H0 = I0;
- H1 = I1;
- H2 = I2;
- H3 = I3;
- H4 = I4;
- H5 = I5;
- H6 = I6;
- H7 = I7;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- function _hmac_opad() {
- H0 = O0;
- H1 = O1;
- H2 = O2;
- H3 = O3;
- H4 = O4;
- H5 = O5;
- H6 = O6;
- H7 = O7;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- function hmac_init(p0, p1, p2, p3, p4, p5, p6, p7, p8, p9, p10, p11, p12, p13, p14, p15) {
- p0 = p0 | 0;
- p1 = p1 | 0;
- p2 = p2 | 0;
- p3 = p3 | 0;
- p4 = p4 | 0;
- p5 = p5 | 0;
- p6 = p6 | 0;
- p7 = p7 | 0;
- p8 = p8 | 0;
- p9 = p9 | 0;
- p10 = p10 | 0;
- p11 = p11 | 0;
- p12 = p12 | 0;
- p13 = p13 | 0;
- p14 = p14 | 0;
- p15 = p15 | 0;
- // opad
- reset();
- _core(p0 ^ 0x5c5c5c5c, p1 ^ 0x5c5c5c5c, p2 ^ 0x5c5c5c5c, p3 ^ 0x5c5c5c5c, p4 ^ 0x5c5c5c5c, p5 ^ 0x5c5c5c5c, p6 ^ 0x5c5c5c5c, p7 ^ 0x5c5c5c5c, p8 ^ 0x5c5c5c5c, p9 ^ 0x5c5c5c5c, p10 ^ 0x5c5c5c5c, p11 ^ 0x5c5c5c5c, p12 ^ 0x5c5c5c5c, p13 ^ 0x5c5c5c5c, p14 ^ 0x5c5c5c5c, p15 ^ 0x5c5c5c5c);
- O0 = H0;
- O1 = H1;
- O2 = H2;
- O3 = H3;
- O4 = H4;
- O5 = H5;
- O6 = H6;
- O7 = H7;
- // ipad
- reset();
- _core(p0 ^ 0x36363636, p1 ^ 0x36363636, p2 ^ 0x36363636, p3 ^ 0x36363636, p4 ^ 0x36363636, p5 ^ 0x36363636, p6 ^ 0x36363636, p7 ^ 0x36363636, p8 ^ 0x36363636, p9 ^ 0x36363636, p10 ^ 0x36363636, p11 ^ 0x36363636, p12 ^ 0x36363636, p13 ^ 0x36363636, p14 ^ 0x36363636, p15 ^ 0x36363636);
- I0 = H0;
- I1 = H1;
- I2 = H2;
- I3 = H3;
- I4 = H4;
- I5 = H5;
- I6 = H6;
- I7 = H7;
- TOTAL0 = 64;
- TOTAL1 = 0;
- }
- // offset — multiple of 64
- // output — multiple of 32
- function hmac_finish(offset, length, output) {
- offset = offset | 0;
- length = length | 0;
- output = output | 0;
- var t0 = 0,
- t1 = 0,
- t2 = 0,
- t3 = 0,
- t4 = 0,
- t5 = 0,
- t6 = 0,
- t7 = 0,
- hashed = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- hashed = finish(offset, length, -1) | 0;
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4, t5 = H5, t6 = H6, t7 = H7;
- _hmac_opad();
- _core(t0, t1, t2, t3, t4, t5, t6, t7, 0x80000000, 0, 0, 0, 0, 0, 0, 768);
- if (~output) _state_to_heap(output);
- return hashed | 0;
- }
- // salt is assumed to be already processed
- // offset — multiple of 64
- // output — multiple of 32
- function pbkdf2_generate_block(offset, length, block, count, output) {
- offset = offset | 0;
- length = length | 0;
- block = block | 0;
- count = count | 0;
- output = output | 0;
- var h0 = 0,
- h1 = 0,
- h2 = 0,
- h3 = 0,
- h4 = 0,
- h5 = 0,
- h6 = 0,
- h7 = 0,
- t0 = 0,
- t1 = 0,
- t2 = 0,
- t3 = 0,
- t4 = 0,
- t5 = 0,
- t6 = 0,
- t7 = 0;
- if (offset & 63) return -1;
- if (~output) if (output & 31) return -1;
- // pad block number into heap
- // FIXME probable OOB write
- HEAP[offset + length | 0] = block >>> 24;
- HEAP[offset + length + 1 | 0] = block >>> 16 & 255;
- HEAP[offset + length + 2 | 0] = block >>> 8 & 255;
- HEAP[offset + length + 3 | 0] = block & 255;
- // finish first iteration
- hmac_finish(offset, length + 4 | 0, -1) | 0;
- h0 = t0 = H0, h1 = t1 = H1, h2 = t2 = H2, h3 = t3 = H3, h4 = t4 = H4, h5 = t5 = H5, h6 = t6 = H6, h7 = t7 = H7;
- count = count - 1 | 0;
- // perform the rest iterations
- while ((count | 0) > 0) {
- hmac_reset();
- _core(t0, t1, t2, t3, t4, t5, t6, t7, 0x80000000, 0, 0, 0, 0, 0, 0, 768);
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4, t5 = H5, t6 = H6, t7 = H7;
- _hmac_opad();
- _core(t0, t1, t2, t3, t4, t5, t6, t7, 0x80000000, 0, 0, 0, 0, 0, 0, 768);
- t0 = H0, t1 = H1, t2 = H2, t3 = H3, t4 = H4, t5 = H5, t6 = H6, t7 = H7;
- h0 = h0 ^ H0;
- h1 = h1 ^ H1;
- h2 = h2 ^ H2;
- h3 = h3 ^ H3;
- h4 = h4 ^ H4;
- h5 = h5 ^ H5;
- h6 = h6 ^ H6;
- h7 = h7 ^ H7;
- count = count - 1 | 0;
- }
- H0 = h0;
- H1 = h1;
- H2 = h2;
- H3 = h3;
- H4 = h4;
- H5 = h5;
- H6 = h6;
- H7 = h7;
- if (~output) _state_to_heap(output);
- return 0;
- }
- return {
- // SHA256
- reset: reset,
- init: init,
- process: process,
- finish: finish,
- // HMAC-SHA256
- hmac_reset: hmac_reset,
- hmac_init: hmac_init,
- hmac_finish: hmac_finish,
- // PBKDF2-HMAC-SHA256
- pbkdf2_generate_block: pbkdf2_generate_block
- };
- }
- },{}],13:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Sha256 = exports._sha256_hash_size = exports._sha256_block_size = undefined;
- var _sha = require('./sha256.asm');
- var _hash = require('../hash');
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var _sha256_block_size = exports._sha256_block_size = 64;
- var _sha256_hash_size = exports._sha256_hash_size = 32;
- var Sha256 = /** @class */function (_super) {
- __extends(Sha256, _super);
- function Sha256() {
- var _this = _super !== null && _super.apply(this, arguments) || this;
- _this.NAME = 'sha256';
- _this.BLOCK_SIZE = _sha256_block_size;
- _this.HASH_SIZE = _sha256_hash_size;
- return _this;
- }
- Sha256.bytes = function (data) {
- return new Sha256().process(data).finish().result;
- };
- Sha256.NAME = 'sha256';
- Sha256.heap_pool = [];
- Sha256.asm_pool = [];
- Sha256.asm_function = _sha.sha256_asm;
- return Sha256;
- }(_hash.Hash);
- exports.Sha256 = Sha256;
- },{"../hash":9,"./sha256.asm":12}],14:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var __extends = undefined && undefined.__extends || function () {
- var extendStatics = Object.setPrototypeOf || { __proto__: [] } instanceof Array && function (d, b) {
- d.__proto__ = b;
- } || function (d, b) {
- for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p];
- };
- return function (d, b) {
- extendStatics(d, b);
- function __() {
- this.constructor = d;
- }
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
- };
- }();
- var IllegalStateError = /** @class */function (_super) {
- __extends(IllegalStateError, _super);
- function IllegalStateError() {
- var args = [];
- for (var _i = 0; _i < arguments.length; _i++) {
- args[_i] = arguments[_i];
- }
- var _this = _super.apply(this, args) || this;
- Object.create(Error.prototype, { name: { value: 'IllegalStateError' } });
- return _this;
- }
- return IllegalStateError;
- }(Error);
- exports.IllegalStateError = IllegalStateError;
- var IllegalArgumentError = /** @class */function (_super) {
- __extends(IllegalArgumentError, _super);
- function IllegalArgumentError() {
- var args = [];
- for (var _i = 0; _i < arguments.length; _i++) {
- args[_i] = arguments[_i];
- }
- var _this = _super.apply(this, args) || this;
- Object.create(Error.prototype, { name: { value: 'IllegalArgumentError' } });
- return _this;
- }
- return IllegalArgumentError;
- }(Error);
- exports.IllegalArgumentError = IllegalArgumentError;
- var SecurityError = /** @class */function (_super) {
- __extends(SecurityError, _super);
- function SecurityError() {
- var args = [];
- for (var _i = 0; _i < arguments.length; _i++) {
- args[_i] = arguments[_i];
- }
- var _this = _super.apply(this, args) || this;
- Object.create(Error.prototype, { name: { value: 'SecurityError' } });
- return _this;
- }
- return SecurityError;
- }(Error);
- exports.SecurityError = SecurityError;
- },{}],15:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.string_to_bytes = string_to_bytes;
- exports.hex_to_bytes = hex_to_bytes;
- exports.base64_to_bytes = base64_to_bytes;
- exports.bytes_to_string = bytes_to_string;
- exports.bytes_to_hex = bytes_to_hex;
- exports.bytes_to_base64 = bytes_to_base64;
- exports.pow2_ceil = pow2_ceil;
- exports.is_number = is_number;
- exports.is_string = is_string;
- exports.is_buffer = is_buffer;
- exports.is_bytes = is_bytes;
- exports.is_typed_array = is_typed_array;
- exports._heap_init = _heap_init;
- exports._heap_write = _heap_write;
- exports.joinBytes = joinBytes;
- var local_atob = typeof atob === 'undefined' ? function (str) {
- return require('buffer').Buffer.from(str, 'base64').toString('binary');
- } : atob;
- var local_btoa = typeof btoa === 'undefined' ? function (str) {
- return require('buffer').Buffer.from(str, 'binary').toString('base64');
- } : btoa;
- function string_to_bytes(str, utf8) {
- if (utf8 === void 0) {
- utf8 = false;
- }
- var len = str.length,
- bytes = new Uint8Array(utf8 ? 4 * len : len);
- for (var i = 0, j = 0; i < len; i++) {
- var c = str.charCodeAt(i);
- if (utf8 && 0xd800 <= c && c <= 0xdbff) {
- if (++i >= len) throw new Error('Malformed string, low surrogate expected at position ' + i);
- c = (c ^ 0xd800) << 10 | 0x10000 | str.charCodeAt(i) ^ 0xdc00;
- } else if (!utf8 && c >>> 8) {
- throw new Error('Wide characters are not allowed.');
- }
- if (!utf8 || c <= 0x7f) {
- bytes[j++] = c;
- } else if (c <= 0x7ff) {
- bytes[j++] = 0xc0 | c >> 6;
- bytes[j++] = 0x80 | c & 0x3f;
- } else if (c <= 0xffff) {
- bytes[j++] = 0xe0 | c >> 12;
- bytes[j++] = 0x80 | c >> 6 & 0x3f;
- bytes[j++] = 0x80 | c & 0x3f;
- } else {
- bytes[j++] = 0xf0 | c >> 18;
- bytes[j++] = 0x80 | c >> 12 & 0x3f;
- bytes[j++] = 0x80 | c >> 6 & 0x3f;
- bytes[j++] = 0x80 | c & 0x3f;
- }
- }
- return bytes.subarray(0, j);
- }
- function hex_to_bytes(str) {
- var len = str.length;
- if (len & 1) {
- str = '0' + str;
- len++;
- }
- var bytes = new Uint8Array(len >> 1);
- for (var i = 0; i < len; i += 2) {
- bytes[i >> 1] = parseInt(str.substr(i, 2), 16);
- }
- return bytes;
- }
- function base64_to_bytes(str) {
- return string_to_bytes(local_atob(str));
- }
- function bytes_to_string(bytes, utf8) {
- if (utf8 === void 0) {
- utf8 = false;
- }
- var len = bytes.length,
- chars = new Array(len);
- for (var i = 0, j = 0; i < len; i++) {
- var b = bytes[i];
- if (!utf8 || b < 128) {
- chars[j++] = b;
- } else if (b >= 192 && b < 224 && i + 1 < len) {
- chars[j++] = (b & 0x1f) << 6 | bytes[++i] & 0x3f;
- } else if (b >= 224 && b < 240 && i + 2 < len) {
- chars[j++] = (b & 0xf) << 12 | (bytes[++i] & 0x3f) << 6 | bytes[++i] & 0x3f;
- } else if (b >= 240 && b < 248 && i + 3 < len) {
- var c = (b & 7) << 18 | (bytes[++i] & 0x3f) << 12 | (bytes[++i] & 0x3f) << 6 | bytes[++i] & 0x3f;
- if (c <= 0xffff) {
- chars[j++] = c;
- } else {
- c ^= 0x10000;
- chars[j++] = 0xd800 | c >> 10;
- chars[j++] = 0xdc00 | c & 0x3ff;
- }
- } else {
- throw new Error('Malformed UTF8 character at byte offset ' + i);
- }
- }
- var str = '',
- bs = 16384;
- for (var i = 0; i < j; i += bs) {
- str += String.fromCharCode.apply(String, chars.slice(i, i + bs <= j ? i + bs : j));
- }
- return str;
- }
- function bytes_to_hex(arr) {
- var str = '';
- for (var i = 0; i < arr.length; i++) {
- var h = (arr[i] & 0xff).toString(16);
- if (h.length < 2) str += '0';
- str += h;
- }
- return str;
- }
- function bytes_to_base64(arr) {
- return local_btoa(bytes_to_string(arr));
- }
- function pow2_ceil(a) {
- a -= 1;
- a |= a >>> 1;
- a |= a >>> 2;
- a |= a >>> 4;
- a |= a >>> 8;
- a |= a >>> 16;
- a += 1;
- return a;
- }
- function is_number(a) {
- return typeof a === 'number';
- }
- function is_string(a) {
- return typeof a === 'string';
- }
- function is_buffer(a) {
- return a instanceof ArrayBuffer;
- }
- function is_bytes(a) {
- return a instanceof Uint8Array;
- }
- function is_typed_array(a) {
- return a instanceof Int8Array || a instanceof Uint8Array || a instanceof Int16Array || a instanceof Uint16Array || a instanceof Int32Array || a instanceof Uint32Array || a instanceof Float32Array || a instanceof Float64Array;
- }
- function _heap_init(heap, heapSize) {
- var size = heap ? heap.byteLength : heapSize || 65536;
- if (size & 0xfff || size <= 0) throw new Error('heap size must be a positive integer and a multiple of 4096');
- heap = heap || new Uint8Array(new ArrayBuffer(size));
- return heap;
- }
- function _heap_write(heap, hpos, data, dpos, dlen) {
- var hlen = heap.length - hpos;
- var wlen = hlen < dlen ? hlen : dlen;
- heap.set(data.subarray(dpos, dpos + wlen), hpos);
- return wlen;
- }
- function joinBytes() {
- var arg = [];
- for (var _i = 0; _i < arguments.length; _i++) {
- arg[_i] = arguments[_i];
- }
- var totalLenght = arg.reduce(function (sum, curr) {
- return sum + curr.length;
- }, 0);
- var ret = new Uint8Array(totalLenght);
- var cursor = 0;
- for (var i = 0; i < arg.length; i++) {
- ret.set(arg[i], cursor);
- cursor += arg[i].length;
- }
- return ret;
- }
- },{"buffer":"buffer"}],16:[function(require,module,exports){
- (function (module, exports) {
- 'use strict';
- // Utils
- function assert (val, msg) {
- if (!val) throw new Error(msg || 'Assertion failed');
- }
- // Could use `inherits` module, but don't want to move from single file
- // architecture yet.
- function inherits (ctor, superCtor) {
- ctor.super_ = superCtor;
- var TempCtor = function () {};
- TempCtor.prototype = superCtor.prototype;
- ctor.prototype = new TempCtor();
- ctor.prototype.constructor = ctor;
- }
- // BN
- function BN (number, base, endian) {
- if (BN.isBN(number)) {
- return number;
- }
- this.negative = 0;
- this.words = null;
- this.length = 0;
- // Reduction context
- this.red = null;
- if (number !== null) {
- if (base === 'le' || base === 'be') {
- endian = base;
- base = 10;
- }
- this._init(number || 0, base || 10, endian || 'be');
- }
- }
- if (typeof module === 'object') {
- module.exports = BN;
- } else {
- exports.BN = BN;
- }
- BN.BN = BN;
- BN.wordSize = 26;
- var Buffer;
- try {
- Buffer = require('buffer').Buffer;
- } catch (e) {
- }
- BN.isBN = function isBN (num) {
- if (num instanceof BN) {
- return true;
- }
- return num !== null && typeof num === 'object' &&
- num.constructor.wordSize === BN.wordSize && Array.isArray(num.words);
- };
- BN.max = function max (left, right) {
- if (left.cmp(right) > 0) return left;
- return right;
- };
- BN.min = function min (left, right) {
- if (left.cmp(right) < 0) return left;
- return right;
- };
- BN.prototype._init = function init (number, base, endian) {
- if (typeof number === 'number') {
- return this._initNumber(number, base, endian);
- }
- if (typeof number === 'object') {
- return this._initArray(number, base, endian);
- }
- if (base === 'hex') {
- base = 16;
- }
- assert(base === (base | 0) && base >= 2 && base <= 36);
- number = number.toString().replace(/\s+/g, '');
- var start = 0;
- if (number[0] === '-') {
- start++;
- }
- if (base === 16) {
- this._parseHex(number, start);
- } else {
- this._parseBase(number, base, start);
- }
- if (number[0] === '-') {
- this.negative = 1;
- }
- this.strip();
- if (endian !== 'le') return;
- this._initArray(this.toArray(), base, endian);
- };
- BN.prototype._initNumber = function _initNumber (number, base, endian) {
- if (number < 0) {
- this.negative = 1;
- number = -number;
- }
- if (number < 0x4000000) {
- this.words = [ number & 0x3ffffff ];
- this.length = 1;
- } else if (number < 0x10000000000000) {
- this.words = [
- number & 0x3ffffff,
- (number / 0x4000000) & 0x3ffffff
- ];
- this.length = 2;
- } else {
- assert(number < 0x20000000000000); // 2 ^ 53 (unsafe)
- this.words = [
- number & 0x3ffffff,
- (number / 0x4000000) & 0x3ffffff,
- 1
- ];
- this.length = 3;
- }
- if (endian !== 'le') return;
- // Reverse the bytes
- this._initArray(this.toArray(), base, endian);
- };
- BN.prototype._initArray = function _initArray (number, base, endian) {
- // Perhaps a Uint8Array
- assert(typeof number.length === 'number');
- if (number.length <= 0) {
- this.words = [ 0 ];
- this.length = 1;
- return this;
- }
- this.length = Math.ceil(number.length / 3);
- this.words = new Array(this.length);
- for (var i = 0; i < this.length; i++) {
- this.words[i] = 0;
- }
- var j, w;
- var off = 0;
- if (endian === 'be') {
- for (i = number.length - 1, j = 0; i >= 0; i -= 3) {
- w = number[i] | (number[i - 1] << 8) | (number[i - 2] << 16);
- this.words[j] |= (w << off) & 0x3ffffff;
- this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
- off += 24;
- if (off >= 26) {
- off -= 26;
- j++;
- }
- }
- } else if (endian === 'le') {
- for (i = 0, j = 0; i < number.length; i += 3) {
- w = number[i] | (number[i + 1] << 8) | (number[i + 2] << 16);
- this.words[j] |= (w << off) & 0x3ffffff;
- this.words[j + 1] = (w >>> (26 - off)) & 0x3ffffff;
- off += 24;
- if (off >= 26) {
- off -= 26;
- j++;
- }
- }
- }
- return this.strip();
- };
- function parseHex (str, start, end) {
- var r = 0;
- var len = Math.min(str.length, end);
- for (var i = start; i < len; i++) {
- var c = str.charCodeAt(i) - 48;
- r <<= 4;
- // 'a' - 'f'
- if (c >= 49 && c <= 54) {
- r |= c - 49 + 0xa;
- // 'A' - 'F'
- } else if (c >= 17 && c <= 22) {
- r |= c - 17 + 0xa;
- // '0' - '9'
- } else {
- r |= c & 0xf;
- }
- }
- return r;
- }
- BN.prototype._parseHex = function _parseHex (number, start) {
- // Create possibly bigger array to ensure that it fits the number
- this.length = Math.ceil((number.length - start) / 6);
- this.words = new Array(this.length);
- for (var i = 0; i < this.length; i++) {
- this.words[i] = 0;
- }
- var j, w;
- // Scan 24-bit chunks and add them to the number
- var off = 0;
- for (i = number.length - 6, j = 0; i >= start; i -= 6) {
- w = parseHex(number, i, i + 6);
- this.words[j] |= (w << off) & 0x3ffffff;
- // NOTE: `0x3fffff` is intentional here, 26bits max shift + 24bit hex limb
- this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
- off += 24;
- if (off >= 26) {
- off -= 26;
- j++;
- }
- }
- if (i + 6 !== start) {
- w = parseHex(number, start, i + 6);
- this.words[j] |= (w << off) & 0x3ffffff;
- this.words[j + 1] |= w >>> (26 - off) & 0x3fffff;
- }
- this.strip();
- };
- function parseBase (str, start, end, mul) {
- var r = 0;
- var len = Math.min(str.length, end);
- for (var i = start; i < len; i++) {
- var c = str.charCodeAt(i) - 48;
- r *= mul;
- // 'a'
- if (c >= 49) {
- r += c - 49 + 0xa;
- // 'A'
- } else if (c >= 17) {
- r += c - 17 + 0xa;
- // '0' - '9'
- } else {
- r += c;
- }
- }
- return r;
- }
- BN.prototype._parseBase = function _parseBase (number, base, start) {
- // Initialize as zero
- this.words = [ 0 ];
- this.length = 1;
- // Find length of limb in base
- for (var limbLen = 0, limbPow = 1; limbPow <= 0x3ffffff; limbPow *= base) {
- limbLen++;
- }
- limbLen--;
- limbPow = (limbPow / base) | 0;
- var total = number.length - start;
- var mod = total % limbLen;
- var end = Math.min(total, total - mod) + start;
- var word = 0;
- for (var i = start; i < end; i += limbLen) {
- word = parseBase(number, i, i + limbLen, base);
- this.imuln(limbPow);
- if (this.words[0] + word < 0x4000000) {
- this.words[0] += word;
- } else {
- this._iaddn(word);
- }
- }
- if (mod !== 0) {
- var pow = 1;
- word = parseBase(number, i, number.length, base);
- for (i = 0; i < mod; i++) {
- pow *= base;
- }
- this.imuln(pow);
- if (this.words[0] + word < 0x4000000) {
- this.words[0] += word;
- } else {
- this._iaddn(word);
- }
- }
- };
- BN.prototype.copy = function copy (dest) {
- dest.words = new Array(this.length);
- for (var i = 0; i < this.length; i++) {
- dest.words[i] = this.words[i];
- }
- dest.length = this.length;
- dest.negative = this.negative;
- dest.red = this.red;
- };
- BN.prototype.clone = function clone () {
- var r = new BN(null);
- this.copy(r);
- return r;
- };
- BN.prototype._expand = function _expand (size) {
- while (this.length < size) {
- this.words[this.length++] = 0;
- }
- return this;
- };
- // Remove leading `0` from `this`
- BN.prototype.strip = function strip () {
- while (this.length > 1 && this.words[this.length - 1] === 0) {
- this.length--;
- }
- return this._normSign();
- };
- BN.prototype._normSign = function _normSign () {
- // -0 = 0
- if (this.length === 1 && this.words[0] === 0) {
- this.negative = 0;
- }
- return this;
- };
- BN.prototype.inspect = function inspect () {
- return (this.red ? '<BN-R: ' : '<BN: ') + this.toString(16) + '>';
- };
- /*
- var zeros = [];
- var groupSizes = [];
- var groupBases = [];
- var s = '';
- var i = -1;
- while (++i < BN.wordSize) {
- zeros[i] = s;
- s += '0';
- }
- groupSizes[0] = 0;
- groupSizes[1] = 0;
- groupBases[0] = 0;
- groupBases[1] = 0;
- var base = 2 - 1;
- while (++base < 36 + 1) {
- var groupSize = 0;
- var groupBase = 1;
- while (groupBase < (1 << BN.wordSize) / base) {
- groupBase *= base;
- groupSize += 1;
- }
- groupSizes[base] = groupSize;
- groupBases[base] = groupBase;
- }
- */
- var zeros = [
- '',
- '0',
- '00',
- '000',
- '0000',
- '00000',
- '000000',
- '0000000',
- '00000000',
- '000000000',
- '0000000000',
- '00000000000',
- '000000000000',
- '0000000000000',
- '00000000000000',
- '000000000000000',
- '0000000000000000',
- '00000000000000000',
- '000000000000000000',
- '0000000000000000000',
- '00000000000000000000',
- '000000000000000000000',
- '0000000000000000000000',
- '00000000000000000000000',
- '000000000000000000000000',
- '0000000000000000000000000'
- ];
- var groupSizes = [
- 0, 0,
- 25, 16, 12, 11, 10, 9, 8,
- 8, 7, 7, 7, 7, 6, 6,
- 6, 6, 6, 6, 6, 5, 5,
- 5, 5, 5, 5, 5, 5, 5,
- 5, 5, 5, 5, 5, 5, 5
- ];
- var groupBases = [
- 0, 0,
- 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216,
- 43046721, 10000000, 19487171, 35831808, 62748517, 7529536, 11390625,
- 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632,
- 6436343, 7962624, 9765625, 11881376, 14348907, 17210368, 20511149,
- 24300000, 28629151, 33554432, 39135393, 45435424, 52521875, 60466176
- ];
- BN.prototype.toString = function toString (base, padding) {
- base = base || 10;
- padding = padding | 0 || 1;
- var out;
- if (base === 16 || base === 'hex') {
- out = '';
- var off = 0;
- var carry = 0;
- for (var i = 0; i < this.length; i++) {
- var w = this.words[i];
- var word = (((w << off) | carry) & 0xffffff).toString(16);
- carry = (w >>> (24 - off)) & 0xffffff;
- if (carry !== 0 || i !== this.length - 1) {
- out = zeros[6 - word.length] + word + out;
- } else {
- out = word + out;
- }
- off += 2;
- if (off >= 26) {
- off -= 26;
- i--;
- }
- }
- if (carry !== 0) {
- out = carry.toString(16) + out;
- }
- while (out.length % padding !== 0) {
- out = '0' + out;
- }
- if (this.negative !== 0) {
- out = '-' + out;
- }
- return out;
- }
- if (base === (base | 0) && base >= 2 && base <= 36) {
- // var groupSize = Math.floor(BN.wordSize * Math.LN2 / Math.log(base));
- var groupSize = groupSizes[base];
- // var groupBase = Math.pow(base, groupSize);
- var groupBase = groupBases[base];
- out = '';
- var c = this.clone();
- c.negative = 0;
- while (!c.isZero()) {
- var r = c.modn(groupBase).toString(base);
- c = c.idivn(groupBase);
- if (!c.isZero()) {
- out = zeros[groupSize - r.length] + r + out;
- } else {
- out = r + out;
- }
- }
- if (this.isZero()) {
- out = '0' + out;
- }
- while (out.length % padding !== 0) {
- out = '0' + out;
- }
- if (this.negative !== 0) {
- out = '-' + out;
- }
- return out;
- }
- assert(false, 'Base should be between 2 and 36');
- };
- BN.prototype.toNumber = function toNumber () {
- var ret = this.words[0];
- if (this.length === 2) {
- ret += this.words[1] * 0x4000000;
- } else if (this.length === 3 && this.words[2] === 0x01) {
- // NOTE: at this stage it is known that the top bit is set
- ret += 0x10000000000000 + (this.words[1] * 0x4000000);
- } else if (this.length > 2) {
- assert(false, 'Number can only safely store up to 53 bits');
- }
- return (this.negative !== 0) ? -ret : ret;
- };
- BN.prototype.toJSON = function toJSON () {
- return this.toString(16);
- };
- BN.prototype.toBuffer = function toBuffer (endian, length) {
- assert(typeof Buffer !== 'undefined');
- return this.toArrayLike(Buffer, endian, length);
- };
- BN.prototype.toArray = function toArray (endian, length) {
- return this.toArrayLike(Array, endian, length);
- };
- BN.prototype.toArrayLike = function toArrayLike (ArrayType, endian, length) {
- var byteLength = this.byteLength();
- var reqLength = length || Math.max(1, byteLength);
- assert(byteLength <= reqLength, 'byte array longer than desired length');
- assert(reqLength > 0, 'Requested array length <= 0');
- this.strip();
- var littleEndian = endian === 'le';
- var res = new ArrayType(reqLength);
- var b, i;
- var q = this.clone();
- if (!littleEndian) {
- // Assume big-endian
- for (i = 0; i < reqLength - byteLength; i++) {
- res[i] = 0;
- }
- for (i = 0; !q.isZero(); i++) {
- b = q.andln(0xff);
- q.iushrn(8);
- res[reqLength - i - 1] = b;
- }
- } else {
- for (i = 0; !q.isZero(); i++) {
- b = q.andln(0xff);
- q.iushrn(8);
- res[i] = b;
- }
- for (; i < reqLength; i++) {
- res[i] = 0;
- }
- }
- return res;
- };
- if (Math.clz32) {
- BN.prototype._countBits = function _countBits (w) {
- return 32 - Math.clz32(w);
- };
- } else {
- BN.prototype._countBits = function _countBits (w) {
- var t = w;
- var r = 0;
- if (t >= 0x1000) {
- r += 13;
- t >>>= 13;
- }
- if (t >= 0x40) {
- r += 7;
- t >>>= 7;
- }
- if (t >= 0x8) {
- r += 4;
- t >>>= 4;
- }
- if (t >= 0x02) {
- r += 2;
- t >>>= 2;
- }
- return r + t;
- };
- }
- BN.prototype._zeroBits = function _zeroBits (w) {
- // Short-cut
- if (w === 0) return 26;
- var t = w;
- var r = 0;
- if ((t & 0x1fff) === 0) {
- r += 13;
- t >>>= 13;
- }
- if ((t & 0x7f) === 0) {
- r += 7;
- t >>>= 7;
- }
- if ((t & 0xf) === 0) {
- r += 4;
- t >>>= 4;
- }
- if ((t & 0x3) === 0) {
- r += 2;
- t >>>= 2;
- }
- if ((t & 0x1) === 0) {
- r++;
- }
- return r;
- };
- // Return number of used bits in a BN
- BN.prototype.bitLength = function bitLength () {
- var w = this.words[this.length - 1];
- var hi = this._countBits(w);
- return (this.length - 1) * 26 + hi;
- };
- function toBitArray (num) {
- var w = new Array(num.bitLength());
- for (var bit = 0; bit < w.length; bit++) {
- var off = (bit / 26) | 0;
- var wbit = bit % 26;
- w[bit] = (num.words[off] & (1 << wbit)) >>> wbit;
- }
- return w;
- }
- // Number of trailing zero bits
- BN.prototype.zeroBits = function zeroBits () {
- if (this.isZero()) return 0;
- var r = 0;
- for (var i = 0; i < this.length; i++) {
- var b = this._zeroBits(this.words[i]);
- r += b;
- if (b !== 26) break;
- }
- return r;
- };
- BN.prototype.byteLength = function byteLength () {
- return Math.ceil(this.bitLength() / 8);
- };
- BN.prototype.toTwos = function toTwos (width) {
- if (this.negative !== 0) {
- return this.abs().inotn(width).iaddn(1);
- }
- return this.clone();
- };
- BN.prototype.fromTwos = function fromTwos (width) {
- if (this.testn(width - 1)) {
- return this.notn(width).iaddn(1).ineg();
- }
- return this.clone();
- };
- BN.prototype.isNeg = function isNeg () {
- return this.negative !== 0;
- };
- // Return negative clone of `this`
- BN.prototype.neg = function neg () {
- return this.clone().ineg();
- };
- BN.prototype.ineg = function ineg () {
- if (!this.isZero()) {
- this.negative ^= 1;
- }
- return this;
- };
- // Or `num` with `this` in-place
- BN.prototype.iuor = function iuor (num) {
- while (this.length < num.length) {
- this.words[this.length++] = 0;
- }
- for (var i = 0; i < num.length; i++) {
- this.words[i] = this.words[i] | num.words[i];
- }
- return this.strip();
- };
- BN.prototype.ior = function ior (num) {
- assert((this.negative | num.negative) === 0);
- return this.iuor(num);
- };
- // Or `num` with `this`
- BN.prototype.or = function or (num) {
- if (this.length > num.length) return this.clone().ior(num);
- return num.clone().ior(this);
- };
- BN.prototype.uor = function uor (num) {
- if (this.length > num.length) return this.clone().iuor(num);
- return num.clone().iuor(this);
- };
- // And `num` with `this` in-place
- BN.prototype.iuand = function iuand (num) {
- // b = min-length(num, this)
- var b;
- if (this.length > num.length) {
- b = num;
- } else {
- b = this;
- }
- for (var i = 0; i < b.length; i++) {
- this.words[i] = this.words[i] & num.words[i];
- }
- this.length = b.length;
- return this.strip();
- };
- BN.prototype.iand = function iand (num) {
- assert((this.negative | num.negative) === 0);
- return this.iuand(num);
- };
- // And `num` with `this`
- BN.prototype.and = function and (num) {
- if (this.length > num.length) return this.clone().iand(num);
- return num.clone().iand(this);
- };
- BN.prototype.uand = function uand (num) {
- if (this.length > num.length) return this.clone().iuand(num);
- return num.clone().iuand(this);
- };
- // Xor `num` with `this` in-place
- BN.prototype.iuxor = function iuxor (num) {
- // a.length > b.length
- var a;
- var b;
- if (this.length > num.length) {
- a = this;
- b = num;
- } else {
- a = num;
- b = this;
- }
- for (var i = 0; i < b.length; i++) {
- this.words[i] = a.words[i] ^ b.words[i];
- }
- if (this !== a) {
- for (; i < a.length; i++) {
- this.words[i] = a.words[i];
- }
- }
- this.length = a.length;
- return this.strip();
- };
- BN.prototype.ixor = function ixor (num) {
- assert((this.negative | num.negative) === 0);
- return this.iuxor(num);
- };
- // Xor `num` with `this`
- BN.prototype.xor = function xor (num) {
- if (this.length > num.length) return this.clone().ixor(num);
- return num.clone().ixor(this);
- };
- BN.prototype.uxor = function uxor (num) {
- if (this.length > num.length) return this.clone().iuxor(num);
- return num.clone().iuxor(this);
- };
- // Not ``this`` with ``width`` bitwidth
- BN.prototype.inotn = function inotn (width) {
- assert(typeof width === 'number' && width >= 0);
- var bytesNeeded = Math.ceil(width / 26) | 0;
- var bitsLeft = width % 26;
- // Extend the buffer with leading zeroes
- this._expand(bytesNeeded);
- if (bitsLeft > 0) {
- bytesNeeded--;
- }
- // Handle complete words
- for (var i = 0; i < bytesNeeded; i++) {
- this.words[i] = ~this.words[i] & 0x3ffffff;
- }
- // Handle the residue
- if (bitsLeft > 0) {
- this.words[i] = ~this.words[i] & (0x3ffffff >> (26 - bitsLeft));
- }
- // And remove leading zeroes
- return this.strip();
- };
- BN.prototype.notn = function notn (width) {
- return this.clone().inotn(width);
- };
- // Set `bit` of `this`
- BN.prototype.setn = function setn (bit, val) {
- assert(typeof bit === 'number' && bit >= 0);
- var off = (bit / 26) | 0;
- var wbit = bit % 26;
- this._expand(off + 1);
- if (val) {
- this.words[off] = this.words[off] | (1 << wbit);
- } else {
- this.words[off] = this.words[off] & ~(1 << wbit);
- }
- return this.strip();
- };
- // Add `num` to `this` in-place
- BN.prototype.iadd = function iadd (num) {
- var r;
- // negative + positive
- if (this.negative !== 0 && num.negative === 0) {
- this.negative = 0;
- r = this.isub(num);
- this.negative ^= 1;
- return this._normSign();
- // positive + negative
- } else if (this.negative === 0 && num.negative !== 0) {
- num.negative = 0;
- r = this.isub(num);
- num.negative = 1;
- return r._normSign();
- }
- // a.length > b.length
- var a, b;
- if (this.length > num.length) {
- a = this;
- b = num;
- } else {
- a = num;
- b = this;
- }
- var carry = 0;
- for (var i = 0; i < b.length; i++) {
- r = (a.words[i] | 0) + (b.words[i] | 0) + carry;
- this.words[i] = r & 0x3ffffff;
- carry = r >>> 26;
- }
- for (; carry !== 0 && i < a.length; i++) {
- r = (a.words[i] | 0) + carry;
- this.words[i] = r & 0x3ffffff;
- carry = r >>> 26;
- }
- this.length = a.length;
- if (carry !== 0) {
- this.words[this.length] = carry;
- this.length++;
- // Copy the rest of the words
- } else if (a !== this) {
- for (; i < a.length; i++) {
- this.words[i] = a.words[i];
- }
- }
- return this;
- };
- // Add `num` to `this`
- BN.prototype.add = function add (num) {
- var res;
- if (num.negative !== 0 && this.negative === 0) {
- num.negative = 0;
- res = this.sub(num);
- num.negative ^= 1;
- return res;
- } else if (num.negative === 0 && this.negative !== 0) {
- this.negative = 0;
- res = num.sub(this);
- this.negative = 1;
- return res;
- }
- if (this.length > num.length) return this.clone().iadd(num);
- return num.clone().iadd(this);
- };
- // Subtract `num` from `this` in-place
- BN.prototype.isub = function isub (num) {
- // this - (-num) = this + num
- if (num.negative !== 0) {
- num.negative = 0;
- var r = this.iadd(num);
- num.negative = 1;
- return r._normSign();
- // -this - num = -(this + num)
- } else if (this.negative !== 0) {
- this.negative = 0;
- this.iadd(num);
- this.negative = 1;
- return this._normSign();
- }
- // At this point both numbers are positive
- var cmp = this.cmp(num);
- // Optimization - zeroify
- if (cmp === 0) {
- this.negative = 0;
- this.length = 1;
- this.words[0] = 0;
- return this;
- }
- // a > b
- var a, b;
- if (cmp > 0) {
- a = this;
- b = num;
- } else {
- a = num;
- b = this;
- }
- var carry = 0;
- for (var i = 0; i < b.length; i++) {
- r = (a.words[i] | 0) - (b.words[i] | 0) + carry;
- carry = r >> 26;
- this.words[i] = r & 0x3ffffff;
- }
- for (; carry !== 0 && i < a.length; i++) {
- r = (a.words[i] | 0) + carry;
- carry = r >> 26;
- this.words[i] = r & 0x3ffffff;
- }
- // Copy rest of the words
- if (carry === 0 && i < a.length && a !== this) {
- for (; i < a.length; i++) {
- this.words[i] = a.words[i];
- }
- }
- this.length = Math.max(this.length, i);
- if (a !== this) {
- this.negative = 1;
- }
- return this.strip();
- };
- // Subtract `num` from `this`
- BN.prototype.sub = function sub (num) {
- return this.clone().isub(num);
- };
- function smallMulTo (self, num, out) {
- out.negative = num.negative ^ self.negative;
- var len = (self.length + num.length) | 0;
- out.length = len;
- len = (len - 1) | 0;
- // Peel one iteration (compiler can't do it, because of code complexity)
- var a = self.words[0] | 0;
- var b = num.words[0] | 0;
- var r = a * b;
- var lo = r & 0x3ffffff;
- var carry = (r / 0x4000000) | 0;
- out.words[0] = lo;
- for (var k = 1; k < len; k++) {
- // Sum all words with the same `i + j = k` and accumulate `ncarry`,
- // note that ncarry could be >= 0x3ffffff
- var ncarry = carry >>> 26;
- var rword = carry & 0x3ffffff;
- var maxJ = Math.min(k, num.length - 1);
- for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
- var i = (k - j) | 0;
- a = self.words[i] | 0;
- b = num.words[j] | 0;
- r = a * b + rword;
- ncarry += (r / 0x4000000) | 0;
- rword = r & 0x3ffffff;
- }
- out.words[k] = rword | 0;
- carry = ncarry | 0;
- }
- if (carry !== 0) {
- out.words[k] = carry | 0;
- } else {
- out.length--;
- }
- return out.strip();
- }
- // TODO(indutny): it may be reasonable to omit it for users who don't need
- // to work with 256-bit numbers, otherwise it gives 20% improvement for 256-bit
- // multiplication (like elliptic secp256k1).
- var comb10MulTo = function comb10MulTo (self, num, out) {
- var a = self.words;
- var b = num.words;
- var o = out.words;
- var c = 0;
- var lo;
- var mid;
- var hi;
- var a0 = a[0] | 0;
- var al0 = a0 & 0x1fff;
- var ah0 = a0 >>> 13;
- var a1 = a[1] | 0;
- var al1 = a1 & 0x1fff;
- var ah1 = a1 >>> 13;
- var a2 = a[2] | 0;
- var al2 = a2 & 0x1fff;
- var ah2 = a2 >>> 13;
- var a3 = a[3] | 0;
- var al3 = a3 & 0x1fff;
- var ah3 = a3 >>> 13;
- var a4 = a[4] | 0;
- var al4 = a4 & 0x1fff;
- var ah4 = a4 >>> 13;
- var a5 = a[5] | 0;
- var al5 = a5 & 0x1fff;
- var ah5 = a5 >>> 13;
- var a6 = a[6] | 0;
- var al6 = a6 & 0x1fff;
- var ah6 = a6 >>> 13;
- var a7 = a[7] | 0;
- var al7 = a7 & 0x1fff;
- var ah7 = a7 >>> 13;
- var a8 = a[8] | 0;
- var al8 = a8 & 0x1fff;
- var ah8 = a8 >>> 13;
- var a9 = a[9] | 0;
- var al9 = a9 & 0x1fff;
- var ah9 = a9 >>> 13;
- var b0 = b[0] | 0;
- var bl0 = b0 & 0x1fff;
- var bh0 = b0 >>> 13;
- var b1 = b[1] | 0;
- var bl1 = b1 & 0x1fff;
- var bh1 = b1 >>> 13;
- var b2 = b[2] | 0;
- var bl2 = b2 & 0x1fff;
- var bh2 = b2 >>> 13;
- var b3 = b[3] | 0;
- var bl3 = b3 & 0x1fff;
- var bh3 = b3 >>> 13;
- var b4 = b[4] | 0;
- var bl4 = b4 & 0x1fff;
- var bh4 = b4 >>> 13;
- var b5 = b[5] | 0;
- var bl5 = b5 & 0x1fff;
- var bh5 = b5 >>> 13;
- var b6 = b[6] | 0;
- var bl6 = b6 & 0x1fff;
- var bh6 = b6 >>> 13;
- var b7 = b[7] | 0;
- var bl7 = b7 & 0x1fff;
- var bh7 = b7 >>> 13;
- var b8 = b[8] | 0;
- var bl8 = b8 & 0x1fff;
- var bh8 = b8 >>> 13;
- var b9 = b[9] | 0;
- var bl9 = b9 & 0x1fff;
- var bh9 = b9 >>> 13;
- out.negative = self.negative ^ num.negative;
- out.length = 19;
- /* k = 0 */
- lo = Math.imul(al0, bl0);
- mid = Math.imul(al0, bh0);
- mid = (mid + Math.imul(ah0, bl0)) | 0;
- hi = Math.imul(ah0, bh0);
- var w0 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w0 >>> 26)) | 0;
- w0 &= 0x3ffffff;
- /* k = 1 */
- lo = Math.imul(al1, bl0);
- mid = Math.imul(al1, bh0);
- mid = (mid + Math.imul(ah1, bl0)) | 0;
- hi = Math.imul(ah1, bh0);
- lo = (lo + Math.imul(al0, bl1)) | 0;
- mid = (mid + Math.imul(al0, bh1)) | 0;
- mid = (mid + Math.imul(ah0, bl1)) | 0;
- hi = (hi + Math.imul(ah0, bh1)) | 0;
- var w1 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w1 >>> 26)) | 0;
- w1 &= 0x3ffffff;
- /* k = 2 */
- lo = Math.imul(al2, bl0);
- mid = Math.imul(al2, bh0);
- mid = (mid + Math.imul(ah2, bl0)) | 0;
- hi = Math.imul(ah2, bh0);
- lo = (lo + Math.imul(al1, bl1)) | 0;
- mid = (mid + Math.imul(al1, bh1)) | 0;
- mid = (mid + Math.imul(ah1, bl1)) | 0;
- hi = (hi + Math.imul(ah1, bh1)) | 0;
- lo = (lo + Math.imul(al0, bl2)) | 0;
- mid = (mid + Math.imul(al0, bh2)) | 0;
- mid = (mid + Math.imul(ah0, bl2)) | 0;
- hi = (hi + Math.imul(ah0, bh2)) | 0;
- var w2 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w2 >>> 26)) | 0;
- w2 &= 0x3ffffff;
- /* k = 3 */
- lo = Math.imul(al3, bl0);
- mid = Math.imul(al3, bh0);
- mid = (mid + Math.imul(ah3, bl0)) | 0;
- hi = Math.imul(ah3, bh0);
- lo = (lo + Math.imul(al2, bl1)) | 0;
- mid = (mid + Math.imul(al2, bh1)) | 0;
- mid = (mid + Math.imul(ah2, bl1)) | 0;
- hi = (hi + Math.imul(ah2, bh1)) | 0;
- lo = (lo + Math.imul(al1, bl2)) | 0;
- mid = (mid + Math.imul(al1, bh2)) | 0;
- mid = (mid + Math.imul(ah1, bl2)) | 0;
- hi = (hi + Math.imul(ah1, bh2)) | 0;
- lo = (lo + Math.imul(al0, bl3)) | 0;
- mid = (mid + Math.imul(al0, bh3)) | 0;
- mid = (mid + Math.imul(ah0, bl3)) | 0;
- hi = (hi + Math.imul(ah0, bh3)) | 0;
- var w3 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w3 >>> 26)) | 0;
- w3 &= 0x3ffffff;
- /* k = 4 */
- lo = Math.imul(al4, bl0);
- mid = Math.imul(al4, bh0);
- mid = (mid + Math.imul(ah4, bl0)) | 0;
- hi = Math.imul(ah4, bh0);
- lo = (lo + Math.imul(al3, bl1)) | 0;
- mid = (mid + Math.imul(al3, bh1)) | 0;
- mid = (mid + Math.imul(ah3, bl1)) | 0;
- hi = (hi + Math.imul(ah3, bh1)) | 0;
- lo = (lo + Math.imul(al2, bl2)) | 0;
- mid = (mid + Math.imul(al2, bh2)) | 0;
- mid = (mid + Math.imul(ah2, bl2)) | 0;
- hi = (hi + Math.imul(ah2, bh2)) | 0;
- lo = (lo + Math.imul(al1, bl3)) | 0;
- mid = (mid + Math.imul(al1, bh3)) | 0;
- mid = (mid + Math.imul(ah1, bl3)) | 0;
- hi = (hi + Math.imul(ah1, bh3)) | 0;
- lo = (lo + Math.imul(al0, bl4)) | 0;
- mid = (mid + Math.imul(al0, bh4)) | 0;
- mid = (mid + Math.imul(ah0, bl4)) | 0;
- hi = (hi + Math.imul(ah0, bh4)) | 0;
- var w4 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w4 >>> 26)) | 0;
- w4 &= 0x3ffffff;
- /* k = 5 */
- lo = Math.imul(al5, bl0);
- mid = Math.imul(al5, bh0);
- mid = (mid + Math.imul(ah5, bl0)) | 0;
- hi = Math.imul(ah5, bh0);
- lo = (lo + Math.imul(al4, bl1)) | 0;
- mid = (mid + Math.imul(al4, bh1)) | 0;
- mid = (mid + Math.imul(ah4, bl1)) | 0;
- hi = (hi + Math.imul(ah4, bh1)) | 0;
- lo = (lo + Math.imul(al3, bl2)) | 0;
- mid = (mid + Math.imul(al3, bh2)) | 0;
- mid = (mid + Math.imul(ah3, bl2)) | 0;
- hi = (hi + Math.imul(ah3, bh2)) | 0;
- lo = (lo + Math.imul(al2, bl3)) | 0;
- mid = (mid + Math.imul(al2, bh3)) | 0;
- mid = (mid + Math.imul(ah2, bl3)) | 0;
- hi = (hi + Math.imul(ah2, bh3)) | 0;
- lo = (lo + Math.imul(al1, bl4)) | 0;
- mid = (mid + Math.imul(al1, bh4)) | 0;
- mid = (mid + Math.imul(ah1, bl4)) | 0;
- hi = (hi + Math.imul(ah1, bh4)) | 0;
- lo = (lo + Math.imul(al0, bl5)) | 0;
- mid = (mid + Math.imul(al0, bh5)) | 0;
- mid = (mid + Math.imul(ah0, bl5)) | 0;
- hi = (hi + Math.imul(ah0, bh5)) | 0;
- var w5 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w5 >>> 26)) | 0;
- w5 &= 0x3ffffff;
- /* k = 6 */
- lo = Math.imul(al6, bl0);
- mid = Math.imul(al6, bh0);
- mid = (mid + Math.imul(ah6, bl0)) | 0;
- hi = Math.imul(ah6, bh0);
- lo = (lo + Math.imul(al5, bl1)) | 0;
- mid = (mid + Math.imul(al5, bh1)) | 0;
- mid = (mid + Math.imul(ah5, bl1)) | 0;
- hi = (hi + Math.imul(ah5, bh1)) | 0;
- lo = (lo + Math.imul(al4, bl2)) | 0;
- mid = (mid + Math.imul(al4, bh2)) | 0;
- mid = (mid + Math.imul(ah4, bl2)) | 0;
- hi = (hi + Math.imul(ah4, bh2)) | 0;
- lo = (lo + Math.imul(al3, bl3)) | 0;
- mid = (mid + Math.imul(al3, bh3)) | 0;
- mid = (mid + Math.imul(ah3, bl3)) | 0;
- hi = (hi + Math.imul(ah3, bh3)) | 0;
- lo = (lo + Math.imul(al2, bl4)) | 0;
- mid = (mid + Math.imul(al2, bh4)) | 0;
- mid = (mid + Math.imul(ah2, bl4)) | 0;
- hi = (hi + Math.imul(ah2, bh4)) | 0;
- lo = (lo + Math.imul(al1, bl5)) | 0;
- mid = (mid + Math.imul(al1, bh5)) | 0;
- mid = (mid + Math.imul(ah1, bl5)) | 0;
- hi = (hi + Math.imul(ah1, bh5)) | 0;
- lo = (lo + Math.imul(al0, bl6)) | 0;
- mid = (mid + Math.imul(al0, bh6)) | 0;
- mid = (mid + Math.imul(ah0, bl6)) | 0;
- hi = (hi + Math.imul(ah0, bh6)) | 0;
- var w6 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w6 >>> 26)) | 0;
- w6 &= 0x3ffffff;
- /* k = 7 */
- lo = Math.imul(al7, bl0);
- mid = Math.imul(al7, bh0);
- mid = (mid + Math.imul(ah7, bl0)) | 0;
- hi = Math.imul(ah7, bh0);
- lo = (lo + Math.imul(al6, bl1)) | 0;
- mid = (mid + Math.imul(al6, bh1)) | 0;
- mid = (mid + Math.imul(ah6, bl1)) | 0;
- hi = (hi + Math.imul(ah6, bh1)) | 0;
- lo = (lo + Math.imul(al5, bl2)) | 0;
- mid = (mid + Math.imul(al5, bh2)) | 0;
- mid = (mid + Math.imul(ah5, bl2)) | 0;
- hi = (hi + Math.imul(ah5, bh2)) | 0;
- lo = (lo + Math.imul(al4, bl3)) | 0;
- mid = (mid + Math.imul(al4, bh3)) | 0;
- mid = (mid + Math.imul(ah4, bl3)) | 0;
- hi = (hi + Math.imul(ah4, bh3)) | 0;
- lo = (lo + Math.imul(al3, bl4)) | 0;
- mid = (mid + Math.imul(al3, bh4)) | 0;
- mid = (mid + Math.imul(ah3, bl4)) | 0;
- hi = (hi + Math.imul(ah3, bh4)) | 0;
- lo = (lo + Math.imul(al2, bl5)) | 0;
- mid = (mid + Math.imul(al2, bh5)) | 0;
- mid = (mid + Math.imul(ah2, bl5)) | 0;
- hi = (hi + Math.imul(ah2, bh5)) | 0;
- lo = (lo + Math.imul(al1, bl6)) | 0;
- mid = (mid + Math.imul(al1, bh6)) | 0;
- mid = (mid + Math.imul(ah1, bl6)) | 0;
- hi = (hi + Math.imul(ah1, bh6)) | 0;
- lo = (lo + Math.imul(al0, bl7)) | 0;
- mid = (mid + Math.imul(al0, bh7)) | 0;
- mid = (mid + Math.imul(ah0, bl7)) | 0;
- hi = (hi + Math.imul(ah0, bh7)) | 0;
- var w7 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w7 >>> 26)) | 0;
- w7 &= 0x3ffffff;
- /* k = 8 */
- lo = Math.imul(al8, bl0);
- mid = Math.imul(al8, bh0);
- mid = (mid + Math.imul(ah8, bl0)) | 0;
- hi = Math.imul(ah8, bh0);
- lo = (lo + Math.imul(al7, bl1)) | 0;
- mid = (mid + Math.imul(al7, bh1)) | 0;
- mid = (mid + Math.imul(ah7, bl1)) | 0;
- hi = (hi + Math.imul(ah7, bh1)) | 0;
- lo = (lo + Math.imul(al6, bl2)) | 0;
- mid = (mid + Math.imul(al6, bh2)) | 0;
- mid = (mid + Math.imul(ah6, bl2)) | 0;
- hi = (hi + Math.imul(ah6, bh2)) | 0;
- lo = (lo + Math.imul(al5, bl3)) | 0;
- mid = (mid + Math.imul(al5, bh3)) | 0;
- mid = (mid + Math.imul(ah5, bl3)) | 0;
- hi = (hi + Math.imul(ah5, bh3)) | 0;
- lo = (lo + Math.imul(al4, bl4)) | 0;
- mid = (mid + Math.imul(al4, bh4)) | 0;
- mid = (mid + Math.imul(ah4, bl4)) | 0;
- hi = (hi + Math.imul(ah4, bh4)) | 0;
- lo = (lo + Math.imul(al3, bl5)) | 0;
- mid = (mid + Math.imul(al3, bh5)) | 0;
- mid = (mid + Math.imul(ah3, bl5)) | 0;
- hi = (hi + Math.imul(ah3, bh5)) | 0;
- lo = (lo + Math.imul(al2, bl6)) | 0;
- mid = (mid + Math.imul(al2, bh6)) | 0;
- mid = (mid + Math.imul(ah2, bl6)) | 0;
- hi = (hi + Math.imul(ah2, bh6)) | 0;
- lo = (lo + Math.imul(al1, bl7)) | 0;
- mid = (mid + Math.imul(al1, bh7)) | 0;
- mid = (mid + Math.imul(ah1, bl7)) | 0;
- hi = (hi + Math.imul(ah1, bh7)) | 0;
- lo = (lo + Math.imul(al0, bl8)) | 0;
- mid = (mid + Math.imul(al0, bh8)) | 0;
- mid = (mid + Math.imul(ah0, bl8)) | 0;
- hi = (hi + Math.imul(ah0, bh8)) | 0;
- var w8 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w8 >>> 26)) | 0;
- w8 &= 0x3ffffff;
- /* k = 9 */
- lo = Math.imul(al9, bl0);
- mid = Math.imul(al9, bh0);
- mid = (mid + Math.imul(ah9, bl0)) | 0;
- hi = Math.imul(ah9, bh0);
- lo = (lo + Math.imul(al8, bl1)) | 0;
- mid = (mid + Math.imul(al8, bh1)) | 0;
- mid = (mid + Math.imul(ah8, bl1)) | 0;
- hi = (hi + Math.imul(ah8, bh1)) | 0;
- lo = (lo + Math.imul(al7, bl2)) | 0;
- mid = (mid + Math.imul(al7, bh2)) | 0;
- mid = (mid + Math.imul(ah7, bl2)) | 0;
- hi = (hi + Math.imul(ah7, bh2)) | 0;
- lo = (lo + Math.imul(al6, bl3)) | 0;
- mid = (mid + Math.imul(al6, bh3)) | 0;
- mid = (mid + Math.imul(ah6, bl3)) | 0;
- hi = (hi + Math.imul(ah6, bh3)) | 0;
- lo = (lo + Math.imul(al5, bl4)) | 0;
- mid = (mid + Math.imul(al5, bh4)) | 0;
- mid = (mid + Math.imul(ah5, bl4)) | 0;
- hi = (hi + Math.imul(ah5, bh4)) | 0;
- lo = (lo + Math.imul(al4, bl5)) | 0;
- mid = (mid + Math.imul(al4, bh5)) | 0;
- mid = (mid + Math.imul(ah4, bl5)) | 0;
- hi = (hi + Math.imul(ah4, bh5)) | 0;
- lo = (lo + Math.imul(al3, bl6)) | 0;
- mid = (mid + Math.imul(al3, bh6)) | 0;
- mid = (mid + Math.imul(ah3, bl6)) | 0;
- hi = (hi + Math.imul(ah3, bh6)) | 0;
- lo = (lo + Math.imul(al2, bl7)) | 0;
- mid = (mid + Math.imul(al2, bh7)) | 0;
- mid = (mid + Math.imul(ah2, bl7)) | 0;
- hi = (hi + Math.imul(ah2, bh7)) | 0;
- lo = (lo + Math.imul(al1, bl8)) | 0;
- mid = (mid + Math.imul(al1, bh8)) | 0;
- mid = (mid + Math.imul(ah1, bl8)) | 0;
- hi = (hi + Math.imul(ah1, bh8)) | 0;
- lo = (lo + Math.imul(al0, bl9)) | 0;
- mid = (mid + Math.imul(al0, bh9)) | 0;
- mid = (mid + Math.imul(ah0, bl9)) | 0;
- hi = (hi + Math.imul(ah0, bh9)) | 0;
- var w9 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w9 >>> 26)) | 0;
- w9 &= 0x3ffffff;
- /* k = 10 */
- lo = Math.imul(al9, bl1);
- mid = Math.imul(al9, bh1);
- mid = (mid + Math.imul(ah9, bl1)) | 0;
- hi = Math.imul(ah9, bh1);
- lo = (lo + Math.imul(al8, bl2)) | 0;
- mid = (mid + Math.imul(al8, bh2)) | 0;
- mid = (mid + Math.imul(ah8, bl2)) | 0;
- hi = (hi + Math.imul(ah8, bh2)) | 0;
- lo = (lo + Math.imul(al7, bl3)) | 0;
- mid = (mid + Math.imul(al7, bh3)) | 0;
- mid = (mid + Math.imul(ah7, bl3)) | 0;
- hi = (hi + Math.imul(ah7, bh3)) | 0;
- lo = (lo + Math.imul(al6, bl4)) | 0;
- mid = (mid + Math.imul(al6, bh4)) | 0;
- mid = (mid + Math.imul(ah6, bl4)) | 0;
- hi = (hi + Math.imul(ah6, bh4)) | 0;
- lo = (lo + Math.imul(al5, bl5)) | 0;
- mid = (mid + Math.imul(al5, bh5)) | 0;
- mid = (mid + Math.imul(ah5, bl5)) | 0;
- hi = (hi + Math.imul(ah5, bh5)) | 0;
- lo = (lo + Math.imul(al4, bl6)) | 0;
- mid = (mid + Math.imul(al4, bh6)) | 0;
- mid = (mid + Math.imul(ah4, bl6)) | 0;
- hi = (hi + Math.imul(ah4, bh6)) | 0;
- lo = (lo + Math.imul(al3, bl7)) | 0;
- mid = (mid + Math.imul(al3, bh7)) | 0;
- mid = (mid + Math.imul(ah3, bl7)) | 0;
- hi = (hi + Math.imul(ah3, bh7)) | 0;
- lo = (lo + Math.imul(al2, bl8)) | 0;
- mid = (mid + Math.imul(al2, bh8)) | 0;
- mid = (mid + Math.imul(ah2, bl8)) | 0;
- hi = (hi + Math.imul(ah2, bh8)) | 0;
- lo = (lo + Math.imul(al1, bl9)) | 0;
- mid = (mid + Math.imul(al1, bh9)) | 0;
- mid = (mid + Math.imul(ah1, bl9)) | 0;
- hi = (hi + Math.imul(ah1, bh9)) | 0;
- var w10 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w10 >>> 26)) | 0;
- w10 &= 0x3ffffff;
- /* k = 11 */
- lo = Math.imul(al9, bl2);
- mid = Math.imul(al9, bh2);
- mid = (mid + Math.imul(ah9, bl2)) | 0;
- hi = Math.imul(ah9, bh2);
- lo = (lo + Math.imul(al8, bl3)) | 0;
- mid = (mid + Math.imul(al8, bh3)) | 0;
- mid = (mid + Math.imul(ah8, bl3)) | 0;
- hi = (hi + Math.imul(ah8, bh3)) | 0;
- lo = (lo + Math.imul(al7, bl4)) | 0;
- mid = (mid + Math.imul(al7, bh4)) | 0;
- mid = (mid + Math.imul(ah7, bl4)) | 0;
- hi = (hi + Math.imul(ah7, bh4)) | 0;
- lo = (lo + Math.imul(al6, bl5)) | 0;
- mid = (mid + Math.imul(al6, bh5)) | 0;
- mid = (mid + Math.imul(ah6, bl5)) | 0;
- hi = (hi + Math.imul(ah6, bh5)) | 0;
- lo = (lo + Math.imul(al5, bl6)) | 0;
- mid = (mid + Math.imul(al5, bh6)) | 0;
- mid = (mid + Math.imul(ah5, bl6)) | 0;
- hi = (hi + Math.imul(ah5, bh6)) | 0;
- lo = (lo + Math.imul(al4, bl7)) | 0;
- mid = (mid + Math.imul(al4, bh7)) | 0;
- mid = (mid + Math.imul(ah4, bl7)) | 0;
- hi = (hi + Math.imul(ah4, bh7)) | 0;
- lo = (lo + Math.imul(al3, bl8)) | 0;
- mid = (mid + Math.imul(al3, bh8)) | 0;
- mid = (mid + Math.imul(ah3, bl8)) | 0;
- hi = (hi + Math.imul(ah3, bh8)) | 0;
- lo = (lo + Math.imul(al2, bl9)) | 0;
- mid = (mid + Math.imul(al2, bh9)) | 0;
- mid = (mid + Math.imul(ah2, bl9)) | 0;
- hi = (hi + Math.imul(ah2, bh9)) | 0;
- var w11 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w11 >>> 26)) | 0;
- w11 &= 0x3ffffff;
- /* k = 12 */
- lo = Math.imul(al9, bl3);
- mid = Math.imul(al9, bh3);
- mid = (mid + Math.imul(ah9, bl3)) | 0;
- hi = Math.imul(ah9, bh3);
- lo = (lo + Math.imul(al8, bl4)) | 0;
- mid = (mid + Math.imul(al8, bh4)) | 0;
- mid = (mid + Math.imul(ah8, bl4)) | 0;
- hi = (hi + Math.imul(ah8, bh4)) | 0;
- lo = (lo + Math.imul(al7, bl5)) | 0;
- mid = (mid + Math.imul(al7, bh5)) | 0;
- mid = (mid + Math.imul(ah7, bl5)) | 0;
- hi = (hi + Math.imul(ah7, bh5)) | 0;
- lo = (lo + Math.imul(al6, bl6)) | 0;
- mid = (mid + Math.imul(al6, bh6)) | 0;
- mid = (mid + Math.imul(ah6, bl6)) | 0;
- hi = (hi + Math.imul(ah6, bh6)) | 0;
- lo = (lo + Math.imul(al5, bl7)) | 0;
- mid = (mid + Math.imul(al5, bh7)) | 0;
- mid = (mid + Math.imul(ah5, bl7)) | 0;
- hi = (hi + Math.imul(ah5, bh7)) | 0;
- lo = (lo + Math.imul(al4, bl8)) | 0;
- mid = (mid + Math.imul(al4, bh8)) | 0;
- mid = (mid + Math.imul(ah4, bl8)) | 0;
- hi = (hi + Math.imul(ah4, bh8)) | 0;
- lo = (lo + Math.imul(al3, bl9)) | 0;
- mid = (mid + Math.imul(al3, bh9)) | 0;
- mid = (mid + Math.imul(ah3, bl9)) | 0;
- hi = (hi + Math.imul(ah3, bh9)) | 0;
- var w12 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w12 >>> 26)) | 0;
- w12 &= 0x3ffffff;
- /* k = 13 */
- lo = Math.imul(al9, bl4);
- mid = Math.imul(al9, bh4);
- mid = (mid + Math.imul(ah9, bl4)) | 0;
- hi = Math.imul(ah9, bh4);
- lo = (lo + Math.imul(al8, bl5)) | 0;
- mid = (mid + Math.imul(al8, bh5)) | 0;
- mid = (mid + Math.imul(ah8, bl5)) | 0;
- hi = (hi + Math.imul(ah8, bh5)) | 0;
- lo = (lo + Math.imul(al7, bl6)) | 0;
- mid = (mid + Math.imul(al7, bh6)) | 0;
- mid = (mid + Math.imul(ah7, bl6)) | 0;
- hi = (hi + Math.imul(ah7, bh6)) | 0;
- lo = (lo + Math.imul(al6, bl7)) | 0;
- mid = (mid + Math.imul(al6, bh7)) | 0;
- mid = (mid + Math.imul(ah6, bl7)) | 0;
- hi = (hi + Math.imul(ah6, bh7)) | 0;
- lo = (lo + Math.imul(al5, bl8)) | 0;
- mid = (mid + Math.imul(al5, bh8)) | 0;
- mid = (mid + Math.imul(ah5, bl8)) | 0;
- hi = (hi + Math.imul(ah5, bh8)) | 0;
- lo = (lo + Math.imul(al4, bl9)) | 0;
- mid = (mid + Math.imul(al4, bh9)) | 0;
- mid = (mid + Math.imul(ah4, bl9)) | 0;
- hi = (hi + Math.imul(ah4, bh9)) | 0;
- var w13 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w13 >>> 26)) | 0;
- w13 &= 0x3ffffff;
- /* k = 14 */
- lo = Math.imul(al9, bl5);
- mid = Math.imul(al9, bh5);
- mid = (mid + Math.imul(ah9, bl5)) | 0;
- hi = Math.imul(ah9, bh5);
- lo = (lo + Math.imul(al8, bl6)) | 0;
- mid = (mid + Math.imul(al8, bh6)) | 0;
- mid = (mid + Math.imul(ah8, bl6)) | 0;
- hi = (hi + Math.imul(ah8, bh6)) | 0;
- lo = (lo + Math.imul(al7, bl7)) | 0;
- mid = (mid + Math.imul(al7, bh7)) | 0;
- mid = (mid + Math.imul(ah7, bl7)) | 0;
- hi = (hi + Math.imul(ah7, bh7)) | 0;
- lo = (lo + Math.imul(al6, bl8)) | 0;
- mid = (mid + Math.imul(al6, bh8)) | 0;
- mid = (mid + Math.imul(ah6, bl8)) | 0;
- hi = (hi + Math.imul(ah6, bh8)) | 0;
- lo = (lo + Math.imul(al5, bl9)) | 0;
- mid = (mid + Math.imul(al5, bh9)) | 0;
- mid = (mid + Math.imul(ah5, bl9)) | 0;
- hi = (hi + Math.imul(ah5, bh9)) | 0;
- var w14 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w14 >>> 26)) | 0;
- w14 &= 0x3ffffff;
- /* k = 15 */
- lo = Math.imul(al9, bl6);
- mid = Math.imul(al9, bh6);
- mid = (mid + Math.imul(ah9, bl6)) | 0;
- hi = Math.imul(ah9, bh6);
- lo = (lo + Math.imul(al8, bl7)) | 0;
- mid = (mid + Math.imul(al8, bh7)) | 0;
- mid = (mid + Math.imul(ah8, bl7)) | 0;
- hi = (hi + Math.imul(ah8, bh7)) | 0;
- lo = (lo + Math.imul(al7, bl8)) | 0;
- mid = (mid + Math.imul(al7, bh8)) | 0;
- mid = (mid + Math.imul(ah7, bl8)) | 0;
- hi = (hi + Math.imul(ah7, bh8)) | 0;
- lo = (lo + Math.imul(al6, bl9)) | 0;
- mid = (mid + Math.imul(al6, bh9)) | 0;
- mid = (mid + Math.imul(ah6, bl9)) | 0;
- hi = (hi + Math.imul(ah6, bh9)) | 0;
- var w15 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w15 >>> 26)) | 0;
- w15 &= 0x3ffffff;
- /* k = 16 */
- lo = Math.imul(al9, bl7);
- mid = Math.imul(al9, bh7);
- mid = (mid + Math.imul(ah9, bl7)) | 0;
- hi = Math.imul(ah9, bh7);
- lo = (lo + Math.imul(al8, bl8)) | 0;
- mid = (mid + Math.imul(al8, bh8)) | 0;
- mid = (mid + Math.imul(ah8, bl8)) | 0;
- hi = (hi + Math.imul(ah8, bh8)) | 0;
- lo = (lo + Math.imul(al7, bl9)) | 0;
- mid = (mid + Math.imul(al7, bh9)) | 0;
- mid = (mid + Math.imul(ah7, bl9)) | 0;
- hi = (hi + Math.imul(ah7, bh9)) | 0;
- var w16 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w16 >>> 26)) | 0;
- w16 &= 0x3ffffff;
- /* k = 17 */
- lo = Math.imul(al9, bl8);
- mid = Math.imul(al9, bh8);
- mid = (mid + Math.imul(ah9, bl8)) | 0;
- hi = Math.imul(ah9, bh8);
- lo = (lo + Math.imul(al8, bl9)) | 0;
- mid = (mid + Math.imul(al8, bh9)) | 0;
- mid = (mid + Math.imul(ah8, bl9)) | 0;
- hi = (hi + Math.imul(ah8, bh9)) | 0;
- var w17 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w17 >>> 26)) | 0;
- w17 &= 0x3ffffff;
- /* k = 18 */
- lo = Math.imul(al9, bl9);
- mid = Math.imul(al9, bh9);
- mid = (mid + Math.imul(ah9, bl9)) | 0;
- hi = Math.imul(ah9, bh9);
- var w18 = (((c + lo) | 0) + ((mid & 0x1fff) << 13)) | 0;
- c = (((hi + (mid >>> 13)) | 0) + (w18 >>> 26)) | 0;
- w18 &= 0x3ffffff;
- o[0] = w0;
- o[1] = w1;
- o[2] = w2;
- o[3] = w3;
- o[4] = w4;
- o[5] = w5;
- o[6] = w6;
- o[7] = w7;
- o[8] = w8;
- o[9] = w9;
- o[10] = w10;
- o[11] = w11;
- o[12] = w12;
- o[13] = w13;
- o[14] = w14;
- o[15] = w15;
- o[16] = w16;
- o[17] = w17;
- o[18] = w18;
- if (c !== 0) {
- o[19] = c;
- out.length++;
- }
- return out;
- };
- // Polyfill comb
- if (!Math.imul) {
- comb10MulTo = smallMulTo;
- }
- function bigMulTo (self, num, out) {
- out.negative = num.negative ^ self.negative;
- out.length = self.length + num.length;
- var carry = 0;
- var hncarry = 0;
- for (var k = 0; k < out.length - 1; k++) {
- // Sum all words with the same `i + j = k` and accumulate `ncarry`,
- // note that ncarry could be >= 0x3ffffff
- var ncarry = hncarry;
- hncarry = 0;
- var rword = carry & 0x3ffffff;
- var maxJ = Math.min(k, num.length - 1);
- for (var j = Math.max(0, k - self.length + 1); j <= maxJ; j++) {
- var i = k - j;
- var a = self.words[i] | 0;
- var b = num.words[j] | 0;
- var r = a * b;
- var lo = r & 0x3ffffff;
- ncarry = (ncarry + ((r / 0x4000000) | 0)) | 0;
- lo = (lo + rword) | 0;
- rword = lo & 0x3ffffff;
- ncarry = (ncarry + (lo >>> 26)) | 0;
- hncarry += ncarry >>> 26;
- ncarry &= 0x3ffffff;
- }
- out.words[k] = rword;
- carry = ncarry;
- ncarry = hncarry;
- }
- if (carry !== 0) {
- out.words[k] = carry;
- } else {
- out.length--;
- }
- return out.strip();
- }
- function jumboMulTo (self, num, out) {
- var fftm = new FFTM();
- return fftm.mulp(self, num, out);
- }
- BN.prototype.mulTo = function mulTo (num, out) {
- var res;
- var len = this.length + num.length;
- if (this.length === 10 && num.length === 10) {
- res = comb10MulTo(this, num, out);
- } else if (len < 63) {
- res = smallMulTo(this, num, out);
- } else if (len < 1024) {
- res = bigMulTo(this, num, out);
- } else {
- res = jumboMulTo(this, num, out);
- }
- return res;
- };
- // Cooley-Tukey algorithm for FFT
- // slightly revisited to rely on looping instead of recursion
- function FFTM (x, y) {
- this.x = x;
- this.y = y;
- }
- FFTM.prototype.makeRBT = function makeRBT (N) {
- var t = new Array(N);
- var l = BN.prototype._countBits(N) - 1;
- for (var i = 0; i < N; i++) {
- t[i] = this.revBin(i, l, N);
- }
- return t;
- };
- // Returns binary-reversed representation of `x`
- FFTM.prototype.revBin = function revBin (x, l, N) {
- if (x === 0 || x === N - 1) return x;
- var rb = 0;
- for (var i = 0; i < l; i++) {
- rb |= (x & 1) << (l - i - 1);
- x >>= 1;
- }
- return rb;
- };
- // Performs "tweedling" phase, therefore 'emulating'
- // behaviour of the recursive algorithm
- FFTM.prototype.permute = function permute (rbt, rws, iws, rtws, itws, N) {
- for (var i = 0; i < N; i++) {
- rtws[i] = rws[rbt[i]];
- itws[i] = iws[rbt[i]];
- }
- };
- FFTM.prototype.transform = function transform (rws, iws, rtws, itws, N, rbt) {
- this.permute(rbt, rws, iws, rtws, itws, N);
- for (var s = 1; s < N; s <<= 1) {
- var l = s << 1;
- var rtwdf = Math.cos(2 * Math.PI / l);
- var itwdf = Math.sin(2 * Math.PI / l);
- for (var p = 0; p < N; p += l) {
- var rtwdf_ = rtwdf;
- var itwdf_ = itwdf;
- for (var j = 0; j < s; j++) {
- var re = rtws[p + j];
- var ie = itws[p + j];
- var ro = rtws[p + j + s];
- var io = itws[p + j + s];
- var rx = rtwdf_ * ro - itwdf_ * io;
- io = rtwdf_ * io + itwdf_ * ro;
- ro = rx;
- rtws[p + j] = re + ro;
- itws[p + j] = ie + io;
- rtws[p + j + s] = re - ro;
- itws[p + j + s] = ie - io;
- /* jshint maxdepth : false */
- if (j !== l) {
- rx = rtwdf * rtwdf_ - itwdf * itwdf_;
- itwdf_ = rtwdf * itwdf_ + itwdf * rtwdf_;
- rtwdf_ = rx;
- }
- }
- }
- }
- };
- FFTM.prototype.guessLen13b = function guessLen13b (n, m) {
- var N = Math.max(m, n) | 1;
- var odd = N & 1;
- var i = 0;
- for (N = N / 2 | 0; N; N = N >>> 1) {
- i++;
- }
- return 1 << i + 1 + odd;
- };
- FFTM.prototype.conjugate = function conjugate (rws, iws, N) {
- if (N <= 1) return;
- for (var i = 0; i < N / 2; i++) {
- var t = rws[i];
- rws[i] = rws[N - i - 1];
- rws[N - i - 1] = t;
- t = iws[i];
- iws[i] = -iws[N - i - 1];
- iws[N - i - 1] = -t;
- }
- };
- FFTM.prototype.normalize13b = function normalize13b (ws, N) {
- var carry = 0;
- for (var i = 0; i < N / 2; i++) {
- var w = Math.round(ws[2 * i + 1] / N) * 0x2000 +
- Math.round(ws[2 * i] / N) +
- carry;
- ws[i] = w & 0x3ffffff;
- if (w < 0x4000000) {
- carry = 0;
- } else {
- carry = w / 0x4000000 | 0;
- }
- }
- return ws;
- };
- FFTM.prototype.convert13b = function convert13b (ws, len, rws, N) {
- var carry = 0;
- for (var i = 0; i < len; i++) {
- carry = carry + (ws[i] | 0);
- rws[2 * i] = carry & 0x1fff; carry = carry >>> 13;
- rws[2 * i + 1] = carry & 0x1fff; carry = carry >>> 13;
- }
- // Pad with zeroes
- for (i = 2 * len; i < N; ++i) {
- rws[i] = 0;
- }
- assert(carry === 0);
- assert((carry & ~0x1fff) === 0);
- };
- FFTM.prototype.stub = function stub (N) {
- var ph = new Array(N);
- for (var i = 0; i < N; i++) {
- ph[i] = 0;
- }
- return ph;
- };
- FFTM.prototype.mulp = function mulp (x, y, out) {
- var N = 2 * this.guessLen13b(x.length, y.length);
- var rbt = this.makeRBT(N);
- var _ = this.stub(N);
- var rws = new Array(N);
- var rwst = new Array(N);
- var iwst = new Array(N);
- var nrws = new Array(N);
- var nrwst = new Array(N);
- var niwst = new Array(N);
- var rmws = out.words;
- rmws.length = N;
- this.convert13b(x.words, x.length, rws, N);
- this.convert13b(y.words, y.length, nrws, N);
- this.transform(rws, _, rwst, iwst, N, rbt);
- this.transform(nrws, _, nrwst, niwst, N, rbt);
- for (var i = 0; i < N; i++) {
- var rx = rwst[i] * nrwst[i] - iwst[i] * niwst[i];
- iwst[i] = rwst[i] * niwst[i] + iwst[i] * nrwst[i];
- rwst[i] = rx;
- }
- this.conjugate(rwst, iwst, N);
- this.transform(rwst, iwst, rmws, _, N, rbt);
- this.conjugate(rmws, _, N);
- this.normalize13b(rmws, N);
- out.negative = x.negative ^ y.negative;
- out.length = x.length + y.length;
- return out.strip();
- };
- // Multiply `this` by `num`
- BN.prototype.mul = function mul (num) {
- var out = new BN(null);
- out.words = new Array(this.length + num.length);
- return this.mulTo(num, out);
- };
- // Multiply employing FFT
- BN.prototype.mulf = function mulf (num) {
- var out = new BN(null);
- out.words = new Array(this.length + num.length);
- return jumboMulTo(this, num, out);
- };
- // In-place Multiplication
- BN.prototype.imul = function imul (num) {
- return this.clone().mulTo(num, this);
- };
- BN.prototype.imuln = function imuln (num) {
- assert(typeof num === 'number');
- assert(num < 0x4000000);
- // Carry
- var carry = 0;
- for (var i = 0; i < this.length; i++) {
- var w = (this.words[i] | 0) * num;
- var lo = (w & 0x3ffffff) + (carry & 0x3ffffff);
- carry >>= 26;
- carry += (w / 0x4000000) | 0;
- // NOTE: lo is 27bit maximum
- carry += lo >>> 26;
- this.words[i] = lo & 0x3ffffff;
- }
- if (carry !== 0) {
- this.words[i] = carry;
- this.length++;
- }
- return this;
- };
- BN.prototype.muln = function muln (num) {
- return this.clone().imuln(num);
- };
- // `this` * `this`
- BN.prototype.sqr = function sqr () {
- return this.mul(this);
- };
- // `this` * `this` in-place
- BN.prototype.isqr = function isqr () {
- return this.imul(this.clone());
- };
- // Math.pow(`this`, `num`)
- BN.prototype.pow = function pow (num) {
- var w = toBitArray(num);
- if (w.length === 0) return new BN(1);
- // Skip leading zeroes
- var res = this;
- for (var i = 0; i < w.length; i++, res = res.sqr()) {
- if (w[i] !== 0) break;
- }
- if (++i < w.length) {
- for (var q = res.sqr(); i < w.length; i++, q = q.sqr()) {
- if (w[i] === 0) continue;
- res = res.mul(q);
- }
- }
- return res;
- };
- // Shift-left in-place
- BN.prototype.iushln = function iushln (bits) {
- assert(typeof bits === 'number' && bits >= 0);
- var r = bits % 26;
- var s = (bits - r) / 26;
- var carryMask = (0x3ffffff >>> (26 - r)) << (26 - r);
- var i;
- if (r !== 0) {
- var carry = 0;
- for (i = 0; i < this.length; i++) {
- var newCarry = this.words[i] & carryMask;
- var c = ((this.words[i] | 0) - newCarry) << r;
- this.words[i] = c | carry;
- carry = newCarry >>> (26 - r);
- }
- if (carry) {
- this.words[i] = carry;
- this.length++;
- }
- }
- if (s !== 0) {
- for (i = this.length - 1; i >= 0; i--) {
- this.words[i + s] = this.words[i];
- }
- for (i = 0; i < s; i++) {
- this.words[i] = 0;
- }
- this.length += s;
- }
- return this.strip();
- };
- BN.prototype.ishln = function ishln (bits) {
- // TODO(indutny): implement me
- assert(this.negative === 0);
- return this.iushln(bits);
- };
- // Shift-right in-place
- // NOTE: `hint` is a lowest bit before trailing zeroes
- // NOTE: if `extended` is present - it will be filled with destroyed bits
- BN.prototype.iushrn = function iushrn (bits, hint, extended) {
- assert(typeof bits === 'number' && bits >= 0);
- var h;
- if (hint) {
- h = (hint - (hint % 26)) / 26;
- } else {
- h = 0;
- }
- var r = bits % 26;
- var s = Math.min((bits - r) / 26, this.length);
- var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
- var maskedWords = extended;
- h -= s;
- h = Math.max(0, h);
- // Extended mode, copy masked part
- if (maskedWords) {
- for (var i = 0; i < s; i++) {
- maskedWords.words[i] = this.words[i];
- }
- maskedWords.length = s;
- }
- if (s === 0) {
- // No-op, we should not move anything at all
- } else if (this.length > s) {
- this.length -= s;
- for (i = 0; i < this.length; i++) {
- this.words[i] = this.words[i + s];
- }
- } else {
- this.words[0] = 0;
- this.length = 1;
- }
- var carry = 0;
- for (i = this.length - 1; i >= 0 && (carry !== 0 || i >= h); i--) {
- var word = this.words[i] | 0;
- this.words[i] = (carry << (26 - r)) | (word >>> r);
- carry = word & mask;
- }
- // Push carried bits as a mask
- if (maskedWords && carry !== 0) {
- maskedWords.words[maskedWords.length++] = carry;
- }
- if (this.length === 0) {
- this.words[0] = 0;
- this.length = 1;
- }
- return this.strip();
- };
- BN.prototype.ishrn = function ishrn (bits, hint, extended) {
- // TODO(indutny): implement me
- assert(this.negative === 0);
- return this.iushrn(bits, hint, extended);
- };
- // Shift-left
- BN.prototype.shln = function shln (bits) {
- return this.clone().ishln(bits);
- };
- BN.prototype.ushln = function ushln (bits) {
- return this.clone().iushln(bits);
- };
- // Shift-right
- BN.prototype.shrn = function shrn (bits) {
- return this.clone().ishrn(bits);
- };
- BN.prototype.ushrn = function ushrn (bits) {
- return this.clone().iushrn(bits);
- };
- // Test if n bit is set
- BN.prototype.testn = function testn (bit) {
- assert(typeof bit === 'number' && bit >= 0);
- var r = bit % 26;
- var s = (bit - r) / 26;
- var q = 1 << r;
- // Fast case: bit is much higher than all existing words
- if (this.length <= s) return false;
- // Check bit and return
- var w = this.words[s];
- return !!(w & q);
- };
- // Return only lowers bits of number (in-place)
- BN.prototype.imaskn = function imaskn (bits) {
- assert(typeof bits === 'number' && bits >= 0);
- var r = bits % 26;
- var s = (bits - r) / 26;
- assert(this.negative === 0, 'imaskn works only with positive numbers');
- if (this.length <= s) {
- return this;
- }
- if (r !== 0) {
- s++;
- }
- this.length = Math.min(s, this.length);
- if (r !== 0) {
- var mask = 0x3ffffff ^ ((0x3ffffff >>> r) << r);
- this.words[this.length - 1] &= mask;
- }
- return this.strip();
- };
- // Return only lowers bits of number
- BN.prototype.maskn = function maskn (bits) {
- return this.clone().imaskn(bits);
- };
- // Add plain number `num` to `this`
- BN.prototype.iaddn = function iaddn (num) {
- assert(typeof num === 'number');
- assert(num < 0x4000000);
- if (num < 0) return this.isubn(-num);
- // Possible sign change
- if (this.negative !== 0) {
- if (this.length === 1 && (this.words[0] | 0) < num) {
- this.words[0] = num - (this.words[0] | 0);
- this.negative = 0;
- return this;
- }
- this.negative = 0;
- this.isubn(num);
- this.negative = 1;
- return this;
- }
- // Add without checks
- return this._iaddn(num);
- };
- BN.prototype._iaddn = function _iaddn (num) {
- this.words[0] += num;
- // Carry
- for (var i = 0; i < this.length && this.words[i] >= 0x4000000; i++) {
- this.words[i] -= 0x4000000;
- if (i === this.length - 1) {
- this.words[i + 1] = 1;
- } else {
- this.words[i + 1]++;
- }
- }
- this.length = Math.max(this.length, i + 1);
- return this;
- };
- // Subtract plain number `num` from `this`
- BN.prototype.isubn = function isubn (num) {
- assert(typeof num === 'number');
- assert(num < 0x4000000);
- if (num < 0) return this.iaddn(-num);
- if (this.negative !== 0) {
- this.negative = 0;
- this.iaddn(num);
- this.negative = 1;
- return this;
- }
- this.words[0] -= num;
- if (this.length === 1 && this.words[0] < 0) {
- this.words[0] = -this.words[0];
- this.negative = 1;
- } else {
- // Carry
- for (var i = 0; i < this.length && this.words[i] < 0; i++) {
- this.words[i] += 0x4000000;
- this.words[i + 1] -= 1;
- }
- }
- return this.strip();
- };
- BN.prototype.addn = function addn (num) {
- return this.clone().iaddn(num);
- };
- BN.prototype.subn = function subn (num) {
- return this.clone().isubn(num);
- };
- BN.prototype.iabs = function iabs () {
- this.negative = 0;
- return this;
- };
- BN.prototype.abs = function abs () {
- return this.clone().iabs();
- };
- BN.prototype._ishlnsubmul = function _ishlnsubmul (num, mul, shift) {
- var len = num.length + shift;
- var i;
- this._expand(len);
- var w;
- var carry = 0;
- for (i = 0; i < num.length; i++) {
- w = (this.words[i + shift] | 0) + carry;
- var right = (num.words[i] | 0) * mul;
- w -= right & 0x3ffffff;
- carry = (w >> 26) - ((right / 0x4000000) | 0);
- this.words[i + shift] = w & 0x3ffffff;
- }
- for (; i < this.length - shift; i++) {
- w = (this.words[i + shift] | 0) + carry;
- carry = w >> 26;
- this.words[i + shift] = w & 0x3ffffff;
- }
- if (carry === 0) return this.strip();
- // Subtraction overflow
- assert(carry === -1);
- carry = 0;
- for (i = 0; i < this.length; i++) {
- w = -(this.words[i] | 0) + carry;
- carry = w >> 26;
- this.words[i] = w & 0x3ffffff;
- }
- this.negative = 1;
- return this.strip();
- };
- BN.prototype._wordDiv = function _wordDiv (num, mode) {
- var shift = this.length - num.length;
- var a = this.clone();
- var b = num;
- // Normalize
- var bhi = b.words[b.length - 1] | 0;
- var bhiBits = this._countBits(bhi);
- shift = 26 - bhiBits;
- if (shift !== 0) {
- b = b.ushln(shift);
- a.iushln(shift);
- bhi = b.words[b.length - 1] | 0;
- }
- // Initialize quotient
- var m = a.length - b.length;
- var q;
- if (mode !== 'mod') {
- q = new BN(null);
- q.length = m + 1;
- q.words = new Array(q.length);
- for (var i = 0; i < q.length; i++) {
- q.words[i] = 0;
- }
- }
- var diff = a.clone()._ishlnsubmul(b, 1, m);
- if (diff.negative === 0) {
- a = diff;
- if (q) {
- q.words[m] = 1;
- }
- }
- for (var j = m - 1; j >= 0; j--) {
- var qj = (a.words[b.length + j] | 0) * 0x4000000 +
- (a.words[b.length + j - 1] | 0);
- // NOTE: (qj / bhi) is (0x3ffffff * 0x4000000 + 0x3ffffff) / 0x2000000 max
- // (0x7ffffff)
- qj = Math.min((qj / bhi) | 0, 0x3ffffff);
- a._ishlnsubmul(b, qj, j);
- while (a.negative !== 0) {
- qj--;
- a.negative = 0;
- a._ishlnsubmul(b, 1, j);
- if (!a.isZero()) {
- a.negative ^= 1;
- }
- }
- if (q) {
- q.words[j] = qj;
- }
- }
- if (q) {
- q.strip();
- }
- a.strip();
- // Denormalize
- if (mode !== 'div' && shift !== 0) {
- a.iushrn(shift);
- }
- return {
- div: q || null,
- mod: a
- };
- };
- // NOTE: 1) `mode` can be set to `mod` to request mod only,
- // to `div` to request div only, or be absent to
- // request both div & mod
- // 2) `positive` is true if unsigned mod is requested
- BN.prototype.divmod = function divmod (num, mode, positive) {
- assert(!num.isZero());
- if (this.isZero()) {
- return {
- div: new BN(0),
- mod: new BN(0)
- };
- }
- var div, mod, res;
- if (this.negative !== 0 && num.negative === 0) {
- res = this.neg().divmod(num, mode);
- if (mode !== 'mod') {
- div = res.div.neg();
- }
- if (mode !== 'div') {
- mod = res.mod.neg();
- if (positive && mod.negative !== 0) {
- mod.iadd(num);
- }
- }
- return {
- div: div,
- mod: mod
- };
- }
- if (this.negative === 0 && num.negative !== 0) {
- res = this.divmod(num.neg(), mode);
- if (mode !== 'mod') {
- div = res.div.neg();
- }
- return {
- div: div,
- mod: res.mod
- };
- }
- if ((this.negative & num.negative) !== 0) {
- res = this.neg().divmod(num.neg(), mode);
- if (mode !== 'div') {
- mod = res.mod.neg();
- if (positive && mod.negative !== 0) {
- mod.isub(num);
- }
- }
- return {
- div: res.div,
- mod: mod
- };
- }
- // Both numbers are positive at this point
- // Strip both numbers to approximate shift value
- if (num.length > this.length || this.cmp(num) < 0) {
- return {
- div: new BN(0),
- mod: this
- };
- }
- // Very short reduction
- if (num.length === 1) {
- if (mode === 'div') {
- return {
- div: this.divn(num.words[0]),
- mod: null
- };
- }
- if (mode === 'mod') {
- return {
- div: null,
- mod: new BN(this.modn(num.words[0]))
- };
- }
- return {
- div: this.divn(num.words[0]),
- mod: new BN(this.modn(num.words[0]))
- };
- }
- return this._wordDiv(num, mode);
- };
- // Find `this` / `num`
- BN.prototype.div = function div (num) {
- return this.divmod(num, 'div', false).div;
- };
- // Find `this` % `num`
- BN.prototype.mod = function mod (num) {
- return this.divmod(num, 'mod', false).mod;
- };
- BN.prototype.umod = function umod (num) {
- return this.divmod(num, 'mod', true).mod;
- };
- // Find Round(`this` / `num`)
- BN.prototype.divRound = function divRound (num) {
- var dm = this.divmod(num);
- // Fast case - exact division
- if (dm.mod.isZero()) return dm.div;
- var mod = dm.div.negative !== 0 ? dm.mod.isub(num) : dm.mod;
- var half = num.ushrn(1);
- var r2 = num.andln(1);
- var cmp = mod.cmp(half);
- // Round down
- if (cmp < 0 || r2 === 1 && cmp === 0) return dm.div;
- // Round up
- return dm.div.negative !== 0 ? dm.div.isubn(1) : dm.div.iaddn(1);
- };
- BN.prototype.modn = function modn (num) {
- assert(num <= 0x3ffffff);
- var p = (1 << 26) % num;
- var acc = 0;
- for (var i = this.length - 1; i >= 0; i--) {
- acc = (p * acc + (this.words[i] | 0)) % num;
- }
- return acc;
- };
- // In-place division by number
- BN.prototype.idivn = function idivn (num) {
- assert(num <= 0x3ffffff);
- var carry = 0;
- for (var i = this.length - 1; i >= 0; i--) {
- var w = (this.words[i] | 0) + carry * 0x4000000;
- this.words[i] = (w / num) | 0;
- carry = w % num;
- }
- return this.strip();
- };
- BN.prototype.divn = function divn (num) {
- return this.clone().idivn(num);
- };
- BN.prototype.egcd = function egcd (p) {
- assert(p.negative === 0);
- assert(!p.isZero());
- var x = this;
- var y = p.clone();
- if (x.negative !== 0) {
- x = x.umod(p);
- } else {
- x = x.clone();
- }
- // A * x + B * y = x
- var A = new BN(1);
- var B = new BN(0);
- // C * x + D * y = y
- var C = new BN(0);
- var D = new BN(1);
- var g = 0;
- while (x.isEven() && y.isEven()) {
- x.iushrn(1);
- y.iushrn(1);
- ++g;
- }
- var yp = y.clone();
- var xp = x.clone();
- while (!x.isZero()) {
- for (var i = 0, im = 1; (x.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
- if (i > 0) {
- x.iushrn(i);
- while (i-- > 0) {
- if (A.isOdd() || B.isOdd()) {
- A.iadd(yp);
- B.isub(xp);
- }
- A.iushrn(1);
- B.iushrn(1);
- }
- }
- for (var j = 0, jm = 1; (y.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
- if (j > 0) {
- y.iushrn(j);
- while (j-- > 0) {
- if (C.isOdd() || D.isOdd()) {
- C.iadd(yp);
- D.isub(xp);
- }
- C.iushrn(1);
- D.iushrn(1);
- }
- }
- if (x.cmp(y) >= 0) {
- x.isub(y);
- A.isub(C);
- B.isub(D);
- } else {
- y.isub(x);
- C.isub(A);
- D.isub(B);
- }
- }
- return {
- a: C,
- b: D,
- gcd: y.iushln(g)
- };
- };
- // This is reduced incarnation of the binary EEA
- // above, designated to invert members of the
- // _prime_ fields F(p) at a maximal speed
- BN.prototype._invmp = function _invmp (p) {
- assert(p.negative === 0);
- assert(!p.isZero());
- var a = this;
- var b = p.clone();
- if (a.negative !== 0) {
- a = a.umod(p);
- } else {
- a = a.clone();
- }
- var x1 = new BN(1);
- var x2 = new BN(0);
- var delta = b.clone();
- while (a.cmpn(1) > 0 && b.cmpn(1) > 0) {
- for (var i = 0, im = 1; (a.words[0] & im) === 0 && i < 26; ++i, im <<= 1);
- if (i > 0) {
- a.iushrn(i);
- while (i-- > 0) {
- if (x1.isOdd()) {
- x1.iadd(delta);
- }
- x1.iushrn(1);
- }
- }
- for (var j = 0, jm = 1; (b.words[0] & jm) === 0 && j < 26; ++j, jm <<= 1);
- if (j > 0) {
- b.iushrn(j);
- while (j-- > 0) {
- if (x2.isOdd()) {
- x2.iadd(delta);
- }
- x2.iushrn(1);
- }
- }
- if (a.cmp(b) >= 0) {
- a.isub(b);
- x1.isub(x2);
- } else {
- b.isub(a);
- x2.isub(x1);
- }
- }
- var res;
- if (a.cmpn(1) === 0) {
- res = x1;
- } else {
- res = x2;
- }
- if (res.cmpn(0) < 0) {
- res.iadd(p);
- }
- return res;
- };
- BN.prototype.gcd = function gcd (num) {
- if (this.isZero()) return num.abs();
- if (num.isZero()) return this.abs();
- var a = this.clone();
- var b = num.clone();
- a.negative = 0;
- b.negative = 0;
- // Remove common factor of two
- for (var shift = 0; a.isEven() && b.isEven(); shift++) {
- a.iushrn(1);
- b.iushrn(1);
- }
- do {
- while (a.isEven()) {
- a.iushrn(1);
- }
- while (b.isEven()) {
- b.iushrn(1);
- }
- var r = a.cmp(b);
- if (r < 0) {
- // Swap `a` and `b` to make `a` always bigger than `b`
- var t = a;
- a = b;
- b = t;
- } else if (r === 0 || b.cmpn(1) === 0) {
- break;
- }
- a.isub(b);
- } while (true);
- return b.iushln(shift);
- };
- // Invert number in the field F(num)
- BN.prototype.invm = function invm (num) {
- return this.egcd(num).a.umod(num);
- };
- BN.prototype.isEven = function isEven () {
- return (this.words[0] & 1) === 0;
- };
- BN.prototype.isOdd = function isOdd () {
- return (this.words[0] & 1) === 1;
- };
- // And first word and num
- BN.prototype.andln = function andln (num) {
- return this.words[0] & num;
- };
- // Increment at the bit position in-line
- BN.prototype.bincn = function bincn (bit) {
- assert(typeof bit === 'number');
- var r = bit % 26;
- var s = (bit - r) / 26;
- var q = 1 << r;
- // Fast case: bit is much higher than all existing words
- if (this.length <= s) {
- this._expand(s + 1);
- this.words[s] |= q;
- return this;
- }
- // Add bit and propagate, if needed
- var carry = q;
- for (var i = s; carry !== 0 && i < this.length; i++) {
- var w = this.words[i] | 0;
- w += carry;
- carry = w >>> 26;
- w &= 0x3ffffff;
- this.words[i] = w;
- }
- if (carry !== 0) {
- this.words[i] = carry;
- this.length++;
- }
- return this;
- };
- BN.prototype.isZero = function isZero () {
- return this.length === 1 && this.words[0] === 0;
- };
- BN.prototype.cmpn = function cmpn (num) {
- var negative = num < 0;
- if (this.negative !== 0 && !negative) return -1;
- if (this.negative === 0 && negative) return 1;
- this.strip();
- var res;
- if (this.length > 1) {
- res = 1;
- } else {
- if (negative) {
- num = -num;
- }
- assert(num <= 0x3ffffff, 'Number is too big');
- var w = this.words[0] | 0;
- res = w === num ? 0 : w < num ? -1 : 1;
- }
- if (this.negative !== 0) return -res | 0;
- return res;
- };
- // Compare two numbers and return:
- // 1 - if `this` > `num`
- // 0 - if `this` == `num`
- // -1 - if `this` < `num`
- BN.prototype.cmp = function cmp (num) {
- if (this.negative !== 0 && num.negative === 0) return -1;
- if (this.negative === 0 && num.negative !== 0) return 1;
- var res = this.ucmp(num);
- if (this.negative !== 0) return -res | 0;
- return res;
- };
- // Unsigned comparison
- BN.prototype.ucmp = function ucmp (num) {
- // At this point both numbers have the same sign
- if (this.length > num.length) return 1;
- if (this.length < num.length) return -1;
- var res = 0;
- for (var i = this.length - 1; i >= 0; i--) {
- var a = this.words[i] | 0;
- var b = num.words[i] | 0;
- if (a === b) continue;
- if (a < b) {
- res = -1;
- } else if (a > b) {
- res = 1;
- }
- break;
- }
- return res;
- };
- BN.prototype.gtn = function gtn (num) {
- return this.cmpn(num) === 1;
- };
- BN.prototype.gt = function gt (num) {
- return this.cmp(num) === 1;
- };
- BN.prototype.gten = function gten (num) {
- return this.cmpn(num) >= 0;
- };
- BN.prototype.gte = function gte (num) {
- return this.cmp(num) >= 0;
- };
- BN.prototype.ltn = function ltn (num) {
- return this.cmpn(num) === -1;
- };
- BN.prototype.lt = function lt (num) {
- return this.cmp(num) === -1;
- };
- BN.prototype.lten = function lten (num) {
- return this.cmpn(num) <= 0;
- };
- BN.prototype.lte = function lte (num) {
- return this.cmp(num) <= 0;
- };
- BN.prototype.eqn = function eqn (num) {
- return this.cmpn(num) === 0;
- };
- BN.prototype.eq = function eq (num) {
- return this.cmp(num) === 0;
- };
- //
- // A reduce context, could be using montgomery or something better, depending
- // on the `m` itself.
- //
- BN.red = function red (num) {
- return new Red(num);
- };
- BN.prototype.toRed = function toRed (ctx) {
- assert(!this.red, 'Already a number in reduction context');
- assert(this.negative === 0, 'red works only with positives');
- return ctx.convertTo(this)._forceRed(ctx);
- };
- BN.prototype.fromRed = function fromRed () {
- assert(this.red, 'fromRed works only with numbers in reduction context');
- return this.red.convertFrom(this);
- };
- BN.prototype._forceRed = function _forceRed (ctx) {
- this.red = ctx;
- return this;
- };
- BN.prototype.forceRed = function forceRed (ctx) {
- assert(!this.red, 'Already a number in reduction context');
- return this._forceRed(ctx);
- };
- BN.prototype.redAdd = function redAdd (num) {
- assert(this.red, 'redAdd works only with red numbers');
- return this.red.add(this, num);
- };
- BN.prototype.redIAdd = function redIAdd (num) {
- assert(this.red, 'redIAdd works only with red numbers');
- return this.red.iadd(this, num);
- };
- BN.prototype.redSub = function redSub (num) {
- assert(this.red, 'redSub works only with red numbers');
- return this.red.sub(this, num);
- };
- BN.prototype.redISub = function redISub (num) {
- assert(this.red, 'redISub works only with red numbers');
- return this.red.isub(this, num);
- };
- BN.prototype.redShl = function redShl (num) {
- assert(this.red, 'redShl works only with red numbers');
- return this.red.shl(this, num);
- };
- BN.prototype.redMul = function redMul (num) {
- assert(this.red, 'redMul works only with red numbers');
- this.red._verify2(this, num);
- return this.red.mul(this, num);
- };
- BN.prototype.redIMul = function redIMul (num) {
- assert(this.red, 'redMul works only with red numbers');
- this.red._verify2(this, num);
- return this.red.imul(this, num);
- };
- BN.prototype.redSqr = function redSqr () {
- assert(this.red, 'redSqr works only with red numbers');
- this.red._verify1(this);
- return this.red.sqr(this);
- };
- BN.prototype.redISqr = function redISqr () {
- assert(this.red, 'redISqr works only with red numbers');
- this.red._verify1(this);
- return this.red.isqr(this);
- };
- // Square root over p
- BN.prototype.redSqrt = function redSqrt () {
- assert(this.red, 'redSqrt works only with red numbers');
- this.red._verify1(this);
- return this.red.sqrt(this);
- };
- BN.prototype.redInvm = function redInvm () {
- assert(this.red, 'redInvm works only with red numbers');
- this.red._verify1(this);
- return this.red.invm(this);
- };
- // Return negative clone of `this` % `red modulo`
- BN.prototype.redNeg = function redNeg () {
- assert(this.red, 'redNeg works only with red numbers');
- this.red._verify1(this);
- return this.red.neg(this);
- };
- BN.prototype.redPow = function redPow (num) {
- assert(this.red && !num.red, 'redPow(normalNum)');
- this.red._verify1(this);
- return this.red.pow(this, num);
- };
- // Prime numbers with efficient reduction
- var primes = {
- k256: null,
- p224: null,
- p192: null,
- p25519: null
- };
- // Pseudo-Mersenne prime
- function MPrime (name, p) {
- // P = 2 ^ N - K
- this.name = name;
- this.p = new BN(p, 16);
- this.n = this.p.bitLength();
- this.k = new BN(1).iushln(this.n).isub(this.p);
- this.tmp = this._tmp();
- }
- MPrime.prototype._tmp = function _tmp () {
- var tmp = new BN(null);
- tmp.words = new Array(Math.ceil(this.n / 13));
- return tmp;
- };
- MPrime.prototype.ireduce = function ireduce (num) {
- // Assumes that `num` is less than `P^2`
- // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P)
- var r = num;
- var rlen;
- do {
- this.split(r, this.tmp);
- r = this.imulK(r);
- r = r.iadd(this.tmp);
- rlen = r.bitLength();
- } while (rlen > this.n);
- var cmp = rlen < this.n ? -1 : r.ucmp(this.p);
- if (cmp === 0) {
- r.words[0] = 0;
- r.length = 1;
- } else if (cmp > 0) {
- r.isub(this.p);
- } else {
- r.strip();
- }
- return r;
- };
- MPrime.prototype.split = function split (input, out) {
- input.iushrn(this.n, 0, out);
- };
- MPrime.prototype.imulK = function imulK (num) {
- return num.imul(this.k);
- };
- function K256 () {
- MPrime.call(
- this,
- 'k256',
- 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f');
- }
- inherits(K256, MPrime);
- K256.prototype.split = function split (input, output) {
- // 256 = 9 * 26 + 22
- var mask = 0x3fffff;
- var outLen = Math.min(input.length, 9);
- for (var i = 0; i < outLen; i++) {
- output.words[i] = input.words[i];
- }
- output.length = outLen;
- if (input.length <= 9) {
- input.words[0] = 0;
- input.length = 1;
- return;
- }
- // Shift by 9 limbs
- var prev = input.words[9];
- output.words[output.length++] = prev & mask;
- for (i = 10; i < input.length; i++) {
- var next = input.words[i] | 0;
- input.words[i - 10] = ((next & mask) << 4) | (prev >>> 22);
- prev = next;
- }
- prev >>>= 22;
- input.words[i - 10] = prev;
- if (prev === 0 && input.length > 10) {
- input.length -= 10;
- } else {
- input.length -= 9;
- }
- };
- K256.prototype.imulK = function imulK (num) {
- // K = 0x1000003d1 = [ 0x40, 0x3d1 ]
- num.words[num.length] = 0;
- num.words[num.length + 1] = 0;
- num.length += 2;
- // bounded at: 0x40 * 0x3ffffff + 0x3d0 = 0x100000390
- var lo = 0;
- for (var i = 0; i < num.length; i++) {
- var w = num.words[i] | 0;
- lo += w * 0x3d1;
- num.words[i] = lo & 0x3ffffff;
- lo = w * 0x40 + ((lo / 0x4000000) | 0);
- }
- // Fast length reduction
- if (num.words[num.length - 1] === 0) {
- num.length--;
- if (num.words[num.length - 1] === 0) {
- num.length--;
- }
- }
- return num;
- };
- function P224 () {
- MPrime.call(
- this,
- 'p224',
- 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001');
- }
- inherits(P224, MPrime);
- function P192 () {
- MPrime.call(
- this,
- 'p192',
- 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff');
- }
- inherits(P192, MPrime);
- function P25519 () {
- // 2 ^ 255 - 19
- MPrime.call(
- this,
- '25519',
- '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed');
- }
- inherits(P25519, MPrime);
- P25519.prototype.imulK = function imulK (num) {
- // K = 0x13
- var carry = 0;
- for (var i = 0; i < num.length; i++) {
- var hi = (num.words[i] | 0) * 0x13 + carry;
- var lo = hi & 0x3ffffff;
- hi >>>= 26;
- num.words[i] = lo;
- carry = hi;
- }
- if (carry !== 0) {
- num.words[num.length++] = carry;
- }
- return num;
- };
- // Exported mostly for testing purposes, use plain name instead
- BN._prime = function prime (name) {
- // Cached version of prime
- if (primes[name]) return primes[name];
- var prime;
- if (name === 'k256') {
- prime = new K256();
- } else if (name === 'p224') {
- prime = new P224();
- } else if (name === 'p192') {
- prime = new P192();
- } else if (name === 'p25519') {
- prime = new P25519();
- } else {
- throw new Error('Unknown prime ' + name);
- }
- primes[name] = prime;
- return prime;
- };
- //
- // Base reduction engine
- //
- function Red (m) {
- if (typeof m === 'string') {
- var prime = BN._prime(m);
- this.m = prime.p;
- this.prime = prime;
- } else {
- assert(m.gtn(1), 'modulus must be greater than 1');
- this.m = m;
- this.prime = null;
- }
- }
- Red.prototype._verify1 = function _verify1 (a) {
- assert(a.negative === 0, 'red works only with positives');
- assert(a.red, 'red works only with red numbers');
- };
- Red.prototype._verify2 = function _verify2 (a, b) {
- assert((a.negative | b.negative) === 0, 'red works only with positives');
- assert(a.red && a.red === b.red,
- 'red works only with red numbers');
- };
- Red.prototype.imod = function imod (a) {
- if (this.prime) return this.prime.ireduce(a)._forceRed(this);
- return a.umod(this.m)._forceRed(this);
- };
- Red.prototype.neg = function neg (a) {
- if (a.isZero()) {
- return a.clone();
- }
- return this.m.sub(a)._forceRed(this);
- };
- Red.prototype.add = function add (a, b) {
- this._verify2(a, b);
- var res = a.add(b);
- if (res.cmp(this.m) >= 0) {
- res.isub(this.m);
- }
- return res._forceRed(this);
- };
- Red.prototype.iadd = function iadd (a, b) {
- this._verify2(a, b);
- var res = a.iadd(b);
- if (res.cmp(this.m) >= 0) {
- res.isub(this.m);
- }
- return res;
- };
- Red.prototype.sub = function sub (a, b) {
- this._verify2(a, b);
- var res = a.sub(b);
- if (res.cmpn(0) < 0) {
- res.iadd(this.m);
- }
- return res._forceRed(this);
- };
- Red.prototype.isub = function isub (a, b) {
- this._verify2(a, b);
- var res = a.isub(b);
- if (res.cmpn(0) < 0) {
- res.iadd(this.m);
- }
- return res;
- };
- Red.prototype.shl = function shl (a, num) {
- this._verify1(a);
- return this.imod(a.ushln(num));
- };
- Red.prototype.imul = function imul (a, b) {
- this._verify2(a, b);
- return this.imod(a.imul(b));
- };
- Red.prototype.mul = function mul (a, b) {
- this._verify2(a, b);
- return this.imod(a.mul(b));
- };
- Red.prototype.isqr = function isqr (a) {
- return this.imul(a, a.clone());
- };
- Red.prototype.sqr = function sqr (a) {
- return this.mul(a, a);
- };
- Red.prototype.sqrt = function sqrt (a) {
- if (a.isZero()) return a.clone();
- var mod3 = this.m.andln(3);
- assert(mod3 % 2 === 1);
- // Fast case
- if (mod3 === 3) {
- var pow = this.m.add(new BN(1)).iushrn(2);
- return this.pow(a, pow);
- }
- // Tonelli-Shanks algorithm (Totally unoptimized and slow)
- //
- // Find Q and S, that Q * 2 ^ S = (P - 1)
- var q = this.m.subn(1);
- var s = 0;
- while (!q.isZero() && q.andln(1) === 0) {
- s++;
- q.iushrn(1);
- }
- assert(!q.isZero());
- var one = new BN(1).toRed(this);
- var nOne = one.redNeg();
- // Find quadratic non-residue
- // NOTE: Max is such because of generalized Riemann hypothesis.
- var lpow = this.m.subn(1).iushrn(1);
- var z = this.m.bitLength();
- z = new BN(2 * z * z).toRed(this);
- while (this.pow(z, lpow).cmp(nOne) !== 0) {
- z.redIAdd(nOne);
- }
- var c = this.pow(z, q);
- var r = this.pow(a, q.addn(1).iushrn(1));
- var t = this.pow(a, q);
- var m = s;
- while (t.cmp(one) !== 0) {
- var tmp = t;
- for (var i = 0; tmp.cmp(one) !== 0; i++) {
- tmp = tmp.redSqr();
- }
- assert(i < m);
- var b = this.pow(c, new BN(1).iushln(m - i - 1));
- r = r.redMul(b);
- c = b.redSqr();
- t = t.redMul(c);
- m = i;
- }
- return r;
- };
- Red.prototype.invm = function invm (a) {
- var inv = a._invmp(this.m);
- if (inv.negative !== 0) {
- inv.negative = 0;
- return this.imod(inv).redNeg();
- } else {
- return this.imod(inv);
- }
- };
- Red.prototype.pow = function pow (a, num) {
- if (num.isZero()) return new BN(1).toRed(this);
- if (num.cmpn(1) === 0) return a.clone();
- var windowSize = 4;
- var wnd = new Array(1 << windowSize);
- wnd[0] = new BN(1).toRed(this);
- wnd[1] = a;
- for (var i = 2; i < wnd.length; i++) {
- wnd[i] = this.mul(wnd[i - 1], a);
- }
- var res = wnd[0];
- var current = 0;
- var currentLen = 0;
- var start = num.bitLength() % 26;
- if (start === 0) {
- start = 26;
- }
- for (i = num.length - 1; i >= 0; i--) {
- var word = num.words[i];
- for (var j = start - 1; j >= 0; j--) {
- var bit = (word >> j) & 1;
- if (res !== wnd[0]) {
- res = this.sqr(res);
- }
- if (bit === 0 && current === 0) {
- currentLen = 0;
- continue;
- }
- current <<= 1;
- current |= bit;
- currentLen++;
- if (currentLen !== windowSize && (i !== 0 || j !== 0)) continue;
- res = this.mul(res, wnd[current]);
- currentLen = 0;
- current = 0;
- }
- start = 26;
- }
- return res;
- };
- Red.prototype.convertTo = function convertTo (num) {
- var r = num.umod(this.m);
- return r === num ? r.clone() : r;
- };
- Red.prototype.convertFrom = function convertFrom (num) {
- var res = num.clone();
- res.red = null;
- return res;
- };
- //
- // Montgomery method engine
- //
- BN.mont = function mont (num) {
- return new Mont(num);
- };
- function Mont (m) {
- Red.call(this, m);
- this.shift = this.m.bitLength();
- if (this.shift % 26 !== 0) {
- this.shift += 26 - (this.shift % 26);
- }
- this.r = new BN(1).iushln(this.shift);
- this.r2 = this.imod(this.r.sqr());
- this.rinv = this.r._invmp(this.m);
- this.minv = this.rinv.mul(this.r).isubn(1).div(this.m);
- this.minv = this.minv.umod(this.r);
- this.minv = this.r.sub(this.minv);
- }
- inherits(Mont, Red);
- Mont.prototype.convertTo = function convertTo (num) {
- return this.imod(num.ushln(this.shift));
- };
- Mont.prototype.convertFrom = function convertFrom (num) {
- var r = this.imod(num.mul(this.rinv));
- r.red = null;
- return r;
- };
- Mont.prototype.imul = function imul (a, b) {
- if (a.isZero() || b.isZero()) {
- a.words[0] = 0;
- a.length = 1;
- return a;
- }
- var t = a.imul(b);
- var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
- var u = t.isub(c).iushrn(this.shift);
- var res = u;
- if (u.cmp(this.m) >= 0) {
- res = u.isub(this.m);
- } else if (u.cmpn(0) < 0) {
- res = u.iadd(this.m);
- }
- return res._forceRed(this);
- };
- Mont.prototype.mul = function mul (a, b) {
- if (a.isZero() || b.isZero()) return new BN(0)._forceRed(this);
- var t = a.mul(b);
- var c = t.maskn(this.shift).mul(this.minv).imaskn(this.shift).mul(this.m);
- var u = t.isub(c).iushrn(this.shift);
- var res = u;
- if (u.cmp(this.m) >= 0) {
- res = u.isub(this.m);
- } else if (u.cmpn(0) < 0) {
- res = u.iadd(this.m);
- }
- return res._forceRed(this);
- };
- Mont.prototype.invm = function invm (a) {
- // (AR)^-1 * R^2 = (A^-1 * R^-1) * R^2 = A^-1 * R
- var res = this.imod(a._invmp(this.m).mul(this.r2));
- return res._forceRed(this);
- };
- })(typeof module === 'undefined' || module, this);
- },{"buffer":"buffer"}],17:[function(require,module,exports){
- var r;
- module.exports = function rand(len) {
- if (!r)
- r = new Rand(null);
- return r.generate(len);
- };
- function Rand(rand) {
- this.rand = rand;
- }
- module.exports.Rand = Rand;
- Rand.prototype.generate = function generate(len) {
- return this._rand(len);
- };
- // Emulate crypto API using randy
- Rand.prototype._rand = function _rand(n) {
- if (this.rand.getBytes)
- return this.rand.getBytes(n);
- var res = new Uint8Array(n);
- for (var i = 0; i < res.length; i++)
- res[i] = this.rand.getByte();
- return res;
- };
- if (typeof self === 'object') {
- if (self.crypto && self.crypto.getRandomValues) {
- // Modern browsers
- Rand.prototype._rand = function _rand(n) {
- var arr = new Uint8Array(n);
- self.crypto.getRandomValues(arr);
- return arr;
- };
- } else if (self.msCrypto && self.msCrypto.getRandomValues) {
- // IE
- Rand.prototype._rand = function _rand(n) {
- var arr = new Uint8Array(n);
- self.msCrypto.getRandomValues(arr);
- return arr;
- };
- // Safari's WebWorkers do not have `crypto`
- } else if (typeof window === 'object') {
- // Old junk
- Rand.prototype._rand = function() {
- throw new Error('Not implemented yet');
- };
- }
- } else {
- // Node.js or Web worker with no crypto support
- try {
- var crypto = require('crypto');
- if (typeof crypto.randomBytes !== 'function')
- throw new Error('Not supported');
- Rand.prototype._rand = function _rand(n) {
- return crypto.randomBytes(n);
- };
- } catch (e) {
- }
- }
- },{"crypto":"crypto"}],18:[function(require,module,exports){
- 'use strict';
- var elliptic = exports;
- elliptic.utils = require('./elliptic/utils');
- elliptic.rand = require('brorand');
- elliptic.curve = require('./elliptic/curve');
- elliptic.curves = require('./elliptic/curves');
- // Protocols
- elliptic.ec = require('./elliptic/ec');
- elliptic.eddsa = require('./elliptic/eddsa');
- },{"./elliptic/curve":21,"./elliptic/curves":24,"./elliptic/ec":25,"./elliptic/eddsa":28,"./elliptic/utils":32,"brorand":17}],19:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var utils = require('../utils');
- var getNAF = utils.getNAF;
- var getJSF = utils.getJSF;
- var assert = utils.assert;
- function BaseCurve(type, conf) {
- this.type = type;
- this.p = new BN(conf.p, 16);
- // Use Montgomery, when there is no fast reduction for the prime
- this.red = conf.prime ? BN.red(conf.prime) : BN.mont(this.p);
- // Useful for many curves
- this.zero = new BN(0).toRed(this.red);
- this.one = new BN(1).toRed(this.red);
- this.two = new BN(2).toRed(this.red);
- // Curve configuration, optional
- this.n = conf.n && new BN(conf.n, 16);
- this.g = conf.g && this.pointFromJSON(conf.g, conf.gRed);
- // Temporary arrays
- this._wnafT1 = new Array(4);
- this._wnafT2 = new Array(4);
- this._wnafT3 = new Array(4);
- this._wnafT4 = new Array(4);
- // Generalized Greg Maxwell's trick
- var adjustCount = this.n && this.p.div(this.n);
- if (!adjustCount || adjustCount.cmpn(100) > 0) {
- this.redN = null;
- } else {
- this._maxwellTrick = true;
- this.redN = this.n.toRed(this.red);
- }
- }
- module.exports = BaseCurve;
- BaseCurve.prototype.point = function point() {
- throw new Error('Not implemented');
- };
- BaseCurve.prototype.validate = function validate() {
- throw new Error('Not implemented');
- };
- BaseCurve.prototype._fixedNafMul = function _fixedNafMul(p, k) {
- assert(p.precomputed);
- var doubles = p._getDoubles();
- var naf = getNAF(k, 1);
- var I = (1 << (doubles.step + 1)) - (doubles.step % 2 === 0 ? 2 : 1);
- I /= 3;
- // Translate into more windowed form
- var repr = [];
- for (var j = 0; j < naf.length; j += doubles.step) {
- var nafW = 0;
- for (var k = j + doubles.step - 1; k >= j; k--)
- nafW = (nafW << 1) + naf[k];
- repr.push(nafW);
- }
- var a = this.jpoint(null, null, null);
- var b = this.jpoint(null, null, null);
- for (var i = I; i > 0; i--) {
- for (var j = 0; j < repr.length; j++) {
- var nafW = repr[j];
- if (nafW === i)
- b = b.mixedAdd(doubles.points[j]);
- else if (nafW === -i)
- b = b.mixedAdd(doubles.points[j].neg());
- }
- a = a.add(b);
- }
- return a.toP();
- };
- BaseCurve.prototype._wnafMul = function _wnafMul(p, k) {
- var w = 4;
- // Precompute window
- var nafPoints = p._getNAFPoints(w);
- w = nafPoints.wnd;
- var wnd = nafPoints.points;
- // Get NAF form
- var naf = getNAF(k, w);
- // Add `this`*(N+1) for every w-NAF index
- var acc = this.jpoint(null, null, null);
- for (var i = naf.length - 1; i >= 0; i--) {
- // Count zeroes
- for (var k = 0; i >= 0 && naf[i] === 0; i--)
- k++;
- if (i >= 0)
- k++;
- acc = acc.dblp(k);
- if (i < 0)
- break;
- var z = naf[i];
- assert(z !== 0);
- if (p.type === 'affine') {
- // J +- P
- if (z > 0)
- acc = acc.mixedAdd(wnd[(z - 1) >> 1]);
- else
- acc = acc.mixedAdd(wnd[(-z - 1) >> 1].neg());
- } else {
- // J +- J
- if (z > 0)
- acc = acc.add(wnd[(z - 1) >> 1]);
- else
- acc = acc.add(wnd[(-z - 1) >> 1].neg());
- }
- }
- return p.type === 'affine' ? acc.toP() : acc;
- };
- BaseCurve.prototype._wnafMulAdd = function _wnafMulAdd(defW,
- points,
- coeffs,
- len,
- jacobianResult) {
- var wndWidth = this._wnafT1;
- var wnd = this._wnafT2;
- var naf = this._wnafT3;
- // Fill all arrays
- var max = 0;
- for (var i = 0; i < len; i++) {
- var p = points[i];
- var nafPoints = p._getNAFPoints(defW);
- wndWidth[i] = nafPoints.wnd;
- wnd[i] = nafPoints.points;
- }
- // Comb small window NAFs
- for (var i = len - 1; i >= 1; i -= 2) {
- var a = i - 1;
- var b = i;
- if (wndWidth[a] !== 1 || wndWidth[b] !== 1) {
- naf[a] = getNAF(coeffs[a], wndWidth[a]);
- naf[b] = getNAF(coeffs[b], wndWidth[b]);
- max = Math.max(naf[a].length, max);
- max = Math.max(naf[b].length, max);
- continue;
- }
- var comb = [
- points[a], /* 1 */
- null, /* 3 */
- null, /* 5 */
- points[b] /* 7 */
- ];
- // Try to avoid Projective points, if possible
- if (points[a].y.cmp(points[b].y) === 0) {
- comb[1] = points[a].add(points[b]);
- comb[2] = points[a].toJ().mixedAdd(points[b].neg());
- } else if (points[a].y.cmp(points[b].y.redNeg()) === 0) {
- comb[1] = points[a].toJ().mixedAdd(points[b]);
- comb[2] = points[a].add(points[b].neg());
- } else {
- comb[1] = points[a].toJ().mixedAdd(points[b]);
- comb[2] = points[a].toJ().mixedAdd(points[b].neg());
- }
- var index = [
- -3, /* -1 -1 */
- -1, /* -1 0 */
- -5, /* -1 1 */
- -7, /* 0 -1 */
- 0, /* 0 0 */
- 7, /* 0 1 */
- 5, /* 1 -1 */
- 1, /* 1 0 */
- 3 /* 1 1 */
- ];
- var jsf = getJSF(coeffs[a], coeffs[b]);
- max = Math.max(jsf[0].length, max);
- naf[a] = new Array(max);
- naf[b] = new Array(max);
- for (var j = 0; j < max; j++) {
- var ja = jsf[0][j] | 0;
- var jb = jsf[1][j] | 0;
- naf[a][j] = index[(ja + 1) * 3 + (jb + 1)];
- naf[b][j] = 0;
- wnd[a] = comb;
- }
- }
- var acc = this.jpoint(null, null, null);
- var tmp = this._wnafT4;
- for (var i = max; i >= 0; i--) {
- var k = 0;
- while (i >= 0) {
- var zero = true;
- for (var j = 0; j < len; j++) {
- tmp[j] = naf[j][i] | 0;
- if (tmp[j] !== 0)
- zero = false;
- }
- if (!zero)
- break;
- k++;
- i--;
- }
- if (i >= 0)
- k++;
- acc = acc.dblp(k);
- if (i < 0)
- break;
- for (var j = 0; j < len; j++) {
- var z = tmp[j];
- var p;
- if (z === 0)
- continue;
- else if (z > 0)
- p = wnd[j][(z - 1) >> 1];
- else if (z < 0)
- p = wnd[j][(-z - 1) >> 1].neg();
- if (p.type === 'affine')
- acc = acc.mixedAdd(p);
- else
- acc = acc.add(p);
- }
- }
- // Zeroify references
- for (var i = 0; i < len; i++)
- wnd[i] = null;
- if (jacobianResult)
- return acc;
- else
- return acc.toP();
- };
- function BasePoint(curve, type) {
- this.curve = curve;
- this.type = type;
- this.precomputed = null;
- }
- BaseCurve.BasePoint = BasePoint;
- BasePoint.prototype.eq = function eq(/*other*/) {
- throw new Error('Not implemented');
- };
- BasePoint.prototype.validate = function validate() {
- return this.curve.validate(this);
- };
- BaseCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
- bytes = utils.toArray(bytes, enc);
- var len = this.p.byteLength();
- // uncompressed, hybrid-odd, hybrid-even
- if ((bytes[0] === 0x04 || bytes[0] === 0x06 || bytes[0] === 0x07) &&
- bytes.length - 1 === 2 * len) {
- if (bytes[0] === 0x06)
- assert(bytes[bytes.length - 1] % 2 === 0);
- else if (bytes[0] === 0x07)
- assert(bytes[bytes.length - 1] % 2 === 1);
- var res = this.point(bytes.slice(1, 1 + len),
- bytes.slice(1 + len, 1 + 2 * len));
- return res;
- } else if ((bytes[0] === 0x02 || bytes[0] === 0x03) &&
- bytes.length - 1 === len) {
- return this.pointFromX(bytes.slice(1, 1 + len), bytes[0] === 0x03);
- }
- throw new Error('Unknown point format');
- };
- BasePoint.prototype.encodeCompressed = function encodeCompressed(enc) {
- return this.encode(enc, true);
- };
- BasePoint.prototype._encode = function _encode(compact) {
- var len = this.curve.p.byteLength();
- var x = this.getX().toArray('be', len);
- if (compact)
- return [ this.getY().isEven() ? 0x02 : 0x03 ].concat(x);
- return [ 0x04 ].concat(x, this.getY().toArray('be', len)) ;
- };
- BasePoint.prototype.encode = function encode(enc, compact) {
- return utils.encode(this._encode(compact), enc);
- };
- BasePoint.prototype.precompute = function precompute(power) {
- if (this.precomputed)
- return this;
- var precomputed = {
- doubles: null,
- naf: null,
- beta: null
- };
- precomputed.naf = this._getNAFPoints(8);
- precomputed.doubles = this._getDoubles(4, power);
- precomputed.beta = this._getBeta();
- this.precomputed = precomputed;
- return this;
- };
- BasePoint.prototype._hasDoubles = function _hasDoubles(k) {
- if (!this.precomputed)
- return false;
- var doubles = this.precomputed.doubles;
- if (!doubles)
- return false;
- return doubles.points.length >= Math.ceil((k.bitLength() + 1) / doubles.step);
- };
- BasePoint.prototype._getDoubles = function _getDoubles(step, power) {
- if (this.precomputed && this.precomputed.doubles)
- return this.precomputed.doubles;
- var doubles = [ this ];
- var acc = this;
- for (var i = 0; i < power; i += step) {
- for (var j = 0; j < step; j++)
- acc = acc.dbl();
- doubles.push(acc);
- }
- return {
- step: step,
- points: doubles
- };
- };
- BasePoint.prototype._getNAFPoints = function _getNAFPoints(wnd) {
- if (this.precomputed && this.precomputed.naf)
- return this.precomputed.naf;
- var res = [ this ];
- var max = (1 << wnd) - 1;
- var dbl = max === 1 ? null : this.dbl();
- for (var i = 1; i < max; i++)
- res[i] = res[i - 1].add(dbl);
- return {
- wnd: wnd,
- points: res
- };
- };
- BasePoint.prototype._getBeta = function _getBeta() {
- return null;
- };
- BasePoint.prototype.dblp = function dblp(k) {
- var r = this;
- for (var i = 0; i < k; i++)
- r = r.dbl();
- return r;
- };
- },{"../utils":32,"bn.js":16}],20:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var BN = require('bn.js');
- var inherits = require('inherits');
- var Base = require('./base');
- var assert = utils.assert;
- function EdwardsCurve(conf) {
- // NOTE: Important as we are creating point in Base.call()
- this.twisted = (conf.a | 0) !== 1;
- this.mOneA = this.twisted && (conf.a | 0) === -1;
- this.extended = this.mOneA;
- Base.call(this, 'edwards', conf);
- this.a = new BN(conf.a, 16).umod(this.red.m);
- this.a = this.a.toRed(this.red);
- this.c = new BN(conf.c, 16).toRed(this.red);
- this.c2 = this.c.redSqr();
- this.d = new BN(conf.d, 16).toRed(this.red);
- this.dd = this.d.redAdd(this.d);
- assert(!this.twisted || this.c.fromRed().cmpn(1) === 0);
- this.oneC = (conf.c | 0) === 1;
- }
- inherits(EdwardsCurve, Base);
- module.exports = EdwardsCurve;
- EdwardsCurve.prototype._mulA = function _mulA(num) {
- if (this.mOneA)
- return num.redNeg();
- else
- return this.a.redMul(num);
- };
- EdwardsCurve.prototype._mulC = function _mulC(num) {
- if (this.oneC)
- return num;
- else
- return this.c.redMul(num);
- };
- // Just for compatibility with Short curve
- EdwardsCurve.prototype.jpoint = function jpoint(x, y, z, t) {
- return this.point(x, y, z, t);
- };
- EdwardsCurve.prototype.pointFromX = function pointFromX(x, odd) {
- x = new BN(x, 16);
- if (!x.red)
- x = x.toRed(this.red);
- var x2 = x.redSqr();
- var rhs = this.c2.redSub(this.a.redMul(x2));
- var lhs = this.one.redSub(this.c2.redMul(this.d).redMul(x2));
- var y2 = rhs.redMul(lhs.redInvm());
- var y = y2.redSqrt();
- if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
- throw new Error('invalid point');
- var isOdd = y.fromRed().isOdd();
- if (odd && !isOdd || !odd && isOdd)
- y = y.redNeg();
- return this.point(x, y);
- };
- EdwardsCurve.prototype.pointFromY = function pointFromY(y, odd) {
- y = new BN(y, 16);
- if (!y.red)
- y = y.toRed(this.red);
- // x^2 = (y^2 - c^2) / (c^2 d y^2 - a)
- var y2 = y.redSqr();
- var lhs = y2.redSub(this.c2);
- var rhs = y2.redMul(this.d).redMul(this.c2).redSub(this.a);
- var x2 = lhs.redMul(rhs.redInvm());
- if (x2.cmp(this.zero) === 0) {
- if (odd)
- throw new Error('invalid point');
- else
- return this.point(this.zero, y);
- }
- var x = x2.redSqrt();
- if (x.redSqr().redSub(x2).cmp(this.zero) !== 0)
- throw new Error('invalid point');
- if (x.fromRed().isOdd() !== odd)
- x = x.redNeg();
- return this.point(x, y);
- };
- EdwardsCurve.prototype.validate = function validate(point) {
- if (point.isInfinity())
- return true;
- // Curve: A * X^2 + Y^2 = C^2 * (1 + D * X^2 * Y^2)
- point.normalize();
- var x2 = point.x.redSqr();
- var y2 = point.y.redSqr();
- var lhs = x2.redMul(this.a).redAdd(y2);
- var rhs = this.c2.redMul(this.one.redAdd(this.d.redMul(x2).redMul(y2)));
- return lhs.cmp(rhs) === 0;
- };
- function Point(curve, x, y, z, t) {
- Base.BasePoint.call(this, curve, 'projective');
- if (x === null && y === null && z === null) {
- this.x = this.curve.zero;
- this.y = this.curve.one;
- this.z = this.curve.one;
- this.t = this.curve.zero;
- this.zOne = true;
- } else {
- this.x = new BN(x, 16);
- this.y = new BN(y, 16);
- this.z = z ? new BN(z, 16) : this.curve.one;
- this.t = t && new BN(t, 16);
- if (!this.x.red)
- this.x = this.x.toRed(this.curve.red);
- if (!this.y.red)
- this.y = this.y.toRed(this.curve.red);
- if (!this.z.red)
- this.z = this.z.toRed(this.curve.red);
- if (this.t && !this.t.red)
- this.t = this.t.toRed(this.curve.red);
- this.zOne = this.z === this.curve.one;
- // Use extended coordinates
- if (this.curve.extended && !this.t) {
- this.t = this.x.redMul(this.y);
- if (!this.zOne)
- this.t = this.t.redMul(this.z.redInvm());
- }
- }
- }
- inherits(Point, Base.BasePoint);
- EdwardsCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
- return Point.fromJSON(this, obj);
- };
- EdwardsCurve.prototype.point = function point(x, y, z, t) {
- return new Point(this, x, y, z, t);
- };
- Point.fromJSON = function fromJSON(curve, obj) {
- return new Point(curve, obj[0], obj[1], obj[2]);
- };
- Point.prototype.inspect = function inspect() {
- if (this.isInfinity())
- return '<EC Point Infinity>';
- return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
- ' y: ' + this.y.fromRed().toString(16, 2) +
- ' z: ' + this.z.fromRed().toString(16, 2) + '>';
- };
- Point.prototype.isInfinity = function isInfinity() {
- // XXX This code assumes that zero is always zero in red
- return this.x.cmpn(0) === 0 &&
- (this.y.cmp(this.z) === 0 ||
- (this.zOne && this.y.cmp(this.curve.c) === 0));
- };
- Point.prototype._extDbl = function _extDbl() {
- // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
- // #doubling-dbl-2008-hwcd
- // 4M + 4S
- // A = X1^2
- var a = this.x.redSqr();
- // B = Y1^2
- var b = this.y.redSqr();
- // C = 2 * Z1^2
- var c = this.z.redSqr();
- c = c.redIAdd(c);
- // D = a * A
- var d = this.curve._mulA(a);
- // E = (X1 + Y1)^2 - A - B
- var e = this.x.redAdd(this.y).redSqr().redISub(a).redISub(b);
- // G = D + B
- var g = d.redAdd(b);
- // F = G - C
- var f = g.redSub(c);
- // H = D - B
- var h = d.redSub(b);
- // X3 = E * F
- var nx = e.redMul(f);
- // Y3 = G * H
- var ny = g.redMul(h);
- // T3 = E * H
- var nt = e.redMul(h);
- // Z3 = F * G
- var nz = f.redMul(g);
- return this.curve.point(nx, ny, nz, nt);
- };
- Point.prototype._projDbl = function _projDbl() {
- // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
- // #doubling-dbl-2008-bbjlp
- // #doubling-dbl-2007-bl
- // and others
- // Generally 3M + 4S or 2M + 4S
- // B = (X1 + Y1)^2
- var b = this.x.redAdd(this.y).redSqr();
- // C = X1^2
- var c = this.x.redSqr();
- // D = Y1^2
- var d = this.y.redSqr();
- var nx;
- var ny;
- var nz;
- if (this.curve.twisted) {
- // E = a * C
- var e = this.curve._mulA(c);
- // F = E + D
- var f = e.redAdd(d);
- if (this.zOne) {
- // X3 = (B - C - D) * (F - 2)
- nx = b.redSub(c).redSub(d).redMul(f.redSub(this.curve.two));
- // Y3 = F * (E - D)
- ny = f.redMul(e.redSub(d));
- // Z3 = F^2 - 2 * F
- nz = f.redSqr().redSub(f).redSub(f);
- } else {
- // H = Z1^2
- var h = this.z.redSqr();
- // J = F - 2 * H
- var j = f.redSub(h).redISub(h);
- // X3 = (B-C-D)*J
- nx = b.redSub(c).redISub(d).redMul(j);
- // Y3 = F * (E - D)
- ny = f.redMul(e.redSub(d));
- // Z3 = F * J
- nz = f.redMul(j);
- }
- } else {
- // E = C + D
- var e = c.redAdd(d);
- // H = (c * Z1)^2
- var h = this.curve._mulC(this.z).redSqr();
- // J = E - 2 * H
- var j = e.redSub(h).redSub(h);
- // X3 = c * (B - E) * J
- nx = this.curve._mulC(b.redISub(e)).redMul(j);
- // Y3 = c * E * (C - D)
- ny = this.curve._mulC(e).redMul(c.redISub(d));
- // Z3 = E * J
- nz = e.redMul(j);
- }
- return this.curve.point(nx, ny, nz);
- };
- Point.prototype.dbl = function dbl() {
- if (this.isInfinity())
- return this;
- // Double in extended coordinates
- if (this.curve.extended)
- return this._extDbl();
- else
- return this._projDbl();
- };
- Point.prototype._extAdd = function _extAdd(p) {
- // hyperelliptic.org/EFD/g1p/auto-twisted-extended-1.html
- // #addition-add-2008-hwcd-3
- // 8M
- // A = (Y1 - X1) * (Y2 - X2)
- var a = this.y.redSub(this.x).redMul(p.y.redSub(p.x));
- // B = (Y1 + X1) * (Y2 + X2)
- var b = this.y.redAdd(this.x).redMul(p.y.redAdd(p.x));
- // C = T1 * k * T2
- var c = this.t.redMul(this.curve.dd).redMul(p.t);
- // D = Z1 * 2 * Z2
- var d = this.z.redMul(p.z.redAdd(p.z));
- // E = B - A
- var e = b.redSub(a);
- // F = D - C
- var f = d.redSub(c);
- // G = D + C
- var g = d.redAdd(c);
- // H = B + A
- var h = b.redAdd(a);
- // X3 = E * F
- var nx = e.redMul(f);
- // Y3 = G * H
- var ny = g.redMul(h);
- // T3 = E * H
- var nt = e.redMul(h);
- // Z3 = F * G
- var nz = f.redMul(g);
- return this.curve.point(nx, ny, nz, nt);
- };
- Point.prototype._projAdd = function _projAdd(p) {
- // hyperelliptic.org/EFD/g1p/auto-twisted-projective.html
- // #addition-add-2008-bbjlp
- // #addition-add-2007-bl
- // 10M + 1S
- // A = Z1 * Z2
- var a = this.z.redMul(p.z);
- // B = A^2
- var b = a.redSqr();
- // C = X1 * X2
- var c = this.x.redMul(p.x);
- // D = Y1 * Y2
- var d = this.y.redMul(p.y);
- // E = d * C * D
- var e = this.curve.d.redMul(c).redMul(d);
- // F = B - E
- var f = b.redSub(e);
- // G = B + E
- var g = b.redAdd(e);
- // X3 = A * F * ((X1 + Y1) * (X2 + Y2) - C - D)
- var tmp = this.x.redAdd(this.y).redMul(p.x.redAdd(p.y)).redISub(c).redISub(d);
- var nx = a.redMul(f).redMul(tmp);
- var ny;
- var nz;
- if (this.curve.twisted) {
- // Y3 = A * G * (D - a * C)
- ny = a.redMul(g).redMul(d.redSub(this.curve._mulA(c)));
- // Z3 = F * G
- nz = f.redMul(g);
- } else {
- // Y3 = A * G * (D - C)
- ny = a.redMul(g).redMul(d.redSub(c));
- // Z3 = c * F * G
- nz = this.curve._mulC(f).redMul(g);
- }
- return this.curve.point(nx, ny, nz);
- };
- Point.prototype.add = function add(p) {
- if (this.isInfinity())
- return p;
- if (p.isInfinity())
- return this;
- if (this.curve.extended)
- return this._extAdd(p);
- else
- return this._projAdd(p);
- };
- Point.prototype.mul = function mul(k) {
- if (this._hasDoubles(k))
- return this.curve._fixedNafMul(this, k);
- else
- return this.curve._wnafMul(this, k);
- };
- Point.prototype.mulAdd = function mulAdd(k1, p, k2) {
- return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, false);
- };
- Point.prototype.jmulAdd = function jmulAdd(k1, p, k2) {
- return this.curve._wnafMulAdd(1, [ this, p ], [ k1, k2 ], 2, true);
- };
- Point.prototype.normalize = function normalize() {
- if (this.zOne)
- return this;
- // Normalize coordinates
- var zi = this.z.redInvm();
- this.x = this.x.redMul(zi);
- this.y = this.y.redMul(zi);
- if (this.t)
- this.t = this.t.redMul(zi);
- this.z = this.curve.one;
- this.zOne = true;
- return this;
- };
- Point.prototype.neg = function neg() {
- return this.curve.point(this.x.redNeg(),
- this.y,
- this.z,
- this.t && this.t.redNeg());
- };
- Point.prototype.getX = function getX() {
- this.normalize();
- return this.x.fromRed();
- };
- Point.prototype.getY = function getY() {
- this.normalize();
- return this.y.fromRed();
- };
- Point.prototype.eq = function eq(other) {
- return this === other ||
- this.getX().cmp(other.getX()) === 0 &&
- this.getY().cmp(other.getY()) === 0;
- };
- Point.prototype.eqXToP = function eqXToP(x) {
- var rx = x.toRed(this.curve.red).redMul(this.z);
- if (this.x.cmp(rx) === 0)
- return true;
- var xc = x.clone();
- var t = this.curve.redN.redMul(this.z);
- for (;;) {
- xc.iadd(this.curve.n);
- if (xc.cmp(this.curve.p) >= 0)
- return false;
- rx.redIAdd(t);
- if (this.x.cmp(rx) === 0)
- return true;
- }
- };
- // Compatibility with BaseCurve
- Point.prototype.toP = Point.prototype.normalize;
- Point.prototype.mixedAdd = Point.prototype.add;
- },{"../utils":32,"./base":19,"bn.js":16,"inherits":47}],21:[function(require,module,exports){
- 'use strict';
- var curve = exports;
- curve.base = require('./base');
- curve.short = require('./short');
- curve.mont = require('./mont');
- curve.edwards = require('./edwards');
- },{"./base":19,"./edwards":20,"./mont":22,"./short":23}],22:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var inherits = require('inherits');
- var Base = require('./base');
- var utils = require('../utils');
- function MontCurve(conf) {
- Base.call(this, 'mont', conf);
- this.a = new BN(conf.a, 16).toRed(this.red);
- this.b = new BN(conf.b, 16).toRed(this.red);
- this.i4 = new BN(4).toRed(this.red).redInvm();
- this.two = new BN(2).toRed(this.red);
- // Note: this implementation is according to the original paper
- // by P. Montgomery, NOT the one by D. J. Bernstein.
- this.a24 = this.i4.redMul(this.a.redAdd(this.two));
- }
- inherits(MontCurve, Base);
- module.exports = MontCurve;
- MontCurve.prototype.validate = function validate(point) {
- var x = point.normalize().x;
- var x2 = x.redSqr();
- var rhs = x2.redMul(x).redAdd(x2.redMul(this.a)).redAdd(x);
- var y = rhs.redSqrt();
- return y.redSqr().cmp(rhs) === 0;
- };
- function Point(curve, x, z) {
- Base.BasePoint.call(this, curve, 'projective');
- if (x === null && z === null) {
- this.x = this.curve.one;
- this.z = this.curve.zero;
- } else {
- this.x = new BN(x, 16);
- this.z = new BN(z, 16);
- if (!this.x.red)
- this.x = this.x.toRed(this.curve.red);
- if (!this.z.red)
- this.z = this.z.toRed(this.curve.red);
- }
- }
- inherits(Point, Base.BasePoint);
- MontCurve.prototype.decodePoint = function decodePoint(bytes, enc) {
- var bytes = utils.toArray(bytes, enc);
- // TODO Curve448
- // Montgomery curve points must be represented in the compressed format
- // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02#appendix-B
- if (bytes.length === 33 && bytes[0] === 0x40)
- bytes = bytes.slice(1, 33).reverse(); // point must be little-endian
- if (bytes.length !== 32)
- throw new Error('Unknown point compression format');
- return this.point(bytes, 1);
- };
- MontCurve.prototype.point = function point(x, z) {
- return new Point(this, x, z);
- };
- MontCurve.prototype.pointFromJSON = function pointFromJSON(obj) {
- return Point.fromJSON(this, obj);
- };
- Point.prototype.precompute = function precompute() {
- // No-op
- };
- Point.prototype._encode = function _encode(compact) {
- var len = this.curve.p.byteLength();
- // Note: the output should always be little-endian
- // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02#appendix-B
- if (compact) {
- return [ 0x40 ].concat(this.getX().toArray('le', len));
- } else {
- return this.getX().toArray('be', len);
- }
- };
- Point.fromJSON = function fromJSON(curve, obj) {
- return new Point(curve, obj[0], obj[1] || curve.one);
- };
- Point.prototype.inspect = function inspect() {
- if (this.isInfinity())
- return '<EC Point Infinity>';
- return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
- ' z: ' + this.z.fromRed().toString(16, 2) + '>';
- };
- Point.prototype.isInfinity = function isInfinity() {
- // XXX This code assumes that zero is always zero in red
- return this.z.cmpn(0) === 0;
- };
- Point.prototype.dbl = function dbl() {
- // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#doubling-dbl-1987-m-3
- // 2M + 2S + 4A
- // A = X1 + Z1
- var a = this.x.redAdd(this.z);
- // AA = A^2
- var aa = a.redSqr();
- // B = X1 - Z1
- var b = this.x.redSub(this.z);
- // BB = B^2
- var bb = b.redSqr();
- // C = AA - BB
- var c = aa.redSub(bb);
- // X3 = AA * BB
- var nx = aa.redMul(bb);
- // Z3 = C * (BB + A24 * C)
- var nz = c.redMul(bb.redAdd(this.curve.a24.redMul(c)));
- return this.curve.point(nx, nz);
- };
- Point.prototype.add = function add() {
- throw new Error('Not supported on Montgomery curve');
- };
- Point.prototype.diffAdd = function diffAdd(p, diff) {
- // http://hyperelliptic.org/EFD/g1p/auto-montgom-xz.html#diffadd-dadd-1987-m-3
- // 4M + 2S + 6A
- // A = X2 + Z2
- var a = this.x.redAdd(this.z);
- // B = X2 - Z2
- var b = this.x.redSub(this.z);
- // C = X3 + Z3
- var c = p.x.redAdd(p.z);
- // D = X3 - Z3
- var d = p.x.redSub(p.z);
- // DA = D * A
- var da = d.redMul(a);
- // CB = C * B
- var cb = c.redMul(b);
- // X5 = Z1 * (DA + CB)^2
- var nx = diff.z.redMul(da.redAdd(cb).redSqr());
- // Z5 = X1 * (DA - CB)^2
- var nz = diff.x.redMul(da.redISub(cb).redSqr());
- return this.curve.point(nx, nz);
- };
- Point.prototype.mul = function mul(k) {
- k = new BN(k, 16);
- var t = k.clone();
- var a = this; // (N / 2) * Q + Q
- var b = this.curve.point(null, null); // (N / 2) * Q
- var c = this; // Q
- for (var bits = []; t.cmpn(0) !== 0; t.iushrn(1))
- bits.push(t.andln(1));
- for (var i = bits.length - 1; i >= 0; i--) {
- if (bits[i] === 0) {
- // N * Q + Q = ((N / 2) * Q + Q)) + (N / 2) * Q
- a = a.diffAdd(b, c);
- // N * Q = 2 * ((N / 2) * Q + Q))
- b = b.dbl();
- } else {
- // N * Q = ((N / 2) * Q + Q) + ((N / 2) * Q)
- b = a.diffAdd(b, c);
- // N * Q + Q = 2 * ((N / 2) * Q + Q)
- a = a.dbl();
- }
- }
- return b;
- };
- Point.prototype.mulAdd = function mulAdd() {
- throw new Error('Not supported on Montgomery curve');
- };
- Point.prototype.jumlAdd = function jumlAdd() {
- throw new Error('Not supported on Montgomery curve');
- };
- Point.prototype.eq = function eq(other) {
- return this.getX().cmp(other.getX()) === 0;
- };
- Point.prototype.normalize = function normalize() {
- this.x = this.x.redMul(this.z.redInvm());
- this.z = this.curve.one;
- return this;
- };
- Point.prototype.getX = function getX() {
- // Normalize coordinates
- this.normalize();
- return this.x.fromRed();
- };
- },{"../utils":32,"./base":19,"bn.js":16,"inherits":47}],23:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var BN = require('bn.js');
- var inherits = require('inherits');
- var Base = require('./base');
- var assert = utils.assert;
- function ShortCurve(conf) {
- Base.call(this, 'short', conf);
- this.a = new BN(conf.a, 16).toRed(this.red);
- this.b = new BN(conf.b, 16).toRed(this.red);
- this.tinv = this.two.redInvm();
- this.zeroA = this.a.fromRed().cmpn(0) === 0;
- this.threeA = this.a.fromRed().sub(this.p).cmpn(-3) === 0;
- // If the curve is endomorphic, precalculate beta and lambda
- this.endo = this._getEndomorphism(conf);
- this._endoWnafT1 = new Array(4);
- this._endoWnafT2 = new Array(4);
- }
- inherits(ShortCurve, Base);
- module.exports = ShortCurve;
- ShortCurve.prototype._getEndomorphism = function _getEndomorphism(conf) {
- // No efficient endomorphism
- if (!this.zeroA || !this.g || !this.n || this.p.modn(3) !== 1)
- return;
- // Compute beta and lambda, that lambda * P = (beta * Px; Py)
- var beta;
- var lambda;
- if (conf.beta) {
- beta = new BN(conf.beta, 16).toRed(this.red);
- } else {
- var betas = this._getEndoRoots(this.p);
- // Choose the smallest beta
- beta = betas[0].cmp(betas[1]) < 0 ? betas[0] : betas[1];
- beta = beta.toRed(this.red);
- }
- if (conf.lambda) {
- lambda = new BN(conf.lambda, 16);
- } else {
- // Choose the lambda that is matching selected beta
- var lambdas = this._getEndoRoots(this.n);
- if (this.g.mul(lambdas[0]).x.cmp(this.g.x.redMul(beta)) === 0) {
- lambda = lambdas[0];
- } else {
- lambda = lambdas[1];
- assert(this.g.mul(lambda).x.cmp(this.g.x.redMul(beta)) === 0);
- }
- }
- // Get basis vectors, used for balanced length-two representation
- var basis;
- if (conf.basis) {
- basis = conf.basis.map(function(vec) {
- return {
- a: new BN(vec.a, 16),
- b: new BN(vec.b, 16)
- };
- });
- } else {
- basis = this._getEndoBasis(lambda);
- }
- return {
- beta: beta,
- lambda: lambda,
- basis: basis
- };
- };
- ShortCurve.prototype._getEndoRoots = function _getEndoRoots(num) {
- // Find roots of for x^2 + x + 1 in F
- // Root = (-1 +- Sqrt(-3)) / 2
- //
- var red = num === this.p ? this.red : BN.mont(num);
- var tinv = new BN(2).toRed(red).redInvm();
- var ntinv = tinv.redNeg();
- var s = new BN(3).toRed(red).redNeg().redSqrt().redMul(tinv);
- var l1 = ntinv.redAdd(s).fromRed();
- var l2 = ntinv.redSub(s).fromRed();
- return [ l1, l2 ];
- };
- ShortCurve.prototype._getEndoBasis = function _getEndoBasis(lambda) {
- // aprxSqrt >= sqrt(this.n)
- var aprxSqrt = this.n.ushrn(Math.floor(this.n.bitLength() / 2));
- // 3.74
- // Run EGCD, until r(L + 1) < aprxSqrt
- var u = lambda;
- var v = this.n.clone();
- var x1 = new BN(1);
- var y1 = new BN(0);
- var x2 = new BN(0);
- var y2 = new BN(1);
- // NOTE: all vectors are roots of: a + b * lambda = 0 (mod n)
- var a0;
- var b0;
- // First vector
- var a1;
- var b1;
- // Second vector
- var a2;
- var b2;
- var prevR;
- var i = 0;
- var r;
- var x;
- while (u.cmpn(0) !== 0) {
- var q = v.div(u);
- r = v.sub(q.mul(u));
- x = x2.sub(q.mul(x1));
- var y = y2.sub(q.mul(y1));
- if (!a1 && r.cmp(aprxSqrt) < 0) {
- a0 = prevR.neg();
- b0 = x1;
- a1 = r.neg();
- b1 = x;
- } else if (a1 && ++i === 2) {
- break;
- }
- prevR = r;
- v = u;
- u = r;
- x2 = x1;
- x1 = x;
- y2 = y1;
- y1 = y;
- }
- a2 = r.neg();
- b2 = x;
- var len1 = a1.sqr().add(b1.sqr());
- var len2 = a2.sqr().add(b2.sqr());
- if (len2.cmp(len1) >= 0) {
- a2 = a0;
- b2 = b0;
- }
- // Normalize signs
- if (a1.negative) {
- a1 = a1.neg();
- b1 = b1.neg();
- }
- if (a2.negative) {
- a2 = a2.neg();
- b2 = b2.neg();
- }
- return [
- { a: a1, b: b1 },
- { a: a2, b: b2 }
- ];
- };
- ShortCurve.prototype._endoSplit = function _endoSplit(k) {
- var basis = this.endo.basis;
- var v1 = basis[0];
- var v2 = basis[1];
- var c1 = v2.b.mul(k).divRound(this.n);
- var c2 = v1.b.neg().mul(k).divRound(this.n);
- var p1 = c1.mul(v1.a);
- var p2 = c2.mul(v2.a);
- var q1 = c1.mul(v1.b);
- var q2 = c2.mul(v2.b);
- // Calculate answer
- var k1 = k.sub(p1).sub(p2);
- var k2 = q1.add(q2).neg();
- return { k1: k1, k2: k2 };
- };
- ShortCurve.prototype.pointFromX = function pointFromX(x, odd) {
- x = new BN(x, 16);
- if (!x.red)
- x = x.toRed(this.red);
- var y2 = x.redSqr().redMul(x).redIAdd(x.redMul(this.a)).redIAdd(this.b);
- var y = y2.redSqrt();
- if (y.redSqr().redSub(y2).cmp(this.zero) !== 0)
- throw new Error('invalid point');
- // XXX Is there any way to tell if the number is odd without converting it
- // to non-red form?
- var isOdd = y.fromRed().isOdd();
- if (odd && !isOdd || !odd && isOdd)
- y = y.redNeg();
- return this.point(x, y);
- };
- ShortCurve.prototype.validate = function validate(point) {
- if (point.inf)
- return true;
- var x = point.x;
- var y = point.y;
- var ax = this.a.redMul(x);
- var rhs = x.redSqr().redMul(x).redIAdd(ax).redIAdd(this.b);
- return y.redSqr().redISub(rhs).cmpn(0) === 0;
- };
- ShortCurve.prototype._endoWnafMulAdd =
- function _endoWnafMulAdd(points, coeffs, jacobianResult) {
- var npoints = this._endoWnafT1;
- var ncoeffs = this._endoWnafT2;
- for (var i = 0; i < points.length; i++) {
- var split = this._endoSplit(coeffs[i]);
- var p = points[i];
- var beta = p._getBeta();
- if (split.k1.negative) {
- split.k1.ineg();
- p = p.neg(true);
- }
- if (split.k2.negative) {
- split.k2.ineg();
- beta = beta.neg(true);
- }
- npoints[i * 2] = p;
- npoints[i * 2 + 1] = beta;
- ncoeffs[i * 2] = split.k1;
- ncoeffs[i * 2 + 1] = split.k2;
- }
- var res = this._wnafMulAdd(1, npoints, ncoeffs, i * 2, jacobianResult);
- // Clean-up references to points and coefficients
- for (var j = 0; j < i * 2; j++) {
- npoints[j] = null;
- ncoeffs[j] = null;
- }
- return res;
- };
- function Point(curve, x, y, isRed) {
- Base.BasePoint.call(this, curve, 'affine');
- if (x === null && y === null) {
- this.x = null;
- this.y = null;
- this.inf = true;
- } else {
- this.x = new BN(x, 16);
- this.y = new BN(y, 16);
- // Force redgomery representation when loading from JSON
- if (isRed) {
- this.x.forceRed(this.curve.red);
- this.y.forceRed(this.curve.red);
- }
- if (!this.x.red)
- this.x = this.x.toRed(this.curve.red);
- if (!this.y.red)
- this.y = this.y.toRed(this.curve.red);
- this.inf = false;
- }
- }
- inherits(Point, Base.BasePoint);
- ShortCurve.prototype.point = function point(x, y, isRed) {
- return new Point(this, x, y, isRed);
- };
- ShortCurve.prototype.pointFromJSON = function pointFromJSON(obj, red) {
- return Point.fromJSON(this, obj, red);
- };
- Point.prototype._getBeta = function _getBeta() {
- if (!this.curve.endo)
- return;
- var pre = this.precomputed;
- if (pre && pre.beta)
- return pre.beta;
- var beta = this.curve.point(this.x.redMul(this.curve.endo.beta), this.y);
- if (pre) {
- var curve = this.curve;
- var endoMul = function(p) {
- return curve.point(p.x.redMul(curve.endo.beta), p.y);
- };
- pre.beta = beta;
- beta.precomputed = {
- beta: null,
- naf: pre.naf && {
- wnd: pre.naf.wnd,
- points: pre.naf.points.map(endoMul)
- },
- doubles: pre.doubles && {
- step: pre.doubles.step,
- points: pre.doubles.points.map(endoMul)
- }
- };
- }
- return beta;
- };
- Point.prototype.toJSON = function toJSON() {
- if (!this.precomputed)
- return [ this.x, this.y ];
- return [ this.x, this.y, this.precomputed && {
- doubles: this.precomputed.doubles && {
- step: this.precomputed.doubles.step,
- points: this.precomputed.doubles.points.slice(1)
- },
- naf: this.precomputed.naf && {
- wnd: this.precomputed.naf.wnd,
- points: this.precomputed.naf.points.slice(1)
- }
- } ];
- };
- Point.fromJSON = function fromJSON(curve, obj, red) {
- if (typeof obj === 'string')
- obj = JSON.parse(obj);
- var res = curve.point(obj[0], obj[1], red);
- if (!obj[2])
- return res;
- function obj2point(obj) {
- return curve.point(obj[0], obj[1], red);
- }
- var pre = obj[2];
- res.precomputed = {
- beta: null,
- doubles: pre.doubles && {
- step: pre.doubles.step,
- points: [ res ].concat(pre.doubles.points.map(obj2point))
- },
- naf: pre.naf && {
- wnd: pre.naf.wnd,
- points: [ res ].concat(pre.naf.points.map(obj2point))
- }
- };
- return res;
- };
- Point.prototype.inspect = function inspect() {
- if (this.isInfinity())
- return '<EC Point Infinity>';
- return '<EC Point x: ' + this.x.fromRed().toString(16, 2) +
- ' y: ' + this.y.fromRed().toString(16, 2) + '>';
- };
- Point.prototype.isInfinity = function isInfinity() {
- return this.inf;
- };
- Point.prototype.add = function add(p) {
- // O + P = P
- if (this.inf)
- return p;
- // P + O = P
- if (p.inf)
- return this;
- // P + P = 2P
- if (this.eq(p))
- return this.dbl();
- // P + (-P) = O
- if (this.neg().eq(p))
- return this.curve.point(null, null);
- // P + Q = O
- if (this.x.cmp(p.x) === 0)
- return this.curve.point(null, null);
- var c = this.y.redSub(p.y);
- if (c.cmpn(0) !== 0)
- c = c.redMul(this.x.redSub(p.x).redInvm());
- var nx = c.redSqr().redISub(this.x).redISub(p.x);
- var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
- return this.curve.point(nx, ny);
- };
- Point.prototype.dbl = function dbl() {
- if (this.inf)
- return this;
- // 2P = O
- var ys1 = this.y.redAdd(this.y);
- if (ys1.cmpn(0) === 0)
- return this.curve.point(null, null);
- var a = this.curve.a;
- var x2 = this.x.redSqr();
- var dyinv = ys1.redInvm();
- var c = x2.redAdd(x2).redIAdd(x2).redIAdd(a).redMul(dyinv);
- var nx = c.redSqr().redISub(this.x.redAdd(this.x));
- var ny = c.redMul(this.x.redSub(nx)).redISub(this.y);
- return this.curve.point(nx, ny);
- };
- Point.prototype.getX = function getX() {
- return this.x.fromRed();
- };
- Point.prototype.getY = function getY() {
- return this.y.fromRed();
- };
- Point.prototype.mul = function mul(k) {
- k = new BN(k, 16);
- if (this.isInfinity())
- return this;
- else if (this._hasDoubles(k))
- return this.curve._fixedNafMul(this, k);
- else if (this.curve.endo)
- return this.curve._endoWnafMulAdd([ this ], [ k ]);
- else
- return this.curve._wnafMul(this, k);
- };
- Point.prototype.mulAdd = function mulAdd(k1, p2, k2) {
- var points = [ this, p2 ];
- var coeffs = [ k1, k2 ];
- if (this.curve.endo)
- return this.curve._endoWnafMulAdd(points, coeffs);
- else
- return this.curve._wnafMulAdd(1, points, coeffs, 2);
- };
- Point.prototype.jmulAdd = function jmulAdd(k1, p2, k2) {
- var points = [ this, p2 ];
- var coeffs = [ k1, k2 ];
- if (this.curve.endo)
- return this.curve._endoWnafMulAdd(points, coeffs, true);
- else
- return this.curve._wnafMulAdd(1, points, coeffs, 2, true);
- };
- Point.prototype.eq = function eq(p) {
- return this === p ||
- this.inf === p.inf &&
- (this.inf || this.x.cmp(p.x) === 0 && this.y.cmp(p.y) === 0);
- };
- Point.prototype.neg = function neg(_precompute) {
- if (this.inf)
- return this;
- var res = this.curve.point(this.x, this.y.redNeg());
- if (_precompute && this.precomputed) {
- var pre = this.precomputed;
- var negate = function(p) {
- return p.neg();
- };
- res.precomputed = {
- naf: pre.naf && {
- wnd: pre.naf.wnd,
- points: pre.naf.points.map(negate)
- },
- doubles: pre.doubles && {
- step: pre.doubles.step,
- points: pre.doubles.points.map(negate)
- }
- };
- }
- return res;
- };
- Point.prototype.toJ = function toJ() {
- if (this.inf)
- return this.curve.jpoint(null, null, null);
- var res = this.curve.jpoint(this.x, this.y, this.curve.one);
- return res;
- };
- function JPoint(curve, x, y, z) {
- Base.BasePoint.call(this, curve, 'jacobian');
- if (x === null && y === null && z === null) {
- this.x = this.curve.one;
- this.y = this.curve.one;
- this.z = new BN(0);
- } else {
- this.x = new BN(x, 16);
- this.y = new BN(y, 16);
- this.z = new BN(z, 16);
- }
- if (!this.x.red)
- this.x = this.x.toRed(this.curve.red);
- if (!this.y.red)
- this.y = this.y.toRed(this.curve.red);
- if (!this.z.red)
- this.z = this.z.toRed(this.curve.red);
- this.zOne = this.z === this.curve.one;
- }
- inherits(JPoint, Base.BasePoint);
- ShortCurve.prototype.jpoint = function jpoint(x, y, z) {
- return new JPoint(this, x, y, z);
- };
- JPoint.prototype.toP = function toP() {
- if (this.isInfinity())
- return this.curve.point(null, null);
- var zinv = this.z.redInvm();
- var zinv2 = zinv.redSqr();
- var ax = this.x.redMul(zinv2);
- var ay = this.y.redMul(zinv2).redMul(zinv);
- return this.curve.point(ax, ay);
- };
- JPoint.prototype.neg = function neg() {
- return this.curve.jpoint(this.x, this.y.redNeg(), this.z);
- };
- JPoint.prototype.add = function add(p) {
- // O + P = P
- if (this.isInfinity())
- return p;
- // P + O = P
- if (p.isInfinity())
- return this;
- // 12M + 4S + 7A
- var pz2 = p.z.redSqr();
- var z2 = this.z.redSqr();
- var u1 = this.x.redMul(pz2);
- var u2 = p.x.redMul(z2);
- var s1 = this.y.redMul(pz2.redMul(p.z));
- var s2 = p.y.redMul(z2.redMul(this.z));
- var h = u1.redSub(u2);
- var r = s1.redSub(s2);
- if (h.cmpn(0) === 0) {
- if (r.cmpn(0) !== 0)
- return this.curve.jpoint(null, null, null);
- else
- return this.dbl();
- }
- var h2 = h.redSqr();
- var h3 = h2.redMul(h);
- var v = u1.redMul(h2);
- var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
- var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
- var nz = this.z.redMul(p.z).redMul(h);
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype.mixedAdd = function mixedAdd(p) {
- // O + P = P
- if (this.isInfinity())
- return p.toJ();
- // P + O = P
- if (p.isInfinity())
- return this;
- // 8M + 3S + 7A
- var z2 = this.z.redSqr();
- var u1 = this.x;
- var u2 = p.x.redMul(z2);
- var s1 = this.y;
- var s2 = p.y.redMul(z2).redMul(this.z);
- var h = u1.redSub(u2);
- var r = s1.redSub(s2);
- if (h.cmpn(0) === 0) {
- if (r.cmpn(0) !== 0)
- return this.curve.jpoint(null, null, null);
- else
- return this.dbl();
- }
- var h2 = h.redSqr();
- var h3 = h2.redMul(h);
- var v = u1.redMul(h2);
- var nx = r.redSqr().redIAdd(h3).redISub(v).redISub(v);
- var ny = r.redMul(v.redISub(nx)).redISub(s1.redMul(h3));
- var nz = this.z.redMul(h);
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype.dblp = function dblp(pow) {
- if (pow === 0)
- return this;
- if (this.isInfinity())
- return this;
- if (!pow)
- return this.dbl();
- if (this.curve.zeroA || this.curve.threeA) {
- var r = this;
- for (var i = 0; i < pow; i++)
- r = r.dbl();
- return r;
- }
- // 1M + 2S + 1A + N * (4S + 5M + 8A)
- // N = 1 => 6M + 6S + 9A
- var a = this.curve.a;
- var tinv = this.curve.tinv;
- var jx = this.x;
- var jy = this.y;
- var jz = this.z;
- var jz4 = jz.redSqr().redSqr();
- // Reuse results
- var jyd = jy.redAdd(jy);
- for (var i = 0; i < pow; i++) {
- var jx2 = jx.redSqr();
- var jyd2 = jyd.redSqr();
- var jyd4 = jyd2.redSqr();
- var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
- var t1 = jx.redMul(jyd2);
- var nx = c.redSqr().redISub(t1.redAdd(t1));
- var t2 = t1.redISub(nx);
- var dny = c.redMul(t2);
- dny = dny.redIAdd(dny).redISub(jyd4);
- var nz = jyd.redMul(jz);
- if (i + 1 < pow)
- jz4 = jz4.redMul(jyd4);
- jx = nx;
- jz = nz;
- jyd = dny;
- }
- return this.curve.jpoint(jx, jyd.redMul(tinv), jz);
- };
- JPoint.prototype.dbl = function dbl() {
- if (this.isInfinity())
- return this;
- if (this.curve.zeroA)
- return this._zeroDbl();
- else if (this.curve.threeA)
- return this._threeDbl();
- else
- return this._dbl();
- };
- JPoint.prototype._zeroDbl = function _zeroDbl() {
- var nx;
- var ny;
- var nz;
- // Z = 1
- if (this.zOne) {
- // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
- // #doubling-mdbl-2007-bl
- // 1M + 5S + 14A
- // XX = X1^2
- var xx = this.x.redSqr();
- // YY = Y1^2
- var yy = this.y.redSqr();
- // YYYY = YY^2
- var yyyy = yy.redSqr();
- // S = 2 * ((X1 + YY)^2 - XX - YYYY)
- var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
- s = s.redIAdd(s);
- // M = 3 * XX + a; a = 0
- var m = xx.redAdd(xx).redIAdd(xx);
- // T = M ^ 2 - 2*S
- var t = m.redSqr().redISub(s).redISub(s);
- // 8 * YYYY
- var yyyy8 = yyyy.redIAdd(yyyy);
- yyyy8 = yyyy8.redIAdd(yyyy8);
- yyyy8 = yyyy8.redIAdd(yyyy8);
- // X3 = T
- nx = t;
- // Y3 = M * (S - T) - 8 * YYYY
- ny = m.redMul(s.redISub(t)).redISub(yyyy8);
- // Z3 = 2*Y1
- nz = this.y.redAdd(this.y);
- } else {
- // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html
- // #doubling-dbl-2009-l
- // 2M + 5S + 13A
- // A = X1^2
- var a = this.x.redSqr();
- // B = Y1^2
- var b = this.y.redSqr();
- // C = B^2
- var c = b.redSqr();
- // D = 2 * ((X1 + B)^2 - A - C)
- var d = this.x.redAdd(b).redSqr().redISub(a).redISub(c);
- d = d.redIAdd(d);
- // E = 3 * A
- var e = a.redAdd(a).redIAdd(a);
- // F = E^2
- var f = e.redSqr();
- // 8 * C
- var c8 = c.redIAdd(c);
- c8 = c8.redIAdd(c8);
- c8 = c8.redIAdd(c8);
- // X3 = F - 2 * D
- nx = f.redISub(d).redISub(d);
- // Y3 = E * (D - X3) - 8 * C
- ny = e.redMul(d.redISub(nx)).redISub(c8);
- // Z3 = 2 * Y1 * Z1
- nz = this.y.redMul(this.z);
- nz = nz.redIAdd(nz);
- }
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype._threeDbl = function _threeDbl() {
- var nx;
- var ny;
- var nz;
- // Z = 1
- if (this.zOne) {
- // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html
- // #doubling-mdbl-2007-bl
- // 1M + 5S + 15A
- // XX = X1^2
- var xx = this.x.redSqr();
- // YY = Y1^2
- var yy = this.y.redSqr();
- // YYYY = YY^2
- var yyyy = yy.redSqr();
- // S = 2 * ((X1 + YY)^2 - XX - YYYY)
- var s = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
- s = s.redIAdd(s);
- // M = 3 * XX + a
- var m = xx.redAdd(xx).redIAdd(xx).redIAdd(this.curve.a);
- // T = M^2 - 2 * S
- var t = m.redSqr().redISub(s).redISub(s);
- // X3 = T
- nx = t;
- // Y3 = M * (S - T) - 8 * YYYY
- var yyyy8 = yyyy.redIAdd(yyyy);
- yyyy8 = yyyy8.redIAdd(yyyy8);
- yyyy8 = yyyy8.redIAdd(yyyy8);
- ny = m.redMul(s.redISub(t)).redISub(yyyy8);
- // Z3 = 2 * Y1
- nz = this.y.redAdd(this.y);
- } else {
- // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
- // 3M + 5S
- // delta = Z1^2
- var delta = this.z.redSqr();
- // gamma = Y1^2
- var gamma = this.y.redSqr();
- // beta = X1 * gamma
- var beta = this.x.redMul(gamma);
- // alpha = 3 * (X1 - delta) * (X1 + delta)
- var alpha = this.x.redSub(delta).redMul(this.x.redAdd(delta));
- alpha = alpha.redAdd(alpha).redIAdd(alpha);
- // X3 = alpha^2 - 8 * beta
- var beta4 = beta.redIAdd(beta);
- beta4 = beta4.redIAdd(beta4);
- var beta8 = beta4.redAdd(beta4);
- nx = alpha.redSqr().redISub(beta8);
- // Z3 = (Y1 + Z1)^2 - gamma - delta
- nz = this.y.redAdd(this.z).redSqr().redISub(gamma).redISub(delta);
- // Y3 = alpha * (4 * beta - X3) - 8 * gamma^2
- var ggamma8 = gamma.redSqr();
- ggamma8 = ggamma8.redIAdd(ggamma8);
- ggamma8 = ggamma8.redIAdd(ggamma8);
- ggamma8 = ggamma8.redIAdd(ggamma8);
- ny = alpha.redMul(beta4.redISub(nx)).redISub(ggamma8);
- }
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype._dbl = function _dbl() {
- var a = this.curve.a;
- // 4M + 6S + 10A
- var jx = this.x;
- var jy = this.y;
- var jz = this.z;
- var jz4 = jz.redSqr().redSqr();
- var jx2 = jx.redSqr();
- var jy2 = jy.redSqr();
- var c = jx2.redAdd(jx2).redIAdd(jx2).redIAdd(a.redMul(jz4));
- var jxd4 = jx.redAdd(jx);
- jxd4 = jxd4.redIAdd(jxd4);
- var t1 = jxd4.redMul(jy2);
- var nx = c.redSqr().redISub(t1.redAdd(t1));
- var t2 = t1.redISub(nx);
- var jyd8 = jy2.redSqr();
- jyd8 = jyd8.redIAdd(jyd8);
- jyd8 = jyd8.redIAdd(jyd8);
- jyd8 = jyd8.redIAdd(jyd8);
- var ny = c.redMul(t2).redISub(jyd8);
- var nz = jy.redAdd(jy).redMul(jz);
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype.trpl = function trpl() {
- if (!this.curve.zeroA)
- return this.dbl().add(this);
- // hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#tripling-tpl-2007-bl
- // 5M + 10S + ...
- // XX = X1^2
- var xx = this.x.redSqr();
- // YY = Y1^2
- var yy = this.y.redSqr();
- // ZZ = Z1^2
- var zz = this.z.redSqr();
- // YYYY = YY^2
- var yyyy = yy.redSqr();
- // M = 3 * XX + a * ZZ2; a = 0
- var m = xx.redAdd(xx).redIAdd(xx);
- // MM = M^2
- var mm = m.redSqr();
- // E = 6 * ((X1 + YY)^2 - XX - YYYY) - MM
- var e = this.x.redAdd(yy).redSqr().redISub(xx).redISub(yyyy);
- e = e.redIAdd(e);
- e = e.redAdd(e).redIAdd(e);
- e = e.redISub(mm);
- // EE = E^2
- var ee = e.redSqr();
- // T = 16*YYYY
- var t = yyyy.redIAdd(yyyy);
- t = t.redIAdd(t);
- t = t.redIAdd(t);
- t = t.redIAdd(t);
- // U = (M + E)^2 - MM - EE - T
- var u = m.redIAdd(e).redSqr().redISub(mm).redISub(ee).redISub(t);
- // X3 = 4 * (X1 * EE - 4 * YY * U)
- var yyu4 = yy.redMul(u);
- yyu4 = yyu4.redIAdd(yyu4);
- yyu4 = yyu4.redIAdd(yyu4);
- var nx = this.x.redMul(ee).redISub(yyu4);
- nx = nx.redIAdd(nx);
- nx = nx.redIAdd(nx);
- // Y3 = 8 * Y1 * (U * (T - U) - E * EE)
- var ny = this.y.redMul(u.redMul(t.redISub(u)).redISub(e.redMul(ee)));
- ny = ny.redIAdd(ny);
- ny = ny.redIAdd(ny);
- ny = ny.redIAdd(ny);
- // Z3 = (Z1 + E)^2 - ZZ - EE
- var nz = this.z.redAdd(e).redSqr().redISub(zz).redISub(ee);
- return this.curve.jpoint(nx, ny, nz);
- };
- JPoint.prototype.mul = function mul(k, kbase) {
- k = new BN(k, kbase);
- return this.curve._wnafMul(this, k);
- };
- JPoint.prototype.eq = function eq(p) {
- if (p.type === 'affine')
- return this.eq(p.toJ());
- if (this === p)
- return true;
- // x1 * z2^2 == x2 * z1^2
- var z2 = this.z.redSqr();
- var pz2 = p.z.redSqr();
- if (this.x.redMul(pz2).redISub(p.x.redMul(z2)).cmpn(0) !== 0)
- return false;
- // y1 * z2^3 == y2 * z1^3
- var z3 = z2.redMul(this.z);
- var pz3 = pz2.redMul(p.z);
- return this.y.redMul(pz3).redISub(p.y.redMul(z3)).cmpn(0) === 0;
- };
- JPoint.prototype.eqXToP = function eqXToP(x) {
- var zs = this.z.redSqr();
- var rx = x.toRed(this.curve.red).redMul(zs);
- if (this.x.cmp(rx) === 0)
- return true;
- var xc = x.clone();
- var t = this.curve.redN.redMul(zs);
- for (;;) {
- xc.iadd(this.curve.n);
- if (xc.cmp(this.curve.p) >= 0)
- return false;
- rx.redIAdd(t);
- if (this.x.cmp(rx) === 0)
- return true;
- }
- };
- JPoint.prototype.inspect = function inspect() {
- if (this.isInfinity())
- return '<EC JPoint Infinity>';
- return '<EC JPoint x: ' + this.x.toString(16, 2) +
- ' y: ' + this.y.toString(16, 2) +
- ' z: ' + this.z.toString(16, 2) + '>';
- };
- JPoint.prototype.isInfinity = function isInfinity() {
- // XXX This code assumes that zero is always zero in red
- return this.z.cmpn(0) === 0;
- };
- },{"../utils":32,"./base":19,"bn.js":16,"inherits":47}],24:[function(require,module,exports){
- 'use strict';
- var curves = exports;
- var hash = require('hash.js');
- var curve = require('./curve');
- var utils = require('./utils');
- var assert = utils.assert;
- function PresetCurve(options) {
- if (options.type === 'short')
- this.curve = new curve.short(options);
- else if (options.type === 'edwards')
- this.curve = new curve.edwards(options);
- else if (options.type === 'mont')
- this.curve = new curve.mont(options);
- else throw new Error('Unknown curve type.');
- this.g = this.curve.g;
- this.n = this.curve.n;
- this.hash = options.hash;
- assert(this.g.validate(), 'Invalid curve');
- assert(this.g.mul(this.n).isInfinity(), 'Invalid curve, n*G != O');
- }
- curves.PresetCurve = PresetCurve;
- function defineCurve(name, options) {
- Object.defineProperty(curves, name, {
- configurable: true,
- enumerable: true,
- get: function() {
- var curve = new PresetCurve(options);
- Object.defineProperty(curves, name, {
- configurable: true,
- enumerable: true,
- value: curve
- });
- return curve;
- }
- });
- }
- defineCurve('p192', {
- type: 'short',
- prime: 'p192',
- p: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff',
- a: 'ffffffff ffffffff ffffffff fffffffe ffffffff fffffffc',
- b: '64210519 e59c80e7 0fa7e9ab 72243049 feb8deec c146b9b1',
- n: 'ffffffff ffffffff ffffffff 99def836 146bc9b1 b4d22831',
- hash: hash.sha256,
- gRed: false,
- g: [
- '188da80e b03090f6 7cbf20eb 43a18800 f4ff0afd 82ff1012',
- '07192b95 ffc8da78 631011ed 6b24cdd5 73f977a1 1e794811'
- ]
- });
- defineCurve('p224', {
- type: 'short',
- prime: 'p224',
- p: 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001',
- a: 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff fffffffe',
- b: 'b4050a85 0c04b3ab f5413256 5044b0b7 d7bfd8ba 270b3943 2355ffb4',
- n: 'ffffffff ffffffff ffffffff ffff16a2 e0b8f03e 13dd2945 5c5c2a3d',
- hash: hash.sha256,
- gRed: false,
- g: [
- 'b70e0cbd 6bb4bf7f 321390b9 4a03c1d3 56c21122 343280d6 115c1d21',
- 'bd376388 b5f723fb 4c22dfe6 cd4375a0 5a074764 44d58199 85007e34'
- ]
- });
- defineCurve('p256', {
- type: 'short',
- prime: null,
- p: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff ffffffff',
- a: 'ffffffff 00000001 00000000 00000000 00000000 ffffffff ffffffff fffffffc',
- b: '5ac635d8 aa3a93e7 b3ebbd55 769886bc 651d06b0 cc53b0f6 3bce3c3e 27d2604b',
- n: 'ffffffff 00000000 ffffffff ffffffff bce6faad a7179e84 f3b9cac2 fc632551',
- hash: hash.sha256,
- gRed: false,
- g: [
- '6b17d1f2 e12c4247 f8bce6e5 63a440f2 77037d81 2deb33a0 f4a13945 d898c296',
- '4fe342e2 fe1a7f9b 8ee7eb4a 7c0f9e16 2bce3357 6b315ece cbb64068 37bf51f5'
- ]
- });
- defineCurve('p384', {
- type: 'short',
- prime: null,
- p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'fffffffe ffffffff 00000000 00000000 ffffffff',
- a: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'fffffffe ffffffff 00000000 00000000 fffffffc',
- b: 'b3312fa7 e23ee7e4 988e056b e3f82d19 181d9c6e fe814112 0314088f ' +
- '5013875a c656398d 8a2ed19d 2a85c8ed d3ec2aef',
- n: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff c7634d81 ' +
- 'f4372ddf 581a0db2 48b0a77a ecec196a ccc52973',
- hash: hash.sha384,
- gRed: false,
- g: [
- 'aa87ca22 be8b0537 8eb1c71e f320ad74 6e1d3b62 8ba79b98 59f741e0 82542a38 ' +
- '5502f25d bf55296c 3a545e38 72760ab7',
- '3617de4a 96262c6f 5d9e98bf 9292dc29 f8f41dbd 289a147c e9da3113 b5f0b8c0 ' +
- '0a60b1ce 1d7e819d 7a431d7c 90ea0e5f'
- ]
- });
- defineCurve('p521', {
- type: 'short',
- prime: null,
- p: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'ffffffff ffffffff ffffffff ffffffff ffffffff',
- a: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'ffffffff ffffffff ffffffff ffffffff fffffffc',
- b: '00000051 953eb961 8e1c9a1f 929a21a0 b68540ee a2da725b ' +
- '99b315f3 b8b48991 8ef109e1 56193951 ec7e937b 1652c0bd ' +
- '3bb1bf07 3573df88 3d2c34f1 ef451fd4 6b503f00',
- n: '000001ff ffffffff ffffffff ffffffff ffffffff ffffffff ' +
- 'ffffffff ffffffff fffffffa 51868783 bf2f966b 7fcc0148 ' +
- 'f709a5d0 3bb5c9b8 899c47ae bb6fb71e 91386409',
- hash: hash.sha512,
- gRed: false,
- g: [
- '000000c6 858e06b7 0404e9cd 9e3ecb66 2395b442 9c648139 ' +
- '053fb521 f828af60 6b4d3dba a14b5e77 efe75928 fe1dc127 ' +
- 'a2ffa8de 3348b3c1 856a429b f97e7e31 c2e5bd66',
- '00000118 39296a78 9a3bc004 5c8a5fb4 2c7d1bd9 98f54449 ' +
- '579b4468 17afbd17 273e662c 97ee7299 5ef42640 c550b901 ' +
- '3fad0761 353c7086 a272c240 88be9476 9fd16650'
- ]
- });
- // https://tools.ietf.org/html/rfc7748#section-4.1
- defineCurve('curve25519', {
- type: 'mont',
- prime: 'p25519',
- p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
- a: '76d06',
- b: '1',
- n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
- cofactor: '8',
- hash: hash.sha256,
- gRed: false,
- g: [
- '9'
- ]
- });
- defineCurve('ed25519', {
- type: 'edwards',
- prime: 'p25519',
- p: '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed',
- a: '-1',
- c: '1',
- // -121665 * (121666^(-1)) (mod P)
- d: '52036cee2b6ffe73 8cc740797779e898 00700a4d4141d8ab 75eb4dca135978a3',
- n: '1000000000000000 0000000000000000 14def9dea2f79cd6 5812631a5cf5d3ed',
- cofactor: '8',
- hash: hash.sha256,
- gRed: false,
- g: [
- '216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a',
- // 4/5
- '6666666666666666666666666666666666666666666666666666666666666658'
- ]
- });
- // https://tools.ietf.org/html/rfc5639#section-3.4
- defineCurve('brainpoolP256r1', {
- type: 'short',
- prime: null,
- p: 'A9FB57DB A1EEA9BC 3E660A90 9D838D72 6E3BF623 D5262028 2013481D 1F6E5377',
- a: '7D5A0975 FC2C3057 EEF67530 417AFFE7 FB8055C1 26DC5C6C E94A4B44 F330B5D9',
- b: '26DC5C6C E94A4B44 F330B5D9 BBD77CBF 95841629 5CF7E1CE 6BCCDC18 FF8C07B6',
- n: 'A9FB57DB A1EEA9BC 3E660A90 9D838D71 8C397AA3 B561A6F7 901E0E82 974856A7',
- hash: hash.sha256, // or 384, or 512
- gRed: false,
- g: [
- '8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262',
- '547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997'
- ]
- });
- // https://tools.ietf.org/html/rfc5639#section-3.6
- defineCurve('brainpoolP384r1', {
- type: 'short',
- prime: null,
- p: '8CB91E82 A3386D28 0F5D6F7E 50E641DF 152F7109 ED5456B4 12B1DA19 7FB71123' +
- 'ACD3A729 901D1A71 87470013 3107EC53',
- a: '7BC382C6 3D8C150C 3C72080A CE05AFA0 C2BEA28E 4FB22787 139165EF BA91F90F' +
- '8AA5814A 503AD4EB 04A8C7DD 22CE2826',
- b: '04A8C7DD 22CE2826 8B39B554 16F0447C 2FB77DE1 07DCD2A6 2E880EA5 3EEB62D5' +
- '7CB43902 95DBC994 3AB78696 FA504C11',
- n: '8CB91E82 A3386D28 0F5D6F7E 50E641DF 152F7109 ED5456B3 1F166E6C AC0425A7' +
- 'CF3AB6AF 6B7FC310 3B883202 E9046565',
- hash: hash.sha384, // or 512
- gRed: false,
- g: [
- '1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10' +
- 'E8E826E03436D646AAEF87B2E247D4AF1E',
- '8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129' +
- '280E4646217791811142820341263C5315'
- ]
- });
- // https://tools.ietf.org/html/rfc5639#section-3.7
- defineCurve('brainpoolP512r1', {
- type: 'short',
- prime: null,
- p: 'AADD9DB8 DBE9C48B 3FD4E6AE 33C9FC07 CB308DB3 B3C9D20E D6639CCA 70330871' +
- '7D4D9B00 9BC66842 AECDA12A E6A380E6 2881FF2F 2D82C685 28AA6056 583A48F3',
- a: '7830A331 8B603B89 E2327145 AC234CC5 94CBDD8D 3DF91610 A83441CA EA9863BC' +
- '2DED5D5A A8253AA1 0A2EF1C9 8B9AC8B5 7F1117A7 2BF2C7B9 E7C1AC4D 77FC94CA',
- b: '3DF91610 A83441CA EA9863BC 2DED5D5A A8253AA1 0A2EF1C9 8B9AC8B5 7F1117A7' +
- '2BF2C7B9 E7C1AC4D 77FC94CA DC083E67 984050B7 5EBAE5DD 2809BD63 8016F723',
- n: 'AADD9DB8 DBE9C48B 3FD4E6AE 33C9FC07 CB308DB3 B3C9D20E D6639CCA 70330870' +
- '553E5C41 4CA92619 41866119 7FAC1047 1DB1D381 085DDADD B5879682 9CA90069',
- hash: hash.sha512,
- gRed: false,
- g: [
- '81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D009' +
- '8EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822',
- '7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F81' +
- '11B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892'
- ]
- });
- // https://en.bitcoin.it/wiki/Secp256k1
- var pre;
- try {
- pre = require('./precomputed/secp256k1');
- } catch (e) {
- pre = undefined;
- }
- defineCurve('secp256k1', {
- type: 'short',
- prime: 'k256',
- p: 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f',
- a: '0',
- b: '7',
- n: 'ffffffff ffffffff ffffffff fffffffe baaedce6 af48a03b bfd25e8c d0364141',
- h: '1',
- hash: hash.sha256,
- // Precomputed endomorphism
- beta: '7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee',
- lambda: '5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72',
- basis: [
- {
- a: '3086d221a7d46bcde86c90e49284eb15',
- b: '-e4437ed6010e88286f547fa90abfe4c3'
- },
- {
- a: '114ca50f7a8e2f3f657c1108d9d44cfd8',
- b: '3086d221a7d46bcde86c90e49284eb15'
- }
- ],
- gRed: false,
- g: [
- '79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798',
- '483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8',
- pre
- ]
- });
- },{"./curve":21,"./precomputed/secp256k1":31,"./utils":32,"hash.js":34}],25:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var HmacDRBG = require('hmac-drbg');
- var utils = require('../utils');
- var curves = require('../curves');
- var rand = require('brorand');
- var assert = utils.assert;
- var KeyPair = require('./key');
- var Signature = require('./signature');
- function EC(options) {
- if (!(this instanceof EC))
- return new EC(options);
- // Shortcut `elliptic.ec(curve-name)`
- if (typeof options === 'string') {
- assert(curves.hasOwnProperty(options), 'Unknown curve ' + options);
- options = curves[options];
- }
- // Shortcut for `elliptic.ec(elliptic.curves.curveName)`
- if (options instanceof curves.PresetCurve)
- options = { curve: options };
- this.curve = options.curve.curve;
- this.n = this.curve.n;
- this.nh = this.n.ushrn(1);
- this.g = this.curve.g;
- // Point on curve
- this.g = options.curve.g;
- this.g.precompute(options.curve.n.bitLength() + 1);
- // Hash function for DRBG
- this.hash = options.hash || options.curve.hash;
- }
- module.exports = EC;
- EC.prototype.keyPair = function keyPair(options) {
- return new KeyPair(this, options);
- };
- EC.prototype.keyFromPrivate = function keyFromPrivate(priv, enc) {
- return KeyPair.fromPrivate(this, priv, enc);
- };
- EC.prototype.keyFromPublic = function keyFromPublic(pub, enc) {
- return KeyPair.fromPublic(this, pub, enc);
- };
- EC.prototype.genKeyPair = function genKeyPair(options) {
- if (!options)
- options = {};
- // Instantiate Hmac_DRBG
- var drbg = new HmacDRBG({
- hash: this.hash,
- pers: options.pers,
- persEnc: options.persEnc || 'utf8',
- entropy: options.entropy || rand(this.hash.hmacStrength),
- entropyEnc: options.entropy && options.entropyEnc || 'utf8',
- nonce: this.n.toArray()
- });
- // Key generation for curve25519 is simpler
- if (this.curve.type === 'mont') {
- var priv = new BN(drbg.generate(32));
- return this.keyFromPrivate(priv);
- }
- var bytes = this.n.byteLength();
- var ns2 = this.n.sub(new BN(2));
- do {
- var priv = new BN(drbg.generate(bytes));
- if (priv.cmp(ns2) > 0)
- continue;
- priv.iaddn(1);
- return this.keyFromPrivate(priv);
- } while (true);
- };
- EC.prototype._truncateToN = function truncateToN(msg, truncOnly, bitSize) {
- bitSize = bitSize || msg.byteLength() * 8;
- var delta = bitSize - this.n.bitLength();
- if (delta > 0)
- msg = msg.ushrn(delta);
- if (!truncOnly && msg.cmp(this.n) >= 0)
- return msg.sub(this.n);
- else
- return msg;
- };
- EC.prototype.truncateMsg = function truncateMSG(msg) {
- // Bit size is only determined correctly for Uint8Arrays and hex strings
- var bitSize;
- if (msg instanceof Uint8Array) {
- bitSize = msg.byteLength * 8;
- msg = this._truncateToN(new BN(msg, 16), false, bitSize);
- } else if (typeof msg === 'string') {
- bitSize = msg.length * 4;
- msg = this._truncateToN(new BN(msg, 16), false, bitSize);
- } else {
- msg = this._truncateToN(new BN(msg, 16));
- }
- return msg;
- }
- EC.prototype.sign = function sign(msg, key, enc, options) {
- if (typeof enc === 'object') {
- options = enc;
- enc = null;
- }
- if (!options)
- options = {};
- key = this.keyFromPrivate(key, enc);
- msg = this.truncateMsg(msg);
- // Zero-extend key to provide enough entropy
- var bytes = this.n.byteLength();
- var bkey = key.getPrivate().toArray('be', bytes);
- // Zero-extend nonce to have the same byte size as N
- var nonce = msg.toArray('be', bytes);
- // Instantiate Hmac_DRBG
- var drbg = new HmacDRBG({
- hash: this.hash,
- entropy: bkey,
- nonce: nonce,
- pers: options.pers,
- persEnc: options.persEnc || 'utf8'
- });
- // Number of bytes to generate
- var ns1 = this.n.sub(new BN(1));
- for (var iter = 0; true; iter++) {
- var k = options.k ?
- options.k(iter) :
- new BN(drbg.generate(this.n.byteLength()));
- k = this._truncateToN(k, true);
- if (k.cmpn(1) <= 0 || k.cmp(ns1) >= 0)
- continue;
- var kp = this.g.mul(k);
- if (kp.isInfinity())
- continue;
- var kpX = kp.getX();
- var r = kpX.umod(this.n);
- if (r.cmpn(0) === 0)
- continue;
- var s = k.invm(this.n).mul(r.mul(key.getPrivate()).iadd(msg));
- s = s.umod(this.n);
- if (s.cmpn(0) === 0)
- continue;
- var recoveryParam = (kp.getY().isOdd() ? 1 : 0) |
- (kpX.cmp(r) !== 0 ? 2 : 0);
- // Use complement of `s`, if it is > `n / 2`
- if (options.canonical && s.cmp(this.nh) > 0) {
- s = this.n.sub(s);
- recoveryParam ^= 1;
- }
- return new Signature({ r: r, s: s, recoveryParam: recoveryParam });
- }
- };
- EC.prototype.verify = function verify(msg, signature, key, enc) {
- key = this.keyFromPublic(key, enc);
- signature = new Signature(signature, 'hex');
- // Fallback to the old code
- var ret = this._verify(this.truncateMsg(msg), signature, key) ||
- this._verify(this._truncateToN(new BN(msg, 16)), signature, key);
- return ret;
- };
- EC.prototype._verify = function _verify(msg, signature, key) {
- // Perform primitive values validation
- var r = signature.r;
- var s = signature.s;
- if (r.cmpn(1) < 0 || r.cmp(this.n) >= 0)
- return false;
- if (s.cmpn(1) < 0 || s.cmp(this.n) >= 0)
- return false;
- // Validate signature
- var sinv = s.invm(this.n);
- var u1 = sinv.mul(msg).umod(this.n);
- var u2 = sinv.mul(r).umod(this.n);
- if (!this.curve._maxwellTrick) {
- var p = this.g.mulAdd(u1, key.getPublic(), u2);
- if (p.isInfinity())
- return false;
- return p.getX().umod(this.n).cmp(r) === 0;
- }
- // NOTE: Greg Maxwell's trick, inspired by:
- // https://git.io/vad3K
- var p = this.g.jmulAdd(u1, key.getPublic(), u2);
- if (p.isInfinity())
- return false;
- // Compare `p.x` of Jacobian point with `r`,
- // this will do `p.x == r * p.z^2` instead of multiplying `p.x` by the
- // inverse of `p.z^2`
- return p.eqXToP(r);
- };
- EC.prototype.recoverPubKey = function(msg, signature, j, enc) {
- assert((3 & j) === j, 'The recovery param is more than two bits');
- signature = new Signature(signature, enc);
- var n = this.n;
- var e = new BN(msg);
- var r = signature.r;
- var s = signature.s;
- // A set LSB signifies that the y-coordinate is odd
- var isYOdd = j & 1;
- var isSecondKey = j >> 1;
- if (r.cmp(this.curve.p.umod(this.curve.n)) >= 0 && isSecondKey)
- throw new Error('Unable to find sencond key candinate');
- // 1.1. Let x = r + jn.
- if (isSecondKey)
- r = this.curve.pointFromX(r.add(this.curve.n), isYOdd);
- else
- r = this.curve.pointFromX(r, isYOdd);
- var rInv = signature.r.invm(n);
- var s1 = n.sub(e).mul(rInv).umod(n);
- var s2 = s.mul(rInv).umod(n);
- // 1.6.1 Compute Q = r^-1 (sR - eG)
- // Q = r^-1 (sR + -eG)
- return this.g.mulAdd(s1, r, s2);
- };
- EC.prototype.getKeyRecoveryParam = function(e, signature, Q, enc) {
- signature = new Signature(signature, enc);
- if (signature.recoveryParam !== null)
- return signature.recoveryParam;
- for (var i = 0; i < 4; i++) {
- var Qprime;
- try {
- Qprime = this.recoverPubKey(e, signature, i);
- } catch (e) {
- continue;
- }
- if (Qprime.eq(Q))
- return i;
- }
- throw new Error('Unable to find valid recovery factor');
- };
- },{"../curves":24,"../utils":32,"./key":26,"./signature":27,"bn.js":16,"brorand":17,"hmac-drbg":46}],26:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var utils = require('../utils');
- var assert = utils.assert;
- function KeyPair(ec, options) {
- this.ec = ec;
- this.priv = null;
- this.pub = null;
- // KeyPair(ec, { priv: ..., pub: ... })
- if (options.priv)
- this._importPrivate(options.priv, options.privEnc);
- if (options.pub)
- this._importPublic(options.pub, options.pubEnc);
- }
- module.exports = KeyPair;
- KeyPair.fromPublic = function fromPublic(ec, pub, enc) {
- if (pub instanceof KeyPair)
- return pub;
- return new KeyPair(ec, {
- pub: pub,
- pubEnc: enc
- });
- };
- KeyPair.fromPrivate = function fromPrivate(ec, priv, enc) {
- if (priv instanceof KeyPair)
- return priv;
- return new KeyPair(ec, {
- priv: priv,
- privEnc: enc
- });
- };
- // TODO: should not validate for X25519
- KeyPair.prototype.validate = function validate() {
- var pub = this.getPublic();
- if (pub.isInfinity())
- return { result: false, reason: 'Invalid public key' };
- if (!pub.validate())
- return { result: false, reason: 'Public key is not a point' };
- if (!pub.mul(this.ec.curve.n).isInfinity())
- return { result: false, reason: 'Public key * N != O' };
- return { result: true, reason: null };
- };
- KeyPair.prototype.getPublic = function getPublic(enc, compact) {
- if (!this.pub)
- this.pub = this.ec.g.mul(this.priv);
- if (!enc)
- return this.pub;
- return this.pub.encode(enc, compact);
- };
- KeyPair.prototype.getPrivate = function getPrivate(enc) {
- if (enc === 'hex')
- return this.priv.toString(16, 2);
- else
- return this.priv;
- };
- KeyPair.prototype._importPrivate = function _importPrivate(key, enc) {
- this.priv = new BN(key, enc || 16);
- // For Curve25519/Curve448 we have a specific procedure.
- // TODO Curve448
- if (this.ec.curve.type === 'mont') {
- var one = this.ec.curve.one;
- var mask = one.ushln(255 - 3).sub(one).ushln(3);
- this.priv = this.priv.or(one.ushln(255 - 1));
- this.priv = this.priv.and(mask);
- } else
- // Ensure that the priv won't be bigger than n, otherwise we may fail
- // in fixed multiplication method
- this.priv = this.priv.umod(this.ec.curve.n);
- };
- KeyPair.prototype._importPublic = function _importPublic(key, enc) {
- if (key.x || key.y) {
- // Montgomery points only have an `x` coordinate.
- // Weierstrass/Edwards points on the other hand have both `x` and
- // `y` coordinates.
- if (this.ec.curve.type === 'mont') {
- assert(key.x, 'Need x coordinate');
- } else if (this.ec.curve.type === 'short' ||
- this.ec.curve.type === 'edwards') {
- assert(key.x && key.y, 'Need both x and y coordinate');
- }
- this.pub = this.ec.curve.point(key.x, key.y);
- return;
- }
- this.pub = this.ec.curve.decodePoint(key, enc);
- };
- // ECDH
- KeyPair.prototype.derive = function derive(pub) {
- return pub.mul(this.priv).getX();
- };
- // ECDSA
- KeyPair.prototype.sign = function sign(msg, enc, options) {
- return this.ec.sign(msg, this, enc, options);
- };
- KeyPair.prototype.verify = function verify(msg, signature) {
- return this.ec.verify(msg, signature, this);
- };
- KeyPair.prototype.inspect = function inspect() {
- return '<Key priv: ' + (this.priv && this.priv.toString(16, 2)) +
- ' pub: ' + (this.pub && this.pub.inspect()) + ' >';
- };
- },{"../utils":32,"bn.js":16}],27:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var utils = require('../utils');
- var assert = utils.assert;
- function Signature(options, enc) {
- if (options instanceof Signature)
- return options;
- if (this._importDER(options, enc))
- return;
- assert(options.r && options.s, 'Signature without r or s');
- this.r = new BN(options.r, 16);
- this.s = new BN(options.s, 16);
- if (options.recoveryParam === undefined)
- this.recoveryParam = null;
- else
- this.recoveryParam = options.recoveryParam;
- }
- module.exports = Signature;
- function Position() {
- this.place = 0;
- }
- function getLength(buf, p) {
- var initial = buf[p.place++];
- if (!(initial & 0x80)) {
- return initial;
- }
- var octetLen = initial & 0xf;
- var val = 0;
- for (var i = 0, off = p.place; i < octetLen; i++, off++) {
- val <<= 8;
- val |= buf[off];
- }
- p.place = off;
- return val;
- }
- function rmPadding(buf) {
- var i = 0;
- var len = buf.length - 1;
- while (!buf[i] && !(buf[i + 1] & 0x80) && i < len) {
- i++;
- }
- if (i === 0) {
- return buf;
- }
- return buf.slice(i);
- }
- Signature.prototype._importDER = function _importDER(data, enc) {
- data = utils.toArray(data, enc);
- var p = new Position();
- if (data[p.place++] !== 0x30) {
- return false;
- }
- var len = getLength(data, p);
- if ((len + p.place) !== data.length) {
- return false;
- }
- if (data[p.place++] !== 0x02) {
- return false;
- }
- var rlen = getLength(data, p);
- var r = data.slice(p.place, rlen + p.place);
- p.place += rlen;
- if (data[p.place++] !== 0x02) {
- return false;
- }
- var slen = getLength(data, p);
- if (data.length !== slen + p.place) {
- return false;
- }
- var s = data.slice(p.place, slen + p.place);
- if (r[0] === 0 && (r[1] & 0x80)) {
- r = r.slice(1);
- }
- if (s[0] === 0 && (s[1] & 0x80)) {
- s = s.slice(1);
- }
- this.r = new BN(r);
- this.s = new BN(s);
- this.recoveryParam = null;
- return true;
- };
- function constructLength(arr, len) {
- if (len < 0x80) {
- arr.push(len);
- return;
- }
- var octets = 1 + (Math.log(len) / Math.LN2 >>> 3);
- arr.push(octets | 0x80);
- while (--octets) {
- arr.push((len >>> (octets << 3)) & 0xff);
- }
- arr.push(len);
- }
- Signature.prototype.toDER = function toDER(enc) {
- var r = this.r.toArray();
- var s = this.s.toArray();
- // Pad values
- if (r[0] & 0x80)
- r = [ 0 ].concat(r);
- // Pad values
- if (s[0] & 0x80)
- s = [ 0 ].concat(s);
- r = rmPadding(r);
- s = rmPadding(s);
- while (!s[0] && !(s[1] & 0x80)) {
- s = s.slice(1);
- }
- var arr = [ 0x02 ];
- constructLength(arr, r.length);
- arr = arr.concat(r);
- arr.push(0x02);
- constructLength(arr, s.length);
- var backHalf = arr.concat(s);
- var res = [ 0x30 ];
- constructLength(res, backHalf.length);
- res = res.concat(backHalf);
- return utils.encode(res, enc);
- };
- },{"../utils":32,"bn.js":16}],28:[function(require,module,exports){
- 'use strict';
- var hash = require('hash.js');
- var HmacDRBG = require('hmac-drbg');
- var rand = require('brorand');
- var curves = require('../curves');
- var utils = require('../utils');
- var assert = utils.assert;
- var parseBytes = utils.parseBytes;
- var KeyPair = require('./key');
- var Signature = require('./signature');
- function EDDSA(curve) {
- assert(curve === 'ed25519', 'only tested with ed25519 so far');
- if (!(this instanceof EDDSA))
- return new EDDSA(curve);
- var curve = curves[curve].curve;
- this.curve = curve;
- this.g = curve.g;
- this.g.precompute(curve.n.bitLength() + 1);
- this.pointClass = curve.point().constructor;
- this.encodingLength = Math.ceil(curve.n.bitLength() / 8);
- this.hash = hash.sha512;
- }
- module.exports = EDDSA;
- /**
- * @param {Array|String} message - message bytes
- * @param {Array|String|KeyPair} secret - secret bytes or a keypair
- * @returns {Signature} - signature
- */
- EDDSA.prototype.sign = function sign(message, secret) {
- message = parseBytes(message);
- var key = this.keyFromSecret(secret);
- var r = this.hashInt(key.messagePrefix(), message);
- var R = this.g.mul(r);
- var Rencoded = this.encodePoint(R);
- var s_ = this.hashInt(Rencoded, key.pubBytes(), message)
- .mul(key.priv());
- var S = r.add(s_).umod(this.curve.n);
- return this.makeSignature({ R: R, S: S, Rencoded: Rencoded });
- };
- /**
- * @param {Array} message - message bytes
- * @param {Array|String|Signature} sig - sig bytes
- * @param {Array|String|Point|KeyPair} pub - public key
- * @returns {Boolean} - true if public key matches sig of message
- */
- EDDSA.prototype.verify = function verify(message, sig, pub) {
- message = parseBytes(message);
- sig = this.makeSignature(sig);
- var key = this.keyFromPublic(pub);
- var h = this.hashInt(sig.Rencoded(), key.pubBytes(), message);
- var SG = this.g.mul(sig.S());
- var RplusAh = sig.R().add(key.pub().mul(h));
- return RplusAh.eq(SG);
- };
- EDDSA.prototype.hashInt = function hashInt() {
- var hash = this.hash();
- for (var i = 0; i < arguments.length; i++)
- hash.update(arguments[i]);
- return utils.intFromLE(hash.digest()).umod(this.curve.n);
- };
- EDDSA.prototype.keyPair = function keyPair(options) {
- return new KeyPair(this, options);
- };
- EDDSA.prototype.keyFromPublic = function keyFromPublic(pub) {
- return KeyPair.fromPublic(this, pub);
- };
- EDDSA.prototype.keyFromSecret = function keyFromSecret(secret) {
- return KeyPair.fromSecret(this, secret);
- };
- EDDSA.prototype.genKeyPair = function genKeyPair(options) {
- if (!options)
- options = {};
- // Instantiate Hmac_DRBG
- var drbg = new HmacDRBG({
- hash: this.hash,
- pers: options.pers,
- persEnc: options.persEnc || 'utf8',
- entropy: options.entropy || rand(this.hash.hmacStrength),
- entropyEnc: options.entropy && options.entropyEnc || 'utf8',
- nonce: this.curve.n.toArray()
- });
- return this.keyFromSecret(drbg.generate(32));
- };
- EDDSA.prototype.makeSignature = function makeSignature(sig) {
- if (sig instanceof Signature)
- return sig;
- return new Signature(this, sig);
- };
- /**
- * * https://tools.ietf.org/html/draft-josefsson-eddsa-ed25519-03#section-5.2
- *
- * EDDSA defines methods for encoding and decoding points and integers. These are
- * helper convenience methods, that pass along to utility functions implied
- * parameters.
- *
- */
- EDDSA.prototype.encodePoint = function encodePoint(point) {
- var enc = point.getY().toArray('le', this.encodingLength);
- enc[this.encodingLength - 1] |= point.getX().isOdd() ? 0x80 : 0;
- return enc;
- };
- EDDSA.prototype.decodePoint = function decodePoint(bytes) {
- bytes = utils.parseBytes(bytes);
- var lastIx = bytes.length - 1;
- var normed = bytes.slice(0, lastIx).concat(bytes[lastIx] & ~0x80);
- var xIsOdd = (bytes[lastIx] & 0x80) !== 0;
- var y = utils.intFromLE(normed);
- return this.curve.pointFromY(y, xIsOdd);
- };
- EDDSA.prototype.encodeInt = function encodeInt(num) {
- return num.toArray('le', this.encodingLength);
- };
- EDDSA.prototype.decodeInt = function decodeInt(bytes) {
- return utils.intFromLE(bytes);
- };
- EDDSA.prototype.isPoint = function isPoint(val) {
- return val instanceof this.pointClass;
- };
- },{"../curves":24,"../utils":32,"./key":29,"./signature":30,"brorand":17,"hash.js":34,"hmac-drbg":46}],29:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var assert = utils.assert;
- var parseBytes = utils.parseBytes;
- var cachedProperty = utils.cachedProperty;
- /**
- * @param {EDDSA} eddsa - instance
- * @param {Object} params - public/private key parameters
- *
- * @param {Array<Byte>} [params.secret] - secret seed bytes
- * @param {Point} [params.pub] - public key point (aka `A` in eddsa terms)
- * @param {Array<Byte>} [params.pub] - public key point encoded as bytes
- *
- */
- function KeyPair(eddsa, params) {
- this.eddsa = eddsa;
- if (params.hasOwnProperty('secret'))
- this._secret = parseBytes(params.secret);
- if (eddsa.isPoint(params.pub))
- this._pub = params.pub;
- else {
- this._pubBytes = parseBytes(params.pub);
- if (this._pubBytes && this._pubBytes.length === 33 &&
- this._pubBytes[0] === 0x40)
- this._pubBytes = this._pubBytes.slice(1, 33);
- if (this._pubBytes && this._pubBytes.length !== 32)
- throw new Error('Unknown point compression format');
- }
- }
- KeyPair.fromPublic = function fromPublic(eddsa, pub) {
- if (pub instanceof KeyPair)
- return pub;
- return new KeyPair(eddsa, { pub: pub });
- };
- KeyPair.fromSecret = function fromSecret(eddsa, secret) {
- if (secret instanceof KeyPair)
- return secret;
- return new KeyPair(eddsa, { secret: secret });
- };
- KeyPair.prototype.secret = function secret() {
- return this._secret;
- };
- cachedProperty(KeyPair, 'pubBytes', function pubBytes() {
- return this.eddsa.encodePoint(this.pub());
- });
- cachedProperty(KeyPair, 'pub', function pub() {
- if (this._pubBytes)
- return this.eddsa.decodePoint(this._pubBytes);
- return this.eddsa.g.mul(this.priv());
- });
- cachedProperty(KeyPair, 'privBytes', function privBytes() {
- var eddsa = this.eddsa;
- var hash = this.hash();
- var lastIx = eddsa.encodingLength - 1;
- // https://tools.ietf.org/html/rfc8032#section-5.1.5
- var a = hash.slice(0, eddsa.encodingLength);
- a[0] &= 248;
- a[lastIx] &= 127;
- a[lastIx] |= 64;
- return a;
- });
- cachedProperty(KeyPair, 'priv', function priv() {
- return this.eddsa.decodeInt(this.privBytes());
- });
- cachedProperty(KeyPair, 'hash', function hash() {
- return this.eddsa.hash().update(this.secret()).digest();
- });
- cachedProperty(KeyPair, 'messagePrefix', function messagePrefix() {
- return this.hash().slice(this.eddsa.encodingLength);
- });
- KeyPair.prototype.sign = function sign(message) {
- assert(this._secret, 'KeyPair can only verify');
- return this.eddsa.sign(message, this);
- };
- KeyPair.prototype.verify = function verify(message, sig) {
- return this.eddsa.verify(message, sig, this);
- };
- KeyPair.prototype.getSecret = function getSecret(enc) {
- assert(this._secret, 'KeyPair is public only');
- return utils.encode(this.secret(), enc);
- };
- KeyPair.prototype.getPublic = function getPublic(enc, compact) {
- return utils.encode((compact ? [ 0x40 ] : []).concat(this.pubBytes()), enc);
- };
- module.exports = KeyPair;
- },{"../utils":32}],30:[function(require,module,exports){
- 'use strict';
- var BN = require('bn.js');
- var utils = require('../utils');
- var assert = utils.assert;
- var cachedProperty = utils.cachedProperty;
- var parseBytes = utils.parseBytes;
- /**
- * @param {EDDSA} eddsa - eddsa instance
- * @param {Array<Bytes>|Object} sig -
- * @param {Array<Bytes>|Point} [sig.R] - R point as Point or bytes
- * @param {Array<Bytes>|bn} [sig.S] - S scalar as bn or bytes
- * @param {Array<Bytes>} [sig.Rencoded] - R point encoded
- * @param {Array<Bytes>} [sig.Sencoded] - S scalar encoded
- */
- function Signature(eddsa, sig) {
- this.eddsa = eddsa;
- if (typeof sig !== 'object')
- sig = parseBytes(sig);
- if (Array.isArray(sig)) {
- sig = {
- R: sig.slice(0, eddsa.encodingLength),
- S: sig.slice(eddsa.encodingLength)
- };
- }
- assert(sig.R && sig.S, 'Signature without R or S');
- if (eddsa.isPoint(sig.R))
- this._R = sig.R;
- if (sig.S instanceof BN)
- this._S = sig.S;
- this._Rencoded = Array.isArray(sig.R) ? sig.R : sig.Rencoded;
- this._Sencoded = Array.isArray(sig.S) ? sig.S : sig.Sencoded;
- }
- cachedProperty(Signature, 'S', function S() {
- return this.eddsa.decodeInt(this.Sencoded());
- });
- cachedProperty(Signature, 'R', function R() {
- return this.eddsa.decodePoint(this.Rencoded());
- });
- cachedProperty(Signature, 'Rencoded', function Rencoded() {
- return this.eddsa.encodePoint(this.R());
- });
- cachedProperty(Signature, 'Sencoded', function Sencoded() {
- return this.eddsa.encodeInt(this.S());
- });
- Signature.prototype.toBytes = function toBytes() {
- return this.Rencoded().concat(this.Sencoded());
- };
- Signature.prototype.toHex = function toHex() {
- return utils.encode(this.toBytes(), 'hex').toUpperCase();
- };
- module.exports = Signature;
- },{"../utils":32,"bn.js":16}],31:[function(require,module,exports){
- module.exports = {
- doubles: {
- step: 4,
- points: [
- [
- 'e60fce93b59e9ec53011aabc21c23e97b2a31369b87a5ae9c44ee89e2a6dec0a',
- 'f7e3507399e595929db99f34f57937101296891e44d23f0be1f32cce69616821'
- ],
- [
- '8282263212c609d9ea2a6e3e172de238d8c39cabd5ac1ca10646e23fd5f51508',
- '11f8a8098557dfe45e8256e830b60ace62d613ac2f7b17bed31b6eaff6e26caf'
- ],
- [
- '175e159f728b865a72f99cc6c6fc846de0b93833fd2222ed73fce5b551e5b739',
- 'd3506e0d9e3c79eba4ef97a51ff71f5eacb5955add24345c6efa6ffee9fed695'
- ],
- [
- '363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640',
- '4e273adfc732221953b445397f3363145b9a89008199ecb62003c7f3bee9de9'
- ],
- [
- '8b4b5f165df3c2be8c6244b5b745638843e4a781a15bcd1b69f79a55dffdf80c',
- '4aad0a6f68d308b4b3fbd7813ab0da04f9e336546162ee56b3eff0c65fd4fd36'
- ],
- [
- '723cbaa6e5db996d6bf771c00bd548c7b700dbffa6c0e77bcb6115925232fcda',
- '96e867b5595cc498a921137488824d6e2660a0653779494801dc069d9eb39f5f'
- ],
- [
- 'eebfa4d493bebf98ba5feec812c2d3b50947961237a919839a533eca0e7dd7fa',
- '5d9a8ca3970ef0f269ee7edaf178089d9ae4cdc3a711f712ddfd4fdae1de8999'
- ],
- [
- '100f44da696e71672791d0a09b7bde459f1215a29b3c03bfefd7835b39a48db0',
- 'cdd9e13192a00b772ec8f3300c090666b7ff4a18ff5195ac0fbd5cd62bc65a09'
- ],
- [
- 'e1031be262c7ed1b1dc9227a4a04c017a77f8d4464f3b3852c8acde6e534fd2d',
- '9d7061928940405e6bb6a4176597535af292dd419e1ced79a44f18f29456a00d'
- ],
- [
- 'feea6cae46d55b530ac2839f143bd7ec5cf8b266a41d6af52d5e688d9094696d',
- 'e57c6b6c97dce1bab06e4e12bf3ecd5c981c8957cc41442d3155debf18090088'
- ],
- [
- 'da67a91d91049cdcb367be4be6ffca3cfeed657d808583de33fa978bc1ec6cb1',
- '9bacaa35481642bc41f463f7ec9780e5dec7adc508f740a17e9ea8e27a68be1d'
- ],
- [
- '53904faa0b334cdda6e000935ef22151ec08d0f7bb11069f57545ccc1a37b7c0',
- '5bc087d0bc80106d88c9eccac20d3c1c13999981e14434699dcb096b022771c8'
- ],
- [
- '8e7bcd0bd35983a7719cca7764ca906779b53a043a9b8bcaeff959f43ad86047',
- '10b7770b2a3da4b3940310420ca9514579e88e2e47fd68b3ea10047e8460372a'
- ],
- [
- '385eed34c1cdff21e6d0818689b81bde71a7f4f18397e6690a841e1599c43862',
- '283bebc3e8ea23f56701de19e9ebf4576b304eec2086dc8cc0458fe5542e5453'
- ],
- [
- '6f9d9b803ecf191637c73a4413dfa180fddf84a5947fbc9c606ed86c3fac3a7',
- '7c80c68e603059ba69b8e2a30e45c4d47ea4dd2f5c281002d86890603a842160'
- ],
- [
- '3322d401243c4e2582a2147c104d6ecbf774d163db0f5e5313b7e0e742d0e6bd',
- '56e70797e9664ef5bfb019bc4ddaf9b72805f63ea2873af624f3a2e96c28b2a0'
- ],
- [
- '85672c7d2de0b7da2bd1770d89665868741b3f9af7643397721d74d28134ab83',
- '7c481b9b5b43b2eb6374049bfa62c2e5e77f17fcc5298f44c8e3094f790313a6'
- ],
- [
- '948bf809b1988a46b06c9f1919413b10f9226c60f668832ffd959af60c82a0a',
- '53a562856dcb6646dc6b74c5d1c3418c6d4dff08c97cd2bed4cb7f88d8c8e589'
- ],
- [
- '6260ce7f461801c34f067ce0f02873a8f1b0e44dfc69752accecd819f38fd8e8',
- 'bc2da82b6fa5b571a7f09049776a1ef7ecd292238051c198c1a84e95b2b4ae17'
- ],
- [
- 'e5037de0afc1d8d43d8348414bbf4103043ec8f575bfdc432953cc8d2037fa2d',
- '4571534baa94d3b5f9f98d09fb990bddbd5f5b03ec481f10e0e5dc841d755bda'
- ],
- [
- 'e06372b0f4a207adf5ea905e8f1771b4e7e8dbd1c6a6c5b725866a0ae4fce725',
- '7a908974bce18cfe12a27bb2ad5a488cd7484a7787104870b27034f94eee31dd'
- ],
- [
- '213c7a715cd5d45358d0bbf9dc0ce02204b10bdde2a3f58540ad6908d0559754',
- '4b6dad0b5ae462507013ad06245ba190bb4850f5f36a7eeddff2c27534b458f2'
- ],
- [
- '4e7c272a7af4b34e8dbb9352a5419a87e2838c70adc62cddf0cc3a3b08fbd53c',
- '17749c766c9d0b18e16fd09f6def681b530b9614bff7dd33e0b3941817dcaae6'
- ],
- [
- 'fea74e3dbe778b1b10f238ad61686aa5c76e3db2be43057632427e2840fb27b6',
- '6e0568db9b0b13297cf674deccb6af93126b596b973f7b77701d3db7f23cb96f'
- ],
- [
- '76e64113f677cf0e10a2570d599968d31544e179b760432952c02a4417bdde39',
- 'c90ddf8dee4e95cf577066d70681f0d35e2a33d2b56d2032b4b1752d1901ac01'
- ],
- [
- 'c738c56b03b2abe1e8281baa743f8f9a8f7cc643df26cbee3ab150242bcbb891',
- '893fb578951ad2537f718f2eacbfbbbb82314eef7880cfe917e735d9699a84c3'
- ],
- [
- 'd895626548b65b81e264c7637c972877d1d72e5f3a925014372e9f6588f6c14b',
- 'febfaa38f2bc7eae728ec60818c340eb03428d632bb067e179363ed75d7d991f'
- ],
- [
- 'b8da94032a957518eb0f6433571e8761ceffc73693e84edd49150a564f676e03',
- '2804dfa44805a1e4d7c99cc9762808b092cc584d95ff3b511488e4e74efdf6e7'
- ],
- [
- 'e80fea14441fb33a7d8adab9475d7fab2019effb5156a792f1a11778e3c0df5d',
- 'eed1de7f638e00771e89768ca3ca94472d155e80af322ea9fcb4291b6ac9ec78'
- ],
- [
- 'a301697bdfcd704313ba48e51d567543f2a182031efd6915ddc07bbcc4e16070',
- '7370f91cfb67e4f5081809fa25d40f9b1735dbf7c0a11a130c0d1a041e177ea1'
- ],
- [
- '90ad85b389d6b936463f9d0512678de208cc330b11307fffab7ac63e3fb04ed4',
- 'e507a3620a38261affdcbd9427222b839aefabe1582894d991d4d48cb6ef150'
- ],
- [
- '8f68b9d2f63b5f339239c1ad981f162ee88c5678723ea3351b7b444c9ec4c0da',
- '662a9f2dba063986de1d90c2b6be215dbbea2cfe95510bfdf23cbf79501fff82'
- ],
- [
- 'e4f3fb0176af85d65ff99ff9198c36091f48e86503681e3e6686fd5053231e11',
- '1e63633ad0ef4f1c1661a6d0ea02b7286cc7e74ec951d1c9822c38576feb73bc'
- ],
- [
- '8c00fa9b18ebf331eb961537a45a4266c7034f2f0d4e1d0716fb6eae20eae29e',
- 'efa47267fea521a1a9dc343a3736c974c2fadafa81e36c54e7d2a4c66702414b'
- ],
- [
- 'e7a26ce69dd4829f3e10cec0a9e98ed3143d084f308b92c0997fddfc60cb3e41',
- '2a758e300fa7984b471b006a1aafbb18d0a6b2c0420e83e20e8a9421cf2cfd51'
- ],
- [
- 'b6459e0ee3662ec8d23540c223bcbdc571cbcb967d79424f3cf29eb3de6b80ef',
- '67c876d06f3e06de1dadf16e5661db3c4b3ae6d48e35b2ff30bf0b61a71ba45'
- ],
- [
- 'd68a80c8280bb840793234aa118f06231d6f1fc67e73c5a5deda0f5b496943e8',
- 'db8ba9fff4b586d00c4b1f9177b0e28b5b0e7b8f7845295a294c84266b133120'
- ],
- [
- '324aed7df65c804252dc0270907a30b09612aeb973449cea4095980fc28d3d5d',
- '648a365774b61f2ff130c0c35aec1f4f19213b0c7e332843967224af96ab7c84'
- ],
- [
- '4df9c14919cde61f6d51dfdbe5fee5dceec4143ba8d1ca888e8bd373fd054c96',
- '35ec51092d8728050974c23a1d85d4b5d506cdc288490192ebac06cad10d5d'
- ],
- [
- '9c3919a84a474870faed8a9c1cc66021523489054d7f0308cbfc99c8ac1f98cd',
- 'ddb84f0f4a4ddd57584f044bf260e641905326f76c64c8e6be7e5e03d4fc599d'
- ],
- [
- '6057170b1dd12fdf8de05f281d8e06bb91e1493a8b91d4cc5a21382120a959e5',
- '9a1af0b26a6a4807add9a2daf71df262465152bc3ee24c65e899be932385a2a8'
- ],
- [
- 'a576df8e23a08411421439a4518da31880cef0fba7d4df12b1a6973eecb94266',
- '40a6bf20e76640b2c92b97afe58cd82c432e10a7f514d9f3ee8be11ae1b28ec8'
- ],
- [
- '7778a78c28dec3e30a05fe9629de8c38bb30d1f5cf9a3a208f763889be58ad71',
- '34626d9ab5a5b22ff7098e12f2ff580087b38411ff24ac563b513fc1fd9f43ac'
- ],
- [
- '928955ee637a84463729fd30e7afd2ed5f96274e5ad7e5cb09eda9c06d903ac',
- 'c25621003d3f42a827b78a13093a95eeac3d26efa8a8d83fc5180e935bcd091f'
- ],
- [
- '85d0fef3ec6db109399064f3a0e3b2855645b4a907ad354527aae75163d82751',
- '1f03648413a38c0be29d496e582cf5663e8751e96877331582c237a24eb1f962'
- ],
- [
- 'ff2b0dce97eece97c1c9b6041798b85dfdfb6d8882da20308f5404824526087e',
- '493d13fef524ba188af4c4dc54d07936c7b7ed6fb90e2ceb2c951e01f0c29907'
- ],
- [
- '827fbbe4b1e880ea9ed2b2e6301b212b57f1ee148cd6dd28780e5e2cf856e241',
- 'c60f9c923c727b0b71bef2c67d1d12687ff7a63186903166d605b68baec293ec'
- ],
- [
- 'eaa649f21f51bdbae7be4ae34ce6e5217a58fdce7f47f9aa7f3b58fa2120e2b3',
- 'be3279ed5bbbb03ac69a80f89879aa5a01a6b965f13f7e59d47a5305ba5ad93d'
- ],
- [
- 'e4a42d43c5cf169d9391df6decf42ee541b6d8f0c9a137401e23632dda34d24f',
- '4d9f92e716d1c73526fc99ccfb8ad34ce886eedfa8d8e4f13a7f7131deba9414'
- ],
- [
- '1ec80fef360cbdd954160fadab352b6b92b53576a88fea4947173b9d4300bf19',
- 'aeefe93756b5340d2f3a4958a7abbf5e0146e77f6295a07b671cdc1cc107cefd'
- ],
- [
- '146a778c04670c2f91b00af4680dfa8bce3490717d58ba889ddb5928366642be',
- 'b318e0ec3354028add669827f9d4b2870aaa971d2f7e5ed1d0b297483d83efd0'
- ],
- [
- 'fa50c0f61d22e5f07e3acebb1aa07b128d0012209a28b9776d76a8793180eef9',
- '6b84c6922397eba9b72cd2872281a68a5e683293a57a213b38cd8d7d3f4f2811'
- ],
- [
- 'da1d61d0ca721a11b1a5bf6b7d88e8421a288ab5d5bba5220e53d32b5f067ec2',
- '8157f55a7c99306c79c0766161c91e2966a73899d279b48a655fba0f1ad836f1'
- ],
- [
- 'a8e282ff0c9706907215ff98e8fd416615311de0446f1e062a73b0610d064e13',
- '7f97355b8db81c09abfb7f3c5b2515888b679a3e50dd6bd6cef7c73111f4cc0c'
- ],
- [
- '174a53b9c9a285872d39e56e6913cab15d59b1fa512508c022f382de8319497c',
- 'ccc9dc37abfc9c1657b4155f2c47f9e6646b3a1d8cb9854383da13ac079afa73'
- ],
- [
- '959396981943785c3d3e57edf5018cdbe039e730e4918b3d884fdff09475b7ba',
- '2e7e552888c331dd8ba0386a4b9cd6849c653f64c8709385e9b8abf87524f2fd'
- ],
- [
- 'd2a63a50ae401e56d645a1153b109a8fcca0a43d561fba2dbb51340c9d82b151',
- 'e82d86fb6443fcb7565aee58b2948220a70f750af484ca52d4142174dcf89405'
- ],
- [
- '64587e2335471eb890ee7896d7cfdc866bacbdbd3839317b3436f9b45617e073',
- 'd99fcdd5bf6902e2ae96dd6447c299a185b90a39133aeab358299e5e9faf6589'
- ],
- [
- '8481bde0e4e4d885b3a546d3e549de042f0aa6cea250e7fd358d6c86dd45e458',
- '38ee7b8cba5404dd84a25bf39cecb2ca900a79c42b262e556d64b1b59779057e'
- ],
- [
- '13464a57a78102aa62b6979ae817f4637ffcfed3c4b1ce30bcd6303f6caf666b',
- '69be159004614580ef7e433453ccb0ca48f300a81d0942e13f495a907f6ecc27'
- ],
- [
- 'bc4a9df5b713fe2e9aef430bcc1dc97a0cd9ccede2f28588cada3a0d2d83f366',
- 'd3a81ca6e785c06383937adf4b798caa6e8a9fbfa547b16d758d666581f33c1'
- ],
- [
- '8c28a97bf8298bc0d23d8c749452a32e694b65e30a9472a3954ab30fe5324caa',
- '40a30463a3305193378fedf31f7cc0eb7ae784f0451cb9459e71dc73cbef9482'
- ],
- [
- '8ea9666139527a8c1dd94ce4f071fd23c8b350c5a4bb33748c4ba111faccae0',
- '620efabbc8ee2782e24e7c0cfb95c5d735b783be9cf0f8e955af34a30e62b945'
- ],
- [
- 'dd3625faef5ba06074669716bbd3788d89bdde815959968092f76cc4eb9a9787',
- '7a188fa3520e30d461da2501045731ca941461982883395937f68d00c644a573'
- ],
- [
- 'f710d79d9eb962297e4f6232b40e8f7feb2bc63814614d692c12de752408221e',
- 'ea98e67232d3b3295d3b535532115ccac8612c721851617526ae47a9c77bfc82'
- ]
- ]
- },
- naf: {
- wnd: 7,
- points: [
- [
- 'f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9',
- '388f7b0f632de8140fe337e62a37f3566500a99934c2231b6cb9fd7584b8e672'
- ],
- [
- '2f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4',
- 'd8ac222636e5e3d6d4dba9dda6c9c426f788271bab0d6840dca87d3aa6ac62d6'
- ],
- [
- '5cbdf0646e5db4eaa398f365f2ea7a0e3d419b7e0330e39ce92bddedcac4f9bc',
- '6aebca40ba255960a3178d6d861a54dba813d0b813fde7b5a5082628087264da'
- ],
- [
- 'acd484e2f0c7f65309ad178a9f559abde09796974c57e714c35f110dfc27ccbe',
- 'cc338921b0a7d9fd64380971763b61e9add888a4375f8e0f05cc262ac64f9c37'
- ],
- [
- '774ae7f858a9411e5ef4246b70c65aac5649980be5c17891bbec17895da008cb',
- 'd984a032eb6b5e190243dd56d7b7b365372db1e2dff9d6a8301d74c9c953c61b'
- ],
- [
- 'f28773c2d975288bc7d1d205c3748651b075fbc6610e58cddeeddf8f19405aa8',
- 'ab0902e8d880a89758212eb65cdaf473a1a06da521fa91f29b5cb52db03ed81'
- ],
- [
- 'd7924d4f7d43ea965a465ae3095ff41131e5946f3c85f79e44adbcf8e27e080e',
- '581e2872a86c72a683842ec228cc6defea40af2bd896d3a5c504dc9ff6a26b58'
- ],
- [
- 'defdea4cdb677750a420fee807eacf21eb9898ae79b9768766e4faa04a2d4a34',
- '4211ab0694635168e997b0ead2a93daeced1f4a04a95c0f6cfb199f69e56eb77'
- ],
- [
- '2b4ea0a797a443d293ef5cff444f4979f06acfebd7e86d277475656138385b6c',
- '85e89bc037945d93b343083b5a1c86131a01f60c50269763b570c854e5c09b7a'
- ],
- [
- '352bbf4a4cdd12564f93fa332ce333301d9ad40271f8107181340aef25be59d5',
- '321eb4075348f534d59c18259dda3e1f4a1b3b2e71b1039c67bd3d8bcf81998c'
- ],
- [
- '2fa2104d6b38d11b0230010559879124e42ab8dfeff5ff29dc9cdadd4ecacc3f',
- '2de1068295dd865b64569335bd5dd80181d70ecfc882648423ba76b532b7d67'
- ],
- [
- '9248279b09b4d68dab21a9b066edda83263c3d84e09572e269ca0cd7f5453714',
- '73016f7bf234aade5d1aa71bdea2b1ff3fc0de2a887912ffe54a32ce97cb3402'
- ],
- [
- 'daed4f2be3a8bf278e70132fb0beb7522f570e144bf615c07e996d443dee8729',
- 'a69dce4a7d6c98e8d4a1aca87ef8d7003f83c230f3afa726ab40e52290be1c55'
- ],
- [
- 'c44d12c7065d812e8acf28d7cbb19f9011ecd9e9fdf281b0e6a3b5e87d22e7db',
- '2119a460ce326cdc76c45926c982fdac0e106e861edf61c5a039063f0e0e6482'
- ],
- [
- '6a245bf6dc698504c89a20cfded60853152b695336c28063b61c65cbd269e6b4',
- 'e022cf42c2bd4a708b3f5126f16a24ad8b33ba48d0423b6efd5e6348100d8a82'
- ],
- [
- '1697ffa6fd9de627c077e3d2fe541084ce13300b0bec1146f95ae57f0d0bd6a5',
- 'b9c398f186806f5d27561506e4557433a2cf15009e498ae7adee9d63d01b2396'
- ],
- [
- '605bdb019981718b986d0f07e834cb0d9deb8360ffb7f61df982345ef27a7479',
- '2972d2de4f8d20681a78d93ec96fe23c26bfae84fb14db43b01e1e9056b8c49'
- ],
- [
- '62d14dab4150bf497402fdc45a215e10dcb01c354959b10cfe31c7e9d87ff33d',
- '80fc06bd8cc5b01098088a1950eed0db01aa132967ab472235f5642483b25eaf'
- ],
- [
- '80c60ad0040f27dade5b4b06c408e56b2c50e9f56b9b8b425e555c2f86308b6f',
- '1c38303f1cc5c30f26e66bad7fe72f70a65eed4cbe7024eb1aa01f56430bd57a'
- ],
- [
- '7a9375ad6167ad54aa74c6348cc54d344cc5dc9487d847049d5eabb0fa03c8fb',
- 'd0e3fa9eca8726909559e0d79269046bdc59ea10c70ce2b02d499ec224dc7f7'
- ],
- [
- 'd528ecd9b696b54c907a9ed045447a79bb408ec39b68df504bb51f459bc3ffc9',
- 'eecf41253136e5f99966f21881fd656ebc4345405c520dbc063465b521409933'
- ],
- [
- '49370a4b5f43412ea25f514e8ecdad05266115e4a7ecb1387231808f8b45963',
- '758f3f41afd6ed428b3081b0512fd62a54c3f3afbb5b6764b653052a12949c9a'
- ],
- [
- '77f230936ee88cbbd73df930d64702ef881d811e0e1498e2f1c13eb1fc345d74',
- '958ef42a7886b6400a08266e9ba1b37896c95330d97077cbbe8eb3c7671c60d6'
- ],
- [
- 'f2dac991cc4ce4b9ea44887e5c7c0bce58c80074ab9d4dbaeb28531b7739f530',
- 'e0dedc9b3b2f8dad4da1f32dec2531df9eb5fbeb0598e4fd1a117dba703a3c37'
- ],
- [
- '463b3d9f662621fb1b4be8fbbe2520125a216cdfc9dae3debcba4850c690d45b',
- '5ed430d78c296c3543114306dd8622d7c622e27c970a1de31cb377b01af7307e'
- ],
- [
- 'f16f804244e46e2a09232d4aff3b59976b98fac14328a2d1a32496b49998f247',
- 'cedabd9b82203f7e13d206fcdf4e33d92a6c53c26e5cce26d6579962c4e31df6'
- ],
- [
- 'caf754272dc84563b0352b7a14311af55d245315ace27c65369e15f7151d41d1',
- 'cb474660ef35f5f2a41b643fa5e460575f4fa9b7962232a5c32f908318a04476'
- ],
- [
- '2600ca4b282cb986f85d0f1709979d8b44a09c07cb86d7c124497bc86f082120',
- '4119b88753c15bd6a693b03fcddbb45d5ac6be74ab5f0ef44b0be9475a7e4b40'
- ],
- [
- '7635ca72d7e8432c338ec53cd12220bc01c48685e24f7dc8c602a7746998e435',
- '91b649609489d613d1d5e590f78e6d74ecfc061d57048bad9e76f302c5b9c61'
- ],
- [
- '754e3239f325570cdbbf4a87deee8a66b7f2b33479d468fbc1a50743bf56cc18',
- '673fb86e5bda30fb3cd0ed304ea49a023ee33d0197a695d0c5d98093c536683'
- ],
- [
- 'e3e6bd1071a1e96aff57859c82d570f0330800661d1c952f9fe2694691d9b9e8',
- '59c9e0bba394e76f40c0aa58379a3cb6a5a2283993e90c4167002af4920e37f5'
- ],
- [
- '186b483d056a033826ae73d88f732985c4ccb1f32ba35f4b4cc47fdcf04aa6eb',
- '3b952d32c67cf77e2e17446e204180ab21fb8090895138b4a4a797f86e80888b'
- ],
- [
- 'df9d70a6b9876ce544c98561f4be4f725442e6d2b737d9c91a8321724ce0963f',
- '55eb2dafd84d6ccd5f862b785dc39d4ab157222720ef9da217b8c45cf2ba2417'
- ],
- [
- '5edd5cc23c51e87a497ca815d5dce0f8ab52554f849ed8995de64c5f34ce7143',
- 'efae9c8dbc14130661e8cec030c89ad0c13c66c0d17a2905cdc706ab7399a868'
- ],
- [
- '290798c2b6476830da12fe02287e9e777aa3fba1c355b17a722d362f84614fba',
- 'e38da76dcd440621988d00bcf79af25d5b29c094db2a23146d003afd41943e7a'
- ],
- [
- 'af3c423a95d9f5b3054754efa150ac39cd29552fe360257362dfdecef4053b45',
- 'f98a3fd831eb2b749a93b0e6f35cfb40c8cd5aa667a15581bc2feded498fd9c6'
- ],
- [
- '766dbb24d134e745cccaa28c99bf274906bb66b26dcf98df8d2fed50d884249a',
- '744b1152eacbe5e38dcc887980da38b897584a65fa06cedd2c924f97cbac5996'
- ],
- [
- '59dbf46f8c94759ba21277c33784f41645f7b44f6c596a58ce92e666191abe3e',
- 'c534ad44175fbc300f4ea6ce648309a042ce739a7919798cd85e216c4a307f6e'
- ],
- [
- 'f13ada95103c4537305e691e74e9a4a8dd647e711a95e73cb62dc6018cfd87b8',
- 'e13817b44ee14de663bf4bc808341f326949e21a6a75c2570778419bdaf5733d'
- ],
- [
- '7754b4fa0e8aced06d4167a2c59cca4cda1869c06ebadfb6488550015a88522c',
- '30e93e864e669d82224b967c3020b8fa8d1e4e350b6cbcc537a48b57841163a2'
- ],
- [
- '948dcadf5990e048aa3874d46abef9d701858f95de8041d2a6828c99e2262519',
- 'e491a42537f6e597d5d28a3224b1bc25df9154efbd2ef1d2cbba2cae5347d57e'
- ],
- [
- '7962414450c76c1689c7b48f8202ec37fb224cf5ac0bfa1570328a8a3d7c77ab',
- '100b610ec4ffb4760d5c1fc133ef6f6b12507a051f04ac5760afa5b29db83437'
- ],
- [
- '3514087834964b54b15b160644d915485a16977225b8847bb0dd085137ec47ca',
- 'ef0afbb2056205448e1652c48e8127fc6039e77c15c2378b7e7d15a0de293311'
- ],
- [
- 'd3cc30ad6b483e4bc79ce2c9dd8bc54993e947eb8df787b442943d3f7b527eaf',
- '8b378a22d827278d89c5e9be8f9508ae3c2ad46290358630afb34db04eede0a4'
- ],
- [
- '1624d84780732860ce1c78fcbfefe08b2b29823db913f6493975ba0ff4847610',
- '68651cf9b6da903e0914448c6cd9d4ca896878f5282be4c8cc06e2a404078575'
- ],
- [
- '733ce80da955a8a26902c95633e62a985192474b5af207da6df7b4fd5fc61cd4',
- 'f5435a2bd2badf7d485a4d8b8db9fcce3e1ef8e0201e4578c54673bc1dc5ea1d'
- ],
- [
- '15d9441254945064cf1a1c33bbd3b49f8966c5092171e699ef258dfab81c045c',
- 'd56eb30b69463e7234f5137b73b84177434800bacebfc685fc37bbe9efe4070d'
- ],
- [
- 'a1d0fcf2ec9de675b612136e5ce70d271c21417c9d2b8aaaac138599d0717940',
- 'edd77f50bcb5a3cab2e90737309667f2641462a54070f3d519212d39c197a629'
- ],
- [
- 'e22fbe15c0af8ccc5780c0735f84dbe9a790badee8245c06c7ca37331cb36980',
- 'a855babad5cd60c88b430a69f53a1a7a38289154964799be43d06d77d31da06'
- ],
- [
- '311091dd9860e8e20ee13473c1155f5f69635e394704eaa74009452246cfa9b3',
- '66db656f87d1f04fffd1f04788c06830871ec5a64feee685bd80f0b1286d8374'
- ],
- [
- '34c1fd04d301be89b31c0442d3e6ac24883928b45a9340781867d4232ec2dbdf',
- '9414685e97b1b5954bd46f730174136d57f1ceeb487443dc5321857ba73abee'
- ],
- [
- 'f219ea5d6b54701c1c14de5b557eb42a8d13f3abbcd08affcc2a5e6b049b8d63',
- '4cb95957e83d40b0f73af4544cccf6b1f4b08d3c07b27fb8d8c2962a400766d1'
- ],
- [
- 'd7b8740f74a8fbaab1f683db8f45de26543a5490bca627087236912469a0b448',
- 'fa77968128d9c92ee1010f337ad4717eff15db5ed3c049b3411e0315eaa4593b'
- ],
- [
- '32d31c222f8f6f0ef86f7c98d3a3335ead5bcd32abdd94289fe4d3091aa824bf',
- '5f3032f5892156e39ccd3d7915b9e1da2e6dac9e6f26e961118d14b8462e1661'
- ],
- [
- '7461f371914ab32671045a155d9831ea8793d77cd59592c4340f86cbc18347b5',
- '8ec0ba238b96bec0cbdddcae0aa442542eee1ff50c986ea6b39847b3cc092ff6'
- ],
- [
- 'ee079adb1df1860074356a25aa38206a6d716b2c3e67453d287698bad7b2b2d6',
- '8dc2412aafe3be5c4c5f37e0ecc5f9f6a446989af04c4e25ebaac479ec1c8c1e'
- ],
- [
- '16ec93e447ec83f0467b18302ee620f7e65de331874c9dc72bfd8616ba9da6b5',
- '5e4631150e62fb40d0e8c2a7ca5804a39d58186a50e497139626778e25b0674d'
- ],
- [
- 'eaa5f980c245f6f038978290afa70b6bd8855897f98b6aa485b96065d537bd99',
- 'f65f5d3e292c2e0819a528391c994624d784869d7e6ea67fb18041024edc07dc'
- ],
- [
- '78c9407544ac132692ee1910a02439958ae04877151342ea96c4b6b35a49f51',
- 'f3e0319169eb9b85d5404795539a5e68fa1fbd583c064d2462b675f194a3ddb4'
- ],
- [
- '494f4be219a1a77016dcd838431aea0001cdc8ae7a6fc688726578d9702857a5',
- '42242a969283a5f339ba7f075e36ba2af925ce30d767ed6e55f4b031880d562c'
- ],
- [
- 'a598a8030da6d86c6bc7f2f5144ea549d28211ea58faa70ebf4c1e665c1fe9b5',
- '204b5d6f84822c307e4b4a7140737aec23fc63b65b35f86a10026dbd2d864e6b'
- ],
- [
- 'c41916365abb2b5d09192f5f2dbeafec208f020f12570a184dbadc3e58595997',
- '4f14351d0087efa49d245b328984989d5caf9450f34bfc0ed16e96b58fa9913'
- ],
- [
- '841d6063a586fa475a724604da03bc5b92a2e0d2e0a36acfe4c73a5514742881',
- '73867f59c0659e81904f9a1c7543698e62562d6744c169ce7a36de01a8d6154'
- ],
- [
- '5e95bb399a6971d376026947f89bde2f282b33810928be4ded112ac4d70e20d5',
- '39f23f366809085beebfc71181313775a99c9aed7d8ba38b161384c746012865'
- ],
- [
- '36e4641a53948fd476c39f8a99fd974e5ec07564b5315d8bf99471bca0ef2f66',
- 'd2424b1b1abe4eb8164227b085c9aa9456ea13493fd563e06fd51cf5694c78fc'
- ],
- [
- '336581ea7bfbbb290c191a2f507a41cf5643842170e914faeab27c2c579f726',
- 'ead12168595fe1be99252129b6e56b3391f7ab1410cd1e0ef3dcdcabd2fda224'
- ],
- [
- '8ab89816dadfd6b6a1f2634fcf00ec8403781025ed6890c4849742706bd43ede',
- '6fdcef09f2f6d0a044e654aef624136f503d459c3e89845858a47a9129cdd24e'
- ],
- [
- '1e33f1a746c9c5778133344d9299fcaa20b0938e8acff2544bb40284b8c5fb94',
- '60660257dd11b3aa9c8ed618d24edff2306d320f1d03010e33a7d2057f3b3b6'
- ],
- [
- '85b7c1dcb3cec1b7ee7f30ded79dd20a0ed1f4cc18cbcfcfa410361fd8f08f31',
- '3d98a9cdd026dd43f39048f25a8847f4fcafad1895d7a633c6fed3c35e999511'
- ],
- [
- '29df9fbd8d9e46509275f4b125d6d45d7fbe9a3b878a7af872a2800661ac5f51',
- 'b4c4fe99c775a606e2d8862179139ffda61dc861c019e55cd2876eb2a27d84b'
- ],
- [
- 'a0b1cae06b0a847a3fea6e671aaf8adfdfe58ca2f768105c8082b2e449fce252',
- 'ae434102edde0958ec4b19d917a6a28e6b72da1834aff0e650f049503a296cf2'
- ],
- [
- '4e8ceafb9b3e9a136dc7ff67e840295b499dfb3b2133e4ba113f2e4c0e121e5',
- 'cf2174118c8b6d7a4b48f6d534ce5c79422c086a63460502b827ce62a326683c'
- ],
- [
- 'd24a44e047e19b6f5afb81c7ca2f69080a5076689a010919f42725c2b789a33b',
- '6fb8d5591b466f8fc63db50f1c0f1c69013f996887b8244d2cdec417afea8fa3'
- ],
- [
- 'ea01606a7a6c9cdd249fdfcfacb99584001edd28abbab77b5104e98e8e3b35d4',
- '322af4908c7312b0cfbfe369f7a7b3cdb7d4494bc2823700cfd652188a3ea98d'
- ],
- [
- 'af8addbf2b661c8a6c6328655eb96651252007d8c5ea31be4ad196de8ce2131f',
- '6749e67c029b85f52a034eafd096836b2520818680e26ac8f3dfbcdb71749700'
- ],
- [
- 'e3ae1974566ca06cc516d47e0fb165a674a3dabcfca15e722f0e3450f45889',
- '2aeabe7e4531510116217f07bf4d07300de97e4874f81f533420a72eeb0bd6a4'
- ],
- [
- '591ee355313d99721cf6993ffed1e3e301993ff3ed258802075ea8ced397e246',
- 'b0ea558a113c30bea60fc4775460c7901ff0b053d25ca2bdeee98f1a4be5d196'
- ],
- [
- '11396d55fda54c49f19aa97318d8da61fa8584e47b084945077cf03255b52984',
- '998c74a8cd45ac01289d5833a7beb4744ff536b01b257be4c5767bea93ea57a4'
- ],
- [
- '3c5d2a1ba39c5a1790000738c9e0c40b8dcdfd5468754b6405540157e017aa7a',
- 'b2284279995a34e2f9d4de7396fc18b80f9b8b9fdd270f6661f79ca4c81bd257'
- ],
- [
- 'cc8704b8a60a0defa3a99a7299f2e9c3fbc395afb04ac078425ef8a1793cc030',
- 'bdd46039feed17881d1e0862db347f8cf395b74fc4bcdc4e940b74e3ac1f1b13'
- ],
- [
- 'c533e4f7ea8555aacd9777ac5cad29b97dd4defccc53ee7ea204119b2889b197',
- '6f0a256bc5efdf429a2fb6242f1a43a2d9b925bb4a4b3a26bb8e0f45eb596096'
- ],
- [
- 'c14f8f2ccb27d6f109f6d08d03cc96a69ba8c34eec07bbcf566d48e33da6593',
- 'c359d6923bb398f7fd4473e16fe1c28475b740dd098075e6c0e8649113dc3a38'
- ],
- [
- 'a6cbc3046bc6a450bac24789fa17115a4c9739ed75f8f21ce441f72e0b90e6ef',
- '21ae7f4680e889bb130619e2c0f95a360ceb573c70603139862afd617fa9b9f'
- ],
- [
- '347d6d9a02c48927ebfb86c1359b1caf130a3c0267d11ce6344b39f99d43cc38',
- '60ea7f61a353524d1c987f6ecec92f086d565ab687870cb12689ff1e31c74448'
- ],
- [
- 'da6545d2181db8d983f7dcb375ef5866d47c67b1bf31c8cf855ef7437b72656a',
- '49b96715ab6878a79e78f07ce5680c5d6673051b4935bd897fea824b77dc208a'
- ],
- [
- 'c40747cc9d012cb1a13b8148309c6de7ec25d6945d657146b9d5994b8feb1111',
- '5ca560753be2a12fc6de6caf2cb489565db936156b9514e1bb5e83037e0fa2d4'
- ],
- [
- '4e42c8ec82c99798ccf3a610be870e78338c7f713348bd34c8203ef4037f3502',
- '7571d74ee5e0fb92a7a8b33a07783341a5492144cc54bcc40a94473693606437'
- ],
- [
- '3775ab7089bc6af823aba2e1af70b236d251cadb0c86743287522a1b3b0dedea',
- 'be52d107bcfa09d8bcb9736a828cfa7fac8db17bf7a76a2c42ad961409018cf7'
- ],
- [
- 'cee31cbf7e34ec379d94fb814d3d775ad954595d1314ba8846959e3e82f74e26',
- '8fd64a14c06b589c26b947ae2bcf6bfa0149ef0be14ed4d80f448a01c43b1c6d'
- ],
- [
- 'b4f9eaea09b6917619f6ea6a4eb5464efddb58fd45b1ebefcdc1a01d08b47986',
- '39e5c9925b5a54b07433a4f18c61726f8bb131c012ca542eb24a8ac07200682a'
- ],
- [
- 'd4263dfc3d2df923a0179a48966d30ce84e2515afc3dccc1b77907792ebcc60e',
- '62dfaf07a0f78feb30e30d6295853ce189e127760ad6cf7fae164e122a208d54'
- ],
- [
- '48457524820fa65a4f8d35eb6930857c0032acc0a4a2de422233eeda897612c4',
- '25a748ab367979d98733c38a1fa1c2e7dc6cc07db2d60a9ae7a76aaa49bd0f77'
- ],
- [
- 'dfeeef1881101f2cb11644f3a2afdfc2045e19919152923f367a1767c11cceda',
- 'ecfb7056cf1de042f9420bab396793c0c390bde74b4bbdff16a83ae09a9a7517'
- ],
- [
- '6d7ef6b17543f8373c573f44e1f389835d89bcbc6062ced36c82df83b8fae859',
- 'cd450ec335438986dfefa10c57fea9bcc521a0959b2d80bbf74b190dca712d10'
- ],
- [
- 'e75605d59102a5a2684500d3b991f2e3f3c88b93225547035af25af66e04541f',
- 'f5c54754a8f71ee540b9b48728473e314f729ac5308b06938360990e2bfad125'
- ],
- [
- 'eb98660f4c4dfaa06a2be453d5020bc99a0c2e60abe388457dd43fefb1ed620c',
- '6cb9a8876d9cb8520609af3add26cd20a0a7cd8a9411131ce85f44100099223e'
- ],
- [
- '13e87b027d8514d35939f2e6892b19922154596941888336dc3563e3b8dba942',
- 'fef5a3c68059a6dec5d624114bf1e91aac2b9da568d6abeb2570d55646b8adf1'
- ],
- [
- 'ee163026e9fd6fe017c38f06a5be6fc125424b371ce2708e7bf4491691e5764a',
- '1acb250f255dd61c43d94ccc670d0f58f49ae3fa15b96623e5430da0ad6c62b2'
- ],
- [
- 'b268f5ef9ad51e4d78de3a750c2dc89b1e626d43505867999932e5db33af3d80',
- '5f310d4b3c99b9ebb19f77d41c1dee018cf0d34fd4191614003e945a1216e423'
- ],
- [
- 'ff07f3118a9df035e9fad85eb6c7bfe42b02f01ca99ceea3bf7ffdba93c4750d',
- '438136d603e858a3a5c440c38eccbaddc1d2942114e2eddd4740d098ced1f0d8'
- ],
- [
- '8d8b9855c7c052a34146fd20ffb658bea4b9f69e0d825ebec16e8c3ce2b526a1',
- 'cdb559eedc2d79f926baf44fb84ea4d44bcf50fee51d7ceb30e2e7f463036758'
- ],
- [
- '52db0b5384dfbf05bfa9d472d7ae26dfe4b851ceca91b1eba54263180da32b63',
- 'c3b997d050ee5d423ebaf66a6db9f57b3180c902875679de924b69d84a7b375'
- ],
- [
- 'e62f9490d3d51da6395efd24e80919cc7d0f29c3f3fa48c6fff543becbd43352',
- '6d89ad7ba4876b0b22c2ca280c682862f342c8591f1daf5170e07bfd9ccafa7d'
- ],
- [
- '7f30ea2476b399b4957509c88f77d0191afa2ff5cb7b14fd6d8e7d65aaab1193',
- 'ca5ef7d4b231c94c3b15389a5f6311e9daff7bb67b103e9880ef4bff637acaec'
- ],
- [
- '5098ff1e1d9f14fb46a210fada6c903fef0fb7b4a1dd1d9ac60a0361800b7a00',
- '9731141d81fc8f8084d37c6e7542006b3ee1b40d60dfe5362a5b132fd17ddc0'
- ],
- [
- '32b78c7de9ee512a72895be6b9cbefa6e2f3c4ccce445c96b9f2c81e2778ad58',
- 'ee1849f513df71e32efc3896ee28260c73bb80547ae2275ba497237794c8753c'
- ],
- [
- 'e2cb74fddc8e9fbcd076eef2a7c72b0ce37d50f08269dfc074b581550547a4f7',
- 'd3aa2ed71c9dd2247a62df062736eb0baddea9e36122d2be8641abcb005cc4a4'
- ],
- [
- '8438447566d4d7bedadc299496ab357426009a35f235cb141be0d99cd10ae3a8',
- 'c4e1020916980a4da5d01ac5e6ad330734ef0d7906631c4f2390426b2edd791f'
- ],
- [
- '4162d488b89402039b584c6fc6c308870587d9c46f660b878ab65c82c711d67e',
- '67163e903236289f776f22c25fb8a3afc1732f2b84b4e95dbda47ae5a0852649'
- ],
- [
- '3fad3fa84caf0f34f0f89bfd2dcf54fc175d767aec3e50684f3ba4a4bf5f683d',
- 'cd1bc7cb6cc407bb2f0ca647c718a730cf71872e7d0d2a53fa20efcdfe61826'
- ],
- [
- '674f2600a3007a00568c1a7ce05d0816c1fb84bf1370798f1c69532faeb1a86b',
- '299d21f9413f33b3edf43b257004580b70db57da0b182259e09eecc69e0d38a5'
- ],
- [
- 'd32f4da54ade74abb81b815ad1fb3b263d82d6c692714bcff87d29bd5ee9f08f',
- 'f9429e738b8e53b968e99016c059707782e14f4535359d582fc416910b3eea87'
- ],
- [
- '30e4e670435385556e593657135845d36fbb6931f72b08cb1ed954f1e3ce3ff6',
- '462f9bce619898638499350113bbc9b10a878d35da70740dc695a559eb88db7b'
- ],
- [
- 'be2062003c51cc3004682904330e4dee7f3dcd10b01e580bf1971b04d4cad297',
- '62188bc49d61e5428573d48a74e1c655b1c61090905682a0d5558ed72dccb9bc'
- ],
- [
- '93144423ace3451ed29e0fb9ac2af211cb6e84a601df5993c419859fff5df04a',
- '7c10dfb164c3425f5c71a3f9d7992038f1065224f72bb9d1d902a6d13037b47c'
- ],
- [
- 'b015f8044f5fcbdcf21ca26d6c34fb8197829205c7b7d2a7cb66418c157b112c',
- 'ab8c1e086d04e813744a655b2df8d5f83b3cdc6faa3088c1d3aea1454e3a1d5f'
- ],
- [
- 'd5e9e1da649d97d89e4868117a465a3a4f8a18de57a140d36b3f2af341a21b52',
- '4cb04437f391ed73111a13cc1d4dd0db1693465c2240480d8955e8592f27447a'
- ],
- [
- 'd3ae41047dd7ca065dbf8ed77b992439983005cd72e16d6f996a5316d36966bb',
- 'bd1aeb21ad22ebb22a10f0303417c6d964f8cdd7df0aca614b10dc14d125ac46'
- ],
- [
- '463e2763d885f958fc66cdd22800f0a487197d0a82e377b49f80af87c897b065',
- 'bfefacdb0e5d0fd7df3a311a94de062b26b80c61fbc97508b79992671ef7ca7f'
- ],
- [
- '7985fdfd127c0567c6f53ec1bb63ec3158e597c40bfe747c83cddfc910641917',
- '603c12daf3d9862ef2b25fe1de289aed24ed291e0ec6708703a5bd567f32ed03'
- ],
- [
- '74a1ad6b5f76e39db2dd249410eac7f99e74c59cb83d2d0ed5ff1543da7703e9',
- 'cc6157ef18c9c63cd6193d83631bbea0093e0968942e8c33d5737fd790e0db08'
- ],
- [
- '30682a50703375f602d416664ba19b7fc9bab42c72747463a71d0896b22f6da3',
- '553e04f6b018b4fa6c8f39e7f311d3176290d0e0f19ca73f17714d9977a22ff8'
- ],
- [
- '9e2158f0d7c0d5f26c3791efefa79597654e7a2b2464f52b1ee6c1347769ef57',
- '712fcdd1b9053f09003a3481fa7762e9ffd7c8ef35a38509e2fbf2629008373'
- ],
- [
- '176e26989a43c9cfeba4029c202538c28172e566e3c4fce7322857f3be327d66',
- 'ed8cc9d04b29eb877d270b4878dc43c19aefd31f4eee09ee7b47834c1fa4b1c3'
- ],
- [
- '75d46efea3771e6e68abb89a13ad747ecf1892393dfc4f1b7004788c50374da8',
- '9852390a99507679fd0b86fd2b39a868d7efc22151346e1a3ca4726586a6bed8'
- ],
- [
- '809a20c67d64900ffb698c4c825f6d5f2310fb0451c869345b7319f645605721',
- '9e994980d9917e22b76b061927fa04143d096ccc54963e6a5ebfa5f3f8e286c1'
- ],
- [
- '1b38903a43f7f114ed4500b4eac7083fdefece1cf29c63528d563446f972c180',
- '4036edc931a60ae889353f77fd53de4a2708b26b6f5da72ad3394119daf408f9'
- ]
- ]
- }
- };
- },{}],32:[function(require,module,exports){
- 'use strict';
- var utils = exports;
- var BN = require('bn.js');
- var minAssert = require('minimalistic-assert');
- var minUtils = require('minimalistic-crypto-utils');
- utils.assert = minAssert;
- utils.toArray = minUtils.toArray;
- utils.zero2 = minUtils.zero2;
- utils.toHex = minUtils.toHex;
- utils.encode = minUtils.encode;
- // Represent num in a w-NAF form
- function getNAF(num, w) {
- var naf = [];
- var ws = 1 << (w + 1);
- var k = num.clone();
- while (k.cmpn(1) >= 0) {
- var z;
- if (k.isOdd()) {
- var mod = k.andln(ws - 1);
- if (mod > (ws >> 1) - 1)
- z = (ws >> 1) - mod;
- else
- z = mod;
- k.isubn(z);
- } else {
- z = 0;
- }
- naf.push(z);
- // Optimization, shift by word if possible
- var shift = (k.cmpn(0) !== 0 && k.andln(ws - 1) === 0) ? (w + 1) : 1;
- for (var i = 1; i < shift; i++)
- naf.push(0);
- k.iushrn(shift);
- }
- return naf;
- }
- utils.getNAF = getNAF;
- // Represent k1, k2 in a Joint Sparse Form
- function getJSF(k1, k2) {
- var jsf = [
- [],
- []
- ];
- k1 = k1.clone();
- k2 = k2.clone();
- var d1 = 0;
- var d2 = 0;
- while (k1.cmpn(-d1) > 0 || k2.cmpn(-d2) > 0) {
- // First phase
- var m14 = (k1.andln(3) + d1) & 3;
- var m24 = (k2.andln(3) + d2) & 3;
- if (m14 === 3)
- m14 = -1;
- if (m24 === 3)
- m24 = -1;
- var u1;
- if ((m14 & 1) === 0) {
- u1 = 0;
- } else {
- var m8 = (k1.andln(7) + d1) & 7;
- if ((m8 === 3 || m8 === 5) && m24 === 2)
- u1 = -m14;
- else
- u1 = m14;
- }
- jsf[0].push(u1);
- var u2;
- if ((m24 & 1) === 0) {
- u2 = 0;
- } else {
- var m8 = (k2.andln(7) + d2) & 7;
- if ((m8 === 3 || m8 === 5) && m14 === 2)
- u2 = -m24;
- else
- u2 = m24;
- }
- jsf[1].push(u2);
- // Second phase
- if (2 * d1 === u1 + 1)
- d1 = 1 - d1;
- if (2 * d2 === u2 + 1)
- d2 = 1 - d2;
- k1.iushrn(1);
- k2.iushrn(1);
- }
- return jsf;
- }
- utils.getJSF = getJSF;
- function cachedProperty(obj, name, computer) {
- var key = '_' + name;
- obj.prototype[name] = function cachedProperty() {
- return this[key] !== undefined ? this[key] :
- this[key] = computer.call(this);
- };
- }
- utils.cachedProperty = cachedProperty;
- function parseBytes(bytes) {
- return typeof bytes === 'string' ? utils.toArray(bytes, 'hex') :
- bytes;
- }
- utils.parseBytes = parseBytes;
- function intFromLE(bytes) {
- return new BN(bytes, 'hex', 'le');
- }
- utils.intFromLE = intFromLE;
- },{"bn.js":16,"minimalistic-assert":48,"minimalistic-crypto-utils":49}],33:[function(require,module,exports){
- "use strict";
- // email-addresses.js - RFC 5322 email address parser
- // v 3.1.0
- //
- // http://tools.ietf.org/html/rfc5322
- //
- // This library does not validate email addresses.
- // emailAddresses attempts to parse addresses using the (fairly liberal)
- // grammar specified in RFC 5322.
- //
- // email-addresses returns {
- // ast: <an abstract syntax tree based on rfc5322>,
- // addresses: [{
- // node: <node in ast for this address>,
- // name: <display-name>,
- // address: <addr-spec>,
- // local: <local-part>,
- // domain: <domain>
- // }, ...]
- // }
- //
- // emailAddresses.parseOneAddress and emailAddresses.parseAddressList
- // work as you might expect. Try it out.
- //
- // Many thanks to Dominic Sayers and his documentation on the is_email function,
- // http://code.google.com/p/isemail/ , which helped greatly in writing this parser.
- (function (global) {
- "use strict";
- function parse5322(opts) {
- // tokenizing functions
- function inStr() {
- return pos < len;
- }
- function curTok() {
- return parseString[pos];
- }
- function getPos() {
- return pos;
- }
- function setPos(i) {
- pos = i;
- }
- function nextTok() {
- pos += 1;
- }
- function initialize() {
- pos = 0;
- len = parseString.length;
- }
- // parser helper functions
- function o(name, value) {
- return {
- name: name,
- tokens: value || "",
- semantic: value || "",
- children: []
- };
- }
- function wrap(name, ast) {
- var n;
- if (ast === null) {
- return null;
- }
- n = o(name);
- n.tokens = ast.tokens;
- n.semantic = ast.semantic;
- n.children.push(ast);
- return n;
- }
- function add(parent, child) {
- if (child !== null) {
- parent.tokens += child.tokens;
- parent.semantic += child.semantic;
- }
- parent.children.push(child);
- return parent;
- }
- function compareToken(fxnCompare) {
- var tok;
- if (!inStr()) {
- return null;
- }
- tok = curTok();
- if (fxnCompare(tok)) {
- nextTok();
- return o('token', tok);
- }
- return null;
- }
- function literal(lit) {
- return function literalFunc() {
- return wrap('literal', compareToken(function (tok) {
- return tok === lit;
- }));
- };
- }
- function and() {
- var args = arguments;
- return function andFunc() {
- var i, s, result, start;
- start = getPos();
- s = o('and');
- for (i = 0; i < args.length; i += 1) {
- result = args[i]();
- if (result === null) {
- setPos(start);
- return null;
- }
- add(s, result);
- }
- return s;
- };
- }
- function or() {
- var args = arguments;
- return function orFunc() {
- var i, result, start;
- start = getPos();
- for (i = 0; i < args.length; i += 1) {
- result = args[i]();
- if (result !== null) {
- return result;
- }
- setPos(start);
- }
- return null;
- };
- }
- function opt(prod) {
- return function optFunc() {
- var result, start;
- start = getPos();
- result = prod();
- if (result !== null) {
- return result;
- } else {
- setPos(start);
- return o('opt');
- }
- };
- }
- function invis(prod) {
- return function invisFunc() {
- var result = prod();
- if (result !== null) {
- result.semantic = "";
- }
- return result;
- };
- }
- function colwsp(prod) {
- return function collapseSemanticWhitespace() {
- var result = prod();
- if (result !== null && result.semantic.length > 0) {
- result.semantic = " ";
- }
- return result;
- };
- }
- function star(prod, minimum) {
- return function starFunc() {
- var s, result, count, start, min;
- start = getPos();
- s = o('star');
- count = 0;
- min = minimum === undefined ? 0 : minimum;
- while ((result = prod()) !== null) {
- count = count + 1;
- add(s, result);
- }
- if (count >= min) {
- return s;
- } else {
- setPos(start);
- return null;
- }
- };
- }
- // One expects names to get normalized like this:
- // " First Last " -> "First Last"
- // "First Last" -> "First Last"
- // "First Last" -> "First Last"
- function collapseWhitespace(s) {
- return s.replace(/([ \t]|\r\n)+/g, ' ').replace(/^\s*/, '').replace(/\s*$/, '');
- }
- // UTF-8 pseudo-production (RFC 6532)
- // RFC 6532 extends RFC 5322 productions to include UTF-8
- // using the following productions:
- // UTF8-non-ascii = UTF8-2 / UTF8-3 / UTF8-4
- // UTF8-2 = <Defined in Section 4 of RFC3629>
- // UTF8-3 = <Defined in Section 4 of RFC3629>
- // UTF8-4 = <Defined in Section 4 of RFC3629>
- //
- // For reference, the extended RFC 5322 productions are:
- // VCHAR =/ UTF8-non-ascii
- // ctext =/ UTF8-non-ascii
- // atext =/ UTF8-non-ascii
- // qtext =/ UTF8-non-ascii
- // dtext =/ UTF8-non-ascii
- function isUTF8NonAscii(tok) {
- // In JavaScript, we just deal directly with Unicode code points,
- // so we aren't checking individual bytes for UTF-8 encoding.
- // Just check that the character is non-ascii.
- return tok.charCodeAt(0) >= 128;
- }
- // common productions (RFC 5234)
- // http://tools.ietf.org/html/rfc5234
- // B.1. Core Rules
- // CR = %x0D
- // ; carriage return
- function cr() {
- return wrap('cr', literal('\r')());
- }
- // CRLF = CR LF
- // ; Internet standard newline
- function crlf() {
- return wrap('crlf', and(cr, lf)());
- }
- // DQUOTE = %x22
- // ; " (Double Quote)
- function dquote() {
- return wrap('dquote', literal('"')());
- }
- // HTAB = %x09
- // ; horizontal tab
- function htab() {
- return wrap('htab', literal('\t')());
- }
- // LF = %x0A
- // ; linefeed
- function lf() {
- return wrap('lf', literal('\n')());
- }
- // SP = %x20
- function sp() {
- return wrap('sp', literal(' ')());
- }
- // VCHAR = %x21-7E
- // ; visible (printing) characters
- function vchar() {
- return wrap('vchar', compareToken(function vcharFunc(tok) {
- var code = tok.charCodeAt(0);
- var accept = 0x21 <= code && code <= 0x7E;
- if (opts.rfc6532) {
- accept = accept || isUTF8NonAscii(tok);
- }
- return accept;
- }));
- }
- // WSP = SP / HTAB
- // ; white space
- function wsp() {
- return wrap('wsp', or(sp, htab)());
- }
- // email productions (RFC 5322)
- // http://tools.ietf.org/html/rfc5322
- // 3.2.1. Quoted characters
- // quoted-pair = ("\" (VCHAR / WSP)) / obs-qp
- function quotedPair() {
- var qp = wrap('quoted-pair', or(and(literal('\\'), or(vchar, wsp)), obsQP)());
- if (qp === null) {
- return null;
- }
- // a quoted pair will be two characters, and the "\" character
- // should be semantically "invisible" (RFC 5322 3.2.1)
- qp.semantic = qp.semantic[1];
- return qp;
- }
- // 3.2.2. Folding White Space and Comments
- // FWS = ([*WSP CRLF] 1*WSP) / obs-FWS
- function fws() {
- return wrap('fws', or(obsFws, and(opt(and(star(wsp), invis(crlf))), star(wsp, 1)))());
- }
- // ctext = %d33-39 / ; Printable US-ASCII
- // %d42-91 / ; characters not including
- // %d93-126 / ; "(", ")", or "\"
- // obs-ctext
- function ctext() {
- return wrap('ctext', or(function ctextFunc1() {
- return compareToken(function ctextFunc2(tok) {
- var code = tok.charCodeAt(0);
- var accept = 33 <= code && code <= 39 || 42 <= code && code <= 91 || 93 <= code && code <= 126;
- if (opts.rfc6532) {
- accept = accept || isUTF8NonAscii(tok);
- }
- return accept;
- });
- }, obsCtext)());
- }
- // ccontent = ctext / quoted-pair / comment
- function ccontent() {
- return wrap('ccontent', or(ctext, quotedPair, comment)());
- }
- // comment = "(" *([FWS] ccontent) [FWS] ")"
- function comment() {
- return wrap('comment', and(literal('('), star(and(opt(fws), ccontent)), opt(fws), literal(')'))());
- }
- // CFWS = (1*([FWS] comment) [FWS]) / FWS
- function cfws() {
- return wrap('cfws', or(and(star(and(opt(fws), comment), 1), opt(fws)), fws)());
- }
- // 3.2.3. Atom
- //atext = ALPHA / DIGIT / ; Printable US-ASCII
- // "!" / "#" / ; characters not including
- // "$" / "%" / ; specials. Used for atoms.
- // "&" / "'" /
- // "*" / "+" /
- // "-" / "/" /
- // "=" / "?" /
- // "^" / "_" /
- // "`" / "{" /
- // "|" / "}" /
- // "~"
- function atext() {
- return wrap('atext', compareToken(function atextFunc(tok) {
- var accept = 'a' <= tok && tok <= 'z' || 'A' <= tok && tok <= 'Z' || '0' <= tok && tok <= '9' || ['!', '#', '$', '%', '&', '\'', '*', '+', '-', '/', '=', '?', '^', '_', '`', '{', '|', '}', '~'].indexOf(tok) >= 0;
- if (opts.rfc6532) {
- accept = accept || isUTF8NonAscii(tok);
- }
- return accept;
- }));
- }
- // atom = [CFWS] 1*atext [CFWS]
- function atom() {
- return wrap('atom', and(colwsp(opt(cfws)), star(atext, 1), colwsp(opt(cfws)))());
- }
- // dot-atom-text = 1*atext *("." 1*atext)
- function dotAtomText() {
- var s, maybeText;
- s = wrap('dot-atom-text', star(atext, 1)());
- if (s === null) {
- return s;
- }
- maybeText = star(and(literal('.'), star(atext, 1)))();
- if (maybeText !== null) {
- add(s, maybeText);
- }
- return s;
- }
- // dot-atom = [CFWS] dot-atom-text [CFWS]
- function dotAtom() {
- return wrap('dot-atom', and(invis(opt(cfws)), dotAtomText, invis(opt(cfws)))());
- }
- // 3.2.4. Quoted Strings
- // qtext = %d33 / ; Printable US-ASCII
- // %d35-91 / ; characters not including
- // %d93-126 / ; "\" or the quote character
- // obs-qtext
- function qtext() {
- return wrap('qtext', or(function qtextFunc1() {
- return compareToken(function qtextFunc2(tok) {
- var code = tok.charCodeAt(0);
- var accept = 33 === code || 35 <= code && code <= 91 || 93 <= code && code <= 126;
- if (opts.rfc6532) {
- accept = accept || isUTF8NonAscii(tok);
- }
- return accept;
- });
- }, obsQtext)());
- }
- // qcontent = qtext / quoted-pair
- function qcontent() {
- return wrap('qcontent', or(qtext, quotedPair)());
- }
- // quoted-string = [CFWS]
- // DQUOTE *([FWS] qcontent) [FWS] DQUOTE
- // [CFWS]
- function quotedString() {
- return wrap('quoted-string', and(invis(opt(cfws)), invis(dquote), star(and(opt(colwsp(fws)), qcontent)), opt(invis(fws)), invis(dquote), invis(opt(cfws)))());
- }
- // 3.2.5 Miscellaneous Tokens
- // word = atom / quoted-string
- function word() {
- return wrap('word', or(atom, quotedString)());
- }
- // phrase = 1*word / obs-phrase
- function phrase() {
- return wrap('phrase', or(obsPhrase, star(word, 1))());
- }
- // 3.4. Address Specification
- // address = mailbox / group
- function address() {
- return wrap('address', or(mailbox, group)());
- }
- // mailbox = name-addr / addr-spec
- function mailbox() {
- return wrap('mailbox', or(nameAddr, addrSpec)());
- }
- // name-addr = [display-name] angle-addr
- function nameAddr() {
- return wrap('name-addr', and(opt(displayName), angleAddr)());
- }
- // angle-addr = [CFWS] "<" addr-spec ">" [CFWS] /
- // obs-angle-addr
- function angleAddr() {
- return wrap('angle-addr', or(and(invis(opt(cfws)), literal('<'), addrSpec, literal('>'), invis(opt(cfws))), obsAngleAddr)());
- }
- // group = display-name ":" [group-list] ";" [CFWS]
- function group() {
- return wrap('group', and(displayName, literal(':'), opt(groupList), literal(';'), invis(opt(cfws)))());
- }
- // display-name = phrase
- function displayName() {
- return wrap('display-name', function phraseFixedSemantic() {
- var result = phrase();
- if (result !== null) {
- result.semantic = collapseWhitespace(result.semantic);
- }
- return result;
- }());
- }
- // mailbox-list = (mailbox *("," mailbox)) / obs-mbox-list
- function mailboxList() {
- return wrap('mailbox-list', or(and(mailbox, star(and(literal(','), mailbox))), obsMboxList)());
- }
- // address-list = (address *("," address)) / obs-addr-list
- function addressList() {
- return wrap('address-list', or(and(address, star(and(literal(','), address))), obsAddrList)());
- }
- // group-list = mailbox-list / CFWS / obs-group-list
- function groupList() {
- return wrap('group-list', or(mailboxList, invis(cfws), obsGroupList)());
- }
- // 3.4.1 Addr-Spec Specification
- // local-part = dot-atom / quoted-string / obs-local-part
- function localPart() {
- // note: quoted-string, dotAtom are proper subsets of obs-local-part
- // so we really just have to look for obsLocalPart, if we don't care about the exact parse tree
- return wrap('local-part', or(obsLocalPart, dotAtom, quotedString)());
- }
- // dtext = %d33-90 / ; Printable US-ASCII
- // %d94-126 / ; characters not including
- // obs-dtext ; "[", "]", or "\"
- function dtext() {
- return wrap('dtext', or(function dtextFunc1() {
- return compareToken(function dtextFunc2(tok) {
- var code = tok.charCodeAt(0);
- var accept = 33 <= code && code <= 90 || 94 <= code && code <= 126;
- if (opts.rfc6532) {
- accept = accept || isUTF8NonAscii(tok);
- }
- return accept;
- });
- }, obsDtext)());
- }
- // domain-literal = [CFWS] "[" *([FWS] dtext) [FWS] "]" [CFWS]
- function domainLiteral() {
- return wrap('domain-literal', and(invis(opt(cfws)), literal('['), star(and(opt(fws), dtext)), opt(fws), literal(']'), invis(opt(cfws)))());
- }
- // domain = dot-atom / domain-literal / obs-domain
- function domain() {
- return wrap('domain', function domainCheckTLD() {
- var result = or(obsDomain, dotAtom, domainLiteral)();
- if (opts.rejectTLD) {
- if (result && result.semantic && result.semantic.indexOf('.') < 0) {
- return null;
- }
- }
- // strip all whitespace from domains
- if (result) {
- result.semantic = result.semantic.replace(/\s+/g, '');
- }
- return result;
- }());
- }
- // addr-spec = local-part "@" domain
- function addrSpec() {
- return wrap('addr-spec', and(localPart, literal('@'), domain)());
- }
- // 3.6.2 Originator Fields
- // Below we only parse the field body, not the name of the field
- // like "From:", "Sender:", or "Reply-To:". Other libraries that
- // parse email headers can parse those and defer to these productions
- // for the "RFC 5322" part.
- // RFC 6854 2.1. Replacement of RFC 5322, Section 3.6.2. Originator Fields
- // from = "From:" (mailbox-list / address-list) CRLF
- function fromSpec() {
- return wrap('from', or(mailboxList, addressList)());
- }
- // RFC 6854 2.1. Replacement of RFC 5322, Section 3.6.2. Originator Fields
- // sender = "Sender:" (mailbox / address) CRLF
- function senderSpec() {
- return wrap('sender', or(mailbox, address)());
- }
- // RFC 6854 2.1. Replacement of RFC 5322, Section 3.6.2. Originator Fields
- // reply-to = "Reply-To:" address-list CRLF
- function replyToSpec() {
- return wrap('reply-to', addressList());
- }
- // 4.1. Miscellaneous Obsolete Tokens
- // obs-NO-WS-CTL = %d1-8 / ; US-ASCII control
- // %d11 / ; characters that do not
- // %d12 / ; include the carriage
- // %d14-31 / ; return, line feed, and
- // %d127 ; white space characters
- function obsNoWsCtl() {
- return opts.strict ? null : wrap('obs-NO-WS-CTL', compareToken(function (tok) {
- var code = tok.charCodeAt(0);
- return 1 <= code && code <= 8 || 11 === code || 12 === code || 14 <= code && code <= 31 || 127 === code;
- }));
- }
- // obs-ctext = obs-NO-WS-CTL
- function obsCtext() {
- return opts.strict ? null : wrap('obs-ctext', obsNoWsCtl());
- }
- // obs-qtext = obs-NO-WS-CTL
- function obsQtext() {
- return opts.strict ? null : wrap('obs-qtext', obsNoWsCtl());
- }
- // obs-qp = "\" (%d0 / obs-NO-WS-CTL / LF / CR)
- function obsQP() {
- return opts.strict ? null : wrap('obs-qp', and(literal('\\'), or(literal('\0'), obsNoWsCtl, lf, cr))());
- }
- // obs-phrase = word *(word / "." / CFWS)
- function obsPhrase() {
- if (opts.strict) return null;
- return opts.atInDisplayName ? wrap('obs-phrase', and(word, star(or(word, literal('.'), literal('@'), colwsp(cfws))))()) : wrap('obs-phrase', and(word, star(or(word, literal('.'), colwsp(cfws))))());
- }
- // 4.2. Obsolete Folding White Space
- // NOTE: read the errata http://www.rfc-editor.org/errata_search.php?rfc=5322&eid=1908
- // obs-FWS = 1*([CRLF] WSP)
- function obsFws() {
- return opts.strict ? null : wrap('obs-FWS', star(and(invis(opt(crlf)), wsp), 1)());
- }
- // 4.4. Obsolete Addressing
- // obs-angle-addr = [CFWS] "<" obs-route addr-spec ">" [CFWS]
- function obsAngleAddr() {
- return opts.strict ? null : wrap('obs-angle-addr', and(invis(opt(cfws)), literal('<'), obsRoute, addrSpec, literal('>'), invis(opt(cfws)))());
- }
- // obs-route = obs-domain-list ":"
- function obsRoute() {
- return opts.strict ? null : wrap('obs-route', and(obsDomainList, literal(':'))());
- }
- // obs-domain-list = *(CFWS / ",") "@" domain
- // *("," [CFWS] ["@" domain])
- function obsDomainList() {
- return opts.strict ? null : wrap('obs-domain-list', and(star(or(invis(cfws), literal(','))), literal('@'), domain, star(and(literal(','), invis(opt(cfws)), opt(and(literal('@'), domain)))))());
- }
- // obs-mbox-list = *([CFWS] ",") mailbox *("," [mailbox / CFWS])
- function obsMboxList() {
- return opts.strict ? null : wrap('obs-mbox-list', and(star(and(invis(opt(cfws)), literal(','))), mailbox, star(and(literal(','), opt(and(mailbox, invis(cfws))))))());
- }
- // obs-addr-list = *([CFWS] ",") address *("," [address / CFWS])
- function obsAddrList() {
- return opts.strict ? null : wrap('obs-addr-list', and(star(and(invis(opt(cfws)), literal(','))), address, star(and(literal(','), opt(and(address, invis(cfws))))))());
- }
- // obs-group-list = 1*([CFWS] ",") [CFWS]
- function obsGroupList() {
- return opts.strict ? null : wrap('obs-group-list', and(star(and(invis(opt(cfws)), literal(',')), 1), invis(opt(cfws)))());
- }
- // obs-local-part = word *("." word)
- function obsLocalPart() {
- return opts.strict ? null : wrap('obs-local-part', and(word, star(and(literal('.'), word)))());
- }
- // obs-domain = atom *("." atom)
- function obsDomain() {
- return opts.strict ? null : wrap('obs-domain', and(atom, star(and(literal('.'), atom)))());
- }
- // obs-dtext = obs-NO-WS-CTL / quoted-pair
- function obsDtext() {
- return opts.strict ? null : wrap('obs-dtext', or(obsNoWsCtl, quotedPair)());
- }
- /////////////////////////////////////////////////////
- // ast analysis
- function findNode(name, root) {
- var i, stack, node;
- if (root === null || root === undefined) {
- return null;
- }
- stack = [root];
- while (stack.length > 0) {
- node = stack.pop();
- if (node.name === name) {
- return node;
- }
- for (i = node.children.length - 1; i >= 0; i -= 1) {
- stack.push(node.children[i]);
- }
- }
- return null;
- }
- function findAllNodes(name, root) {
- var i, stack, node, result;
- if (root === null || root === undefined) {
- return null;
- }
- stack = [root];
- result = [];
- while (stack.length > 0) {
- node = stack.pop();
- if (node.name === name) {
- result.push(node);
- }
- for (i = node.children.length - 1; i >= 0; i -= 1) {
- stack.push(node.children[i]);
- }
- }
- return result;
- }
- function findAllNodesNoChildren(names, root) {
- var i, stack, node, result, namesLookup;
- if (root === null || root === undefined) {
- return null;
- }
- stack = [root];
- result = [];
- namesLookup = {};
- for (i = 0; i < names.length; i += 1) {
- namesLookup[names[i]] = true;
- }
- while (stack.length > 0) {
- node = stack.pop();
- if (node.name in namesLookup) {
- result.push(node);
- // don't look at children (hence findAllNodesNoChildren)
- } else {
- for (i = node.children.length - 1; i >= 0; i -= 1) {
- stack.push(node.children[i]);
- }
- }
- }
- return result;
- }
- function giveResult(ast) {
- var addresses, groupsAndMailboxes, i, groupOrMailbox, result;
- if (ast === null) {
- return null;
- }
- addresses = [];
- // An address is a 'group' (i.e. a list of mailboxes) or a 'mailbox'.
- groupsAndMailboxes = findAllNodesNoChildren(['group', 'mailbox'], ast);
- for (i = 0; i < groupsAndMailboxes.length; i += 1) {
- groupOrMailbox = groupsAndMailboxes[i];
- if (groupOrMailbox.name === 'group') {
- addresses.push(giveResultGroup(groupOrMailbox));
- } else if (groupOrMailbox.name === 'mailbox') {
- addresses.push(giveResultMailbox(groupOrMailbox));
- }
- }
- result = {
- ast: ast,
- addresses: addresses
- };
- if (opts.simple) {
- result = simplifyResult(result);
- }
- if (opts.oneResult) {
- return oneResult(result);
- }
- if (opts.simple) {
- return result && result.addresses;
- } else {
- return result;
- }
- }
- function giveResultGroup(group) {
- var i;
- var groupName = findNode('display-name', group);
- var groupResultMailboxes = [];
- var mailboxes = findAllNodesNoChildren(['mailbox'], group);
- for (i = 0; i < mailboxes.length; i += 1) {
- groupResultMailboxes.push(giveResultMailbox(mailboxes[i]));
- }
- return {
- node: group,
- parts: {
- name: groupName
- },
- type: group.name, // 'group'
- name: grabSemantic(groupName),
- addresses: groupResultMailboxes
- };
- }
- function giveResultMailbox(mailbox) {
- var name = findNode('display-name', mailbox);
- var aspec = findNode('addr-spec', mailbox);
- var cfws = findAllNodes('cfws', mailbox);
- var comments = findAllNodesNoChildren(['comment'], mailbox);
- var local = findNode('local-part', aspec);
- var domain = findNode('domain', aspec);
- return {
- node: mailbox,
- parts: {
- name: name,
- address: aspec,
- local: local,
- domain: domain,
- comments: cfws
- },
- type: mailbox.name, // 'mailbox'
- name: grabSemantic(name),
- address: grabSemantic(aspec),
- local: grabSemantic(local),
- domain: grabSemantic(domain),
- comments: concatComments(comments),
- groupName: grabSemantic(mailbox.groupName)
- };
- }
- function grabSemantic(n) {
- return n !== null && n !== undefined ? n.semantic : null;
- }
- function simplifyResult(result) {
- var i;
- if (result && result.addresses) {
- for (i = 0; i < result.addresses.length; i += 1) {
- delete result.addresses[i].node;
- }
- }
- return result;
- }
- function concatComments(comments) {
- var result = '';
- if (comments) {
- for (var i = 0; i < comments.length; i += 1) {
- result += grabSemantic(comments[i]);
- }
- }
- return result;
- }
- function oneResult(result) {
- if (!result) {
- return null;
- }
- if (!opts.partial && result.addresses.length > 1) {
- return null;
- }
- return result.addresses && result.addresses[0];
- }
- /////////////////////////////////////////////////////
- var parseString, pos, len, parsed, startProduction;
- opts = handleOpts(opts, {});
- if (opts === null) {
- return null;
- }
- parseString = opts.input;
- startProduction = {
- 'address': address,
- 'address-list': addressList,
- 'angle-addr': angleAddr,
- 'from': fromSpec,
- 'group': group,
- 'mailbox': mailbox,
- 'mailbox-list': mailboxList,
- 'reply-to': replyToSpec,
- 'sender': senderSpec
- }[opts.startAt] || addressList;
- if (!opts.strict) {
- initialize();
- opts.strict = true;
- parsed = startProduction(parseString);
- if (opts.partial || !inStr()) {
- return giveResult(parsed);
- }
- opts.strict = false;
- }
- initialize();
- parsed = startProduction(parseString);
- if (!opts.partial && inStr()) {
- return null;
- }
- return giveResult(parsed);
- }
- function parseOneAddressSimple(opts) {
- return parse5322(handleOpts(opts, {
- oneResult: true,
- rfc6532: true,
- simple: true,
- startAt: 'address-list'
- }));
- }
- function parseAddressListSimple(opts) {
- return parse5322(handleOpts(opts, {
- rfc6532: true,
- simple: true,
- startAt: 'address-list'
- }));
- }
- function parseFromSimple(opts) {
- return parse5322(handleOpts(opts, {
- rfc6532: true,
- simple: true,
- startAt: 'from'
- }));
- }
- function parseSenderSimple(opts) {
- return parse5322(handleOpts(opts, {
- oneResult: true,
- rfc6532: true,
- simple: true,
- startAt: 'sender'
- }));
- }
- function parseReplyToSimple(opts) {
- return parse5322(handleOpts(opts, {
- rfc6532: true,
- simple: true,
- startAt: 'reply-to'
- }));
- }
- function handleOpts(opts, defs) {
- function isString(str) {
- return Object.prototype.toString.call(str) === '[object String]';
- }
- function isObject(o) {
- return o === Object(o);
- }
- function isNullUndef(o) {
- return o === null || o === undefined;
- }
- var defaults, o;
- if (isString(opts)) {
- opts = { input: opts };
- } else if (!isObject(opts)) {
- return null;
- }
- if (!isString(opts.input)) {
- return null;
- }
- if (!defs) {
- return null;
- }
- defaults = {
- oneResult: false,
- partial: false,
- rejectTLD: false,
- rfc6532: false,
- simple: false,
- startAt: 'address-list',
- strict: false,
- atInDisplayName: false
- };
- for (o in defaults) {
- if (isNullUndef(opts[o])) {
- opts[o] = !isNullUndef(defs[o]) ? defs[o] : defaults[o];
- }
- }
- return opts;
- }
- parse5322.parseOneAddress = parseOneAddressSimple;
- parse5322.parseAddressList = parseAddressListSimple;
- parse5322.parseFrom = parseFromSimple;
- parse5322.parseSender = parseSenderSimple;
- parse5322.parseReplyTo = parseReplyToSimple;
- if (typeof module !== 'undefined' && typeof module.exports !== 'undefined') {
- module.exports = parse5322;
- } else {
- global.emailAddresses = parse5322;
- }
- })(undefined);
- },{}],34:[function(require,module,exports){
- var hash = exports;
- hash.utils = require('./hash/utils');
- hash.common = require('./hash/common');
- hash.sha = require('./hash/sha');
- hash.ripemd = require('./hash/ripemd');
- hash.hmac = require('./hash/hmac');
- // Proxy hash functions to the main object
- hash.sha1 = hash.sha.sha1;
- hash.sha256 = hash.sha.sha256;
- hash.sha224 = hash.sha.sha224;
- hash.sha384 = hash.sha.sha384;
- hash.sha512 = hash.sha.sha512;
- hash.ripemd160 = hash.ripemd.ripemd160;
- },{"./hash/common":35,"./hash/hmac":36,"./hash/ripemd":37,"./hash/sha":38,"./hash/utils":45}],35:[function(require,module,exports){
- 'use strict';
- var utils = require('./utils');
- var assert = require('minimalistic-assert');
- function BlockHash() {
- this.pending = null;
- this.pendingTotal = 0;
- this.blockSize = this.constructor.blockSize;
- this.outSize = this.constructor.outSize;
- this.hmacStrength = this.constructor.hmacStrength;
- this.padLength = this.constructor.padLength / 8;
- this.endian = 'big';
- this._delta8 = this.blockSize / 8;
- this._delta32 = this.blockSize / 32;
- }
- exports.BlockHash = BlockHash;
- BlockHash.prototype.update = function update(msg, enc) {
- // Convert message to array, pad it, and join into 32bit blocks
- msg = utils.toArray(msg, enc);
- if (!this.pending)
- this.pending = msg;
- else
- this.pending = this.pending.concat(msg);
- this.pendingTotal += msg.length;
- // Enough data, try updating
- if (this.pending.length >= this._delta8) {
- msg = this.pending;
- // Process pending data in blocks
- var r = msg.length % this._delta8;
- this.pending = msg.slice(msg.length - r, msg.length);
- if (this.pending.length === 0)
- this.pending = null;
- msg = utils.join32(msg, 0, msg.length - r, this.endian);
- for (var i = 0; i < msg.length; i += this._delta32)
- this._update(msg, i, i + this._delta32);
- }
- return this;
- };
- BlockHash.prototype.digest = function digest(enc) {
- this.update(this._pad());
- assert(this.pending === null);
- return this._digest(enc);
- };
- BlockHash.prototype._pad = function pad() {
- var len = this.pendingTotal;
- var bytes = this._delta8;
- var k = bytes - ((len + this.padLength) % bytes);
- var res = new Array(k + this.padLength);
- res[0] = 0x80;
- for (var i = 1; i < k; i++)
- res[i] = 0;
- // Append length
- len <<= 3;
- if (this.endian === 'big') {
- for (var t = 8; t < this.padLength; t++)
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = (len >>> 24) & 0xff;
- res[i++] = (len >>> 16) & 0xff;
- res[i++] = (len >>> 8) & 0xff;
- res[i++] = len & 0xff;
- } else {
- res[i++] = len & 0xff;
- res[i++] = (len >>> 8) & 0xff;
- res[i++] = (len >>> 16) & 0xff;
- res[i++] = (len >>> 24) & 0xff;
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = 0;
- res[i++] = 0;
- for (t = 8; t < this.padLength; t++)
- res[i++] = 0;
- }
- return res;
- };
- },{"./utils":45,"minimalistic-assert":48}],36:[function(require,module,exports){
- 'use strict';
- var utils = require('./utils');
- var assert = require('minimalistic-assert');
- function Hmac(hash, key, enc) {
- if (!(this instanceof Hmac))
- return new Hmac(hash, key, enc);
- this.Hash = hash;
- this.blockSize = hash.blockSize / 8;
- this.outSize = hash.outSize / 8;
- this.inner = null;
- this.outer = null;
- this._init(utils.toArray(key, enc));
- }
- module.exports = Hmac;
- Hmac.prototype._init = function init(key) {
- // Shorten key, if needed
- if (key.length > this.blockSize)
- key = new this.Hash().update(key).digest();
- assert(key.length <= this.blockSize);
- // Add padding to key
- for (var i = key.length; i < this.blockSize; i++)
- key.push(0);
- for (i = 0; i < key.length; i++)
- key[i] ^= 0x36;
- this.inner = new this.Hash().update(key);
- // 0x36 ^ 0x5c = 0x6a
- for (i = 0; i < key.length; i++)
- key[i] ^= 0x6a;
- this.outer = new this.Hash().update(key);
- };
- Hmac.prototype.update = function update(msg, enc) {
- this.inner.update(msg, enc);
- return this;
- };
- Hmac.prototype.digest = function digest(enc) {
- this.outer.update(this.inner.digest());
- return this.outer.digest(enc);
- };
- },{"./utils":45,"minimalistic-assert":48}],37:[function(require,module,exports){
- 'use strict';
- var utils = require('./utils');
- var common = require('./common');
- var rotl32 = utils.rotl32;
- var sum32 = utils.sum32;
- var sum32_3 = utils.sum32_3;
- var sum32_4 = utils.sum32_4;
- var BlockHash = common.BlockHash;
- function RIPEMD160() {
- if (!(this instanceof RIPEMD160))
- return new RIPEMD160();
- BlockHash.call(this);
- this.h = [ 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0 ];
- this.endian = 'little';
- }
- utils.inherits(RIPEMD160, BlockHash);
- exports.ripemd160 = RIPEMD160;
- RIPEMD160.blockSize = 512;
- RIPEMD160.outSize = 160;
- RIPEMD160.hmacStrength = 192;
- RIPEMD160.padLength = 64;
- RIPEMD160.prototype._update = function update(msg, start) {
- var A = this.h[0];
- var B = this.h[1];
- var C = this.h[2];
- var D = this.h[3];
- var E = this.h[4];
- var Ah = A;
- var Bh = B;
- var Ch = C;
- var Dh = D;
- var Eh = E;
- for (var j = 0; j < 80; j++) {
- var T = sum32(
- rotl32(
- sum32_4(A, f(j, B, C, D), msg[r[j] + start], K(j)),
- s[j]),
- E);
- A = E;
- E = D;
- D = rotl32(C, 10);
- C = B;
- B = T;
- T = sum32(
- rotl32(
- sum32_4(Ah, f(79 - j, Bh, Ch, Dh), msg[rh[j] + start], Kh(j)),
- sh[j]),
- Eh);
- Ah = Eh;
- Eh = Dh;
- Dh = rotl32(Ch, 10);
- Ch = Bh;
- Bh = T;
- }
- T = sum32_3(this.h[1], C, Dh);
- this.h[1] = sum32_3(this.h[2], D, Eh);
- this.h[2] = sum32_3(this.h[3], E, Ah);
- this.h[3] = sum32_3(this.h[4], A, Bh);
- this.h[4] = sum32_3(this.h[0], B, Ch);
- this.h[0] = T;
- };
- RIPEMD160.prototype._digest = function digest(enc) {
- if (enc === 'hex')
- return utils.toHex32(this.h, 'little');
- else
- return utils.split32(this.h, 'little');
- };
- function f(j, x, y, z) {
- if (j <= 15)
- return x ^ y ^ z;
- else if (j <= 31)
- return (x & y) | ((~x) & z);
- else if (j <= 47)
- return (x | (~y)) ^ z;
- else if (j <= 63)
- return (x & z) | (y & (~z));
- else
- return x ^ (y | (~z));
- }
- function K(j) {
- if (j <= 15)
- return 0x00000000;
- else if (j <= 31)
- return 0x5a827999;
- else if (j <= 47)
- return 0x6ed9eba1;
- else if (j <= 63)
- return 0x8f1bbcdc;
- else
- return 0xa953fd4e;
- }
- function Kh(j) {
- if (j <= 15)
- return 0x50a28be6;
- else if (j <= 31)
- return 0x5c4dd124;
- else if (j <= 47)
- return 0x6d703ef3;
- else if (j <= 63)
- return 0x7a6d76e9;
- else
- return 0x00000000;
- }
- var r = [
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
- 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
- 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
- 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
- 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
- ];
- var rh = [
- 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
- 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
- 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
- 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
- 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
- ];
- var s = [
- 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
- 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
- 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
- 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
- 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
- ];
- var sh = [
- 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
- 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
- 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
- 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
- 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
- ];
- },{"./common":35,"./utils":45}],38:[function(require,module,exports){
- 'use strict';
- exports.sha1 = require('./sha/1');
- exports.sha224 = require('./sha/224');
- exports.sha256 = require('./sha/256');
- exports.sha384 = require('./sha/384');
- exports.sha512 = require('./sha/512');
- },{"./sha/1":39,"./sha/224":40,"./sha/256":41,"./sha/384":42,"./sha/512":43}],39:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var common = require('../common');
- var shaCommon = require('./common');
- var rotl32 = utils.rotl32;
- var sum32 = utils.sum32;
- var sum32_5 = utils.sum32_5;
- var ft_1 = shaCommon.ft_1;
- var BlockHash = common.BlockHash;
- var sha1_K = [
- 0x5A827999, 0x6ED9EBA1,
- 0x8F1BBCDC, 0xCA62C1D6
- ];
- function SHA1() {
- if (!(this instanceof SHA1))
- return new SHA1();
- BlockHash.call(this);
- this.h = [
- 0x67452301, 0xefcdab89, 0x98badcfe,
- 0x10325476, 0xc3d2e1f0 ];
- this.W = new Array(80);
- }
- utils.inherits(SHA1, BlockHash);
- module.exports = SHA1;
- SHA1.blockSize = 512;
- SHA1.outSize = 160;
- SHA1.hmacStrength = 80;
- SHA1.padLength = 64;
- SHA1.prototype._update = function _update(msg, start) {
- var W = this.W;
- for (var i = 0; i < 16; i++)
- W[i] = msg[start + i];
- for(; i < W.length; i++)
- W[i] = rotl32(W[i - 3] ^ W[i - 8] ^ W[i - 14] ^ W[i - 16], 1);
- var a = this.h[0];
- var b = this.h[1];
- var c = this.h[2];
- var d = this.h[3];
- var e = this.h[4];
- for (i = 0; i < W.length; i++) {
- var s = ~~(i / 20);
- var t = sum32_5(rotl32(a, 5), ft_1(s, b, c, d), e, W[i], sha1_K[s]);
- e = d;
- d = c;
- c = rotl32(b, 30);
- b = a;
- a = t;
- }
- this.h[0] = sum32(this.h[0], a);
- this.h[1] = sum32(this.h[1], b);
- this.h[2] = sum32(this.h[2], c);
- this.h[3] = sum32(this.h[3], d);
- this.h[4] = sum32(this.h[4], e);
- };
- SHA1.prototype._digest = function digest(enc) {
- if (enc === 'hex')
- return utils.toHex32(this.h, 'big');
- else
- return utils.split32(this.h, 'big');
- };
- },{"../common":35,"../utils":45,"./common":44}],40:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var SHA256 = require('./256');
- function SHA224() {
- if (!(this instanceof SHA224))
- return new SHA224();
- SHA256.call(this);
- this.h = [
- 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
- 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4 ];
- }
- utils.inherits(SHA224, SHA256);
- module.exports = SHA224;
- SHA224.blockSize = 512;
- SHA224.outSize = 224;
- SHA224.hmacStrength = 192;
- SHA224.padLength = 64;
- SHA224.prototype._digest = function digest(enc) {
- // Just truncate output
- if (enc === 'hex')
- return utils.toHex32(this.h.slice(0, 7), 'big');
- else
- return utils.split32(this.h.slice(0, 7), 'big');
- };
- },{"../utils":45,"./256":41}],41:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var common = require('../common');
- var shaCommon = require('./common');
- var assert = require('minimalistic-assert');
- var sum32 = utils.sum32;
- var sum32_4 = utils.sum32_4;
- var sum32_5 = utils.sum32_5;
- var ch32 = shaCommon.ch32;
- var maj32 = shaCommon.maj32;
- var s0_256 = shaCommon.s0_256;
- var s1_256 = shaCommon.s1_256;
- var g0_256 = shaCommon.g0_256;
- var g1_256 = shaCommon.g1_256;
- var BlockHash = common.BlockHash;
- var sha256_K = [
- 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
- 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
- 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
- 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
- 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
- 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
- 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
- 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
- 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
- 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
- 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
- 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
- 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
- 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
- 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
- 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
- ];
- function SHA256() {
- if (!(this instanceof SHA256))
- return new SHA256();
- BlockHash.call(this);
- this.h = [
- 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
- 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
- ];
- this.k = sha256_K;
- this.W = new Array(64);
- }
- utils.inherits(SHA256, BlockHash);
- module.exports = SHA256;
- SHA256.blockSize = 512;
- SHA256.outSize = 256;
- SHA256.hmacStrength = 192;
- SHA256.padLength = 64;
- SHA256.prototype._update = function _update(msg, start) {
- var W = this.W;
- for (var i = 0; i < 16; i++)
- W[i] = msg[start + i];
- for (; i < W.length; i++)
- W[i] = sum32_4(g1_256(W[i - 2]), W[i - 7], g0_256(W[i - 15]), W[i - 16]);
- var a = this.h[0];
- var b = this.h[1];
- var c = this.h[2];
- var d = this.h[3];
- var e = this.h[4];
- var f = this.h[5];
- var g = this.h[6];
- var h = this.h[7];
- assert(this.k.length === W.length);
- for (i = 0; i < W.length; i++) {
- var T1 = sum32_5(h, s1_256(e), ch32(e, f, g), this.k[i], W[i]);
- var T2 = sum32(s0_256(a), maj32(a, b, c));
- h = g;
- g = f;
- f = e;
- e = sum32(d, T1);
- d = c;
- c = b;
- b = a;
- a = sum32(T1, T2);
- }
- this.h[0] = sum32(this.h[0], a);
- this.h[1] = sum32(this.h[1], b);
- this.h[2] = sum32(this.h[2], c);
- this.h[3] = sum32(this.h[3], d);
- this.h[4] = sum32(this.h[4], e);
- this.h[5] = sum32(this.h[5], f);
- this.h[6] = sum32(this.h[6], g);
- this.h[7] = sum32(this.h[7], h);
- };
- SHA256.prototype._digest = function digest(enc) {
- if (enc === 'hex')
- return utils.toHex32(this.h, 'big');
- else
- return utils.split32(this.h, 'big');
- };
- },{"../common":35,"../utils":45,"./common":44,"minimalistic-assert":48}],42:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var SHA512 = require('./512');
- function SHA384() {
- if (!(this instanceof SHA384))
- return new SHA384();
- SHA512.call(this);
- this.h = [
- 0xcbbb9d5d, 0xc1059ed8,
- 0x629a292a, 0x367cd507,
- 0x9159015a, 0x3070dd17,
- 0x152fecd8, 0xf70e5939,
- 0x67332667, 0xffc00b31,
- 0x8eb44a87, 0x68581511,
- 0xdb0c2e0d, 0x64f98fa7,
- 0x47b5481d, 0xbefa4fa4 ];
- }
- utils.inherits(SHA384, SHA512);
- module.exports = SHA384;
- SHA384.blockSize = 1024;
- SHA384.outSize = 384;
- SHA384.hmacStrength = 192;
- SHA384.padLength = 128;
- SHA384.prototype._digest = function digest(enc) {
- if (enc === 'hex')
- return utils.toHex32(this.h.slice(0, 12), 'big');
- else
- return utils.split32(this.h.slice(0, 12), 'big');
- };
- },{"../utils":45,"./512":43}],43:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var common = require('../common');
- var assert = require('minimalistic-assert');
- var rotr64_hi = utils.rotr64_hi;
- var rotr64_lo = utils.rotr64_lo;
- var shr64_hi = utils.shr64_hi;
- var shr64_lo = utils.shr64_lo;
- var sum64 = utils.sum64;
- var sum64_hi = utils.sum64_hi;
- var sum64_lo = utils.sum64_lo;
- var sum64_4_hi = utils.sum64_4_hi;
- var sum64_4_lo = utils.sum64_4_lo;
- var sum64_5_hi = utils.sum64_5_hi;
- var sum64_5_lo = utils.sum64_5_lo;
- var BlockHash = common.BlockHash;
- var sha512_K = [
- 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
- 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
- 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
- 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
- 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
- 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
- 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
- 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
- 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
- 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
- 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
- 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
- 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
- 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
- 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
- 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
- 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
- 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
- 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
- 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
- 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
- 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
- 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
- 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
- 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
- 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
- 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
- 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
- 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
- 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
- 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
- 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
- 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
- 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
- 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
- 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
- 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
- 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
- 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
- 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
- ];
- function SHA512() {
- if (!(this instanceof SHA512))
- return new SHA512();
- BlockHash.call(this);
- this.h = [
- 0x6a09e667, 0xf3bcc908,
- 0xbb67ae85, 0x84caa73b,
- 0x3c6ef372, 0xfe94f82b,
- 0xa54ff53a, 0x5f1d36f1,
- 0x510e527f, 0xade682d1,
- 0x9b05688c, 0x2b3e6c1f,
- 0x1f83d9ab, 0xfb41bd6b,
- 0x5be0cd19, 0x137e2179 ];
- this.k = sha512_K;
- this.W = new Array(160);
- }
- utils.inherits(SHA512, BlockHash);
- module.exports = SHA512;
- SHA512.blockSize = 1024;
- SHA512.outSize = 512;
- SHA512.hmacStrength = 192;
- SHA512.padLength = 128;
- SHA512.prototype._prepareBlock = function _prepareBlock(msg, start) {
- var W = this.W;
- // 32 x 32bit words
- for (var i = 0; i < 32; i++)
- W[i] = msg[start + i];
- for (; i < W.length; i += 2) {
- var c0_hi = g1_512_hi(W[i - 4], W[i - 3]); // i - 2
- var c0_lo = g1_512_lo(W[i - 4], W[i - 3]);
- var c1_hi = W[i - 14]; // i - 7
- var c1_lo = W[i - 13];
- var c2_hi = g0_512_hi(W[i - 30], W[i - 29]); // i - 15
- var c2_lo = g0_512_lo(W[i - 30], W[i - 29]);
- var c3_hi = W[i - 32]; // i - 16
- var c3_lo = W[i - 31];
- W[i] = sum64_4_hi(
- c0_hi, c0_lo,
- c1_hi, c1_lo,
- c2_hi, c2_lo,
- c3_hi, c3_lo);
- W[i + 1] = sum64_4_lo(
- c0_hi, c0_lo,
- c1_hi, c1_lo,
- c2_hi, c2_lo,
- c3_hi, c3_lo);
- }
- };
- SHA512.prototype._update = function _update(msg, start) {
- this._prepareBlock(msg, start);
- var W = this.W;
- var ah = this.h[0];
- var al = this.h[1];
- var bh = this.h[2];
- var bl = this.h[3];
- var ch = this.h[4];
- var cl = this.h[5];
- var dh = this.h[6];
- var dl = this.h[7];
- var eh = this.h[8];
- var el = this.h[9];
- var fh = this.h[10];
- var fl = this.h[11];
- var gh = this.h[12];
- var gl = this.h[13];
- var hh = this.h[14];
- var hl = this.h[15];
- assert(this.k.length === W.length);
- for (var i = 0; i < W.length; i += 2) {
- var c0_hi = hh;
- var c0_lo = hl;
- var c1_hi = s1_512_hi(eh, el);
- var c1_lo = s1_512_lo(eh, el);
- var c2_hi = ch64_hi(eh, el, fh, fl, gh, gl);
- var c2_lo = ch64_lo(eh, el, fh, fl, gh, gl);
- var c3_hi = this.k[i];
- var c3_lo = this.k[i + 1];
- var c4_hi = W[i];
- var c4_lo = W[i + 1];
- var T1_hi = sum64_5_hi(
- c0_hi, c0_lo,
- c1_hi, c1_lo,
- c2_hi, c2_lo,
- c3_hi, c3_lo,
- c4_hi, c4_lo);
- var T1_lo = sum64_5_lo(
- c0_hi, c0_lo,
- c1_hi, c1_lo,
- c2_hi, c2_lo,
- c3_hi, c3_lo,
- c4_hi, c4_lo);
- c0_hi = s0_512_hi(ah, al);
- c0_lo = s0_512_lo(ah, al);
- c1_hi = maj64_hi(ah, al, bh, bl, ch, cl);
- c1_lo = maj64_lo(ah, al, bh, bl, ch, cl);
- var T2_hi = sum64_hi(c0_hi, c0_lo, c1_hi, c1_lo);
- var T2_lo = sum64_lo(c0_hi, c0_lo, c1_hi, c1_lo);
- hh = gh;
- hl = gl;
- gh = fh;
- gl = fl;
- fh = eh;
- fl = el;
- eh = sum64_hi(dh, dl, T1_hi, T1_lo);
- el = sum64_lo(dl, dl, T1_hi, T1_lo);
- dh = ch;
- dl = cl;
- ch = bh;
- cl = bl;
- bh = ah;
- bl = al;
- ah = sum64_hi(T1_hi, T1_lo, T2_hi, T2_lo);
- al = sum64_lo(T1_hi, T1_lo, T2_hi, T2_lo);
- }
- sum64(this.h, 0, ah, al);
- sum64(this.h, 2, bh, bl);
- sum64(this.h, 4, ch, cl);
- sum64(this.h, 6, dh, dl);
- sum64(this.h, 8, eh, el);
- sum64(this.h, 10, fh, fl);
- sum64(this.h, 12, gh, gl);
- sum64(this.h, 14, hh, hl);
- };
- SHA512.prototype._digest = function digest(enc) {
- if (enc === 'hex')
- return utils.toHex32(this.h, 'big');
- else
- return utils.split32(this.h, 'big');
- };
- function ch64_hi(xh, xl, yh, yl, zh) {
- var r = (xh & yh) ^ ((~xh) & zh);
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function ch64_lo(xh, xl, yh, yl, zh, zl) {
- var r = (xl & yl) ^ ((~xl) & zl);
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function maj64_hi(xh, xl, yh, yl, zh) {
- var r = (xh & yh) ^ (xh & zh) ^ (yh & zh);
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function maj64_lo(xh, xl, yh, yl, zh, zl) {
- var r = (xl & yl) ^ (xl & zl) ^ (yl & zl);
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function s0_512_hi(xh, xl) {
- var c0_hi = rotr64_hi(xh, xl, 28);
- var c1_hi = rotr64_hi(xl, xh, 2); // 34
- var c2_hi = rotr64_hi(xl, xh, 7); // 39
- var r = c0_hi ^ c1_hi ^ c2_hi;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function s0_512_lo(xh, xl) {
- var c0_lo = rotr64_lo(xh, xl, 28);
- var c1_lo = rotr64_lo(xl, xh, 2); // 34
- var c2_lo = rotr64_lo(xl, xh, 7); // 39
- var r = c0_lo ^ c1_lo ^ c2_lo;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function s1_512_hi(xh, xl) {
- var c0_hi = rotr64_hi(xh, xl, 14);
- var c1_hi = rotr64_hi(xh, xl, 18);
- var c2_hi = rotr64_hi(xl, xh, 9); // 41
- var r = c0_hi ^ c1_hi ^ c2_hi;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function s1_512_lo(xh, xl) {
- var c0_lo = rotr64_lo(xh, xl, 14);
- var c1_lo = rotr64_lo(xh, xl, 18);
- var c2_lo = rotr64_lo(xl, xh, 9); // 41
- var r = c0_lo ^ c1_lo ^ c2_lo;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function g0_512_hi(xh, xl) {
- var c0_hi = rotr64_hi(xh, xl, 1);
- var c1_hi = rotr64_hi(xh, xl, 8);
- var c2_hi = shr64_hi(xh, xl, 7);
- var r = c0_hi ^ c1_hi ^ c2_hi;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function g0_512_lo(xh, xl) {
- var c0_lo = rotr64_lo(xh, xl, 1);
- var c1_lo = rotr64_lo(xh, xl, 8);
- var c2_lo = shr64_lo(xh, xl, 7);
- var r = c0_lo ^ c1_lo ^ c2_lo;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function g1_512_hi(xh, xl) {
- var c0_hi = rotr64_hi(xh, xl, 19);
- var c1_hi = rotr64_hi(xl, xh, 29); // 61
- var c2_hi = shr64_hi(xh, xl, 6);
- var r = c0_hi ^ c1_hi ^ c2_hi;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- function g1_512_lo(xh, xl) {
- var c0_lo = rotr64_lo(xh, xl, 19);
- var c1_lo = rotr64_lo(xl, xh, 29); // 61
- var c2_lo = shr64_lo(xh, xl, 6);
- var r = c0_lo ^ c1_lo ^ c2_lo;
- if (r < 0)
- r += 0x100000000;
- return r;
- }
- },{"../common":35,"../utils":45,"minimalistic-assert":48}],44:[function(require,module,exports){
- 'use strict';
- var utils = require('../utils');
- var rotr32 = utils.rotr32;
- function ft_1(s, x, y, z) {
- if (s === 0)
- return ch32(x, y, z);
- if (s === 1 || s === 3)
- return p32(x, y, z);
- if (s === 2)
- return maj32(x, y, z);
- }
- exports.ft_1 = ft_1;
- function ch32(x, y, z) {
- return (x & y) ^ ((~x) & z);
- }
- exports.ch32 = ch32;
- function maj32(x, y, z) {
- return (x & y) ^ (x & z) ^ (y & z);
- }
- exports.maj32 = maj32;
- function p32(x, y, z) {
- return x ^ y ^ z;
- }
- exports.p32 = p32;
- function s0_256(x) {
- return rotr32(x, 2) ^ rotr32(x, 13) ^ rotr32(x, 22);
- }
- exports.s0_256 = s0_256;
- function s1_256(x) {
- return rotr32(x, 6) ^ rotr32(x, 11) ^ rotr32(x, 25);
- }
- exports.s1_256 = s1_256;
- function g0_256(x) {
- return rotr32(x, 7) ^ rotr32(x, 18) ^ (x >>> 3);
- }
- exports.g0_256 = g0_256;
- function g1_256(x) {
- return rotr32(x, 17) ^ rotr32(x, 19) ^ (x >>> 10);
- }
- exports.g1_256 = g1_256;
- },{"../utils":45}],45:[function(require,module,exports){
- 'use strict';
- var assert = require('minimalistic-assert');
- var inherits = require('inherits');
- exports.inherits = inherits;
- function toArray(msg, enc) {
- if (Array.isArray(msg))
- return msg.slice();
- if (!msg)
- return [];
- var res = [];
- if (typeof msg === 'string') {
- if (!enc) {
- for (var i = 0; i < msg.length; i++) {
- var c = msg.charCodeAt(i);
- var hi = c >> 8;
- var lo = c & 0xff;
- if (hi)
- res.push(hi, lo);
- else
- res.push(lo);
- }
- } else if (enc === 'hex') {
- msg = msg.replace(/[^a-z0-9]+/ig, '');
- if (msg.length % 2 !== 0)
- msg = '0' + msg;
- for (i = 0; i < msg.length; i += 2)
- res.push(parseInt(msg[i] + msg[i + 1], 16));
- }
- } else {
- for (i = 0; i < msg.length; i++)
- res[i] = msg[i] | 0;
- }
- return res;
- }
- exports.toArray = toArray;
- function toHex(msg) {
- var res = '';
- for (var i = 0; i < msg.length; i++)
- res += zero2(msg[i].toString(16));
- return res;
- }
- exports.toHex = toHex;
- function htonl(w) {
- var res = (w >>> 24) |
- ((w >>> 8) & 0xff00) |
- ((w << 8) & 0xff0000) |
- ((w & 0xff) << 24);
- return res >>> 0;
- }
- exports.htonl = htonl;
- function toHex32(msg, endian) {
- var res = '';
- for (var i = 0; i < msg.length; i++) {
- var w = msg[i];
- if (endian === 'little')
- w = htonl(w);
- res += zero8(w.toString(16));
- }
- return res;
- }
- exports.toHex32 = toHex32;
- function zero2(word) {
- if (word.length === 1)
- return '0' + word;
- else
- return word;
- }
- exports.zero2 = zero2;
- function zero8(word) {
- if (word.length === 7)
- return '0' + word;
- else if (word.length === 6)
- return '00' + word;
- else if (word.length === 5)
- return '000' + word;
- else if (word.length === 4)
- return '0000' + word;
- else if (word.length === 3)
- return '00000' + word;
- else if (word.length === 2)
- return '000000' + word;
- else if (word.length === 1)
- return '0000000' + word;
- else
- return word;
- }
- exports.zero8 = zero8;
- function join32(msg, start, end, endian) {
- var len = end - start;
- assert(len % 4 === 0);
- var res = new Array(len / 4);
- for (var i = 0, k = start; i < res.length; i++, k += 4) {
- var w;
- if (endian === 'big')
- w = (msg[k] << 24) | (msg[k + 1] << 16) | (msg[k + 2] << 8) | msg[k + 3];
- else
- w = (msg[k + 3] << 24) | (msg[k + 2] << 16) | (msg[k + 1] << 8) | msg[k];
- res[i] = w >>> 0;
- }
- return res;
- }
- exports.join32 = join32;
- function split32(msg, endian) {
- var res = new Array(msg.length * 4);
- for (var i = 0, k = 0; i < msg.length; i++, k += 4) {
- var m = msg[i];
- if (endian === 'big') {
- res[k] = m >>> 24;
- res[k + 1] = (m >>> 16) & 0xff;
- res[k + 2] = (m >>> 8) & 0xff;
- res[k + 3] = m & 0xff;
- } else {
- res[k + 3] = m >>> 24;
- res[k + 2] = (m >>> 16) & 0xff;
- res[k + 1] = (m >>> 8) & 0xff;
- res[k] = m & 0xff;
- }
- }
- return res;
- }
- exports.split32 = split32;
- function rotr32(w, b) {
- return (w >>> b) | (w << (32 - b));
- }
- exports.rotr32 = rotr32;
- function rotl32(w, b) {
- return (w << b) | (w >>> (32 - b));
- }
- exports.rotl32 = rotl32;
- function sum32(a, b) {
- return (a + b) >>> 0;
- }
- exports.sum32 = sum32;
- function sum32_3(a, b, c) {
- return (a + b + c) >>> 0;
- }
- exports.sum32_3 = sum32_3;
- function sum32_4(a, b, c, d) {
- return (a + b + c + d) >>> 0;
- }
- exports.sum32_4 = sum32_4;
- function sum32_5(a, b, c, d, e) {
- return (a + b + c + d + e) >>> 0;
- }
- exports.sum32_5 = sum32_5;
- function sum64(buf, pos, ah, al) {
- var bh = buf[pos];
- var bl = buf[pos + 1];
- var lo = (al + bl) >>> 0;
- var hi = (lo < al ? 1 : 0) + ah + bh;
- buf[pos] = hi >>> 0;
- buf[pos + 1] = lo;
- }
- exports.sum64 = sum64;
- function sum64_hi(ah, al, bh, bl) {
- var lo = (al + bl) >>> 0;
- var hi = (lo < al ? 1 : 0) + ah + bh;
- return hi >>> 0;
- }
- exports.sum64_hi = sum64_hi;
- function sum64_lo(ah, al, bh, bl) {
- var lo = al + bl;
- return lo >>> 0;
- }
- exports.sum64_lo = sum64_lo;
- function sum64_4_hi(ah, al, bh, bl, ch, cl, dh, dl) {
- var carry = 0;
- var lo = al;
- lo = (lo + bl) >>> 0;
- carry += lo < al ? 1 : 0;
- lo = (lo + cl) >>> 0;
- carry += lo < cl ? 1 : 0;
- lo = (lo + dl) >>> 0;
- carry += lo < dl ? 1 : 0;
- var hi = ah + bh + ch + dh + carry;
- return hi >>> 0;
- }
- exports.sum64_4_hi = sum64_4_hi;
- function sum64_4_lo(ah, al, bh, bl, ch, cl, dh, dl) {
- var lo = al + bl + cl + dl;
- return lo >>> 0;
- }
- exports.sum64_4_lo = sum64_4_lo;
- function sum64_5_hi(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
- var carry = 0;
- var lo = al;
- lo = (lo + bl) >>> 0;
- carry += lo < al ? 1 : 0;
- lo = (lo + cl) >>> 0;
- carry += lo < cl ? 1 : 0;
- lo = (lo + dl) >>> 0;
- carry += lo < dl ? 1 : 0;
- lo = (lo + el) >>> 0;
- carry += lo < el ? 1 : 0;
- var hi = ah + bh + ch + dh + eh + carry;
- return hi >>> 0;
- }
- exports.sum64_5_hi = sum64_5_hi;
- function sum64_5_lo(ah, al, bh, bl, ch, cl, dh, dl, eh, el) {
- var lo = al + bl + cl + dl + el;
- return lo >>> 0;
- }
- exports.sum64_5_lo = sum64_5_lo;
- function rotr64_hi(ah, al, num) {
- var r = (al << (32 - num)) | (ah >>> num);
- return r >>> 0;
- }
- exports.rotr64_hi = rotr64_hi;
- function rotr64_lo(ah, al, num) {
- var r = (ah << (32 - num)) | (al >>> num);
- return r >>> 0;
- }
- exports.rotr64_lo = rotr64_lo;
- function shr64_hi(ah, al, num) {
- return ah >>> num;
- }
- exports.shr64_hi = shr64_hi;
- function shr64_lo(ah, al, num) {
- var r = (ah << (32 - num)) | (al >>> num);
- return r >>> 0;
- }
- exports.shr64_lo = shr64_lo;
- },{"inherits":47,"minimalistic-assert":48}],46:[function(require,module,exports){
- 'use strict';
- var hash = require('hash.js');
- var utils = require('minimalistic-crypto-utils');
- var assert = require('minimalistic-assert');
- function HmacDRBG(options) {
- if (!(this instanceof HmacDRBG))
- return new HmacDRBG(options);
- this.hash = options.hash;
- this.predResist = !!options.predResist;
- this.outLen = this.hash.outSize;
- this.minEntropy = options.minEntropy || this.hash.hmacStrength;
- this._reseed = null;
- this.reseedInterval = null;
- this.K = null;
- this.V = null;
- var entropy = utils.toArray(options.entropy, options.entropyEnc || 'hex');
- var nonce = utils.toArray(options.nonce, options.nonceEnc || 'hex');
- var pers = utils.toArray(options.pers, options.persEnc || 'hex');
- assert(entropy.length >= (this.minEntropy / 8),
- 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
- this._init(entropy, nonce, pers);
- }
- module.exports = HmacDRBG;
- HmacDRBG.prototype._init = function init(entropy, nonce, pers) {
- var seed = entropy.concat(nonce).concat(pers);
- this.K = new Array(this.outLen / 8);
- this.V = new Array(this.outLen / 8);
- for (var i = 0; i < this.V.length; i++) {
- this.K[i] = 0x00;
- this.V[i] = 0x01;
- }
- this._update(seed);
- this._reseed = 1;
- this.reseedInterval = 0x1000000000000; // 2^48
- };
- HmacDRBG.prototype._hmac = function hmac() {
- return new hash.hmac(this.hash, this.K);
- };
- HmacDRBG.prototype._update = function update(seed) {
- var kmac = this._hmac()
- .update(this.V)
- .update([ 0x00 ]);
- if (seed)
- kmac = kmac.update(seed);
- this.K = kmac.digest();
- this.V = this._hmac().update(this.V).digest();
- if (!seed)
- return;
- this.K = this._hmac()
- .update(this.V)
- .update([ 0x01 ])
- .update(seed)
- .digest();
- this.V = this._hmac().update(this.V).digest();
- };
- HmacDRBG.prototype.reseed = function reseed(entropy, entropyEnc, add, addEnc) {
- // Optional entropy enc
- if (typeof entropyEnc !== 'string') {
- addEnc = add;
- add = entropyEnc;
- entropyEnc = null;
- }
- entropy = utils.toArray(entropy, entropyEnc);
- add = utils.toArray(add, addEnc);
- assert(entropy.length >= (this.minEntropy / 8),
- 'Not enough entropy. Minimum is: ' + this.minEntropy + ' bits');
- this._update(entropy.concat(add || []));
- this._reseed = 1;
- };
- HmacDRBG.prototype.generate = function generate(len, enc, add, addEnc) {
- if (this._reseed > this.reseedInterval)
- throw new Error('Reseed is required');
- // Optional encoding
- if (typeof enc !== 'string') {
- addEnc = add;
- add = enc;
- enc = null;
- }
- // Optional additional data
- if (add) {
- add = utils.toArray(add, addEnc || 'hex');
- this._update(add);
- }
- var temp = [];
- while (temp.length < len) {
- this.V = this._hmac().update(this.V).digest();
- temp = temp.concat(this.V);
- }
- var res = temp.slice(0, len);
- this._update(add);
- this._reseed++;
- return utils.encode(res, enc);
- };
- },{"hash.js":34,"minimalistic-assert":48,"minimalistic-crypto-utils":49}],47:[function(require,module,exports){
- if (typeof Object.create === 'function') {
- // implementation from standard node.js 'util' module
- module.exports = function inherits(ctor, superCtor) {
- ctor.super_ = superCtor
- ctor.prototype = Object.create(superCtor.prototype, {
- constructor: {
- value: ctor,
- enumerable: false,
- writable: true,
- configurable: true
- }
- });
- };
- } else {
- // old school shim for old browsers
- module.exports = function inherits(ctor, superCtor) {
- ctor.super_ = superCtor
- var TempCtor = function () {}
- TempCtor.prototype = superCtor.prototype
- ctor.prototype = new TempCtor()
- ctor.prototype.constructor = ctor
- }
- }
- },{}],48:[function(require,module,exports){
- module.exports = assert;
- function assert(val, msg) {
- if (!val)
- throw new Error(msg || 'Assertion failed');
- }
- assert.equal = function assertEqual(l, r, msg) {
- if (l != r)
- throw new Error(msg || ('Assertion failed: ' + l + ' != ' + r));
- };
- },{}],49:[function(require,module,exports){
- 'use strict';
- var utils = exports;
- function toArray(msg, enc) {
- if (Array.isArray(msg))
- return msg.slice();
- if (!msg)
- return [];
- var res = [];
- if (typeof msg !== 'string') {
- for (var i = 0; i < msg.length; i++)
- res[i] = msg[i] | 0;
- return res;
- }
- if (enc === 'hex') {
- msg = msg.replace(/[^a-z0-9]+/ig, '');
- if (msg.length % 2 !== 0)
- msg = '0' + msg;
- for (var i = 0; i < msg.length; i += 2)
- res.push(parseInt(msg[i] + msg[i + 1], 16));
- } else {
- for (var i = 0; i < msg.length; i++) {
- var c = msg.charCodeAt(i);
- var hi = c >> 8;
- var lo = c & 0xff;
- if (hi)
- res.push(hi, lo);
- else
- res.push(lo);
- }
- }
- return res;
- }
- utils.toArray = toArray;
- function zero2(word) {
- if (word.length === 1)
- return '0' + word;
- else
- return word;
- }
- utils.zero2 = zero2;
- function toHex(msg) {
- var res = '';
- for (var i = 0; i < msg.length; i++)
- res += zero2(msg[i].toString(16));
- return res;
- }
- utils.toHex = toHex;
- utils.encode = function encode(arr, enc) {
- if (enc === 'hex')
- return toHex(arr);
- else
- return arr;
- };
- },{}],50:[function(require,module,exports){
- // Top level file is just a mixin of submodules & constants
- 'use strict';
- var assign = require('./lib/utils/common').assign;
- var deflate = require('./lib/deflate');
- var inflate = require('./lib/inflate');
- var constants = require('./lib/zlib/constants');
- var pako = {};
- assign(pako, deflate, inflate, constants);
- module.exports = pako;
- },{"./lib/deflate":51,"./lib/inflate":52,"./lib/utils/common":53,"./lib/zlib/constants":56}],51:[function(require,module,exports){
- 'use strict';
- var zlib_deflate = require('./zlib/deflate');
- var utils = require('./utils/common');
- var strings = require('./utils/strings');
- var msg = require('./zlib/messages');
- var ZStream = require('./zlib/zstream');
- var toString = Object.prototype.toString;
- /* Public constants ==========================================================*/
- /* ===========================================================================*/
- var Z_NO_FLUSH = 0;
- var Z_FINISH = 4;
- var Z_OK = 0;
- var Z_STREAM_END = 1;
- var Z_SYNC_FLUSH = 2;
- var Z_DEFAULT_COMPRESSION = -1;
- var Z_DEFAULT_STRATEGY = 0;
- var Z_DEFLATED = 8;
- /* ===========================================================================*/
- /**
- * class Deflate
- *
- * Generic JS-style wrapper for zlib calls. If you don't need
- * streaming behaviour - use more simple functions: [[deflate]],
- * [[deflateRaw]] and [[gzip]].
- **/
- /* internal
- * Deflate.chunks -> Array
- *
- * Chunks of output data, if [[Deflate#onData]] not overridden.
- **/
- /**
- * Deflate.result -> Uint8Array|Array
- *
- * Compressed result, generated by default [[Deflate#onData]]
- * and [[Deflate#onEnd]] handlers. Filled after you push last chunk
- * (call [[Deflate#push]] with `Z_FINISH` / `true` param) or if you
- * push a chunk with explicit flush (call [[Deflate#push]] with
- * `Z_SYNC_FLUSH` param).
- **/
- /**
- * Deflate.err -> Number
- *
- * Error code after deflate finished. 0 (Z_OK) on success.
- * You will not need it in real life, because deflate errors
- * are possible only on wrong options or bad `onData` / `onEnd`
- * custom handlers.
- **/
- /**
- * Deflate.msg -> String
- *
- * Error message, if [[Deflate.err]] != 0
- **/
- /**
- * new Deflate(options)
- * - options (Object): zlib deflate options.
- *
- * Creates new deflator instance with specified params. Throws exception
- * on bad params. Supported options:
- *
- * - `level`
- * - `windowBits`
- * - `memLevel`
- * - `strategy`
- * - `dictionary`
- *
- * [http://zlib.net/manual.html#Advanced](http://zlib.net/manual.html#Advanced)
- * for more information on these.
- *
- * Additional options, for internal needs:
- *
- * - `chunkSize` - size of generated data chunks (16K by default)
- * - `raw` (Boolean) - do raw deflate
- * - `gzip` (Boolean) - create gzip wrapper
- * - `to` (String) - if equal to 'string', then result will be "binary string"
- * (each char code [0..255])
- * - `header` (Object) - custom header for gzip
- * - `text` (Boolean) - true if compressed data believed to be text
- * - `time` (Number) - modification time, unix timestamp
- * - `os` (Number) - operation system code
- * - `extra` (Array) - array of bytes with extra data (max 65536)
- * - `name` (String) - file name (binary string)
- * - `comment` (String) - comment (binary string)
- * - `hcrc` (Boolean) - true if header crc should be added
- *
- * ##### Example:
- *
- * ```javascript
- * var pako = require('pako')
- * , chunk1 = Uint8Array([1,2,3,4,5,6,7,8,9])
- * , chunk2 = Uint8Array([10,11,12,13,14,15,16,17,18,19]);
- *
- * var deflate = new pako.Deflate({ level: 3});
- *
- * deflate.push(chunk1, false);
- * deflate.push(chunk2, true); // true -> last chunk
- *
- * if (deflate.err) { throw new Error(deflate.err); }
- *
- * console.log(deflate.result);
- * ```
- **/
- function Deflate(options) {
- if (!(this instanceof Deflate)) return new Deflate(options);
- this.options = utils.assign({
- level: Z_DEFAULT_COMPRESSION,
- method: Z_DEFLATED,
- chunkSize: 16384,
- windowBits: 15,
- memLevel: 8,
- strategy: Z_DEFAULT_STRATEGY,
- to: ''
- }, options || {});
- var opt = this.options;
- if (opt.raw && (opt.windowBits > 0)) {
- opt.windowBits = -opt.windowBits;
- }
- else if (opt.gzip && (opt.windowBits > 0) && (opt.windowBits < 16)) {
- opt.windowBits += 16;
- }
- this.err = 0; // error code, if happens (0 = Z_OK)
- this.msg = ''; // error message
- this.ended = false; // used to avoid multiple onEnd() calls
- this.chunks = []; // chunks of compressed data
- this.strm = new ZStream();
- this.strm.avail_out = 0;
- var status = zlib_deflate.deflateInit2(
- this.strm,
- opt.level,
- opt.method,
- opt.windowBits,
- opt.memLevel,
- opt.strategy
- );
- if (status !== Z_OK) {
- throw new Error(msg[status]);
- }
- if (opt.header) {
- zlib_deflate.deflateSetHeader(this.strm, opt.header);
- }
- if (opt.dictionary) {
- var dict;
- // Convert data if needed
- if (typeof opt.dictionary === 'string') {
- // If we need to compress text, change encoding to utf8.
- dict = strings.string2buf(opt.dictionary);
- } else if (toString.call(opt.dictionary) === '[object ArrayBuffer]') {
- dict = new Uint8Array(opt.dictionary);
- } else {
- dict = opt.dictionary;
- }
- status = zlib_deflate.deflateSetDictionary(this.strm, dict);
- if (status !== Z_OK) {
- throw new Error(msg[status]);
- }
- this._dict_set = true;
- }
- }
- /**
- * Deflate#push(data[, mode]) -> Boolean
- * - data (Uint8Array|Array|ArrayBuffer|String): input data. Strings will be
- * converted to utf8 byte sequence.
- * - mode (Number|Boolean): 0..6 for corresponding Z_NO_FLUSH..Z_TREE modes.
- * See constants. Skipped or `false` means Z_NO_FLUSH, `true` means Z_FINISH.
- *
- * Sends input data to deflate pipe, generating [[Deflate#onData]] calls with
- * new compressed chunks. Returns `true` on success. The last data block must have
- * mode Z_FINISH (or `true`). That will flush internal pending buffers and call
- * [[Deflate#onEnd]]. For interim explicit flushes (without ending the stream) you
- * can use mode Z_SYNC_FLUSH, keeping the compression context.
- *
- * On fail call [[Deflate#onEnd]] with error code and return false.
- *
- * We strongly recommend to use `Uint8Array` on input for best speed (output
- * array format is detected automatically). Also, don't skip last param and always
- * use the same type in your code (boolean or number). That will improve JS speed.
- *
- * For regular `Array`-s make sure all elements are [0..255].
- *
- * ##### Example
- *
- * ```javascript
- * push(chunk, false); // push one of data chunks
- * ...
- * push(chunk, true); // push last chunk
- * ```
- **/
- Deflate.prototype.push = function (data, mode) {
- var strm = this.strm;
- var chunkSize = this.options.chunkSize;
- var status, _mode;
- if (this.ended) { return false; }
- _mode = (mode === ~~mode) ? mode : ((mode === true) ? Z_FINISH : Z_NO_FLUSH);
- // Convert data if needed
- if (typeof data === 'string') {
- // If we need to compress text, change encoding to utf8.
- strm.input = strings.string2buf(data);
- } else if (toString.call(data) === '[object ArrayBuffer]') {
- strm.input = new Uint8Array(data);
- } else {
- strm.input = data;
- }
- strm.next_in = 0;
- strm.avail_in = strm.input.length;
- do {
- if (strm.avail_out === 0) {
- strm.output = new utils.Buf8(chunkSize);
- strm.next_out = 0;
- strm.avail_out = chunkSize;
- }
- status = zlib_deflate.deflate(strm, _mode); /* no bad return value */
- if (status !== Z_STREAM_END && status !== Z_OK) {
- this.onEnd(status);
- this.ended = true;
- return false;
- }
- if (strm.avail_out === 0 || (strm.avail_in === 0 && (_mode === Z_FINISH || _mode === Z_SYNC_FLUSH))) {
- if (this.options.to === 'string') {
- this.onData(strings.buf2binstring(utils.shrinkBuf(strm.output, strm.next_out)));
- } else {
- this.onData(utils.shrinkBuf(strm.output, strm.next_out));
- }
- }
- } while ((strm.avail_in > 0 || strm.avail_out === 0) && status !== Z_STREAM_END);
- // Finalize on the last chunk.
- if (_mode === Z_FINISH) {
- status = zlib_deflate.deflateEnd(this.strm);
- this.onEnd(status);
- this.ended = true;
- return status === Z_OK;
- }
- // callback interim results if Z_SYNC_FLUSH.
- if (_mode === Z_SYNC_FLUSH) {
- this.onEnd(Z_OK);
- strm.avail_out = 0;
- return true;
- }
- return true;
- };
- /**
- * Deflate#onData(chunk) -> Void
- * - chunk (Uint8Array|Array|String): output data. Type of array depends
- * on js engine support. When string output requested, each chunk
- * will be string.
- *
- * By default, stores data blocks in `chunks[]` property and glue
- * those in `onEnd`. Override this handler, if you need another behaviour.
- **/
- Deflate.prototype.onData = function (chunk) {
- this.chunks.push(chunk);
- };
- /**
- * Deflate#onEnd(status) -> Void
- * - status (Number): deflate status. 0 (Z_OK) on success,
- * other if not.
- *
- * Called once after you tell deflate that the input stream is
- * complete (Z_FINISH) or should be flushed (Z_SYNC_FLUSH)
- * or if an error happened. By default - join collected chunks,
- * free memory and fill `results` / `err` properties.
- **/
- Deflate.prototype.onEnd = function (status) {
- // On success - join
- if (status === Z_OK) {
- if (this.options.to === 'string') {
- this.result = this.chunks.join('');
- } else {
- this.result = utils.flattenChunks(this.chunks);
- }
- }
- this.chunks = [];
- this.err = status;
- this.msg = this.strm.msg;
- };
- /**
- * deflate(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to compress.
- * - options (Object): zlib deflate options.
- *
- * Compress `data` with deflate algorithm and `options`.
- *
- * Supported options are:
- *
- * - level
- * - windowBits
- * - memLevel
- * - strategy
- * - dictionary
- *
- * [http://zlib.net/manual.html#Advanced](http://zlib.net/manual.html#Advanced)
- * for more information on these.
- *
- * Sugar (options):
- *
- * - `raw` (Boolean) - say that we work with raw stream, if you don't wish to specify
- * negative windowBits implicitly.
- * - `to` (String) - if equal to 'string', then result will be "binary string"
- * (each char code [0..255])
- *
- * ##### Example:
- *
- * ```javascript
- * var pako = require('pako')
- * , data = Uint8Array([1,2,3,4,5,6,7,8,9]);
- *
- * console.log(pako.deflate(data));
- * ```
- **/
- function deflate(input, options) {
- var deflator = new Deflate(options);
- deflator.push(input, true);
- // That will never happens, if you don't cheat with options :)
- if (deflator.err) { throw deflator.msg || msg[deflator.err]; }
- return deflator.result;
- }
- /**
- * deflateRaw(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to compress.
- * - options (Object): zlib deflate options.
- *
- * The same as [[deflate]], but creates raw data, without wrapper
- * (header and adler32 crc).
- **/
- function deflateRaw(input, options) {
- options = options || {};
- options.raw = true;
- return deflate(input, options);
- }
- /**
- * gzip(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to compress.
- * - options (Object): zlib deflate options.
- *
- * The same as [[deflate]], but create gzip wrapper instead of
- * deflate one.
- **/
- function gzip(input, options) {
- options = options || {};
- options.gzip = true;
- return deflate(input, options);
- }
- exports.Deflate = Deflate;
- exports.deflate = deflate;
- exports.deflateRaw = deflateRaw;
- exports.gzip = gzip;
- },{"./utils/common":53,"./utils/strings":54,"./zlib/deflate":58,"./zlib/messages":63,"./zlib/zstream":65}],52:[function(require,module,exports){
- 'use strict';
- var zlib_inflate = require('./zlib/inflate');
- var utils = require('./utils/common');
- var strings = require('./utils/strings');
- var c = require('./zlib/constants');
- var msg = require('./zlib/messages');
- var ZStream = require('./zlib/zstream');
- var GZheader = require('./zlib/gzheader');
- var toString = Object.prototype.toString;
- /**
- * class Inflate
- *
- * Generic JS-style wrapper for zlib calls. If you don't need
- * streaming behaviour - use more simple functions: [[inflate]]
- * and [[inflateRaw]].
- **/
- /* internal
- * inflate.chunks -> Array
- *
- * Chunks of output data, if [[Inflate#onData]] not overridden.
- **/
- /**
- * Inflate.result -> Uint8Array|Array|String
- *
- * Uncompressed result, generated by default [[Inflate#onData]]
- * and [[Inflate#onEnd]] handlers. Filled after you push last chunk
- * (call [[Inflate#push]] with `Z_FINISH` / `true` param) or if you
- * push a chunk with explicit flush (call [[Inflate#push]] with
- * `Z_SYNC_FLUSH` param).
- **/
- /**
- * Inflate.err -> Number
- *
- * Error code after inflate finished. 0 (Z_OK) on success.
- * Should be checked if broken data possible.
- **/
- /**
- * Inflate.msg -> String
- *
- * Error message, if [[Inflate.err]] != 0
- **/
- /**
- * new Inflate(options)
- * - options (Object): zlib inflate options.
- *
- * Creates new inflator instance with specified params. Throws exception
- * on bad params. Supported options:
- *
- * - `windowBits`
- * - `dictionary`
- *
- * [http://zlib.net/manual.html#Advanced](http://zlib.net/manual.html#Advanced)
- * for more information on these.
- *
- * Additional options, for internal needs:
- *
- * - `chunkSize` - size of generated data chunks (16K by default)
- * - `raw` (Boolean) - do raw inflate
- * - `to` (String) - if equal to 'string', then result will be converted
- * from utf8 to utf16 (javascript) string. When string output requested,
- * chunk length can differ from `chunkSize`, depending on content.
- *
- * By default, when no options set, autodetect deflate/gzip data format via
- * wrapper header.
- *
- * ##### Example:
- *
- * ```javascript
- * var pako = require('pako')
- * , chunk1 = Uint8Array([1,2,3,4,5,6,7,8,9])
- * , chunk2 = Uint8Array([10,11,12,13,14,15,16,17,18,19]);
- *
- * var inflate = new pako.Inflate({ level: 3});
- *
- * inflate.push(chunk1, false);
- * inflate.push(chunk2, true); // true -> last chunk
- *
- * if (inflate.err) { throw new Error(inflate.err); }
- *
- * console.log(inflate.result);
- * ```
- **/
- function Inflate(options) {
- if (!(this instanceof Inflate)) return new Inflate(options);
- this.options = utils.assign({
- chunkSize: 16384,
- windowBits: 0,
- to: ''
- }, options || {});
- var opt = this.options;
- // Force window size for `raw` data, if not set directly,
- // because we have no header for autodetect.
- if (opt.raw && (opt.windowBits >= 0) && (opt.windowBits < 16)) {
- opt.windowBits = -opt.windowBits;
- if (opt.windowBits === 0) { opt.windowBits = -15; }
- }
- // If `windowBits` not defined (and mode not raw) - set autodetect flag for gzip/deflate
- if ((opt.windowBits >= 0) && (opt.windowBits < 16) &&
- !(options && options.windowBits)) {
- opt.windowBits += 32;
- }
- // Gzip header has no info about windows size, we can do autodetect only
- // for deflate. So, if window size not set, force it to max when gzip possible
- if ((opt.windowBits > 15) && (opt.windowBits < 48)) {
- // bit 3 (16) -> gzipped data
- // bit 4 (32) -> autodetect gzip/deflate
- if ((opt.windowBits & 15) === 0) {
- opt.windowBits |= 15;
- }
- }
- this.err = 0; // error code, if happens (0 = Z_OK)
- this.msg = ''; // error message
- this.ended = false; // used to avoid multiple onEnd() calls
- this.chunks = []; // chunks of compressed data
- this.strm = new ZStream();
- this.strm.avail_out = 0;
- var status = zlib_inflate.inflateInit2(
- this.strm,
- opt.windowBits
- );
- if (status !== c.Z_OK) {
- throw new Error(msg[status]);
- }
- this.header = new GZheader();
- zlib_inflate.inflateGetHeader(this.strm, this.header);
- }
- /**
- * Inflate#push(data[, mode]) -> Boolean
- * - data (Uint8Array|Array|ArrayBuffer|String): input data
- * - mode (Number|Boolean): 0..6 for corresponding Z_NO_FLUSH..Z_TREE modes.
- * See constants. Skipped or `false` means Z_NO_FLUSH, `true` means Z_FINISH.
- *
- * Sends input data to inflate pipe, generating [[Inflate#onData]] calls with
- * new output chunks. Returns `true` on success. The last data block must have
- * mode Z_FINISH (or `true`). That will flush internal pending buffers and call
- * [[Inflate#onEnd]]. For interim explicit flushes (without ending the stream) you
- * can use mode Z_SYNC_FLUSH, keeping the decompression context.
- *
- * On fail call [[Inflate#onEnd]] with error code and return false.
- *
- * We strongly recommend to use `Uint8Array` on input for best speed (output
- * format is detected automatically). Also, don't skip last param and always
- * use the same type in your code (boolean or number). That will improve JS speed.
- *
- * For regular `Array`-s make sure all elements are [0..255].
- *
- * ##### Example
- *
- * ```javascript
- * push(chunk, false); // push one of data chunks
- * ...
- * push(chunk, true); // push last chunk
- * ```
- **/
- Inflate.prototype.push = function (data, mode) {
- var strm = this.strm;
- var chunkSize = this.options.chunkSize;
- var dictionary = this.options.dictionary;
- var status, _mode;
- var next_out_utf8, tail, utf8str;
- var dict;
- // Flag to properly process Z_BUF_ERROR on testing inflate call
- // when we check that all output data was flushed.
- var allowBufError = false;
- if (this.ended) { return false; }
- _mode = (mode === ~~mode) ? mode : ((mode === true) ? c.Z_FINISH : c.Z_NO_FLUSH);
- // Convert data if needed
- if (typeof data === 'string') {
- // Only binary strings can be decompressed on practice
- strm.input = strings.binstring2buf(data);
- } else if (toString.call(data) === '[object ArrayBuffer]') {
- strm.input = new Uint8Array(data);
- } else {
- strm.input = data;
- }
- strm.next_in = 0;
- strm.avail_in = strm.input.length;
- do {
- if (strm.avail_out === 0) {
- strm.output = new utils.Buf8(chunkSize);
- strm.next_out = 0;
- strm.avail_out = chunkSize;
- }
- status = zlib_inflate.inflate(strm, c.Z_NO_FLUSH); /* no bad return value */
- if (status === c.Z_NEED_DICT && dictionary) {
- // Convert data if needed
- if (typeof dictionary === 'string') {
- dict = strings.string2buf(dictionary);
- } else if (toString.call(dictionary) === '[object ArrayBuffer]') {
- dict = new Uint8Array(dictionary);
- } else {
- dict = dictionary;
- }
- status = zlib_inflate.inflateSetDictionary(this.strm, dict);
- }
- if (status === c.Z_BUF_ERROR && allowBufError === true) {
- status = c.Z_OK;
- allowBufError = false;
- }
- if (status !== c.Z_STREAM_END && status !== c.Z_OK) {
- this.onEnd(status);
- this.ended = true;
- return false;
- }
- if (strm.next_out) {
- if (strm.avail_out === 0 || status === c.Z_STREAM_END || (strm.avail_in === 0 && (_mode === c.Z_FINISH || _mode === c.Z_SYNC_FLUSH))) {
- if (this.options.to === 'string') {
- next_out_utf8 = strings.utf8border(strm.output, strm.next_out);
- tail = strm.next_out - next_out_utf8;
- utf8str = strings.buf2string(strm.output, next_out_utf8);
- // move tail
- strm.next_out = tail;
- strm.avail_out = chunkSize - tail;
- if (tail) { utils.arraySet(strm.output, strm.output, next_out_utf8, tail, 0); }
- this.onData(utf8str);
- } else {
- this.onData(utils.shrinkBuf(strm.output, strm.next_out));
- }
- }
- }
- // When no more input data, we should check that internal inflate buffers
- // are flushed. The only way to do it when avail_out = 0 - run one more
- // inflate pass. But if output data not exists, inflate return Z_BUF_ERROR.
- // Here we set flag to process this error properly.
- //
- // NOTE. Deflate does not return error in this case and does not needs such
- // logic.
- if (strm.avail_in === 0 && strm.avail_out === 0) {
- allowBufError = true;
- }
- } while ((strm.avail_in > 0 || strm.avail_out === 0) && status !== c.Z_STREAM_END);
- if (status === c.Z_STREAM_END) {
- _mode = c.Z_FINISH;
- }
- // Finalize on the last chunk.
- if (_mode === c.Z_FINISH) {
- status = zlib_inflate.inflateEnd(this.strm);
- this.onEnd(status);
- this.ended = true;
- return status === c.Z_OK;
- }
- // callback interim results if Z_SYNC_FLUSH.
- if (_mode === c.Z_SYNC_FLUSH) {
- this.onEnd(c.Z_OK);
- strm.avail_out = 0;
- return true;
- }
- return true;
- };
- /**
- * Inflate#onData(chunk) -> Void
- * - chunk (Uint8Array|Array|String): output data. Type of array depends
- * on js engine support. When string output requested, each chunk
- * will be string.
- *
- * By default, stores data blocks in `chunks[]` property and glue
- * those in `onEnd`. Override this handler, if you need another behaviour.
- **/
- Inflate.prototype.onData = function (chunk) {
- this.chunks.push(chunk);
- };
- /**
- * Inflate#onEnd(status) -> Void
- * - status (Number): inflate status. 0 (Z_OK) on success,
- * other if not.
- *
- * Called either after you tell inflate that the input stream is
- * complete (Z_FINISH) or should be flushed (Z_SYNC_FLUSH)
- * or if an error happened. By default - join collected chunks,
- * free memory and fill `results` / `err` properties.
- **/
- Inflate.prototype.onEnd = function (status) {
- // On success - join
- if (status === c.Z_OK) {
- if (this.options.to === 'string') {
- // Glue & convert here, until we teach pako to send
- // utf8 aligned strings to onData
- this.result = this.chunks.join('');
- } else {
- this.result = utils.flattenChunks(this.chunks);
- }
- }
- this.chunks = [];
- this.err = status;
- this.msg = this.strm.msg;
- };
- /**
- * inflate(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to decompress.
- * - options (Object): zlib inflate options.
- *
- * Decompress `data` with inflate/ungzip and `options`. Autodetect
- * format via wrapper header by default. That's why we don't provide
- * separate `ungzip` method.
- *
- * Supported options are:
- *
- * - windowBits
- *
- * [http://zlib.net/manual.html#Advanced](http://zlib.net/manual.html#Advanced)
- * for more information.
- *
- * Sugar (options):
- *
- * - `raw` (Boolean) - say that we work with raw stream, if you don't wish to specify
- * negative windowBits implicitly.
- * - `to` (String) - if equal to 'string', then result will be converted
- * from utf8 to utf16 (javascript) string. When string output requested,
- * chunk length can differ from `chunkSize`, depending on content.
- *
- *
- * ##### Example:
- *
- * ```javascript
- * var pako = require('pako')
- * , input = pako.deflate([1,2,3,4,5,6,7,8,9])
- * , output;
- *
- * try {
- * output = pako.inflate(input);
- * } catch (err)
- * console.log(err);
- * }
- * ```
- **/
- function inflate(input, options) {
- var inflator = new Inflate(options);
- inflator.push(input, true);
- // That will never happens, if you don't cheat with options :)
- if (inflator.err) { throw inflator.msg || msg[inflator.err]; }
- return inflator.result;
- }
- /**
- * inflateRaw(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to decompress.
- * - options (Object): zlib inflate options.
- *
- * The same as [[inflate]], but creates raw data, without wrapper
- * (header and adler32 crc).
- **/
- function inflateRaw(input, options) {
- options = options || {};
- options.raw = true;
- return inflate(input, options);
- }
- /**
- * ungzip(data[, options]) -> Uint8Array|Array|String
- * - data (Uint8Array|Array|String): input data to decompress.
- * - options (Object): zlib inflate options.
- *
- * Just shortcut to [[inflate]], because it autodetects format
- * by header.content. Done for convenience.
- **/
- exports.Inflate = Inflate;
- exports.inflate = inflate;
- exports.inflateRaw = inflateRaw;
- exports.ungzip = inflate;
- },{"./utils/common":53,"./utils/strings":54,"./zlib/constants":56,"./zlib/gzheader":59,"./zlib/inflate":61,"./zlib/messages":63,"./zlib/zstream":65}],53:[function(require,module,exports){
- 'use strict';
- var TYPED_OK = (typeof Uint8Array !== 'undefined') &&
- (typeof Uint16Array !== 'undefined') &&
- (typeof Int32Array !== 'undefined');
- function _has(obj, key) {
- return Object.prototype.hasOwnProperty.call(obj, key);
- }
- exports.assign = function (obj /*from1, from2, from3, ...*/) {
- var sources = Array.prototype.slice.call(arguments, 1);
- while (sources.length) {
- var source = sources.shift();
- if (!source) { continue; }
- if (typeof source !== 'object') {
- throw new TypeError(source + 'must be non-object');
- }
- for (var p in source) {
- if (_has(source, p)) {
- obj[p] = source[p];
- }
- }
- }
- return obj;
- };
- // reduce buffer size, avoiding mem copy
- exports.shrinkBuf = function (buf, size) {
- if (buf.length === size) { return buf; }
- if (buf.subarray) { return buf.subarray(0, size); }
- buf.length = size;
- return buf;
- };
- var fnTyped = {
- arraySet: function (dest, src, src_offs, len, dest_offs) {
- if (src.subarray && dest.subarray) {
- dest.set(src.subarray(src_offs, src_offs + len), dest_offs);
- return;
- }
- // Fallback to ordinary array
- for (var i = 0; i < len; i++) {
- dest[dest_offs + i] = src[src_offs + i];
- }
- },
- // Join array of chunks to single array.
- flattenChunks: function (chunks) {
- var i, l, len, pos, chunk, result;
- // calculate data length
- len = 0;
- for (i = 0, l = chunks.length; i < l; i++) {
- len += chunks[i].length;
- }
- // join chunks
- result = new Uint8Array(len);
- pos = 0;
- for (i = 0, l = chunks.length; i < l; i++) {
- chunk = chunks[i];
- result.set(chunk, pos);
- pos += chunk.length;
- }
- return result;
- }
- };
- var fnUntyped = {
- arraySet: function (dest, src, src_offs, len, dest_offs) {
- for (var i = 0; i < len; i++) {
- dest[dest_offs + i] = src[src_offs + i];
- }
- },
- // Join array of chunks to single array.
- flattenChunks: function (chunks) {
- return [].concat.apply([], chunks);
- }
- };
- // Enable/Disable typed arrays use, for testing
- //
- exports.setTyped = function (on) {
- if (on) {
- exports.Buf8 = Uint8Array;
- exports.Buf16 = Uint16Array;
- exports.Buf32 = Int32Array;
- exports.assign(exports, fnTyped);
- } else {
- exports.Buf8 = Array;
- exports.Buf16 = Array;
- exports.Buf32 = Array;
- exports.assign(exports, fnUntyped);
- }
- };
- exports.setTyped(TYPED_OK);
- },{}],54:[function(require,module,exports){
- // String encode/decode helpers
- 'use strict';
- var utils = require('./common');
- // Quick check if we can use fast array to bin string conversion
- //
- // - apply(Array) can fail on Android 2.2
- // - apply(Uint8Array) can fail on iOS 5.1 Safari
- //
- var STR_APPLY_OK = true;
- var STR_APPLY_UIA_OK = true;
- try { String.fromCharCode.apply(null, [ 0 ]); } catch (__) { STR_APPLY_OK = false; }
- try { String.fromCharCode.apply(null, new Uint8Array(1)); } catch (__) { STR_APPLY_UIA_OK = false; }
- // Table with utf8 lengths (calculated by first byte of sequence)
- // Note, that 5 & 6-byte values and some 4-byte values can not be represented in JS,
- // because max possible codepoint is 0x10ffff
- var _utf8len = new utils.Buf8(256);
- for (var q = 0; q < 256; q++) {
- _utf8len[q] = (q >= 252 ? 6 : q >= 248 ? 5 : q >= 240 ? 4 : q >= 224 ? 3 : q >= 192 ? 2 : 1);
- }
- _utf8len[254] = _utf8len[254] = 1; // Invalid sequence start
- // convert string to array (typed, when possible)
- exports.string2buf = function (str) {
- var buf, c, c2, m_pos, i, str_len = str.length, buf_len = 0;
- // count binary size
- for (m_pos = 0; m_pos < str_len; m_pos++) {
- c = str.charCodeAt(m_pos);
- if ((c & 0xfc00) === 0xd800 && (m_pos + 1 < str_len)) {
- c2 = str.charCodeAt(m_pos + 1);
- if ((c2 & 0xfc00) === 0xdc00) {
- c = 0x10000 + ((c - 0xd800) << 10) + (c2 - 0xdc00);
- m_pos++;
- }
- }
- buf_len += c < 0x80 ? 1 : c < 0x800 ? 2 : c < 0x10000 ? 3 : 4;
- }
- // allocate buffer
- buf = new utils.Buf8(buf_len);
- // convert
- for (i = 0, m_pos = 0; i < buf_len; m_pos++) {
- c = str.charCodeAt(m_pos);
- if ((c & 0xfc00) === 0xd800 && (m_pos + 1 < str_len)) {
- c2 = str.charCodeAt(m_pos + 1);
- if ((c2 & 0xfc00) === 0xdc00) {
- c = 0x10000 + ((c - 0xd800) << 10) + (c2 - 0xdc00);
- m_pos++;
- }
- }
- if (c < 0x80) {
- /* one byte */
- buf[i++] = c;
- } else if (c < 0x800) {
- /* two bytes */
- buf[i++] = 0xC0 | (c >>> 6);
- buf[i++] = 0x80 | (c & 0x3f);
- } else if (c < 0x10000) {
- /* three bytes */
- buf[i++] = 0xE0 | (c >>> 12);
- buf[i++] = 0x80 | (c >>> 6 & 0x3f);
- buf[i++] = 0x80 | (c & 0x3f);
- } else {
- /* four bytes */
- buf[i++] = 0xf0 | (c >>> 18);
- buf[i++] = 0x80 | (c >>> 12 & 0x3f);
- buf[i++] = 0x80 | (c >>> 6 & 0x3f);
- buf[i++] = 0x80 | (c & 0x3f);
- }
- }
- return buf;
- };
- // Helper (used in 2 places)
- function buf2binstring(buf, len) {
- // use fallback for big arrays to avoid stack overflow
- if (len < 65537) {
- if ((buf.subarray && STR_APPLY_UIA_OK) || (!buf.subarray && STR_APPLY_OK)) {
- return String.fromCharCode.apply(null, utils.shrinkBuf(buf, len));
- }
- }
- var result = '';
- for (var i = 0; i < len; i++) {
- result += String.fromCharCode(buf[i]);
- }
- return result;
- }
- // Convert byte array to binary string
- exports.buf2binstring = function (buf) {
- return buf2binstring(buf, buf.length);
- };
- // Convert binary string (typed, when possible)
- exports.binstring2buf = function (str) {
- var buf = new utils.Buf8(str.length);
- for (var i = 0, len = buf.length; i < len; i++) {
- buf[i] = str.charCodeAt(i);
- }
- return buf;
- };
- // convert array to string
- exports.buf2string = function (buf, max) {
- var i, out, c, c_len;
- var len = max || buf.length;
- // Reserve max possible length (2 words per char)
- // NB: by unknown reasons, Array is significantly faster for
- // String.fromCharCode.apply than Uint16Array.
- var utf16buf = new Array(len * 2);
- for (out = 0, i = 0; i < len;) {
- c = buf[i++];
- // quick process ascii
- if (c < 0x80) { utf16buf[out++] = c; continue; }
- c_len = _utf8len[c];
- // skip 5 & 6 byte codes
- if (c_len > 4) { utf16buf[out++] = 0xfffd; i += c_len - 1; continue; }
- // apply mask on first byte
- c &= c_len === 2 ? 0x1f : c_len === 3 ? 0x0f : 0x07;
- // join the rest
- while (c_len > 1 && i < len) {
- c = (c << 6) | (buf[i++] & 0x3f);
- c_len--;
- }
- // terminated by end of string?
- if (c_len > 1) { utf16buf[out++] = 0xfffd; continue; }
- if (c < 0x10000) {
- utf16buf[out++] = c;
- } else {
- c -= 0x10000;
- utf16buf[out++] = 0xd800 | ((c >> 10) & 0x3ff);
- utf16buf[out++] = 0xdc00 | (c & 0x3ff);
- }
- }
- return buf2binstring(utf16buf, out);
- };
- // Calculate max possible position in utf8 buffer,
- // that will not break sequence. If that's not possible
- // - (very small limits) return max size as is.
- //
- // buf[] - utf8 bytes array
- // max - length limit (mandatory);
- exports.utf8border = function (buf, max) {
- var pos;
- max = max || buf.length;
- if (max > buf.length) { max = buf.length; }
- // go back from last position, until start of sequence found
- pos = max - 1;
- while (pos >= 0 && (buf[pos] & 0xC0) === 0x80) { pos--; }
- // Very small and broken sequence,
- // return max, because we should return something anyway.
- if (pos < 0) { return max; }
- // If we came to start of buffer - that means buffer is too small,
- // return max too.
- if (pos === 0) { return max; }
- return (pos + _utf8len[buf[pos]] > max) ? pos : max;
- };
- },{"./common":53}],55:[function(require,module,exports){
- 'use strict';
- // Note: adler32 takes 12% for level 0 and 2% for level 6.
- // It isn't worth it to make additional optimizations as in original.
- // Small size is preferable.
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- function adler32(adler, buf, len, pos) {
- var s1 = (adler & 0xffff) |0,
- s2 = ((adler >>> 16) & 0xffff) |0,
- n = 0;
- while (len !== 0) {
- // Set limit ~ twice less than 5552, to keep
- // s2 in 31-bits, because we force signed ints.
- // in other case %= will fail.
- n = len > 2000 ? 2000 : len;
- len -= n;
- do {
- s1 = (s1 + buf[pos++]) |0;
- s2 = (s2 + s1) |0;
- } while (--n);
- s1 %= 65521;
- s2 %= 65521;
- }
- return (s1 | (s2 << 16)) |0;
- }
- module.exports = adler32;
- },{}],56:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- module.exports = {
- /* Allowed flush values; see deflate() and inflate() below for details */
- Z_NO_FLUSH: 0,
- Z_PARTIAL_FLUSH: 1,
- Z_SYNC_FLUSH: 2,
- Z_FULL_FLUSH: 3,
- Z_FINISH: 4,
- Z_BLOCK: 5,
- Z_TREES: 6,
- /* Return codes for the compression/decompression functions. Negative values
- * are errors, positive values are used for special but normal events.
- */
- Z_OK: 0,
- Z_STREAM_END: 1,
- Z_NEED_DICT: 2,
- Z_ERRNO: -1,
- Z_STREAM_ERROR: -2,
- Z_DATA_ERROR: -3,
- //Z_MEM_ERROR: -4,
- Z_BUF_ERROR: -5,
- //Z_VERSION_ERROR: -6,
- /* compression levels */
- Z_NO_COMPRESSION: 0,
- Z_BEST_SPEED: 1,
- Z_BEST_COMPRESSION: 9,
- Z_DEFAULT_COMPRESSION: -1,
- Z_FILTERED: 1,
- Z_HUFFMAN_ONLY: 2,
- Z_RLE: 3,
- Z_FIXED: 4,
- Z_DEFAULT_STRATEGY: 0,
- /* Possible values of the data_type field (though see inflate()) */
- Z_BINARY: 0,
- Z_TEXT: 1,
- //Z_ASCII: 1, // = Z_TEXT (deprecated)
- Z_UNKNOWN: 2,
- /* The deflate compression method */
- Z_DEFLATED: 8
- //Z_NULL: null // Use -1 or null inline, depending on var type
- };
- },{}],57:[function(require,module,exports){
- 'use strict';
- // Note: we can't get significant speed boost here.
- // So write code to minimize size - no pregenerated tables
- // and array tools dependencies.
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- // Use ordinary array, since untyped makes no boost here
- function makeTable() {
- var c, table = [];
- for (var n = 0; n < 256; n++) {
- c = n;
- for (var k = 0; k < 8; k++) {
- c = ((c & 1) ? (0xEDB88320 ^ (c >>> 1)) : (c >>> 1));
- }
- table[n] = c;
- }
- return table;
- }
- // Create table on load. Just 255 signed longs. Not a problem.
- var crcTable = makeTable();
- function crc32(crc, buf, len, pos) {
- var t = crcTable,
- end = pos + len;
- crc ^= -1;
- for (var i = pos; i < end; i++) {
- crc = (crc >>> 8) ^ t[(crc ^ buf[i]) & 0xFF];
- }
- return (crc ^ (-1)); // >>> 0;
- }
- module.exports = crc32;
- },{}],58:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- var utils = require('../utils/common');
- var trees = require('./trees');
- var adler32 = require('./adler32');
- var crc32 = require('./crc32');
- var msg = require('./messages');
- /* Public constants ==========================================================*/
- /* ===========================================================================*/
- /* Allowed flush values; see deflate() and inflate() below for details */
- var Z_NO_FLUSH = 0;
- var Z_PARTIAL_FLUSH = 1;
- //var Z_SYNC_FLUSH = 2;
- var Z_FULL_FLUSH = 3;
- var Z_FINISH = 4;
- var Z_BLOCK = 5;
- //var Z_TREES = 6;
- /* Return codes for the compression/decompression functions. Negative values
- * are errors, positive values are used for special but normal events.
- */
- var Z_OK = 0;
- var Z_STREAM_END = 1;
- //var Z_NEED_DICT = 2;
- //var Z_ERRNO = -1;
- var Z_STREAM_ERROR = -2;
- var Z_DATA_ERROR = -3;
- //var Z_MEM_ERROR = -4;
- var Z_BUF_ERROR = -5;
- //var Z_VERSION_ERROR = -6;
- /* compression levels */
- //var Z_NO_COMPRESSION = 0;
- //var Z_BEST_SPEED = 1;
- //var Z_BEST_COMPRESSION = 9;
- var Z_DEFAULT_COMPRESSION = -1;
- var Z_FILTERED = 1;
- var Z_HUFFMAN_ONLY = 2;
- var Z_RLE = 3;
- var Z_FIXED = 4;
- var Z_DEFAULT_STRATEGY = 0;
- /* Possible values of the data_type field (though see inflate()) */
- //var Z_BINARY = 0;
- //var Z_TEXT = 1;
- //var Z_ASCII = 1; // = Z_TEXT
- var Z_UNKNOWN = 2;
- /* The deflate compression method */
- var Z_DEFLATED = 8;
- /*============================================================================*/
- var MAX_MEM_LEVEL = 9;
- /* Maximum value for memLevel in deflateInit2 */
- var MAX_WBITS = 15;
- /* 32K LZ77 window */
- var DEF_MEM_LEVEL = 8;
- var LENGTH_CODES = 29;
- /* number of length codes, not counting the special END_BLOCK code */
- var LITERALS = 256;
- /* number of literal bytes 0..255 */
- var L_CODES = LITERALS + 1 + LENGTH_CODES;
- /* number of Literal or Length codes, including the END_BLOCK code */
- var D_CODES = 30;
- /* number of distance codes */
- var BL_CODES = 19;
- /* number of codes used to transfer the bit lengths */
- var HEAP_SIZE = 2 * L_CODES + 1;
- /* maximum heap size */
- var MAX_BITS = 15;
- /* All codes must not exceed MAX_BITS bits */
- var MIN_MATCH = 3;
- var MAX_MATCH = 258;
- var MIN_LOOKAHEAD = (MAX_MATCH + MIN_MATCH + 1);
- var PRESET_DICT = 0x20;
- var INIT_STATE = 42;
- var EXTRA_STATE = 69;
- var NAME_STATE = 73;
- var COMMENT_STATE = 91;
- var HCRC_STATE = 103;
- var BUSY_STATE = 113;
- var FINISH_STATE = 666;
- var BS_NEED_MORE = 1; /* block not completed, need more input or more output */
- var BS_BLOCK_DONE = 2; /* block flush performed */
- var BS_FINISH_STARTED = 3; /* finish started, need only more output at next deflate */
- var BS_FINISH_DONE = 4; /* finish done, accept no more input or output */
- var OS_CODE = 0x03; // Unix :) . Don't detect, use this default.
- function err(strm, errorCode) {
- strm.msg = msg[errorCode];
- return errorCode;
- }
- function rank(f) {
- return ((f) << 1) - ((f) > 4 ? 9 : 0);
- }
- function zero(buf) { var len = buf.length; while (--len >= 0) { buf[len] = 0; } }
- /* =========================================================================
- * Flush as much pending output as possible. All deflate() output goes
- * through this function so some applications may wish to modify it
- * to avoid allocating a large strm->output buffer and copying into it.
- * (See also read_buf()).
- */
- function flush_pending(strm) {
- var s = strm.state;
- //_tr_flush_bits(s);
- var len = s.pending;
- if (len > strm.avail_out) {
- len = strm.avail_out;
- }
- if (len === 0) { return; }
- utils.arraySet(strm.output, s.pending_buf, s.pending_out, len, strm.next_out);
- strm.next_out += len;
- s.pending_out += len;
- strm.total_out += len;
- strm.avail_out -= len;
- s.pending -= len;
- if (s.pending === 0) {
- s.pending_out = 0;
- }
- }
- function flush_block_only(s, last) {
- trees._tr_flush_block(s, (s.block_start >= 0 ? s.block_start : -1), s.strstart - s.block_start, last);
- s.block_start = s.strstart;
- flush_pending(s.strm);
- }
- function put_byte(s, b) {
- s.pending_buf[s.pending++] = b;
- }
- /* =========================================================================
- * Put a short in the pending buffer. The 16-bit value is put in MSB order.
- * IN assertion: the stream state is correct and there is enough room in
- * pending_buf.
- */
- function putShortMSB(s, b) {
- // put_byte(s, (Byte)(b >> 8));
- // put_byte(s, (Byte)(b & 0xff));
- s.pending_buf[s.pending++] = (b >>> 8) & 0xff;
- s.pending_buf[s.pending++] = b & 0xff;
- }
- /* ===========================================================================
- * Read a new buffer from the current input stream, update the adler32
- * and total number of bytes read. All deflate() input goes through
- * this function so some applications may wish to modify it to avoid
- * allocating a large strm->input buffer and copying from it.
- * (See also flush_pending()).
- */
- function read_buf(strm, buf, start, size) {
- var len = strm.avail_in;
- if (len > size) { len = size; }
- if (len === 0) { return 0; }
- strm.avail_in -= len;
- // zmemcpy(buf, strm->next_in, len);
- utils.arraySet(buf, strm.input, strm.next_in, len, start);
- if (strm.state.wrap === 1) {
- strm.adler = adler32(strm.adler, buf, len, start);
- }
- else if (strm.state.wrap === 2) {
- strm.adler = crc32(strm.adler, buf, len, start);
- }
- strm.next_in += len;
- strm.total_in += len;
- return len;
- }
- /* ===========================================================================
- * Set match_start to the longest match starting at the given string and
- * return its length. Matches shorter or equal to prev_length are discarded,
- * in which case the result is equal to prev_length and match_start is
- * garbage.
- * IN assertions: cur_match is the head of the hash chain for the current
- * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
- * OUT assertion: the match length is not greater than s->lookahead.
- */
- function longest_match(s, cur_match) {
- var chain_length = s.max_chain_length; /* max hash chain length */
- var scan = s.strstart; /* current string */
- var match; /* matched string */
- var len; /* length of current match */
- var best_len = s.prev_length; /* best match length so far */
- var nice_match = s.nice_match; /* stop if match long enough */
- var limit = (s.strstart > (s.w_size - MIN_LOOKAHEAD)) ?
- s.strstart - (s.w_size - MIN_LOOKAHEAD) : 0/*NIL*/;
- var _win = s.window; // shortcut
- var wmask = s.w_mask;
- var prev = s.prev;
- /* Stop when cur_match becomes <= limit. To simplify the code,
- * we prevent matches with the string of window index 0.
- */
- var strend = s.strstart + MAX_MATCH;
- var scan_end1 = _win[scan + best_len - 1];
- var scan_end = _win[scan + best_len];
- /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
- * It is easy to get rid of this optimization if necessary.
- */
- // Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
- /* Do not waste too much time if we already have a good match: */
- if (s.prev_length >= s.good_match) {
- chain_length >>= 2;
- }
- /* Do not look for matches beyond the end of the input. This is necessary
- * to make deflate deterministic.
- */
- if (nice_match > s.lookahead) { nice_match = s.lookahead; }
- // Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
- do {
- // Assert(cur_match < s->strstart, "no future");
- match = cur_match;
- /* Skip to next match if the match length cannot increase
- * or if the match length is less than 2. Note that the checks below
- * for insufficient lookahead only occur occasionally for performance
- * reasons. Therefore uninitialized memory will be accessed, and
- * conditional jumps will be made that depend on those values.
- * However the length of the match is limited to the lookahead, so
- * the output of deflate is not affected by the uninitialized values.
- */
- if (_win[match + best_len] !== scan_end ||
- _win[match + best_len - 1] !== scan_end1 ||
- _win[match] !== _win[scan] ||
- _win[++match] !== _win[scan + 1]) {
- continue;
- }
- /* The check at best_len-1 can be removed because it will be made
- * again later. (This heuristic is not always a win.)
- * It is not necessary to compare scan[2] and match[2] since they
- * are always equal when the other bytes match, given that
- * the hash keys are equal and that HASH_BITS >= 8.
- */
- scan += 2;
- match++;
- // Assert(*scan == *match, "match[2]?");
- /* We check for insufficient lookahead only every 8th comparison;
- * the 256th check will be made at strstart+258.
- */
- do {
- /*jshint noempty:false*/
- } while (_win[++scan] === _win[++match] && _win[++scan] === _win[++match] &&
- _win[++scan] === _win[++match] && _win[++scan] === _win[++match] &&
- _win[++scan] === _win[++match] && _win[++scan] === _win[++match] &&
- _win[++scan] === _win[++match] && _win[++scan] === _win[++match] &&
- scan < strend);
- // Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
- len = MAX_MATCH - (strend - scan);
- scan = strend - MAX_MATCH;
- if (len > best_len) {
- s.match_start = cur_match;
- best_len = len;
- if (len >= nice_match) {
- break;
- }
- scan_end1 = _win[scan + best_len - 1];
- scan_end = _win[scan + best_len];
- }
- } while ((cur_match = prev[cur_match & wmask]) > limit && --chain_length !== 0);
- if (best_len <= s.lookahead) {
- return best_len;
- }
- return s.lookahead;
- }
- /* ===========================================================================
- * Fill the window when the lookahead becomes insufficient.
- * Updates strstart and lookahead.
- *
- * IN assertion: lookahead < MIN_LOOKAHEAD
- * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
- * At least one byte has been read, or avail_in == 0; reads are
- * performed for at least two bytes (required for the zip translate_eol
- * option -- not supported here).
- */
- function fill_window(s) {
- var _w_size = s.w_size;
- var p, n, m, more, str;
- //Assert(s->lookahead < MIN_LOOKAHEAD, "already enough lookahead");
- do {
- more = s.window_size - s.lookahead - s.strstart;
- // JS ints have 32 bit, block below not needed
- /* Deal with !@#$% 64K limit: */
- //if (sizeof(int) <= 2) {
- // if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
- // more = wsize;
- //
- // } else if (more == (unsigned)(-1)) {
- // /* Very unlikely, but possible on 16 bit machine if
- // * strstart == 0 && lookahead == 1 (input done a byte at time)
- // */
- // more--;
- // }
- //}
- /* If the window is almost full and there is insufficient lookahead,
- * move the upper half to the lower one to make room in the upper half.
- */
- if (s.strstart >= _w_size + (_w_size - MIN_LOOKAHEAD)) {
- utils.arraySet(s.window, s.window, _w_size, _w_size, 0);
- s.match_start -= _w_size;
- s.strstart -= _w_size;
- /* we now have strstart >= MAX_DIST */
- s.block_start -= _w_size;
- /* Slide the hash table (could be avoided with 32 bit values
- at the expense of memory usage). We slide even when level == 0
- to keep the hash table consistent if we switch back to level > 0
- later. (Using level 0 permanently is not an optimal usage of
- zlib, so we don't care about this pathological case.)
- */
- n = s.hash_size;
- p = n;
- do {
- m = s.head[--p];
- s.head[p] = (m >= _w_size ? m - _w_size : 0);
- } while (--n);
- n = _w_size;
- p = n;
- do {
- m = s.prev[--p];
- s.prev[p] = (m >= _w_size ? m - _w_size : 0);
- /* If n is not on any hash chain, prev[n] is garbage but
- * its value will never be used.
- */
- } while (--n);
- more += _w_size;
- }
- if (s.strm.avail_in === 0) {
- break;
- }
- /* If there was no sliding:
- * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
- * more == window_size - lookahead - strstart
- * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
- * => more >= window_size - 2*WSIZE + 2
- * In the BIG_MEM or MMAP case (not yet supported),
- * window_size == input_size + MIN_LOOKAHEAD &&
- * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
- * Otherwise, window_size == 2*WSIZE so more >= 2.
- * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
- */
- //Assert(more >= 2, "more < 2");
- n = read_buf(s.strm, s.window, s.strstart + s.lookahead, more);
- s.lookahead += n;
- /* Initialize the hash value now that we have some input: */
- if (s.lookahead + s.insert >= MIN_MATCH) {
- str = s.strstart - s.insert;
- s.ins_h = s.window[str];
- /* UPDATE_HASH(s, s->ins_h, s->window[str + 1]); */
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[str + 1]) & s.hash_mask;
- //#if MIN_MATCH != 3
- // Call update_hash() MIN_MATCH-3 more times
- //#endif
- while (s.insert) {
- /* UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]); */
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[str + MIN_MATCH - 1]) & s.hash_mask;
- s.prev[str & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = str;
- str++;
- s.insert--;
- if (s.lookahead + s.insert < MIN_MATCH) {
- break;
- }
- }
- }
- /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
- * but this is not important since only literal bytes will be emitted.
- */
- } while (s.lookahead < MIN_LOOKAHEAD && s.strm.avail_in !== 0);
- /* If the WIN_INIT bytes after the end of the current data have never been
- * written, then zero those bytes in order to avoid memory check reports of
- * the use of uninitialized (or uninitialised as Julian writes) bytes by
- * the longest match routines. Update the high water mark for the next
- * time through here. WIN_INIT is set to MAX_MATCH since the longest match
- * routines allow scanning to strstart + MAX_MATCH, ignoring lookahead.
- */
- // if (s.high_water < s.window_size) {
- // var curr = s.strstart + s.lookahead;
- // var init = 0;
- //
- // if (s.high_water < curr) {
- // /* Previous high water mark below current data -- zero WIN_INIT
- // * bytes or up to end of window, whichever is less.
- // */
- // init = s.window_size - curr;
- // if (init > WIN_INIT)
- // init = WIN_INIT;
- // zmemzero(s->window + curr, (unsigned)init);
- // s->high_water = curr + init;
- // }
- // else if (s->high_water < (ulg)curr + WIN_INIT) {
- // /* High water mark at or above current data, but below current data
- // * plus WIN_INIT -- zero out to current data plus WIN_INIT, or up
- // * to end of window, whichever is less.
- // */
- // init = (ulg)curr + WIN_INIT - s->high_water;
- // if (init > s->window_size - s->high_water)
- // init = s->window_size - s->high_water;
- // zmemzero(s->window + s->high_water, (unsigned)init);
- // s->high_water += init;
- // }
- // }
- //
- // Assert((ulg)s->strstart <= s->window_size - MIN_LOOKAHEAD,
- // "not enough room for search");
- }
- /* ===========================================================================
- * Copy without compression as much as possible from the input stream, return
- * the current block state.
- * This function does not insert new strings in the dictionary since
- * uncompressible data is probably not useful. This function is used
- * only for the level=0 compression option.
- * NOTE: this function should be optimized to avoid extra copying from
- * window to pending_buf.
- */
- function deflate_stored(s, flush) {
- /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
- * to pending_buf_size, and each stored block has a 5 byte header:
- */
- var max_block_size = 0xffff;
- if (max_block_size > s.pending_buf_size - 5) {
- max_block_size = s.pending_buf_size - 5;
- }
- /* Copy as much as possible from input to output: */
- for (;;) {
- /* Fill the window as much as possible: */
- if (s.lookahead <= 1) {
- //Assert(s->strstart < s->w_size+MAX_DIST(s) ||
- // s->block_start >= (long)s->w_size, "slide too late");
- // if (!(s.strstart < s.w_size + (s.w_size - MIN_LOOKAHEAD) ||
- // s.block_start >= s.w_size)) {
- // throw new Error("slide too late");
- // }
- fill_window(s);
- if (s.lookahead === 0 && flush === Z_NO_FLUSH) {
- return BS_NEED_MORE;
- }
- if (s.lookahead === 0) {
- break;
- }
- /* flush the current block */
- }
- //Assert(s->block_start >= 0L, "block gone");
- // if (s.block_start < 0) throw new Error("block gone");
- s.strstart += s.lookahead;
- s.lookahead = 0;
- /* Emit a stored block if pending_buf will be full: */
- var max_start = s.block_start + max_block_size;
- if (s.strstart === 0 || s.strstart >= max_start) {
- /* strstart == 0 is possible when wraparound on 16-bit machine */
- s.lookahead = s.strstart - max_start;
- s.strstart = max_start;
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- /* Flush if we may have to slide, otherwise block_start may become
- * negative and the data will be gone:
- */
- if (s.strstart - s.block_start >= (s.w_size - MIN_LOOKAHEAD)) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- }
- s.insert = 0;
- if (flush === Z_FINISH) {
- /*** FLUSH_BLOCK(s, 1); ***/
- flush_block_only(s, true);
- if (s.strm.avail_out === 0) {
- return BS_FINISH_STARTED;
- }
- /***/
- return BS_FINISH_DONE;
- }
- if (s.strstart > s.block_start) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- return BS_NEED_MORE;
- }
- /* ===========================================================================
- * Compress as much as possible from the input stream, return the current
- * block state.
- * This function does not perform lazy evaluation of matches and inserts
- * new strings in the dictionary only for unmatched strings or for short
- * matches. It is used only for the fast compression options.
- */
- function deflate_fast(s, flush) {
- var hash_head; /* head of the hash chain */
- var bflush; /* set if current block must be flushed */
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s.lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s.lookahead < MIN_LOOKAHEAD && flush === Z_NO_FLUSH) {
- return BS_NEED_MORE;
- }
- if (s.lookahead === 0) {
- break; /* flush the current block */
- }
- }
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- hash_head = 0/*NIL*/;
- if (s.lookahead >= MIN_MATCH) {
- /*** INSERT_STRING(s, s.strstart, hash_head); ***/
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[s.strstart + MIN_MATCH - 1]) & s.hash_mask;
- hash_head = s.prev[s.strstart & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = s.strstart;
- /***/
- }
- /* Find the longest match, discarding those <= prev_length.
- * At this point we have always match_length < MIN_MATCH
- */
- if (hash_head !== 0/*NIL*/ && ((s.strstart - hash_head) <= (s.w_size - MIN_LOOKAHEAD))) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- s.match_length = longest_match(s, hash_head);
- /* longest_match() sets match_start */
- }
- if (s.match_length >= MIN_MATCH) {
- // check_match(s, s.strstart, s.match_start, s.match_length); // for debug only
- /*** _tr_tally_dist(s, s.strstart - s.match_start,
- s.match_length - MIN_MATCH, bflush); ***/
- bflush = trees._tr_tally(s, s.strstart - s.match_start, s.match_length - MIN_MATCH);
- s.lookahead -= s.match_length;
- /* Insert new strings in the hash table only if the match length
- * is not too large. This saves time but degrades compression.
- */
- if (s.match_length <= s.max_lazy_match/*max_insert_length*/ && s.lookahead >= MIN_MATCH) {
- s.match_length--; /* string at strstart already in table */
- do {
- s.strstart++;
- /*** INSERT_STRING(s, s.strstart, hash_head); ***/
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[s.strstart + MIN_MATCH - 1]) & s.hash_mask;
- hash_head = s.prev[s.strstart & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = s.strstart;
- /***/
- /* strstart never exceeds WSIZE-MAX_MATCH, so there are
- * always MIN_MATCH bytes ahead.
- */
- } while (--s.match_length !== 0);
- s.strstart++;
- } else
- {
- s.strstart += s.match_length;
- s.match_length = 0;
- s.ins_h = s.window[s.strstart];
- /* UPDATE_HASH(s, s.ins_h, s.window[s.strstart+1]); */
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[s.strstart + 1]) & s.hash_mask;
- //#if MIN_MATCH != 3
- // Call UPDATE_HASH() MIN_MATCH-3 more times
- //#endif
- /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
- * matter since it will be recomputed at next deflate call.
- */
- }
- } else {
- /* No match, output a literal byte */
- //Tracevv((stderr,"%c", s.window[s.strstart]));
- /*** _tr_tally_lit(s, s.window[s.strstart], bflush); ***/
- bflush = trees._tr_tally(s, 0, s.window[s.strstart]);
- s.lookahead--;
- s.strstart++;
- }
- if (bflush) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- }
- s.insert = ((s.strstart < (MIN_MATCH - 1)) ? s.strstart : MIN_MATCH - 1);
- if (flush === Z_FINISH) {
- /*** FLUSH_BLOCK(s, 1); ***/
- flush_block_only(s, true);
- if (s.strm.avail_out === 0) {
- return BS_FINISH_STARTED;
- }
- /***/
- return BS_FINISH_DONE;
- }
- if (s.last_lit) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- return BS_BLOCK_DONE;
- }
- /* ===========================================================================
- * Same as above, but achieves better compression. We use a lazy
- * evaluation for matches: a match is finally adopted only if there is
- * no better match at the next window position.
- */
- function deflate_slow(s, flush) {
- var hash_head; /* head of hash chain */
- var bflush; /* set if current block must be flushed */
- var max_insert;
- /* Process the input block. */
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s.lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s.lookahead < MIN_LOOKAHEAD && flush === Z_NO_FLUSH) {
- return BS_NEED_MORE;
- }
- if (s.lookahead === 0) { break; } /* flush the current block */
- }
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- hash_head = 0/*NIL*/;
- if (s.lookahead >= MIN_MATCH) {
- /*** INSERT_STRING(s, s.strstart, hash_head); ***/
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[s.strstart + MIN_MATCH - 1]) & s.hash_mask;
- hash_head = s.prev[s.strstart & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = s.strstart;
- /***/
- }
- /* Find the longest match, discarding those <= prev_length.
- */
- s.prev_length = s.match_length;
- s.prev_match = s.match_start;
- s.match_length = MIN_MATCH - 1;
- if (hash_head !== 0/*NIL*/ && s.prev_length < s.max_lazy_match &&
- s.strstart - hash_head <= (s.w_size - MIN_LOOKAHEAD)/*MAX_DIST(s)*/) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- s.match_length = longest_match(s, hash_head);
- /* longest_match() sets match_start */
- if (s.match_length <= 5 &&
- (s.strategy === Z_FILTERED || (s.match_length === MIN_MATCH && s.strstart - s.match_start > 4096/*TOO_FAR*/))) {
- /* If prev_match is also MIN_MATCH, match_start is garbage
- * but we will ignore the current match anyway.
- */
- s.match_length = MIN_MATCH - 1;
- }
- }
- /* If there was a match at the previous step and the current
- * match is not better, output the previous match:
- */
- if (s.prev_length >= MIN_MATCH && s.match_length <= s.prev_length) {
- max_insert = s.strstart + s.lookahead - MIN_MATCH;
- /* Do not insert strings in hash table beyond this. */
- //check_match(s, s.strstart-1, s.prev_match, s.prev_length);
- /***_tr_tally_dist(s, s.strstart - 1 - s.prev_match,
- s.prev_length - MIN_MATCH, bflush);***/
- bflush = trees._tr_tally(s, s.strstart - 1 - s.prev_match, s.prev_length - MIN_MATCH);
- /* Insert in hash table all strings up to the end of the match.
- * strstart-1 and strstart are already inserted. If there is not
- * enough lookahead, the last two strings are not inserted in
- * the hash table.
- */
- s.lookahead -= s.prev_length - 1;
- s.prev_length -= 2;
- do {
- if (++s.strstart <= max_insert) {
- /*** INSERT_STRING(s, s.strstart, hash_head); ***/
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[s.strstart + MIN_MATCH - 1]) & s.hash_mask;
- hash_head = s.prev[s.strstart & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = s.strstart;
- /***/
- }
- } while (--s.prev_length !== 0);
- s.match_available = 0;
- s.match_length = MIN_MATCH - 1;
- s.strstart++;
- if (bflush) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- } else if (s.match_available) {
- /* If there was no match at the previous position, output a
- * single literal. If there was a match but the current match
- * is longer, truncate the previous match to a single literal.
- */
- //Tracevv((stderr,"%c", s->window[s->strstart-1]));
- /*** _tr_tally_lit(s, s.window[s.strstart-1], bflush); ***/
- bflush = trees._tr_tally(s, 0, s.window[s.strstart - 1]);
- if (bflush) {
- /*** FLUSH_BLOCK_ONLY(s, 0) ***/
- flush_block_only(s, false);
- /***/
- }
- s.strstart++;
- s.lookahead--;
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- } else {
- /* There is no previous match to compare with, wait for
- * the next step to decide.
- */
- s.match_available = 1;
- s.strstart++;
- s.lookahead--;
- }
- }
- //Assert (flush != Z_NO_FLUSH, "no flush?");
- if (s.match_available) {
- //Tracevv((stderr,"%c", s->window[s->strstart-1]));
- /*** _tr_tally_lit(s, s.window[s.strstart-1], bflush); ***/
- bflush = trees._tr_tally(s, 0, s.window[s.strstart - 1]);
- s.match_available = 0;
- }
- s.insert = s.strstart < MIN_MATCH - 1 ? s.strstart : MIN_MATCH - 1;
- if (flush === Z_FINISH) {
- /*** FLUSH_BLOCK(s, 1); ***/
- flush_block_only(s, true);
- if (s.strm.avail_out === 0) {
- return BS_FINISH_STARTED;
- }
- /***/
- return BS_FINISH_DONE;
- }
- if (s.last_lit) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- return BS_BLOCK_DONE;
- }
- /* ===========================================================================
- * For Z_RLE, simply look for runs of bytes, generate matches only of distance
- * one. Do not maintain a hash table. (It will be regenerated if this run of
- * deflate switches away from Z_RLE.)
- */
- function deflate_rle(s, flush) {
- var bflush; /* set if current block must be flushed */
- var prev; /* byte at distance one to match */
- var scan, strend; /* scan goes up to strend for length of run */
- var _win = s.window;
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the longest run, plus one for the unrolled loop.
- */
- if (s.lookahead <= MAX_MATCH) {
- fill_window(s);
- if (s.lookahead <= MAX_MATCH && flush === Z_NO_FLUSH) {
- return BS_NEED_MORE;
- }
- if (s.lookahead === 0) { break; } /* flush the current block */
- }
- /* See how many times the previous byte repeats */
- s.match_length = 0;
- if (s.lookahead >= MIN_MATCH && s.strstart > 0) {
- scan = s.strstart - 1;
- prev = _win[scan];
- if (prev === _win[++scan] && prev === _win[++scan] && prev === _win[++scan]) {
- strend = s.strstart + MAX_MATCH;
- do {
- /*jshint noempty:false*/
- } while (prev === _win[++scan] && prev === _win[++scan] &&
- prev === _win[++scan] && prev === _win[++scan] &&
- prev === _win[++scan] && prev === _win[++scan] &&
- prev === _win[++scan] && prev === _win[++scan] &&
- scan < strend);
- s.match_length = MAX_MATCH - (strend - scan);
- if (s.match_length > s.lookahead) {
- s.match_length = s.lookahead;
- }
- }
- //Assert(scan <= s->window+(uInt)(s->window_size-1), "wild scan");
- }
- /* Emit match if have run of MIN_MATCH or longer, else emit literal */
- if (s.match_length >= MIN_MATCH) {
- //check_match(s, s.strstart, s.strstart - 1, s.match_length);
- /*** _tr_tally_dist(s, 1, s.match_length - MIN_MATCH, bflush); ***/
- bflush = trees._tr_tally(s, 1, s.match_length - MIN_MATCH);
- s.lookahead -= s.match_length;
- s.strstart += s.match_length;
- s.match_length = 0;
- } else {
- /* No match, output a literal byte */
- //Tracevv((stderr,"%c", s->window[s->strstart]));
- /*** _tr_tally_lit(s, s.window[s.strstart], bflush); ***/
- bflush = trees._tr_tally(s, 0, s.window[s.strstart]);
- s.lookahead--;
- s.strstart++;
- }
- if (bflush) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- }
- s.insert = 0;
- if (flush === Z_FINISH) {
- /*** FLUSH_BLOCK(s, 1); ***/
- flush_block_only(s, true);
- if (s.strm.avail_out === 0) {
- return BS_FINISH_STARTED;
- }
- /***/
- return BS_FINISH_DONE;
- }
- if (s.last_lit) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- return BS_BLOCK_DONE;
- }
- /* ===========================================================================
- * For Z_HUFFMAN_ONLY, do not look for matches. Do not maintain a hash table.
- * (It will be regenerated if this run of deflate switches away from Huffman.)
- */
- function deflate_huff(s, flush) {
- var bflush; /* set if current block must be flushed */
- for (;;) {
- /* Make sure that we have a literal to write. */
- if (s.lookahead === 0) {
- fill_window(s);
- if (s.lookahead === 0) {
- if (flush === Z_NO_FLUSH) {
- return BS_NEED_MORE;
- }
- break; /* flush the current block */
- }
- }
- /* Output a literal byte */
- s.match_length = 0;
- //Tracevv((stderr,"%c", s->window[s->strstart]));
- /*** _tr_tally_lit(s, s.window[s.strstart], bflush); ***/
- bflush = trees._tr_tally(s, 0, s.window[s.strstart]);
- s.lookahead--;
- s.strstart++;
- if (bflush) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- }
- s.insert = 0;
- if (flush === Z_FINISH) {
- /*** FLUSH_BLOCK(s, 1); ***/
- flush_block_only(s, true);
- if (s.strm.avail_out === 0) {
- return BS_FINISH_STARTED;
- }
- /***/
- return BS_FINISH_DONE;
- }
- if (s.last_lit) {
- /*** FLUSH_BLOCK(s, 0); ***/
- flush_block_only(s, false);
- if (s.strm.avail_out === 0) {
- return BS_NEED_MORE;
- }
- /***/
- }
- return BS_BLOCK_DONE;
- }
- /* Values for max_lazy_match, good_match and max_chain_length, depending on
- * the desired pack level (0..9). The values given below have been tuned to
- * exclude worst case performance for pathological files. Better values may be
- * found for specific files.
- */
- function Config(good_length, max_lazy, nice_length, max_chain, func) {
- this.good_length = good_length;
- this.max_lazy = max_lazy;
- this.nice_length = nice_length;
- this.max_chain = max_chain;
- this.func = func;
- }
- var configuration_table;
- configuration_table = [
- /* good lazy nice chain */
- new Config(0, 0, 0, 0, deflate_stored), /* 0 store only */
- new Config(4, 4, 8, 4, deflate_fast), /* 1 max speed, no lazy matches */
- new Config(4, 5, 16, 8, deflate_fast), /* 2 */
- new Config(4, 6, 32, 32, deflate_fast), /* 3 */
- new Config(4, 4, 16, 16, deflate_slow), /* 4 lazy matches */
- new Config(8, 16, 32, 32, deflate_slow), /* 5 */
- new Config(8, 16, 128, 128, deflate_slow), /* 6 */
- new Config(8, 32, 128, 256, deflate_slow), /* 7 */
- new Config(32, 128, 258, 1024, deflate_slow), /* 8 */
- new Config(32, 258, 258, 4096, deflate_slow) /* 9 max compression */
- ];
- /* ===========================================================================
- * Initialize the "longest match" routines for a new zlib stream
- */
- function lm_init(s) {
- s.window_size = 2 * s.w_size;
- /*** CLEAR_HASH(s); ***/
- zero(s.head); // Fill with NIL (= 0);
- /* Set the default configuration parameters:
- */
- s.max_lazy_match = configuration_table[s.level].max_lazy;
- s.good_match = configuration_table[s.level].good_length;
- s.nice_match = configuration_table[s.level].nice_length;
- s.max_chain_length = configuration_table[s.level].max_chain;
- s.strstart = 0;
- s.block_start = 0;
- s.lookahead = 0;
- s.insert = 0;
- s.match_length = s.prev_length = MIN_MATCH - 1;
- s.match_available = 0;
- s.ins_h = 0;
- }
- function DeflateState() {
- this.strm = null; /* pointer back to this zlib stream */
- this.status = 0; /* as the name implies */
- this.pending_buf = null; /* output still pending */
- this.pending_buf_size = 0; /* size of pending_buf */
- this.pending_out = 0; /* next pending byte to output to the stream */
- this.pending = 0; /* nb of bytes in the pending buffer */
- this.wrap = 0; /* bit 0 true for zlib, bit 1 true for gzip */
- this.gzhead = null; /* gzip header information to write */
- this.gzindex = 0; /* where in extra, name, or comment */
- this.method = Z_DEFLATED; /* can only be DEFLATED */
- this.last_flush = -1; /* value of flush param for previous deflate call */
- this.w_size = 0; /* LZ77 window size (32K by default) */
- this.w_bits = 0; /* log2(w_size) (8..16) */
- this.w_mask = 0; /* w_size - 1 */
- this.window = null;
- /* Sliding window. Input bytes are read into the second half of the window,
- * and move to the first half later to keep a dictionary of at least wSize
- * bytes. With this organization, matches are limited to a distance of
- * wSize-MAX_MATCH bytes, but this ensures that IO is always
- * performed with a length multiple of the block size.
- */
- this.window_size = 0;
- /* Actual size of window: 2*wSize, except when the user input buffer
- * is directly used as sliding window.
- */
- this.prev = null;
- /* Link to older string with same hash index. To limit the size of this
- * array to 64K, this link is maintained only for the last 32K strings.
- * An index in this array is thus a window index modulo 32K.
- */
- this.head = null; /* Heads of the hash chains or NIL. */
- this.ins_h = 0; /* hash index of string to be inserted */
- this.hash_size = 0; /* number of elements in hash table */
- this.hash_bits = 0; /* log2(hash_size) */
- this.hash_mask = 0; /* hash_size-1 */
- this.hash_shift = 0;
- /* Number of bits by which ins_h must be shifted at each input
- * step. It must be such that after MIN_MATCH steps, the oldest
- * byte no longer takes part in the hash key, that is:
- * hash_shift * MIN_MATCH >= hash_bits
- */
- this.block_start = 0;
- /* Window position at the beginning of the current output block. Gets
- * negative when the window is moved backwards.
- */
- this.match_length = 0; /* length of best match */
- this.prev_match = 0; /* previous match */
- this.match_available = 0; /* set if previous match exists */
- this.strstart = 0; /* start of string to insert */
- this.match_start = 0; /* start of matching string */
- this.lookahead = 0; /* number of valid bytes ahead in window */
- this.prev_length = 0;
- /* Length of the best match at previous step. Matches not greater than this
- * are discarded. This is used in the lazy match evaluation.
- */
- this.max_chain_length = 0;
- /* To speed up deflation, hash chains are never searched beyond this
- * length. A higher limit improves compression ratio but degrades the
- * speed.
- */
- this.max_lazy_match = 0;
- /* Attempt to find a better match only when the current match is strictly
- * smaller than this value. This mechanism is used only for compression
- * levels >= 4.
- */
- // That's alias to max_lazy_match, don't use directly
- //this.max_insert_length = 0;
- /* Insert new strings in the hash table only if the match length is not
- * greater than this length. This saves time but degrades compression.
- * max_insert_length is used only for compression levels <= 3.
- */
- this.level = 0; /* compression level (1..9) */
- this.strategy = 0; /* favor or force Huffman coding*/
- this.good_match = 0;
- /* Use a faster search when the previous match is longer than this */
- this.nice_match = 0; /* Stop searching when current match exceeds this */
- /* used by trees.c: */
- /* Didn't use ct_data typedef below to suppress compiler warning */
- // struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
- // struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
- // struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
- // Use flat array of DOUBLE size, with interleaved fata,
- // because JS does not support effective
- this.dyn_ltree = new utils.Buf16(HEAP_SIZE * 2);
- this.dyn_dtree = new utils.Buf16((2 * D_CODES + 1) * 2);
- this.bl_tree = new utils.Buf16((2 * BL_CODES + 1) * 2);
- zero(this.dyn_ltree);
- zero(this.dyn_dtree);
- zero(this.bl_tree);
- this.l_desc = null; /* desc. for literal tree */
- this.d_desc = null; /* desc. for distance tree */
- this.bl_desc = null; /* desc. for bit length tree */
- //ush bl_count[MAX_BITS+1];
- this.bl_count = new utils.Buf16(MAX_BITS + 1);
- /* number of codes at each bit length for an optimal tree */
- //int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
- this.heap = new utils.Buf16(2 * L_CODES + 1); /* heap used to build the Huffman trees */
- zero(this.heap);
- this.heap_len = 0; /* number of elements in the heap */
- this.heap_max = 0; /* element of largest frequency */
- /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
- * The same heap array is used to build all trees.
- */
- this.depth = new utils.Buf16(2 * L_CODES + 1); //uch depth[2*L_CODES+1];
- zero(this.depth);
- /* Depth of each subtree used as tie breaker for trees of equal frequency
- */
- this.l_buf = 0; /* buffer index for literals or lengths */
- this.lit_bufsize = 0;
- /* Size of match buffer for literals/lengths. There are 4 reasons for
- * limiting lit_bufsize to 64K:
- * - frequencies can be kept in 16 bit counters
- * - if compression is not successful for the first block, all input
- * data is still in the window so we can still emit a stored block even
- * when input comes from standard input. (This can also be done for
- * all blocks if lit_bufsize is not greater than 32K.)
- * - if compression is not successful for a file smaller than 64K, we can
- * even emit a stored file instead of a stored block (saving 5 bytes).
- * This is applicable only for zip (not gzip or zlib).
- * - creating new Huffman trees less frequently may not provide fast
- * adaptation to changes in the input data statistics. (Take for
- * example a binary file with poorly compressible code followed by
- * a highly compressible string table.) Smaller buffer sizes give
- * fast adaptation but have of course the overhead of transmitting
- * trees more frequently.
- * - I can't count above 4
- */
- this.last_lit = 0; /* running index in l_buf */
- this.d_buf = 0;
- /* Buffer index for distances. To simplify the code, d_buf and l_buf have
- * the same number of elements. To use different lengths, an extra flag
- * array would be necessary.
- */
- this.opt_len = 0; /* bit length of current block with optimal trees */
- this.static_len = 0; /* bit length of current block with static trees */
- this.matches = 0; /* number of string matches in current block */
- this.insert = 0; /* bytes at end of window left to insert */
- this.bi_buf = 0;
- /* Output buffer. bits are inserted starting at the bottom (least
- * significant bits).
- */
- this.bi_valid = 0;
- /* Number of valid bits in bi_buf. All bits above the last valid bit
- * are always zero.
- */
- // Used for window memory init. We safely ignore it for JS. That makes
- // sense only for pointers and memory check tools.
- //this.high_water = 0;
- /* High water mark offset in window for initialized bytes -- bytes above
- * this are set to zero in order to avoid memory check warnings when
- * longest match routines access bytes past the input. This is then
- * updated to the new high water mark.
- */
- }
- function deflateResetKeep(strm) {
- var s;
- if (!strm || !strm.state) {
- return err(strm, Z_STREAM_ERROR);
- }
- strm.total_in = strm.total_out = 0;
- strm.data_type = Z_UNKNOWN;
- s = strm.state;
- s.pending = 0;
- s.pending_out = 0;
- if (s.wrap < 0) {
- s.wrap = -s.wrap;
- /* was made negative by deflate(..., Z_FINISH); */
- }
- s.status = (s.wrap ? INIT_STATE : BUSY_STATE);
- strm.adler = (s.wrap === 2) ?
- 0 // crc32(0, Z_NULL, 0)
- :
- 1; // adler32(0, Z_NULL, 0)
- s.last_flush = Z_NO_FLUSH;
- trees._tr_init(s);
- return Z_OK;
- }
- function deflateReset(strm) {
- var ret = deflateResetKeep(strm);
- if (ret === Z_OK) {
- lm_init(strm.state);
- }
- return ret;
- }
- function deflateSetHeader(strm, head) {
- if (!strm || !strm.state) { return Z_STREAM_ERROR; }
- if (strm.state.wrap !== 2) { return Z_STREAM_ERROR; }
- strm.state.gzhead = head;
- return Z_OK;
- }
- function deflateInit2(strm, level, method, windowBits, memLevel, strategy) {
- if (!strm) { // === Z_NULL
- return Z_STREAM_ERROR;
- }
- var wrap = 1;
- if (level === Z_DEFAULT_COMPRESSION) {
- level = 6;
- }
- if (windowBits < 0) { /* suppress zlib wrapper */
- wrap = 0;
- windowBits = -windowBits;
- }
- else if (windowBits > 15) {
- wrap = 2; /* write gzip wrapper instead */
- windowBits -= 16;
- }
- if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method !== Z_DEFLATED ||
- windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
- strategy < 0 || strategy > Z_FIXED) {
- return err(strm, Z_STREAM_ERROR);
- }
- if (windowBits === 8) {
- windowBits = 9;
- }
- /* until 256-byte window bug fixed */
- var s = new DeflateState();
- strm.state = s;
- s.strm = strm;
- s.wrap = wrap;
- s.gzhead = null;
- s.w_bits = windowBits;
- s.w_size = 1 << s.w_bits;
- s.w_mask = s.w_size - 1;
- s.hash_bits = memLevel + 7;
- s.hash_size = 1 << s.hash_bits;
- s.hash_mask = s.hash_size - 1;
- s.hash_shift = ~~((s.hash_bits + MIN_MATCH - 1) / MIN_MATCH);
- s.window = new utils.Buf8(s.w_size * 2);
- s.head = new utils.Buf16(s.hash_size);
- s.prev = new utils.Buf16(s.w_size);
- // Don't need mem init magic for JS.
- //s.high_water = 0; /* nothing written to s->window yet */
- s.lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
- s.pending_buf_size = s.lit_bufsize * 4;
- //overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
- //s->pending_buf = (uchf *) overlay;
- s.pending_buf = new utils.Buf8(s.pending_buf_size);
- // It is offset from `s.pending_buf` (size is `s.lit_bufsize * 2`)
- //s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
- s.d_buf = 1 * s.lit_bufsize;
- //s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
- s.l_buf = (1 + 2) * s.lit_bufsize;
- s.level = level;
- s.strategy = strategy;
- s.method = method;
- return deflateReset(strm);
- }
- function deflateInit(strm, level) {
- return deflateInit2(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY);
- }
- function deflate(strm, flush) {
- var old_flush, s;
- var beg, val; // for gzip header write only
- if (!strm || !strm.state ||
- flush > Z_BLOCK || flush < 0) {
- return strm ? err(strm, Z_STREAM_ERROR) : Z_STREAM_ERROR;
- }
- s = strm.state;
- if (!strm.output ||
- (!strm.input && strm.avail_in !== 0) ||
- (s.status === FINISH_STATE && flush !== Z_FINISH)) {
- return err(strm, (strm.avail_out === 0) ? Z_BUF_ERROR : Z_STREAM_ERROR);
- }
- s.strm = strm; /* just in case */
- old_flush = s.last_flush;
- s.last_flush = flush;
- /* Write the header */
- if (s.status === INIT_STATE) {
- if (s.wrap === 2) { // GZIP header
- strm.adler = 0; //crc32(0L, Z_NULL, 0);
- put_byte(s, 31);
- put_byte(s, 139);
- put_byte(s, 8);
- if (!s.gzhead) { // s->gzhead == Z_NULL
- put_byte(s, 0);
- put_byte(s, 0);
- put_byte(s, 0);
- put_byte(s, 0);
- put_byte(s, 0);
- put_byte(s, s.level === 9 ? 2 :
- (s.strategy >= Z_HUFFMAN_ONLY || s.level < 2 ?
- 4 : 0));
- put_byte(s, OS_CODE);
- s.status = BUSY_STATE;
- }
- else {
- put_byte(s, (s.gzhead.text ? 1 : 0) +
- (s.gzhead.hcrc ? 2 : 0) +
- (!s.gzhead.extra ? 0 : 4) +
- (!s.gzhead.name ? 0 : 8) +
- (!s.gzhead.comment ? 0 : 16)
- );
- put_byte(s, s.gzhead.time & 0xff);
- put_byte(s, (s.gzhead.time >> 8) & 0xff);
- put_byte(s, (s.gzhead.time >> 16) & 0xff);
- put_byte(s, (s.gzhead.time >> 24) & 0xff);
- put_byte(s, s.level === 9 ? 2 :
- (s.strategy >= Z_HUFFMAN_ONLY || s.level < 2 ?
- 4 : 0));
- put_byte(s, s.gzhead.os & 0xff);
- if (s.gzhead.extra && s.gzhead.extra.length) {
- put_byte(s, s.gzhead.extra.length & 0xff);
- put_byte(s, (s.gzhead.extra.length >> 8) & 0xff);
- }
- if (s.gzhead.hcrc) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending, 0);
- }
- s.gzindex = 0;
- s.status = EXTRA_STATE;
- }
- }
- else // DEFLATE header
- {
- var header = (Z_DEFLATED + ((s.w_bits - 8) << 4)) << 8;
- var level_flags = -1;
- if (s.strategy >= Z_HUFFMAN_ONLY || s.level < 2) {
- level_flags = 0;
- } else if (s.level < 6) {
- level_flags = 1;
- } else if (s.level === 6) {
- level_flags = 2;
- } else {
- level_flags = 3;
- }
- header |= (level_flags << 6);
- if (s.strstart !== 0) { header |= PRESET_DICT; }
- header += 31 - (header % 31);
- s.status = BUSY_STATE;
- putShortMSB(s, header);
- /* Save the adler32 of the preset dictionary: */
- if (s.strstart !== 0) {
- putShortMSB(s, strm.adler >>> 16);
- putShortMSB(s, strm.adler & 0xffff);
- }
- strm.adler = 1; // adler32(0L, Z_NULL, 0);
- }
- }
- //#ifdef GZIP
- if (s.status === EXTRA_STATE) {
- if (s.gzhead.extra/* != Z_NULL*/) {
- beg = s.pending; /* start of bytes to update crc */
- while (s.gzindex < (s.gzhead.extra.length & 0xffff)) {
- if (s.pending === s.pending_buf_size) {
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- flush_pending(strm);
- beg = s.pending;
- if (s.pending === s.pending_buf_size) {
- break;
- }
- }
- put_byte(s, s.gzhead.extra[s.gzindex] & 0xff);
- s.gzindex++;
- }
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- if (s.gzindex === s.gzhead.extra.length) {
- s.gzindex = 0;
- s.status = NAME_STATE;
- }
- }
- else {
- s.status = NAME_STATE;
- }
- }
- if (s.status === NAME_STATE) {
- if (s.gzhead.name/* != Z_NULL*/) {
- beg = s.pending; /* start of bytes to update crc */
- //int val;
- do {
- if (s.pending === s.pending_buf_size) {
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- flush_pending(strm);
- beg = s.pending;
- if (s.pending === s.pending_buf_size) {
- val = 1;
- break;
- }
- }
- // JS specific: little magic to add zero terminator to end of string
- if (s.gzindex < s.gzhead.name.length) {
- val = s.gzhead.name.charCodeAt(s.gzindex++) & 0xff;
- } else {
- val = 0;
- }
- put_byte(s, val);
- } while (val !== 0);
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- if (val === 0) {
- s.gzindex = 0;
- s.status = COMMENT_STATE;
- }
- }
- else {
- s.status = COMMENT_STATE;
- }
- }
- if (s.status === COMMENT_STATE) {
- if (s.gzhead.comment/* != Z_NULL*/) {
- beg = s.pending; /* start of bytes to update crc */
- //int val;
- do {
- if (s.pending === s.pending_buf_size) {
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- flush_pending(strm);
- beg = s.pending;
- if (s.pending === s.pending_buf_size) {
- val = 1;
- break;
- }
- }
- // JS specific: little magic to add zero terminator to end of string
- if (s.gzindex < s.gzhead.comment.length) {
- val = s.gzhead.comment.charCodeAt(s.gzindex++) & 0xff;
- } else {
- val = 0;
- }
- put_byte(s, val);
- } while (val !== 0);
- if (s.gzhead.hcrc && s.pending > beg) {
- strm.adler = crc32(strm.adler, s.pending_buf, s.pending - beg, beg);
- }
- if (val === 0) {
- s.status = HCRC_STATE;
- }
- }
- else {
- s.status = HCRC_STATE;
- }
- }
- if (s.status === HCRC_STATE) {
- if (s.gzhead.hcrc) {
- if (s.pending + 2 > s.pending_buf_size) {
- flush_pending(strm);
- }
- if (s.pending + 2 <= s.pending_buf_size) {
- put_byte(s, strm.adler & 0xff);
- put_byte(s, (strm.adler >> 8) & 0xff);
- strm.adler = 0; //crc32(0L, Z_NULL, 0);
- s.status = BUSY_STATE;
- }
- }
- else {
- s.status = BUSY_STATE;
- }
- }
- //#endif
- /* Flush as much pending output as possible */
- if (s.pending !== 0) {
- flush_pending(strm);
- if (strm.avail_out === 0) {
- /* Since avail_out is 0, deflate will be called again with
- * more output space, but possibly with both pending and
- * avail_in equal to zero. There won't be anything to do,
- * but this is not an error situation so make sure we
- * return OK instead of BUF_ERROR at next call of deflate:
- */
- s.last_flush = -1;
- return Z_OK;
- }
- /* Make sure there is something to do and avoid duplicate consecutive
- * flushes. For repeated and useless calls with Z_FINISH, we keep
- * returning Z_STREAM_END instead of Z_BUF_ERROR.
- */
- } else if (strm.avail_in === 0 && rank(flush) <= rank(old_flush) &&
- flush !== Z_FINISH) {
- return err(strm, Z_BUF_ERROR);
- }
- /* User must not provide more input after the first FINISH: */
- if (s.status === FINISH_STATE && strm.avail_in !== 0) {
- return err(strm, Z_BUF_ERROR);
- }
- /* Start a new block or continue the current one.
- */
- if (strm.avail_in !== 0 || s.lookahead !== 0 ||
- (flush !== Z_NO_FLUSH && s.status !== FINISH_STATE)) {
- var bstate = (s.strategy === Z_HUFFMAN_ONLY) ? deflate_huff(s, flush) :
- (s.strategy === Z_RLE ? deflate_rle(s, flush) :
- configuration_table[s.level].func(s, flush));
- if (bstate === BS_FINISH_STARTED || bstate === BS_FINISH_DONE) {
- s.status = FINISH_STATE;
- }
- if (bstate === BS_NEED_MORE || bstate === BS_FINISH_STARTED) {
- if (strm.avail_out === 0) {
- s.last_flush = -1;
- /* avoid BUF_ERROR next call, see above */
- }
- return Z_OK;
- /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
- * of deflate should use the same flush parameter to make sure
- * that the flush is complete. So we don't have to output an
- * empty block here, this will be done at next call. This also
- * ensures that for a very small output buffer, we emit at most
- * one empty block.
- */
- }
- if (bstate === BS_BLOCK_DONE) {
- if (flush === Z_PARTIAL_FLUSH) {
- trees._tr_align(s);
- }
- else if (flush !== Z_BLOCK) { /* FULL_FLUSH or SYNC_FLUSH */
- trees._tr_stored_block(s, 0, 0, false);
- /* For a full flush, this empty block will be recognized
- * as a special marker by inflate_sync().
- */
- if (flush === Z_FULL_FLUSH) {
- /*** CLEAR_HASH(s); ***/ /* forget history */
- zero(s.head); // Fill with NIL (= 0);
- if (s.lookahead === 0) {
- s.strstart = 0;
- s.block_start = 0;
- s.insert = 0;
- }
- }
- }
- flush_pending(strm);
- if (strm.avail_out === 0) {
- s.last_flush = -1; /* avoid BUF_ERROR at next call, see above */
- return Z_OK;
- }
- }
- }
- //Assert(strm->avail_out > 0, "bug2");
- //if (strm.avail_out <= 0) { throw new Error("bug2");}
- if (flush !== Z_FINISH) { return Z_OK; }
- if (s.wrap <= 0) { return Z_STREAM_END; }
- /* Write the trailer */
- if (s.wrap === 2) {
- put_byte(s, strm.adler & 0xff);
- put_byte(s, (strm.adler >> 8) & 0xff);
- put_byte(s, (strm.adler >> 16) & 0xff);
- put_byte(s, (strm.adler >> 24) & 0xff);
- put_byte(s, strm.total_in & 0xff);
- put_byte(s, (strm.total_in >> 8) & 0xff);
- put_byte(s, (strm.total_in >> 16) & 0xff);
- put_byte(s, (strm.total_in >> 24) & 0xff);
- }
- else
- {
- putShortMSB(s, strm.adler >>> 16);
- putShortMSB(s, strm.adler & 0xffff);
- }
- flush_pending(strm);
- /* If avail_out is zero, the application will call deflate again
- * to flush the rest.
- */
- if (s.wrap > 0) { s.wrap = -s.wrap; }
- /* write the trailer only once! */
- return s.pending !== 0 ? Z_OK : Z_STREAM_END;
- }
- function deflateEnd(strm) {
- var status;
- if (!strm/*== Z_NULL*/ || !strm.state/*== Z_NULL*/) {
- return Z_STREAM_ERROR;
- }
- status = strm.state.status;
- if (status !== INIT_STATE &&
- status !== EXTRA_STATE &&
- status !== NAME_STATE &&
- status !== COMMENT_STATE &&
- status !== HCRC_STATE &&
- status !== BUSY_STATE &&
- status !== FINISH_STATE
- ) {
- return err(strm, Z_STREAM_ERROR);
- }
- strm.state = null;
- return status === BUSY_STATE ? err(strm, Z_DATA_ERROR) : Z_OK;
- }
- /* =========================================================================
- * Initializes the compression dictionary from the given byte
- * sequence without producing any compressed output.
- */
- function deflateSetDictionary(strm, dictionary) {
- var dictLength = dictionary.length;
- var s;
- var str, n;
- var wrap;
- var avail;
- var next;
- var input;
- var tmpDict;
- if (!strm/*== Z_NULL*/ || !strm.state/*== Z_NULL*/) {
- return Z_STREAM_ERROR;
- }
- s = strm.state;
- wrap = s.wrap;
- if (wrap === 2 || (wrap === 1 && s.status !== INIT_STATE) || s.lookahead) {
- return Z_STREAM_ERROR;
- }
- /* when using zlib wrappers, compute Adler-32 for provided dictionary */
- if (wrap === 1) {
- /* adler32(strm->adler, dictionary, dictLength); */
- strm.adler = adler32(strm.adler, dictionary, dictLength, 0);
- }
- s.wrap = 0; /* avoid computing Adler-32 in read_buf */
- /* if dictionary would fill window, just replace the history */
- if (dictLength >= s.w_size) {
- if (wrap === 0) { /* already empty otherwise */
- /*** CLEAR_HASH(s); ***/
- zero(s.head); // Fill with NIL (= 0);
- s.strstart = 0;
- s.block_start = 0;
- s.insert = 0;
- }
- /* use the tail */
- // dictionary = dictionary.slice(dictLength - s.w_size);
- tmpDict = new utils.Buf8(s.w_size);
- utils.arraySet(tmpDict, dictionary, dictLength - s.w_size, s.w_size, 0);
- dictionary = tmpDict;
- dictLength = s.w_size;
- }
- /* insert dictionary into window and hash */
- avail = strm.avail_in;
- next = strm.next_in;
- input = strm.input;
- strm.avail_in = dictLength;
- strm.next_in = 0;
- strm.input = dictionary;
- fill_window(s);
- while (s.lookahead >= MIN_MATCH) {
- str = s.strstart;
- n = s.lookahead - (MIN_MATCH - 1);
- do {
- /* UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]); */
- s.ins_h = ((s.ins_h << s.hash_shift) ^ s.window[str + MIN_MATCH - 1]) & s.hash_mask;
- s.prev[str & s.w_mask] = s.head[s.ins_h];
- s.head[s.ins_h] = str;
- str++;
- } while (--n);
- s.strstart = str;
- s.lookahead = MIN_MATCH - 1;
- fill_window(s);
- }
- s.strstart += s.lookahead;
- s.block_start = s.strstart;
- s.insert = s.lookahead;
- s.lookahead = 0;
- s.match_length = s.prev_length = MIN_MATCH - 1;
- s.match_available = 0;
- strm.next_in = next;
- strm.input = input;
- strm.avail_in = avail;
- s.wrap = wrap;
- return Z_OK;
- }
- exports.deflateInit = deflateInit;
- exports.deflateInit2 = deflateInit2;
- exports.deflateReset = deflateReset;
- exports.deflateResetKeep = deflateResetKeep;
- exports.deflateSetHeader = deflateSetHeader;
- exports.deflate = deflate;
- exports.deflateEnd = deflateEnd;
- exports.deflateSetDictionary = deflateSetDictionary;
- exports.deflateInfo = 'pako deflate (from Nodeca project)';
- /* Not implemented
- exports.deflateBound = deflateBound;
- exports.deflateCopy = deflateCopy;
- exports.deflateParams = deflateParams;
- exports.deflatePending = deflatePending;
- exports.deflatePrime = deflatePrime;
- exports.deflateTune = deflateTune;
- */
- },{"../utils/common":53,"./adler32":55,"./crc32":57,"./messages":63,"./trees":64}],59:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- function GZheader() {
- /* true if compressed data believed to be text */
- this.text = 0;
- /* modification time */
- this.time = 0;
- /* extra flags (not used when writing a gzip file) */
- this.xflags = 0;
- /* operating system */
- this.os = 0;
- /* pointer to extra field or Z_NULL if none */
- this.extra = null;
- /* extra field length (valid if extra != Z_NULL) */
- this.extra_len = 0; // Actually, we don't need it in JS,
- // but leave for few code modifications
- //
- // Setup limits is not necessary because in js we should not preallocate memory
- // for inflate use constant limit in 65536 bytes
- //
- /* space at extra (only when reading header) */
- // this.extra_max = 0;
- /* pointer to zero-terminated file name or Z_NULL */
- this.name = '';
- /* space at name (only when reading header) */
- // this.name_max = 0;
- /* pointer to zero-terminated comment or Z_NULL */
- this.comment = '';
- /* space at comment (only when reading header) */
- // this.comm_max = 0;
- /* true if there was or will be a header crc */
- this.hcrc = 0;
- /* true when done reading gzip header (not used when writing a gzip file) */
- this.done = false;
- }
- module.exports = GZheader;
- },{}],60:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- // See state defs from inflate.js
- var BAD = 30; /* got a data error -- remain here until reset */
- var TYPE = 12; /* i: waiting for type bits, including last-flag bit */
- /*
- Decode literal, length, and distance codes and write out the resulting
- literal and match bytes until either not enough input or output is
- available, an end-of-block is encountered, or a data error is encountered.
- When large enough input and output buffers are supplied to inflate(), for
- example, a 16K input buffer and a 64K output buffer, more than 95% of the
- inflate execution time is spent in this routine.
- Entry assumptions:
- state.mode === LEN
- strm.avail_in >= 6
- strm.avail_out >= 258
- start >= strm.avail_out
- state.bits < 8
- On return, state.mode is one of:
- LEN -- ran out of enough output space or enough available input
- TYPE -- reached end of block code, inflate() to interpret next block
- BAD -- error in block data
- Notes:
- - The maximum input bits used by a length/distance pair is 15 bits for the
- length code, 5 bits for the length extra, 15 bits for the distance code,
- and 13 bits for the distance extra. This totals 48 bits, or six bytes.
- Therefore if strm.avail_in >= 6, then there is enough input to avoid
- checking for available input while decoding.
- - The maximum bytes that a single length/distance pair can output is 258
- bytes, which is the maximum length that can be coded. inflate_fast()
- requires strm.avail_out >= 258 for each loop to avoid checking for
- output space.
- */
- module.exports = function inflate_fast(strm, start) {
- var state;
- var _in; /* local strm.input */
- var last; /* have enough input while in < last */
- var _out; /* local strm.output */
- var beg; /* inflate()'s initial strm.output */
- var end; /* while out < end, enough space available */
- //#ifdef INFLATE_STRICT
- var dmax; /* maximum distance from zlib header */
- //#endif
- var wsize; /* window size or zero if not using window */
- var whave; /* valid bytes in the window */
- var wnext; /* window write index */
- // Use `s_window` instead `window`, avoid conflict with instrumentation tools
- var s_window; /* allocated sliding window, if wsize != 0 */
- var hold; /* local strm.hold */
- var bits; /* local strm.bits */
- var lcode; /* local strm.lencode */
- var dcode; /* local strm.distcode */
- var lmask; /* mask for first level of length codes */
- var dmask; /* mask for first level of distance codes */
- var here; /* retrieved table entry */
- var op; /* code bits, operation, extra bits, or */
- /* window position, window bytes to copy */
- var len; /* match length, unused bytes */
- var dist; /* match distance */
- var from; /* where to copy match from */
- var from_source;
- var input, output; // JS specific, because we have no pointers
- /* copy state to local variables */
- state = strm.state;
- //here = state.here;
- _in = strm.next_in;
- input = strm.input;
- last = _in + (strm.avail_in - 5);
- _out = strm.next_out;
- output = strm.output;
- beg = _out - (start - strm.avail_out);
- end = _out + (strm.avail_out - 257);
- //#ifdef INFLATE_STRICT
- dmax = state.dmax;
- //#endif
- wsize = state.wsize;
- whave = state.whave;
- wnext = state.wnext;
- s_window = state.window;
- hold = state.hold;
- bits = state.bits;
- lcode = state.lencode;
- dcode = state.distcode;
- lmask = (1 << state.lenbits) - 1;
- dmask = (1 << state.distbits) - 1;
- /* decode literals and length/distances until end-of-block or not enough
- input data or output space */
- top:
- do {
- if (bits < 15) {
- hold += input[_in++] << bits;
- bits += 8;
- hold += input[_in++] << bits;
- bits += 8;
- }
- here = lcode[hold & lmask];
- dolen:
- for (;;) { // Goto emulation
- op = here >>> 24/*here.bits*/;
- hold >>>= op;
- bits -= op;
- op = (here >>> 16) & 0xff/*here.op*/;
- if (op === 0) { /* literal */
- //Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
- // "inflate: literal '%c'\n" :
- // "inflate: literal 0x%02x\n", here.val));
- output[_out++] = here & 0xffff/*here.val*/;
- }
- else if (op & 16) { /* length base */
- len = here & 0xffff/*here.val*/;
- op &= 15; /* number of extra bits */
- if (op) {
- if (bits < op) {
- hold += input[_in++] << bits;
- bits += 8;
- }
- len += hold & ((1 << op) - 1);
- hold >>>= op;
- bits -= op;
- }
- //Tracevv((stderr, "inflate: length %u\n", len));
- if (bits < 15) {
- hold += input[_in++] << bits;
- bits += 8;
- hold += input[_in++] << bits;
- bits += 8;
- }
- here = dcode[hold & dmask];
- dodist:
- for (;;) { // goto emulation
- op = here >>> 24/*here.bits*/;
- hold >>>= op;
- bits -= op;
- op = (here >>> 16) & 0xff/*here.op*/;
- if (op & 16) { /* distance base */
- dist = here & 0xffff/*here.val*/;
- op &= 15; /* number of extra bits */
- if (bits < op) {
- hold += input[_in++] << bits;
- bits += 8;
- if (bits < op) {
- hold += input[_in++] << bits;
- bits += 8;
- }
- }
- dist += hold & ((1 << op) - 1);
- //#ifdef INFLATE_STRICT
- if (dist > dmax) {
- strm.msg = 'invalid distance too far back';
- state.mode = BAD;
- break top;
- }
- //#endif
- hold >>>= op;
- bits -= op;
- //Tracevv((stderr, "inflate: distance %u\n", dist));
- op = _out - beg; /* max distance in output */
- if (dist > op) { /* see if copy from window */
- op = dist - op; /* distance back in window */
- if (op > whave) {
- if (state.sane) {
- strm.msg = 'invalid distance too far back';
- state.mode = BAD;
- break top;
- }
- // (!) This block is disabled in zlib defaults,
- // don't enable it for binary compatibility
- //#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
- // if (len <= op - whave) {
- // do {
- // output[_out++] = 0;
- // } while (--len);
- // continue top;
- // }
- // len -= op - whave;
- // do {
- // output[_out++] = 0;
- // } while (--op > whave);
- // if (op === 0) {
- // from = _out - dist;
- // do {
- // output[_out++] = output[from++];
- // } while (--len);
- // continue top;
- // }
- //#endif
- }
- from = 0; // window index
- from_source = s_window;
- if (wnext === 0) { /* very common case */
- from += wsize - op;
- if (op < len) { /* some from window */
- len -= op;
- do {
- output[_out++] = s_window[from++];
- } while (--op);
- from = _out - dist; /* rest from output */
- from_source = output;
- }
- }
- else if (wnext < op) { /* wrap around window */
- from += wsize + wnext - op;
- op -= wnext;
- if (op < len) { /* some from end of window */
- len -= op;
- do {
- output[_out++] = s_window[from++];
- } while (--op);
- from = 0;
- if (wnext < len) { /* some from start of window */
- op = wnext;
- len -= op;
- do {
- output[_out++] = s_window[from++];
- } while (--op);
- from = _out - dist; /* rest from output */
- from_source = output;
- }
- }
- }
- else { /* contiguous in window */
- from += wnext - op;
- if (op < len) { /* some from window */
- len -= op;
- do {
- output[_out++] = s_window[from++];
- } while (--op);
- from = _out - dist; /* rest from output */
- from_source = output;
- }
- }
- while (len > 2) {
- output[_out++] = from_source[from++];
- output[_out++] = from_source[from++];
- output[_out++] = from_source[from++];
- len -= 3;
- }
- if (len) {
- output[_out++] = from_source[from++];
- if (len > 1) {
- output[_out++] = from_source[from++];
- }
- }
- }
- else {
- from = _out - dist; /* copy direct from output */
- do { /* minimum length is three */
- output[_out++] = output[from++];
- output[_out++] = output[from++];
- output[_out++] = output[from++];
- len -= 3;
- } while (len > 2);
- if (len) {
- output[_out++] = output[from++];
- if (len > 1) {
- output[_out++] = output[from++];
- }
- }
- }
- }
- else if ((op & 64) === 0) { /* 2nd level distance code */
- here = dcode[(here & 0xffff)/*here.val*/ + (hold & ((1 << op) - 1))];
- continue dodist;
- }
- else {
- strm.msg = 'invalid distance code';
- state.mode = BAD;
- break top;
- }
- break; // need to emulate goto via "continue"
- }
- }
- else if ((op & 64) === 0) { /* 2nd level length code */
- here = lcode[(here & 0xffff)/*here.val*/ + (hold & ((1 << op) - 1))];
- continue dolen;
- }
- else if (op & 32) { /* end-of-block */
- //Tracevv((stderr, "inflate: end of block\n"));
- state.mode = TYPE;
- break top;
- }
- else {
- strm.msg = 'invalid literal/length code';
- state.mode = BAD;
- break top;
- }
- break; // need to emulate goto via "continue"
- }
- } while (_in < last && _out < end);
- /* return unused bytes (on entry, bits < 8, so in won't go too far back) */
- len = bits >> 3;
- _in -= len;
- bits -= len << 3;
- hold &= (1 << bits) - 1;
- /* update state and return */
- strm.next_in = _in;
- strm.next_out = _out;
- strm.avail_in = (_in < last ? 5 + (last - _in) : 5 - (_in - last));
- strm.avail_out = (_out < end ? 257 + (end - _out) : 257 - (_out - end));
- state.hold = hold;
- state.bits = bits;
- return;
- };
- },{}],61:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- var utils = require('../utils/common');
- var adler32 = require('./adler32');
- var crc32 = require('./crc32');
- var inflate_fast = require('./inffast');
- var inflate_table = require('./inftrees');
- var CODES = 0;
- var LENS = 1;
- var DISTS = 2;
- /* Public constants ==========================================================*/
- /* ===========================================================================*/
- /* Allowed flush values; see deflate() and inflate() below for details */
- //var Z_NO_FLUSH = 0;
- //var Z_PARTIAL_FLUSH = 1;
- //var Z_SYNC_FLUSH = 2;
- //var Z_FULL_FLUSH = 3;
- var Z_FINISH = 4;
- var Z_BLOCK = 5;
- var Z_TREES = 6;
- /* Return codes for the compression/decompression functions. Negative values
- * are errors, positive values are used for special but normal events.
- */
- var Z_OK = 0;
- var Z_STREAM_END = 1;
- var Z_NEED_DICT = 2;
- //var Z_ERRNO = -1;
- var Z_STREAM_ERROR = -2;
- var Z_DATA_ERROR = -3;
- var Z_MEM_ERROR = -4;
- var Z_BUF_ERROR = -5;
- //var Z_VERSION_ERROR = -6;
- /* The deflate compression method */
- var Z_DEFLATED = 8;
- /* STATES ====================================================================*/
- /* ===========================================================================*/
- var HEAD = 1; /* i: waiting for magic header */
- var FLAGS = 2; /* i: waiting for method and flags (gzip) */
- var TIME = 3; /* i: waiting for modification time (gzip) */
- var OS = 4; /* i: waiting for extra flags and operating system (gzip) */
- var EXLEN = 5; /* i: waiting for extra length (gzip) */
- var EXTRA = 6; /* i: waiting for extra bytes (gzip) */
- var NAME = 7; /* i: waiting for end of file name (gzip) */
- var COMMENT = 8; /* i: waiting for end of comment (gzip) */
- var HCRC = 9; /* i: waiting for header crc (gzip) */
- var DICTID = 10; /* i: waiting for dictionary check value */
- var DICT = 11; /* waiting for inflateSetDictionary() call */
- var TYPE = 12; /* i: waiting for type bits, including last-flag bit */
- var TYPEDO = 13; /* i: same, but skip check to exit inflate on new block */
- var STORED = 14; /* i: waiting for stored size (length and complement) */
- var COPY_ = 15; /* i/o: same as COPY below, but only first time in */
- var COPY = 16; /* i/o: waiting for input or output to copy stored block */
- var TABLE = 17; /* i: waiting for dynamic block table lengths */
- var LENLENS = 18; /* i: waiting for code length code lengths */
- var CODELENS = 19; /* i: waiting for length/lit and distance code lengths */
- var LEN_ = 20; /* i: same as LEN below, but only first time in */
- var LEN = 21; /* i: waiting for length/lit/eob code */
- var LENEXT = 22; /* i: waiting for length extra bits */
- var DIST = 23; /* i: waiting for distance code */
- var DISTEXT = 24; /* i: waiting for distance extra bits */
- var MATCH = 25; /* o: waiting for output space to copy string */
- var LIT = 26; /* o: waiting for output space to write literal */
- var CHECK = 27; /* i: waiting for 32-bit check value */
- var LENGTH = 28; /* i: waiting for 32-bit length (gzip) */
- var DONE = 29; /* finished check, done -- remain here until reset */
- var BAD = 30; /* got a data error -- remain here until reset */
- var MEM = 31; /* got an inflate() memory error -- remain here until reset */
- var SYNC = 32; /* looking for synchronization bytes to restart inflate() */
- /* ===========================================================================*/
- var ENOUGH_LENS = 852;
- var ENOUGH_DISTS = 592;
- //var ENOUGH = (ENOUGH_LENS+ENOUGH_DISTS);
- var MAX_WBITS = 15;
- /* 32K LZ77 window */
- var DEF_WBITS = MAX_WBITS;
- function zswap32(q) {
- return (((q >>> 24) & 0xff) +
- ((q >>> 8) & 0xff00) +
- ((q & 0xff00) << 8) +
- ((q & 0xff) << 24));
- }
- function InflateState() {
- this.mode = 0; /* current inflate mode */
- this.last = false; /* true if processing last block */
- this.wrap = 0; /* bit 0 true for zlib, bit 1 true for gzip */
- this.havedict = false; /* true if dictionary provided */
- this.flags = 0; /* gzip header method and flags (0 if zlib) */
- this.dmax = 0; /* zlib header max distance (INFLATE_STRICT) */
- this.check = 0; /* protected copy of check value */
- this.total = 0; /* protected copy of output count */
- // TODO: may be {}
- this.head = null; /* where to save gzip header information */
- /* sliding window */
- this.wbits = 0; /* log base 2 of requested window size */
- this.wsize = 0; /* window size or zero if not using window */
- this.whave = 0; /* valid bytes in the window */
- this.wnext = 0; /* window write index */
- this.window = null; /* allocated sliding window, if needed */
- /* bit accumulator */
- this.hold = 0; /* input bit accumulator */
- this.bits = 0; /* number of bits in "in" */
- /* for string and stored block copying */
- this.length = 0; /* literal or length of data to copy */
- this.offset = 0; /* distance back to copy string from */
- /* for table and code decoding */
- this.extra = 0; /* extra bits needed */
- /* fixed and dynamic code tables */
- this.lencode = null; /* starting table for length/literal codes */
- this.distcode = null; /* starting table for distance codes */
- this.lenbits = 0; /* index bits for lencode */
- this.distbits = 0; /* index bits for distcode */
- /* dynamic table building */
- this.ncode = 0; /* number of code length code lengths */
- this.nlen = 0; /* number of length code lengths */
- this.ndist = 0; /* number of distance code lengths */
- this.have = 0; /* number of code lengths in lens[] */
- this.next = null; /* next available space in codes[] */
- this.lens = new utils.Buf16(320); /* temporary storage for code lengths */
- this.work = new utils.Buf16(288); /* work area for code table building */
- /*
- because we don't have pointers in js, we use lencode and distcode directly
- as buffers so we don't need codes
- */
- //this.codes = new utils.Buf32(ENOUGH); /* space for code tables */
- this.lendyn = null; /* dynamic table for length/literal codes (JS specific) */
- this.distdyn = null; /* dynamic table for distance codes (JS specific) */
- this.sane = 0; /* if false, allow invalid distance too far */
- this.back = 0; /* bits back of last unprocessed length/lit */
- this.was = 0; /* initial length of match */
- }
- function inflateResetKeep(strm) {
- var state;
- if (!strm || !strm.state) { return Z_STREAM_ERROR; }
- state = strm.state;
- strm.total_in = strm.total_out = state.total = 0;
- strm.msg = ''; /*Z_NULL*/
- if (state.wrap) { /* to support ill-conceived Java test suite */
- strm.adler = state.wrap & 1;
- }
- state.mode = HEAD;
- state.last = 0;
- state.havedict = 0;
- state.dmax = 32768;
- state.head = null/*Z_NULL*/;
- state.hold = 0;
- state.bits = 0;
- //state.lencode = state.distcode = state.next = state.codes;
- state.lencode = state.lendyn = new utils.Buf32(ENOUGH_LENS);
- state.distcode = state.distdyn = new utils.Buf32(ENOUGH_DISTS);
- state.sane = 1;
- state.back = -1;
- //Tracev((stderr, "inflate: reset\n"));
- return Z_OK;
- }
- function inflateReset(strm) {
- var state;
- if (!strm || !strm.state) { return Z_STREAM_ERROR; }
- state = strm.state;
- state.wsize = 0;
- state.whave = 0;
- state.wnext = 0;
- return inflateResetKeep(strm);
- }
- function inflateReset2(strm, windowBits) {
- var wrap;
- var state;
- /* get the state */
- if (!strm || !strm.state) { return Z_STREAM_ERROR; }
- state = strm.state;
- /* extract wrap request from windowBits parameter */
- if (windowBits < 0) {
- wrap = 0;
- windowBits = -windowBits;
- }
- else {
- wrap = (windowBits >> 4) + 1;
- if (windowBits < 48) {
- windowBits &= 15;
- }
- }
- /* set number of window bits, free window if different */
- if (windowBits && (windowBits < 8 || windowBits > 15)) {
- return Z_STREAM_ERROR;
- }
- if (state.window !== null && state.wbits !== windowBits) {
- state.window = null;
- }
- /* update state and reset the rest of it */
- state.wrap = wrap;
- state.wbits = windowBits;
- return inflateReset(strm);
- }
- function inflateInit2(strm, windowBits) {
- var ret;
- var state;
- if (!strm) { return Z_STREAM_ERROR; }
- //strm.msg = Z_NULL; /* in case we return an error */
- state = new InflateState();
- //if (state === Z_NULL) return Z_MEM_ERROR;
- //Tracev((stderr, "inflate: allocated\n"));
- strm.state = state;
- state.window = null/*Z_NULL*/;
- ret = inflateReset2(strm, windowBits);
- if (ret !== Z_OK) {
- strm.state = null/*Z_NULL*/;
- }
- return ret;
- }
- function inflateInit(strm) {
- return inflateInit2(strm, DEF_WBITS);
- }
- /*
- Return state with length and distance decoding tables and index sizes set to
- fixed code decoding. Normally this returns fixed tables from inffixed.h.
- If BUILDFIXED is defined, then instead this routine builds the tables the
- first time it's called, and returns those tables the first time and
- thereafter. This reduces the size of the code by about 2K bytes, in
- exchange for a little execution time. However, BUILDFIXED should not be
- used for threaded applications, since the rewriting of the tables and virgin
- may not be thread-safe.
- */
- var virgin = true;
- var lenfix, distfix; // We have no pointers in JS, so keep tables separate
- function fixedtables(state) {
- /* build fixed huffman tables if first call (may not be thread safe) */
- if (virgin) {
- var sym;
- lenfix = new utils.Buf32(512);
- distfix = new utils.Buf32(32);
- /* literal/length table */
- sym = 0;
- while (sym < 144) { state.lens[sym++] = 8; }
- while (sym < 256) { state.lens[sym++] = 9; }
- while (sym < 280) { state.lens[sym++] = 7; }
- while (sym < 288) { state.lens[sym++] = 8; }
- inflate_table(LENS, state.lens, 0, 288, lenfix, 0, state.work, { bits: 9 });
- /* distance table */
- sym = 0;
- while (sym < 32) { state.lens[sym++] = 5; }
- inflate_table(DISTS, state.lens, 0, 32, distfix, 0, state.work, { bits: 5 });
- /* do this just once */
- virgin = false;
- }
- state.lencode = lenfix;
- state.lenbits = 9;
- state.distcode = distfix;
- state.distbits = 5;
- }
- /*
- Update the window with the last wsize (normally 32K) bytes written before
- returning. If window does not exist yet, create it. This is only called
- when a window is already in use, or when output has been written during this
- inflate call, but the end of the deflate stream has not been reached yet.
- It is also called to create a window for dictionary data when a dictionary
- is loaded.
- Providing output buffers larger than 32K to inflate() should provide a speed
- advantage, since only the last 32K of output is copied to the sliding window
- upon return from inflate(), and since all distances after the first 32K of
- output will fall in the output data, making match copies simpler and faster.
- The advantage may be dependent on the size of the processor's data caches.
- */
- function updatewindow(strm, src, end, copy) {
- var dist;
- var state = strm.state;
- /* if it hasn't been done already, allocate space for the window */
- if (state.window === null) {
- state.wsize = 1 << state.wbits;
- state.wnext = 0;
- state.whave = 0;
- state.window = new utils.Buf8(state.wsize);
- }
- /* copy state->wsize or less output bytes into the circular window */
- if (copy >= state.wsize) {
- utils.arraySet(state.window, src, end - state.wsize, state.wsize, 0);
- state.wnext = 0;
- state.whave = state.wsize;
- }
- else {
- dist = state.wsize - state.wnext;
- if (dist > copy) {
- dist = copy;
- }
- //zmemcpy(state->window + state->wnext, end - copy, dist);
- utils.arraySet(state.window, src, end - copy, dist, state.wnext);
- copy -= dist;
- if (copy) {
- //zmemcpy(state->window, end - copy, copy);
- utils.arraySet(state.window, src, end - copy, copy, 0);
- state.wnext = copy;
- state.whave = state.wsize;
- }
- else {
- state.wnext += dist;
- if (state.wnext === state.wsize) { state.wnext = 0; }
- if (state.whave < state.wsize) { state.whave += dist; }
- }
- }
- return 0;
- }
- function inflate(strm, flush) {
- var state;
- var input, output; // input/output buffers
- var next; /* next input INDEX */
- var put; /* next output INDEX */
- var have, left; /* available input and output */
- var hold; /* bit buffer */
- var bits; /* bits in bit buffer */
- var _in, _out; /* save starting available input and output */
- var copy; /* number of stored or match bytes to copy */
- var from; /* where to copy match bytes from */
- var from_source;
- var here = 0; /* current decoding table entry */
- var here_bits, here_op, here_val; // paked "here" denormalized (JS specific)
- //var last; /* parent table entry */
- var last_bits, last_op, last_val; // paked "last" denormalized (JS specific)
- var len; /* length to copy for repeats, bits to drop */
- var ret; /* return code */
- var hbuf = new utils.Buf8(4); /* buffer for gzip header crc calculation */
- var opts;
- var n; // temporary var for NEED_BITS
- var order = /* permutation of code lengths */
- [ 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15 ];
- if (!strm || !strm.state || !strm.output ||
- (!strm.input && strm.avail_in !== 0)) {
- return Z_STREAM_ERROR;
- }
- state = strm.state;
- if (state.mode === TYPE) { state.mode = TYPEDO; } /* skip check */
- //--- LOAD() ---
- put = strm.next_out;
- output = strm.output;
- left = strm.avail_out;
- next = strm.next_in;
- input = strm.input;
- have = strm.avail_in;
- hold = state.hold;
- bits = state.bits;
- //---
- _in = have;
- _out = left;
- ret = Z_OK;
- inf_leave: // goto emulation
- for (;;) {
- switch (state.mode) {
- case HEAD:
- if (state.wrap === 0) {
- state.mode = TYPEDO;
- break;
- }
- //=== NEEDBITS(16);
- while (bits < 16) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if ((state.wrap & 2) && hold === 0x8b1f) { /* gzip header */
- state.check = 0/*crc32(0L, Z_NULL, 0)*/;
- //=== CRC2(state.check, hold);
- hbuf[0] = hold & 0xff;
- hbuf[1] = (hold >>> 8) & 0xff;
- state.check = crc32(state.check, hbuf, 2, 0);
- //===//
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = FLAGS;
- break;
- }
- state.flags = 0; /* expect zlib header */
- if (state.head) {
- state.head.done = false;
- }
- if (!(state.wrap & 1) || /* check if zlib header allowed */
- (((hold & 0xff)/*BITS(8)*/ << 8) + (hold >> 8)) % 31) {
- strm.msg = 'incorrect header check';
- state.mode = BAD;
- break;
- }
- if ((hold & 0x0f)/*BITS(4)*/ !== Z_DEFLATED) {
- strm.msg = 'unknown compression method';
- state.mode = BAD;
- break;
- }
- //--- DROPBITS(4) ---//
- hold >>>= 4;
- bits -= 4;
- //---//
- len = (hold & 0x0f)/*BITS(4)*/ + 8;
- if (state.wbits === 0) {
- state.wbits = len;
- }
- else if (len > state.wbits) {
- strm.msg = 'invalid window size';
- state.mode = BAD;
- break;
- }
- state.dmax = 1 << len;
- //Tracev((stderr, "inflate: zlib header ok\n"));
- strm.adler = state.check = 1/*adler32(0L, Z_NULL, 0)*/;
- state.mode = hold & 0x200 ? DICTID : TYPE;
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- break;
- case FLAGS:
- //=== NEEDBITS(16); */
- while (bits < 16) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.flags = hold;
- if ((state.flags & 0xff) !== Z_DEFLATED) {
- strm.msg = 'unknown compression method';
- state.mode = BAD;
- break;
- }
- if (state.flags & 0xe000) {
- strm.msg = 'unknown header flags set';
- state.mode = BAD;
- break;
- }
- if (state.head) {
- state.head.text = ((hold >> 8) & 1);
- }
- if (state.flags & 0x0200) {
- //=== CRC2(state.check, hold);
- hbuf[0] = hold & 0xff;
- hbuf[1] = (hold >>> 8) & 0xff;
- state.check = crc32(state.check, hbuf, 2, 0);
- //===//
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = TIME;
- /* falls through */
- case TIME:
- //=== NEEDBITS(32); */
- while (bits < 32) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if (state.head) {
- state.head.time = hold;
- }
- if (state.flags & 0x0200) {
- //=== CRC4(state.check, hold)
- hbuf[0] = hold & 0xff;
- hbuf[1] = (hold >>> 8) & 0xff;
- hbuf[2] = (hold >>> 16) & 0xff;
- hbuf[3] = (hold >>> 24) & 0xff;
- state.check = crc32(state.check, hbuf, 4, 0);
- //===
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = OS;
- /* falls through */
- case OS:
- //=== NEEDBITS(16); */
- while (bits < 16) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if (state.head) {
- state.head.xflags = (hold & 0xff);
- state.head.os = (hold >> 8);
- }
- if (state.flags & 0x0200) {
- //=== CRC2(state.check, hold);
- hbuf[0] = hold & 0xff;
- hbuf[1] = (hold >>> 8) & 0xff;
- state.check = crc32(state.check, hbuf, 2, 0);
- //===//
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = EXLEN;
- /* falls through */
- case EXLEN:
- if (state.flags & 0x0400) {
- //=== NEEDBITS(16); */
- while (bits < 16) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.length = hold;
- if (state.head) {
- state.head.extra_len = hold;
- }
- if (state.flags & 0x0200) {
- //=== CRC2(state.check, hold);
- hbuf[0] = hold & 0xff;
- hbuf[1] = (hold >>> 8) & 0xff;
- state.check = crc32(state.check, hbuf, 2, 0);
- //===//
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- }
- else if (state.head) {
- state.head.extra = null/*Z_NULL*/;
- }
- state.mode = EXTRA;
- /* falls through */
- case EXTRA:
- if (state.flags & 0x0400) {
- copy = state.length;
- if (copy > have) { copy = have; }
- if (copy) {
- if (state.head) {
- len = state.head.extra_len - state.length;
- if (!state.head.extra) {
- // Use untyped array for more convenient processing later
- state.head.extra = new Array(state.head.extra_len);
- }
- utils.arraySet(
- state.head.extra,
- input,
- next,
- // extra field is limited to 65536 bytes
- // - no need for additional size check
- copy,
- /*len + copy > state.head.extra_max - len ? state.head.extra_max : copy,*/
- len
- );
- //zmemcpy(state.head.extra + len, next,
- // len + copy > state.head.extra_max ?
- // state.head.extra_max - len : copy);
- }
- if (state.flags & 0x0200) {
- state.check = crc32(state.check, input, copy, next);
- }
- have -= copy;
- next += copy;
- state.length -= copy;
- }
- if (state.length) { break inf_leave; }
- }
- state.length = 0;
- state.mode = NAME;
- /* falls through */
- case NAME:
- if (state.flags & 0x0800) {
- if (have === 0) { break inf_leave; }
- copy = 0;
- do {
- // TODO: 2 or 1 bytes?
- len = input[next + copy++];
- /* use constant limit because in js we should not preallocate memory */
- if (state.head && len &&
- (state.length < 65536 /*state.head.name_max*/)) {
- state.head.name += String.fromCharCode(len);
- }
- } while (len && copy < have);
- if (state.flags & 0x0200) {
- state.check = crc32(state.check, input, copy, next);
- }
- have -= copy;
- next += copy;
- if (len) { break inf_leave; }
- }
- else if (state.head) {
- state.head.name = null;
- }
- state.length = 0;
- state.mode = COMMENT;
- /* falls through */
- case COMMENT:
- if (state.flags & 0x1000) {
- if (have === 0) { break inf_leave; }
- copy = 0;
- do {
- len = input[next + copy++];
- /* use constant limit because in js we should not preallocate memory */
- if (state.head && len &&
- (state.length < 65536 /*state.head.comm_max*/)) {
- state.head.comment += String.fromCharCode(len);
- }
- } while (len && copy < have);
- if (state.flags & 0x0200) {
- state.check = crc32(state.check, input, copy, next);
- }
- have -= copy;
- next += copy;
- if (len) { break inf_leave; }
- }
- else if (state.head) {
- state.head.comment = null;
- }
- state.mode = HCRC;
- /* falls through */
- case HCRC:
- if (state.flags & 0x0200) {
- //=== NEEDBITS(16); */
- while (bits < 16) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if (hold !== (state.check & 0xffff)) {
- strm.msg = 'header crc mismatch';
- state.mode = BAD;
- break;
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- }
- if (state.head) {
- state.head.hcrc = ((state.flags >> 9) & 1);
- state.head.done = true;
- }
- strm.adler = state.check = 0;
- state.mode = TYPE;
- break;
- case DICTID:
- //=== NEEDBITS(32); */
- while (bits < 32) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- strm.adler = state.check = zswap32(hold);
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = DICT;
- /* falls through */
- case DICT:
- if (state.havedict === 0) {
- //--- RESTORE() ---
- strm.next_out = put;
- strm.avail_out = left;
- strm.next_in = next;
- strm.avail_in = have;
- state.hold = hold;
- state.bits = bits;
- //---
- return Z_NEED_DICT;
- }
- strm.adler = state.check = 1/*adler32(0L, Z_NULL, 0)*/;
- state.mode = TYPE;
- /* falls through */
- case TYPE:
- if (flush === Z_BLOCK || flush === Z_TREES) { break inf_leave; }
- /* falls through */
- case TYPEDO:
- if (state.last) {
- //--- BYTEBITS() ---//
- hold >>>= bits & 7;
- bits -= bits & 7;
- //---//
- state.mode = CHECK;
- break;
- }
- //=== NEEDBITS(3); */
- while (bits < 3) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.last = (hold & 0x01)/*BITS(1)*/;
- //--- DROPBITS(1) ---//
- hold >>>= 1;
- bits -= 1;
- //---//
- switch ((hold & 0x03)/*BITS(2)*/) {
- case 0: /* stored block */
- //Tracev((stderr, "inflate: stored block%s\n",
- // state.last ? " (last)" : ""));
- state.mode = STORED;
- break;
- case 1: /* fixed block */
- fixedtables(state);
- //Tracev((stderr, "inflate: fixed codes block%s\n",
- // state.last ? " (last)" : ""));
- state.mode = LEN_; /* decode codes */
- if (flush === Z_TREES) {
- //--- DROPBITS(2) ---//
- hold >>>= 2;
- bits -= 2;
- //---//
- break inf_leave;
- }
- break;
- case 2: /* dynamic block */
- //Tracev((stderr, "inflate: dynamic codes block%s\n",
- // state.last ? " (last)" : ""));
- state.mode = TABLE;
- break;
- case 3:
- strm.msg = 'invalid block type';
- state.mode = BAD;
- }
- //--- DROPBITS(2) ---//
- hold >>>= 2;
- bits -= 2;
- //---//
- break;
- case STORED:
- //--- BYTEBITS() ---// /* go to byte boundary */
- hold >>>= bits & 7;
- bits -= bits & 7;
- //---//
- //=== NEEDBITS(32); */
- while (bits < 32) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if ((hold & 0xffff) !== ((hold >>> 16) ^ 0xffff)) {
- strm.msg = 'invalid stored block lengths';
- state.mode = BAD;
- break;
- }
- state.length = hold & 0xffff;
- //Tracev((stderr, "inflate: stored length %u\n",
- // state.length));
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- state.mode = COPY_;
- if (flush === Z_TREES) { break inf_leave; }
- /* falls through */
- case COPY_:
- state.mode = COPY;
- /* falls through */
- case COPY:
- copy = state.length;
- if (copy) {
- if (copy > have) { copy = have; }
- if (copy > left) { copy = left; }
- if (copy === 0) { break inf_leave; }
- //--- zmemcpy(put, next, copy); ---
- utils.arraySet(output, input, next, copy, put);
- //---//
- have -= copy;
- next += copy;
- left -= copy;
- put += copy;
- state.length -= copy;
- break;
- }
- //Tracev((stderr, "inflate: stored end\n"));
- state.mode = TYPE;
- break;
- case TABLE:
- //=== NEEDBITS(14); */
- while (bits < 14) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.nlen = (hold & 0x1f)/*BITS(5)*/ + 257;
- //--- DROPBITS(5) ---//
- hold >>>= 5;
- bits -= 5;
- //---//
- state.ndist = (hold & 0x1f)/*BITS(5)*/ + 1;
- //--- DROPBITS(5) ---//
- hold >>>= 5;
- bits -= 5;
- //---//
- state.ncode = (hold & 0x0f)/*BITS(4)*/ + 4;
- //--- DROPBITS(4) ---//
- hold >>>= 4;
- bits -= 4;
- //---//
- //#ifndef PKZIP_BUG_WORKAROUND
- if (state.nlen > 286 || state.ndist > 30) {
- strm.msg = 'too many length or distance symbols';
- state.mode = BAD;
- break;
- }
- //#endif
- //Tracev((stderr, "inflate: table sizes ok\n"));
- state.have = 0;
- state.mode = LENLENS;
- /* falls through */
- case LENLENS:
- while (state.have < state.ncode) {
- //=== NEEDBITS(3);
- while (bits < 3) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.lens[order[state.have++]] = (hold & 0x07);//BITS(3);
- //--- DROPBITS(3) ---//
- hold >>>= 3;
- bits -= 3;
- //---//
- }
- while (state.have < 19) {
- state.lens[order[state.have++]] = 0;
- }
- // We have separate tables & no pointers. 2 commented lines below not needed.
- //state.next = state.codes;
- //state.lencode = state.next;
- // Switch to use dynamic table
- state.lencode = state.lendyn;
- state.lenbits = 7;
- opts = { bits: state.lenbits };
- ret = inflate_table(CODES, state.lens, 0, 19, state.lencode, 0, state.work, opts);
- state.lenbits = opts.bits;
- if (ret) {
- strm.msg = 'invalid code lengths set';
- state.mode = BAD;
- break;
- }
- //Tracev((stderr, "inflate: code lengths ok\n"));
- state.have = 0;
- state.mode = CODELENS;
- /* falls through */
- case CODELENS:
- while (state.have < state.nlen + state.ndist) {
- for (;;) {
- here = state.lencode[hold & ((1 << state.lenbits) - 1)];/*BITS(state.lenbits)*/
- here_bits = here >>> 24;
- here_op = (here >>> 16) & 0xff;
- here_val = here & 0xffff;
- if ((here_bits) <= bits) { break; }
- //--- PULLBYTE() ---//
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- //---//
- }
- if (here_val < 16) {
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- state.lens[state.have++] = here_val;
- }
- else {
- if (here_val === 16) {
- //=== NEEDBITS(here.bits + 2);
- n = here_bits + 2;
- while (bits < n) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- if (state.have === 0) {
- strm.msg = 'invalid bit length repeat';
- state.mode = BAD;
- break;
- }
- len = state.lens[state.have - 1];
- copy = 3 + (hold & 0x03);//BITS(2);
- //--- DROPBITS(2) ---//
- hold >>>= 2;
- bits -= 2;
- //---//
- }
- else if (here_val === 17) {
- //=== NEEDBITS(here.bits + 3);
- n = here_bits + 3;
- while (bits < n) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- len = 0;
- copy = 3 + (hold & 0x07);//BITS(3);
- //--- DROPBITS(3) ---//
- hold >>>= 3;
- bits -= 3;
- //---//
- }
- else {
- //=== NEEDBITS(here.bits + 7);
- n = here_bits + 7;
- while (bits < n) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- len = 0;
- copy = 11 + (hold & 0x7f);//BITS(7);
- //--- DROPBITS(7) ---//
- hold >>>= 7;
- bits -= 7;
- //---//
- }
- if (state.have + copy > state.nlen + state.ndist) {
- strm.msg = 'invalid bit length repeat';
- state.mode = BAD;
- break;
- }
- while (copy--) {
- state.lens[state.have++] = len;
- }
- }
- }
- /* handle error breaks in while */
- if (state.mode === BAD) { break; }
- /* check for end-of-block code (better have one) */
- if (state.lens[256] === 0) {
- strm.msg = 'invalid code -- missing end-of-block';
- state.mode = BAD;
- break;
- }
- /* build code tables -- note: do not change the lenbits or distbits
- values here (9 and 6) without reading the comments in inftrees.h
- concerning the ENOUGH constants, which depend on those values */
- state.lenbits = 9;
- opts = { bits: state.lenbits };
- ret = inflate_table(LENS, state.lens, 0, state.nlen, state.lencode, 0, state.work, opts);
- // We have separate tables & no pointers. 2 commented lines below not needed.
- // state.next_index = opts.table_index;
- state.lenbits = opts.bits;
- // state.lencode = state.next;
- if (ret) {
- strm.msg = 'invalid literal/lengths set';
- state.mode = BAD;
- break;
- }
- state.distbits = 6;
- //state.distcode.copy(state.codes);
- // Switch to use dynamic table
- state.distcode = state.distdyn;
- opts = { bits: state.distbits };
- ret = inflate_table(DISTS, state.lens, state.nlen, state.ndist, state.distcode, 0, state.work, opts);
- // We have separate tables & no pointers. 2 commented lines below not needed.
- // state.next_index = opts.table_index;
- state.distbits = opts.bits;
- // state.distcode = state.next;
- if (ret) {
- strm.msg = 'invalid distances set';
- state.mode = BAD;
- break;
- }
- //Tracev((stderr, 'inflate: codes ok\n'));
- state.mode = LEN_;
- if (flush === Z_TREES) { break inf_leave; }
- /* falls through */
- case LEN_:
- state.mode = LEN;
- /* falls through */
- case LEN:
- if (have >= 6 && left >= 258) {
- //--- RESTORE() ---
- strm.next_out = put;
- strm.avail_out = left;
- strm.next_in = next;
- strm.avail_in = have;
- state.hold = hold;
- state.bits = bits;
- //---
- inflate_fast(strm, _out);
- //--- LOAD() ---
- put = strm.next_out;
- output = strm.output;
- left = strm.avail_out;
- next = strm.next_in;
- input = strm.input;
- have = strm.avail_in;
- hold = state.hold;
- bits = state.bits;
- //---
- if (state.mode === TYPE) {
- state.back = -1;
- }
- break;
- }
- state.back = 0;
- for (;;) {
- here = state.lencode[hold & ((1 << state.lenbits) - 1)]; /*BITS(state.lenbits)*/
- here_bits = here >>> 24;
- here_op = (here >>> 16) & 0xff;
- here_val = here & 0xffff;
- if (here_bits <= bits) { break; }
- //--- PULLBYTE() ---//
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- //---//
- }
- if (here_op && (here_op & 0xf0) === 0) {
- last_bits = here_bits;
- last_op = here_op;
- last_val = here_val;
- for (;;) {
- here = state.lencode[last_val +
- ((hold & ((1 << (last_bits + last_op)) - 1))/*BITS(last.bits + last.op)*/ >> last_bits)];
- here_bits = here >>> 24;
- here_op = (here >>> 16) & 0xff;
- here_val = here & 0xffff;
- if ((last_bits + here_bits) <= bits) { break; }
- //--- PULLBYTE() ---//
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- //---//
- }
- //--- DROPBITS(last.bits) ---//
- hold >>>= last_bits;
- bits -= last_bits;
- //---//
- state.back += last_bits;
- }
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- state.back += here_bits;
- state.length = here_val;
- if (here_op === 0) {
- //Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
- // "inflate: literal '%c'\n" :
- // "inflate: literal 0x%02x\n", here.val));
- state.mode = LIT;
- break;
- }
- if (here_op & 32) {
- //Tracevv((stderr, "inflate: end of block\n"));
- state.back = -1;
- state.mode = TYPE;
- break;
- }
- if (here_op & 64) {
- strm.msg = 'invalid literal/length code';
- state.mode = BAD;
- break;
- }
- state.extra = here_op & 15;
- state.mode = LENEXT;
- /* falls through */
- case LENEXT:
- if (state.extra) {
- //=== NEEDBITS(state.extra);
- n = state.extra;
- while (bits < n) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.length += hold & ((1 << state.extra) - 1)/*BITS(state.extra)*/;
- //--- DROPBITS(state.extra) ---//
- hold >>>= state.extra;
- bits -= state.extra;
- //---//
- state.back += state.extra;
- }
- //Tracevv((stderr, "inflate: length %u\n", state.length));
- state.was = state.length;
- state.mode = DIST;
- /* falls through */
- case DIST:
- for (;;) {
- here = state.distcode[hold & ((1 << state.distbits) - 1)];/*BITS(state.distbits)*/
- here_bits = here >>> 24;
- here_op = (here >>> 16) & 0xff;
- here_val = here & 0xffff;
- if ((here_bits) <= bits) { break; }
- //--- PULLBYTE() ---//
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- //---//
- }
- if ((here_op & 0xf0) === 0) {
- last_bits = here_bits;
- last_op = here_op;
- last_val = here_val;
- for (;;) {
- here = state.distcode[last_val +
- ((hold & ((1 << (last_bits + last_op)) - 1))/*BITS(last.bits + last.op)*/ >> last_bits)];
- here_bits = here >>> 24;
- here_op = (here >>> 16) & 0xff;
- here_val = here & 0xffff;
- if ((last_bits + here_bits) <= bits) { break; }
- //--- PULLBYTE() ---//
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- //---//
- }
- //--- DROPBITS(last.bits) ---//
- hold >>>= last_bits;
- bits -= last_bits;
- //---//
- state.back += last_bits;
- }
- //--- DROPBITS(here.bits) ---//
- hold >>>= here_bits;
- bits -= here_bits;
- //---//
- state.back += here_bits;
- if (here_op & 64) {
- strm.msg = 'invalid distance code';
- state.mode = BAD;
- break;
- }
- state.offset = here_val;
- state.extra = (here_op) & 15;
- state.mode = DISTEXT;
- /* falls through */
- case DISTEXT:
- if (state.extra) {
- //=== NEEDBITS(state.extra);
- n = state.extra;
- while (bits < n) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- state.offset += hold & ((1 << state.extra) - 1)/*BITS(state.extra)*/;
- //--- DROPBITS(state.extra) ---//
- hold >>>= state.extra;
- bits -= state.extra;
- //---//
- state.back += state.extra;
- }
- //#ifdef INFLATE_STRICT
- if (state.offset > state.dmax) {
- strm.msg = 'invalid distance too far back';
- state.mode = BAD;
- break;
- }
- //#endif
- //Tracevv((stderr, "inflate: distance %u\n", state.offset));
- state.mode = MATCH;
- /* falls through */
- case MATCH:
- if (left === 0) { break inf_leave; }
- copy = _out - left;
- if (state.offset > copy) { /* copy from window */
- copy = state.offset - copy;
- if (copy > state.whave) {
- if (state.sane) {
- strm.msg = 'invalid distance too far back';
- state.mode = BAD;
- break;
- }
- // (!) This block is disabled in zlib defaults,
- // don't enable it for binary compatibility
- //#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
- // Trace((stderr, "inflate.c too far\n"));
- // copy -= state.whave;
- // if (copy > state.length) { copy = state.length; }
- // if (copy > left) { copy = left; }
- // left -= copy;
- // state.length -= copy;
- // do {
- // output[put++] = 0;
- // } while (--copy);
- // if (state.length === 0) { state.mode = LEN; }
- // break;
- //#endif
- }
- if (copy > state.wnext) {
- copy -= state.wnext;
- from = state.wsize - copy;
- }
- else {
- from = state.wnext - copy;
- }
- if (copy > state.length) { copy = state.length; }
- from_source = state.window;
- }
- else { /* copy from output */
- from_source = output;
- from = put - state.offset;
- copy = state.length;
- }
- if (copy > left) { copy = left; }
- left -= copy;
- state.length -= copy;
- do {
- output[put++] = from_source[from++];
- } while (--copy);
- if (state.length === 0) { state.mode = LEN; }
- break;
- case LIT:
- if (left === 0) { break inf_leave; }
- output[put++] = state.length;
- left--;
- state.mode = LEN;
- break;
- case CHECK:
- if (state.wrap) {
- //=== NEEDBITS(32);
- while (bits < 32) {
- if (have === 0) { break inf_leave; }
- have--;
- // Use '|' instead of '+' to make sure that result is signed
- hold |= input[next++] << bits;
- bits += 8;
- }
- //===//
- _out -= left;
- strm.total_out += _out;
- state.total += _out;
- if (_out) {
- strm.adler = state.check =
- /*UPDATE(state.check, put - _out, _out);*/
- (state.flags ? crc32(state.check, output, _out, put - _out) : adler32(state.check, output, _out, put - _out));
- }
- _out = left;
- // NB: crc32 stored as signed 32-bit int, zswap32 returns signed too
- if ((state.flags ? hold : zswap32(hold)) !== state.check) {
- strm.msg = 'incorrect data check';
- state.mode = BAD;
- break;
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- //Tracev((stderr, "inflate: check matches trailer\n"));
- }
- state.mode = LENGTH;
- /* falls through */
- case LENGTH:
- if (state.wrap && state.flags) {
- //=== NEEDBITS(32);
- while (bits < 32) {
- if (have === 0) { break inf_leave; }
- have--;
- hold += input[next++] << bits;
- bits += 8;
- }
- //===//
- if (hold !== (state.total & 0xffffffff)) {
- strm.msg = 'incorrect length check';
- state.mode = BAD;
- break;
- }
- //=== INITBITS();
- hold = 0;
- bits = 0;
- //===//
- //Tracev((stderr, "inflate: length matches trailer\n"));
- }
- state.mode = DONE;
- /* falls through */
- case DONE:
- ret = Z_STREAM_END;
- break inf_leave;
- case BAD:
- ret = Z_DATA_ERROR;
- break inf_leave;
- case MEM:
- return Z_MEM_ERROR;
- case SYNC:
- /* falls through */
- default:
- return Z_STREAM_ERROR;
- }
- }
- // inf_leave <- here is real place for "goto inf_leave", emulated via "break inf_leave"
- /*
- Return from inflate(), updating the total counts and the check value.
- If there was no progress during the inflate() call, return a buffer
- error. Call updatewindow() to create and/or update the window state.
- Note: a memory error from inflate() is non-recoverable.
- */
- //--- RESTORE() ---
- strm.next_out = put;
- strm.avail_out = left;
- strm.next_in = next;
- strm.avail_in = have;
- state.hold = hold;
- state.bits = bits;
- //---
- if (state.wsize || (_out !== strm.avail_out && state.mode < BAD &&
- (state.mode < CHECK || flush !== Z_FINISH))) {
- if (updatewindow(strm, strm.output, strm.next_out, _out - strm.avail_out)) {
- state.mode = MEM;
- return Z_MEM_ERROR;
- }
- }
- _in -= strm.avail_in;
- _out -= strm.avail_out;
- strm.total_in += _in;
- strm.total_out += _out;
- state.total += _out;
- if (state.wrap && _out) {
- strm.adler = state.check = /*UPDATE(state.check, strm.next_out - _out, _out);*/
- (state.flags ? crc32(state.check, output, _out, strm.next_out - _out) : adler32(state.check, output, _out, strm.next_out - _out));
- }
- strm.data_type = state.bits + (state.last ? 64 : 0) +
- (state.mode === TYPE ? 128 : 0) +
- (state.mode === LEN_ || state.mode === COPY_ ? 256 : 0);
- if (((_in === 0 && _out === 0) || flush === Z_FINISH) && ret === Z_OK) {
- ret = Z_BUF_ERROR;
- }
- return ret;
- }
- function inflateEnd(strm) {
- if (!strm || !strm.state /*|| strm->zfree == (free_func)0*/) {
- return Z_STREAM_ERROR;
- }
- var state = strm.state;
- if (state.window) {
- state.window = null;
- }
- strm.state = null;
- return Z_OK;
- }
- function inflateGetHeader(strm, head) {
- var state;
- /* check state */
- if (!strm || !strm.state) { return Z_STREAM_ERROR; }
- state = strm.state;
- if ((state.wrap & 2) === 0) { return Z_STREAM_ERROR; }
- /* save header structure */
- state.head = head;
- head.done = false;
- return Z_OK;
- }
- function inflateSetDictionary(strm, dictionary) {
- var dictLength = dictionary.length;
- var state;
- var dictid;
- var ret;
- /* check state */
- if (!strm /* == Z_NULL */ || !strm.state /* == Z_NULL */) { return Z_STREAM_ERROR; }
- state = strm.state;
- if (state.wrap !== 0 && state.mode !== DICT) {
- return Z_STREAM_ERROR;
- }
- /* check for correct dictionary identifier */
- if (state.mode === DICT) {
- dictid = 1; /* adler32(0, null, 0)*/
- /* dictid = adler32(dictid, dictionary, dictLength); */
- dictid = adler32(dictid, dictionary, dictLength, 0);
- if (dictid !== state.check) {
- return Z_DATA_ERROR;
- }
- }
- /* copy dictionary to window using updatewindow(), which will amend the
- existing dictionary if appropriate */
- ret = updatewindow(strm, dictionary, dictLength, dictLength);
- if (ret) {
- state.mode = MEM;
- return Z_MEM_ERROR;
- }
- state.havedict = 1;
- // Tracev((stderr, "inflate: dictionary set\n"));
- return Z_OK;
- }
- exports.inflateReset = inflateReset;
- exports.inflateReset2 = inflateReset2;
- exports.inflateResetKeep = inflateResetKeep;
- exports.inflateInit = inflateInit;
- exports.inflateInit2 = inflateInit2;
- exports.inflate = inflate;
- exports.inflateEnd = inflateEnd;
- exports.inflateGetHeader = inflateGetHeader;
- exports.inflateSetDictionary = inflateSetDictionary;
- exports.inflateInfo = 'pako inflate (from Nodeca project)';
- /* Not implemented
- exports.inflateCopy = inflateCopy;
- exports.inflateGetDictionary = inflateGetDictionary;
- exports.inflateMark = inflateMark;
- exports.inflatePrime = inflatePrime;
- exports.inflateSync = inflateSync;
- exports.inflateSyncPoint = inflateSyncPoint;
- exports.inflateUndermine = inflateUndermine;
- */
- },{"../utils/common":53,"./adler32":55,"./crc32":57,"./inffast":60,"./inftrees":62}],62:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- var utils = require('../utils/common');
- var MAXBITS = 15;
- var ENOUGH_LENS = 852;
- var ENOUGH_DISTS = 592;
- //var ENOUGH = (ENOUGH_LENS+ENOUGH_DISTS);
- var CODES = 0;
- var LENS = 1;
- var DISTS = 2;
- var lbase = [ /* Length codes 257..285 base */
- 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
- 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0
- ];
- var lext = [ /* Length codes 257..285 extra */
- 16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
- 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 72, 78
- ];
- var dbase = [ /* Distance codes 0..29 base */
- 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
- 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
- 8193, 12289, 16385, 24577, 0, 0
- ];
- var dext = [ /* Distance codes 0..29 extra */
- 16, 16, 16, 16, 17, 17, 18, 18, 19, 19, 20, 20, 21, 21, 22, 22,
- 23, 23, 24, 24, 25, 25, 26, 26, 27, 27,
- 28, 28, 29, 29, 64, 64
- ];
- module.exports = function inflate_table(type, lens, lens_index, codes, table, table_index, work, opts)
- {
- var bits = opts.bits;
- //here = opts.here; /* table entry for duplication */
- var len = 0; /* a code's length in bits */
- var sym = 0; /* index of code symbols */
- var min = 0, max = 0; /* minimum and maximum code lengths */
- var root = 0; /* number of index bits for root table */
- var curr = 0; /* number of index bits for current table */
- var drop = 0; /* code bits to drop for sub-table */
- var left = 0; /* number of prefix codes available */
- var used = 0; /* code entries in table used */
- var huff = 0; /* Huffman code */
- var incr; /* for incrementing code, index */
- var fill; /* index for replicating entries */
- var low; /* low bits for current root entry */
- var mask; /* mask for low root bits */
- var next; /* next available space in table */
- var base = null; /* base value table to use */
- var base_index = 0;
- // var shoextra; /* extra bits table to use */
- var end; /* use base and extra for symbol > end */
- var count = new utils.Buf16(MAXBITS + 1); //[MAXBITS+1]; /* number of codes of each length */
- var offs = new utils.Buf16(MAXBITS + 1); //[MAXBITS+1]; /* offsets in table for each length */
- var extra = null;
- var extra_index = 0;
- var here_bits, here_op, here_val;
- /*
- Process a set of code lengths to create a canonical Huffman code. The
- code lengths are lens[0..codes-1]. Each length corresponds to the
- symbols 0..codes-1. The Huffman code is generated by first sorting the
- symbols by length from short to long, and retaining the symbol order
- for codes with equal lengths. Then the code starts with all zero bits
- for the first code of the shortest length, and the codes are integer
- increments for the same length, and zeros are appended as the length
- increases. For the deflate format, these bits are stored backwards
- from their more natural integer increment ordering, and so when the
- decoding tables are built in the large loop below, the integer codes
- are incremented backwards.
- This routine assumes, but does not check, that all of the entries in
- lens[] are in the range 0..MAXBITS. The caller must assure this.
- 1..MAXBITS is interpreted as that code length. zero means that that
- symbol does not occur in this code.
- The codes are sorted by computing a count of codes for each length,
- creating from that a table of starting indices for each length in the
- sorted table, and then entering the symbols in order in the sorted
- table. The sorted table is work[], with that space being provided by
- the caller.
- The length counts are used for other purposes as well, i.e. finding
- the minimum and maximum length codes, determining if there are any
- codes at all, checking for a valid set of lengths, and looking ahead
- at length counts to determine sub-table sizes when building the
- decoding tables.
- */
- /* accumulate lengths for codes (assumes lens[] all in 0..MAXBITS) */
- for (len = 0; len <= MAXBITS; len++) {
- count[len] = 0;
- }
- for (sym = 0; sym < codes; sym++) {
- count[lens[lens_index + sym]]++;
- }
- /* bound code lengths, force root to be within code lengths */
- root = bits;
- for (max = MAXBITS; max >= 1; max--) {
- if (count[max] !== 0) { break; }
- }
- if (root > max) {
- root = max;
- }
- if (max === 0) { /* no symbols to code at all */
- //table.op[opts.table_index] = 64; //here.op = (var char)64; /* invalid code marker */
- //table.bits[opts.table_index] = 1; //here.bits = (var char)1;
- //table.val[opts.table_index++] = 0; //here.val = (var short)0;
- table[table_index++] = (1 << 24) | (64 << 16) | 0;
- //table.op[opts.table_index] = 64;
- //table.bits[opts.table_index] = 1;
- //table.val[opts.table_index++] = 0;
- table[table_index++] = (1 << 24) | (64 << 16) | 0;
- opts.bits = 1;
- return 0; /* no symbols, but wait for decoding to report error */
- }
- for (min = 1; min < max; min++) {
- if (count[min] !== 0) { break; }
- }
- if (root < min) {
- root = min;
- }
- /* check for an over-subscribed or incomplete set of lengths */
- left = 1;
- for (len = 1; len <= MAXBITS; len++) {
- left <<= 1;
- left -= count[len];
- if (left < 0) {
- return -1;
- } /* over-subscribed */
- }
- if (left > 0 && (type === CODES || max !== 1)) {
- return -1; /* incomplete set */
- }
- /* generate offsets into symbol table for each length for sorting */
- offs[1] = 0;
- for (len = 1; len < MAXBITS; len++) {
- offs[len + 1] = offs[len] + count[len];
- }
- /* sort symbols by length, by symbol order within each length */
- for (sym = 0; sym < codes; sym++) {
- if (lens[lens_index + sym] !== 0) {
- work[offs[lens[lens_index + sym]]++] = sym;
- }
- }
- /*
- Create and fill in decoding tables. In this loop, the table being
- filled is at next and has curr index bits. The code being used is huff
- with length len. That code is converted to an index by dropping drop
- bits off of the bottom. For codes where len is less than drop + curr,
- those top drop + curr - len bits are incremented through all values to
- fill the table with replicated entries.
- root is the number of index bits for the root table. When len exceeds
- root, sub-tables are created pointed to by the root entry with an index
- of the low root bits of huff. This is saved in low to check for when a
- new sub-table should be started. drop is zero when the root table is
- being filled, and drop is root when sub-tables are being filled.
- When a new sub-table is needed, it is necessary to look ahead in the
- code lengths to determine what size sub-table is needed. The length
- counts are used for this, and so count[] is decremented as codes are
- entered in the tables.
- used keeps track of how many table entries have been allocated from the
- provided *table space. It is checked for LENS and DIST tables against
- the constants ENOUGH_LENS and ENOUGH_DISTS to guard against changes in
- the initial root table size constants. See the comments in inftrees.h
- for more information.
- sym increments through all symbols, and the loop terminates when
- all codes of length max, i.e. all codes, have been processed. This
- routine permits incomplete codes, so another loop after this one fills
- in the rest of the decoding tables with invalid code markers.
- */
- /* set up for code type */
- // poor man optimization - use if-else instead of switch,
- // to avoid deopts in old v8
- if (type === CODES) {
- base = extra = work; /* dummy value--not used */
- end = 19;
- } else if (type === LENS) {
- base = lbase;
- base_index -= 257;
- extra = lext;
- extra_index -= 257;
- end = 256;
- } else { /* DISTS */
- base = dbase;
- extra = dext;
- end = -1;
- }
- /* initialize opts for loop */
- huff = 0; /* starting code */
- sym = 0; /* starting code symbol */
- len = min; /* starting code length */
- next = table_index; /* current table to fill in */
- curr = root; /* current table index bits */
- drop = 0; /* current bits to drop from code for index */
- low = -1; /* trigger new sub-table when len > root */
- used = 1 << root; /* use root table entries */
- mask = used - 1; /* mask for comparing low */
- /* check available table space */
- if ((type === LENS && used > ENOUGH_LENS) ||
- (type === DISTS && used > ENOUGH_DISTS)) {
- return 1;
- }
- /* process all codes and make table entries */
- for (;;) {
- /* create table entry */
- here_bits = len - drop;
- if (work[sym] < end) {
- here_op = 0;
- here_val = work[sym];
- }
- else if (work[sym] > end) {
- here_op = extra[extra_index + work[sym]];
- here_val = base[base_index + work[sym]];
- }
- else {
- here_op = 32 + 64; /* end of block */
- here_val = 0;
- }
- /* replicate for those indices with low len bits equal to huff */
- incr = 1 << (len - drop);
- fill = 1 << curr;
- min = fill; /* save offset to next table */
- do {
- fill -= incr;
- table[next + (huff >> drop) + fill] = (here_bits << 24) | (here_op << 16) | here_val |0;
- } while (fill !== 0);
- /* backwards increment the len-bit code huff */
- incr = 1 << (len - 1);
- while (huff & incr) {
- incr >>= 1;
- }
- if (incr !== 0) {
- huff &= incr - 1;
- huff += incr;
- } else {
- huff = 0;
- }
- /* go to next symbol, update count, len */
- sym++;
- if (--count[len] === 0) {
- if (len === max) { break; }
- len = lens[lens_index + work[sym]];
- }
- /* create new sub-table if needed */
- if (len > root && (huff & mask) !== low) {
- /* if first time, transition to sub-tables */
- if (drop === 0) {
- drop = root;
- }
- /* increment past last table */
- next += min; /* here min is 1 << curr */
- /* determine length of next table */
- curr = len - drop;
- left = 1 << curr;
- while (curr + drop < max) {
- left -= count[curr + drop];
- if (left <= 0) { break; }
- curr++;
- left <<= 1;
- }
- /* check for enough space */
- used += 1 << curr;
- if ((type === LENS && used > ENOUGH_LENS) ||
- (type === DISTS && used > ENOUGH_DISTS)) {
- return 1;
- }
- /* point entry in root table to sub-table */
- low = huff & mask;
- /*table.op[low] = curr;
- table.bits[low] = root;
- table.val[low] = next - opts.table_index;*/
- table[low] = (root << 24) | (curr << 16) | (next - table_index) |0;
- }
- }
- /* fill in remaining table entry if code is incomplete (guaranteed to have
- at most one remaining entry, since if the code is incomplete, the
- maximum code length that was allowed to get this far is one bit) */
- if (huff !== 0) {
- //table.op[next + huff] = 64; /* invalid code marker */
- //table.bits[next + huff] = len - drop;
- //table.val[next + huff] = 0;
- table[next + huff] = ((len - drop) << 24) | (64 << 16) |0;
- }
- /* set return parameters */
- //opts.table_index += used;
- opts.bits = root;
- return 0;
- };
- },{"../utils/common":53}],63:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- module.exports = {
- 2: 'need dictionary', /* Z_NEED_DICT 2 */
- 1: 'stream end', /* Z_STREAM_END 1 */
- 0: '', /* Z_OK 0 */
- '-1': 'file error', /* Z_ERRNO (-1) */
- '-2': 'stream error', /* Z_STREAM_ERROR (-2) */
- '-3': 'data error', /* Z_DATA_ERROR (-3) */
- '-4': 'insufficient memory', /* Z_MEM_ERROR (-4) */
- '-5': 'buffer error', /* Z_BUF_ERROR (-5) */
- '-6': 'incompatible version' /* Z_VERSION_ERROR (-6) */
- };
- },{}],64:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- var utils = require('../utils/common');
- /* Public constants ==========================================================*/
- /* ===========================================================================*/
- //var Z_FILTERED = 1;
- //var Z_HUFFMAN_ONLY = 2;
- //var Z_RLE = 3;
- var Z_FIXED = 4;
- //var Z_DEFAULT_STRATEGY = 0;
- /* Possible values of the data_type field (though see inflate()) */
- var Z_BINARY = 0;
- var Z_TEXT = 1;
- //var Z_ASCII = 1; // = Z_TEXT
- var Z_UNKNOWN = 2;
- /*============================================================================*/
- function zero(buf) { var len = buf.length; while (--len >= 0) { buf[len] = 0; } }
- // From zutil.h
- var STORED_BLOCK = 0;
- var STATIC_TREES = 1;
- var DYN_TREES = 2;
- /* The three kinds of block type */
- var MIN_MATCH = 3;
- var MAX_MATCH = 258;
- /* The minimum and maximum match lengths */
- // From deflate.h
- /* ===========================================================================
- * Internal compression state.
- */
- var LENGTH_CODES = 29;
- /* number of length codes, not counting the special END_BLOCK code */
- var LITERALS = 256;
- /* number of literal bytes 0..255 */
- var L_CODES = LITERALS + 1 + LENGTH_CODES;
- /* number of Literal or Length codes, including the END_BLOCK code */
- var D_CODES = 30;
- /* number of distance codes */
- var BL_CODES = 19;
- /* number of codes used to transfer the bit lengths */
- var HEAP_SIZE = 2 * L_CODES + 1;
- /* maximum heap size */
- var MAX_BITS = 15;
- /* All codes must not exceed MAX_BITS bits */
- var Buf_size = 16;
- /* size of bit buffer in bi_buf */
- /* ===========================================================================
- * Constants
- */
- var MAX_BL_BITS = 7;
- /* Bit length codes must not exceed MAX_BL_BITS bits */
- var END_BLOCK = 256;
- /* end of block literal code */
- var REP_3_6 = 16;
- /* repeat previous bit length 3-6 times (2 bits of repeat count) */
- var REPZ_3_10 = 17;
- /* repeat a zero length 3-10 times (3 bits of repeat count) */
- var REPZ_11_138 = 18;
- /* repeat a zero length 11-138 times (7 bits of repeat count) */
- /* eslint-disable comma-spacing,array-bracket-spacing */
- var extra_lbits = /* extra bits for each length code */
- [0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0];
- var extra_dbits = /* extra bits for each distance code */
- [0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13];
- var extra_blbits = /* extra bits for each bit length code */
- [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7];
- var bl_order =
- [16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15];
- /* eslint-enable comma-spacing,array-bracket-spacing */
- /* The lengths of the bit length codes are sent in order of decreasing
- * probability, to avoid transmitting the lengths for unused bit length codes.
- */
- /* ===========================================================================
- * Local data. These are initialized only once.
- */
- // We pre-fill arrays with 0 to avoid uninitialized gaps
- var DIST_CODE_LEN = 512; /* see definition of array dist_code below */
- // !!!! Use flat array instead of structure, Freq = i*2, Len = i*2+1
- var static_ltree = new Array((L_CODES + 2) * 2);
- zero(static_ltree);
- /* The static literal tree. Since the bit lengths are imposed, there is no
- * need for the L_CODES extra codes used during heap construction. However
- * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
- * below).
- */
- var static_dtree = new Array(D_CODES * 2);
- zero(static_dtree);
- /* The static distance tree. (Actually a trivial tree since all codes use
- * 5 bits.)
- */
- var _dist_code = new Array(DIST_CODE_LEN);
- zero(_dist_code);
- /* Distance codes. The first 256 values correspond to the distances
- * 3 .. 258, the last 256 values correspond to the top 8 bits of
- * the 15 bit distances.
- */
- var _length_code = new Array(MAX_MATCH - MIN_MATCH + 1);
- zero(_length_code);
- /* length code for each normalized match length (0 == MIN_MATCH) */
- var base_length = new Array(LENGTH_CODES);
- zero(base_length);
- /* First normalized length for each code (0 = MIN_MATCH) */
- var base_dist = new Array(D_CODES);
- zero(base_dist);
- /* First normalized distance for each code (0 = distance of 1) */
- function StaticTreeDesc(static_tree, extra_bits, extra_base, elems, max_length) {
- this.static_tree = static_tree; /* static tree or NULL */
- this.extra_bits = extra_bits; /* extra bits for each code or NULL */
- this.extra_base = extra_base; /* base index for extra_bits */
- this.elems = elems; /* max number of elements in the tree */
- this.max_length = max_length; /* max bit length for the codes */
- // show if `static_tree` has data or dummy - needed for monomorphic objects
- this.has_stree = static_tree && static_tree.length;
- }
- var static_l_desc;
- var static_d_desc;
- var static_bl_desc;
- function TreeDesc(dyn_tree, stat_desc) {
- this.dyn_tree = dyn_tree; /* the dynamic tree */
- this.max_code = 0; /* largest code with non zero frequency */
- this.stat_desc = stat_desc; /* the corresponding static tree */
- }
- function d_code(dist) {
- return dist < 256 ? _dist_code[dist] : _dist_code[256 + (dist >>> 7)];
- }
- /* ===========================================================================
- * Output a short LSB first on the stream.
- * IN assertion: there is enough room in pendingBuf.
- */
- function put_short(s, w) {
- // put_byte(s, (uch)((w) & 0xff));
- // put_byte(s, (uch)((ush)(w) >> 8));
- s.pending_buf[s.pending++] = (w) & 0xff;
- s.pending_buf[s.pending++] = (w >>> 8) & 0xff;
- }
- /* ===========================================================================
- * Send a value on a given number of bits.
- * IN assertion: length <= 16 and value fits in length bits.
- */
- function send_bits(s, value, length) {
- if (s.bi_valid > (Buf_size - length)) {
- s.bi_buf |= (value << s.bi_valid) & 0xffff;
- put_short(s, s.bi_buf);
- s.bi_buf = value >> (Buf_size - s.bi_valid);
- s.bi_valid += length - Buf_size;
- } else {
- s.bi_buf |= (value << s.bi_valid) & 0xffff;
- s.bi_valid += length;
- }
- }
- function send_code(s, c, tree) {
- send_bits(s, tree[c * 2]/*.Code*/, tree[c * 2 + 1]/*.Len*/);
- }
- /* ===========================================================================
- * Reverse the first len bits of a code, using straightforward code (a faster
- * method would use a table)
- * IN assertion: 1 <= len <= 15
- */
- function bi_reverse(code, len) {
- var res = 0;
- do {
- res |= code & 1;
- code >>>= 1;
- res <<= 1;
- } while (--len > 0);
- return res >>> 1;
- }
- /* ===========================================================================
- * Flush the bit buffer, keeping at most 7 bits in it.
- */
- function bi_flush(s) {
- if (s.bi_valid === 16) {
- put_short(s, s.bi_buf);
- s.bi_buf = 0;
- s.bi_valid = 0;
- } else if (s.bi_valid >= 8) {
- s.pending_buf[s.pending++] = s.bi_buf & 0xff;
- s.bi_buf >>= 8;
- s.bi_valid -= 8;
- }
- }
- /* ===========================================================================
- * Compute the optimal bit lengths for a tree and update the total bit length
- * for the current block.
- * IN assertion: the fields freq and dad are set, heap[heap_max] and
- * above are the tree nodes sorted by increasing frequency.
- * OUT assertions: the field len is set to the optimal bit length, the
- * array bl_count contains the frequencies for each bit length.
- * The length opt_len is updated; static_len is also updated if stree is
- * not null.
- */
- function gen_bitlen(s, desc)
- // deflate_state *s;
- // tree_desc *desc; /* the tree descriptor */
- {
- var tree = desc.dyn_tree;
- var max_code = desc.max_code;
- var stree = desc.stat_desc.static_tree;
- var has_stree = desc.stat_desc.has_stree;
- var extra = desc.stat_desc.extra_bits;
- var base = desc.stat_desc.extra_base;
- var max_length = desc.stat_desc.max_length;
- var h; /* heap index */
- var n, m; /* iterate over the tree elements */
- var bits; /* bit length */
- var xbits; /* extra bits */
- var f; /* frequency */
- var overflow = 0; /* number of elements with bit length too large */
- for (bits = 0; bits <= MAX_BITS; bits++) {
- s.bl_count[bits] = 0;
- }
- /* In a first pass, compute the optimal bit lengths (which may
- * overflow in the case of the bit length tree).
- */
- tree[s.heap[s.heap_max] * 2 + 1]/*.Len*/ = 0; /* root of the heap */
- for (h = s.heap_max + 1; h < HEAP_SIZE; h++) {
- n = s.heap[h];
- bits = tree[tree[n * 2 + 1]/*.Dad*/ * 2 + 1]/*.Len*/ + 1;
- if (bits > max_length) {
- bits = max_length;
- overflow++;
- }
- tree[n * 2 + 1]/*.Len*/ = bits;
- /* We overwrite tree[n].Dad which is no longer needed */
- if (n > max_code) { continue; } /* not a leaf node */
- s.bl_count[bits]++;
- xbits = 0;
- if (n >= base) {
- xbits = extra[n - base];
- }
- f = tree[n * 2]/*.Freq*/;
- s.opt_len += f * (bits + xbits);
- if (has_stree) {
- s.static_len += f * (stree[n * 2 + 1]/*.Len*/ + xbits);
- }
- }
- if (overflow === 0) { return; }
- // Trace((stderr,"\nbit length overflow\n"));
- /* This happens for example on obj2 and pic of the Calgary corpus */
- /* Find the first bit length which could increase: */
- do {
- bits = max_length - 1;
- while (s.bl_count[bits] === 0) { bits--; }
- s.bl_count[bits]--; /* move one leaf down the tree */
- s.bl_count[bits + 1] += 2; /* move one overflow item as its brother */
- s.bl_count[max_length]--;
- /* The brother of the overflow item also moves one step up,
- * but this does not affect bl_count[max_length]
- */
- overflow -= 2;
- } while (overflow > 0);
- /* Now recompute all bit lengths, scanning in increasing frequency.
- * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
- * lengths instead of fixing only the wrong ones. This idea is taken
- * from 'ar' written by Haruhiko Okumura.)
- */
- for (bits = max_length; bits !== 0; bits--) {
- n = s.bl_count[bits];
- while (n !== 0) {
- m = s.heap[--h];
- if (m > max_code) { continue; }
- if (tree[m * 2 + 1]/*.Len*/ !== bits) {
- // Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
- s.opt_len += (bits - tree[m * 2 + 1]/*.Len*/) * tree[m * 2]/*.Freq*/;
- tree[m * 2 + 1]/*.Len*/ = bits;
- }
- n--;
- }
- }
- }
- /* ===========================================================================
- * Generate the codes for a given tree and bit counts (which need not be
- * optimal).
- * IN assertion: the array bl_count contains the bit length statistics for
- * the given tree and the field len is set for all tree elements.
- * OUT assertion: the field code is set for all tree elements of non
- * zero code length.
- */
- function gen_codes(tree, max_code, bl_count)
- // ct_data *tree; /* the tree to decorate */
- // int max_code; /* largest code with non zero frequency */
- // ushf *bl_count; /* number of codes at each bit length */
- {
- var next_code = new Array(MAX_BITS + 1); /* next code value for each bit length */
- var code = 0; /* running code value */
- var bits; /* bit index */
- var n; /* code index */
- /* The distribution counts are first used to generate the code values
- * without bit reversal.
- */
- for (bits = 1; bits <= MAX_BITS; bits++) {
- next_code[bits] = code = (code + bl_count[bits - 1]) << 1;
- }
- /* Check that the bit counts in bl_count are consistent. The last code
- * must be all ones.
- */
- //Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
- // "inconsistent bit counts");
- //Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
- for (n = 0; n <= max_code; n++) {
- var len = tree[n * 2 + 1]/*.Len*/;
- if (len === 0) { continue; }
- /* Now reverse the bits */
- tree[n * 2]/*.Code*/ = bi_reverse(next_code[len]++, len);
- //Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
- // n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
- }
- }
- /* ===========================================================================
- * Initialize the various 'constant' tables.
- */
- function tr_static_init() {
- var n; /* iterates over tree elements */
- var bits; /* bit counter */
- var length; /* length value */
- var code; /* code value */
- var dist; /* distance index */
- var bl_count = new Array(MAX_BITS + 1);
- /* number of codes at each bit length for an optimal tree */
- // do check in _tr_init()
- //if (static_init_done) return;
- /* For some embedded targets, global variables are not initialized: */
- /*#ifdef NO_INIT_GLOBAL_POINTERS
- static_l_desc.static_tree = static_ltree;
- static_l_desc.extra_bits = extra_lbits;
- static_d_desc.static_tree = static_dtree;
- static_d_desc.extra_bits = extra_dbits;
- static_bl_desc.extra_bits = extra_blbits;
- #endif*/
- /* Initialize the mapping length (0..255) -> length code (0..28) */
- length = 0;
- for (code = 0; code < LENGTH_CODES - 1; code++) {
- base_length[code] = length;
- for (n = 0; n < (1 << extra_lbits[code]); n++) {
- _length_code[length++] = code;
- }
- }
- //Assert (length == 256, "tr_static_init: length != 256");
- /* Note that the length 255 (match length 258) can be represented
- * in two different ways: code 284 + 5 bits or code 285, so we
- * overwrite length_code[255] to use the best encoding:
- */
- _length_code[length - 1] = code;
- /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
- dist = 0;
- for (code = 0; code < 16; code++) {
- base_dist[code] = dist;
- for (n = 0; n < (1 << extra_dbits[code]); n++) {
- _dist_code[dist++] = code;
- }
- }
- //Assert (dist == 256, "tr_static_init: dist != 256");
- dist >>= 7; /* from now on, all distances are divided by 128 */
- for (; code < D_CODES; code++) {
- base_dist[code] = dist << 7;
- for (n = 0; n < (1 << (extra_dbits[code] - 7)); n++) {
- _dist_code[256 + dist++] = code;
- }
- }
- //Assert (dist == 256, "tr_static_init: 256+dist != 512");
- /* Construct the codes of the static literal tree */
- for (bits = 0; bits <= MAX_BITS; bits++) {
- bl_count[bits] = 0;
- }
- n = 0;
- while (n <= 143) {
- static_ltree[n * 2 + 1]/*.Len*/ = 8;
- n++;
- bl_count[8]++;
- }
- while (n <= 255) {
- static_ltree[n * 2 + 1]/*.Len*/ = 9;
- n++;
- bl_count[9]++;
- }
- while (n <= 279) {
- static_ltree[n * 2 + 1]/*.Len*/ = 7;
- n++;
- bl_count[7]++;
- }
- while (n <= 287) {
- static_ltree[n * 2 + 1]/*.Len*/ = 8;
- n++;
- bl_count[8]++;
- }
- /* Codes 286 and 287 do not exist, but we must include them in the
- * tree construction to get a canonical Huffman tree (longest code
- * all ones)
- */
- gen_codes(static_ltree, L_CODES + 1, bl_count);
- /* The static distance tree is trivial: */
- for (n = 0; n < D_CODES; n++) {
- static_dtree[n * 2 + 1]/*.Len*/ = 5;
- static_dtree[n * 2]/*.Code*/ = bi_reverse(n, 5);
- }
- // Now data ready and we can init static trees
- static_l_desc = new StaticTreeDesc(static_ltree, extra_lbits, LITERALS + 1, L_CODES, MAX_BITS);
- static_d_desc = new StaticTreeDesc(static_dtree, extra_dbits, 0, D_CODES, MAX_BITS);
- static_bl_desc = new StaticTreeDesc(new Array(0), extra_blbits, 0, BL_CODES, MAX_BL_BITS);
- //static_init_done = true;
- }
- /* ===========================================================================
- * Initialize a new block.
- */
- function init_block(s) {
- var n; /* iterates over tree elements */
- /* Initialize the trees. */
- for (n = 0; n < L_CODES; n++) { s.dyn_ltree[n * 2]/*.Freq*/ = 0; }
- for (n = 0; n < D_CODES; n++) { s.dyn_dtree[n * 2]/*.Freq*/ = 0; }
- for (n = 0; n < BL_CODES; n++) { s.bl_tree[n * 2]/*.Freq*/ = 0; }
- s.dyn_ltree[END_BLOCK * 2]/*.Freq*/ = 1;
- s.opt_len = s.static_len = 0;
- s.last_lit = s.matches = 0;
- }
- /* ===========================================================================
- * Flush the bit buffer and align the output on a byte boundary
- */
- function bi_windup(s)
- {
- if (s.bi_valid > 8) {
- put_short(s, s.bi_buf);
- } else if (s.bi_valid > 0) {
- //put_byte(s, (Byte)s->bi_buf);
- s.pending_buf[s.pending++] = s.bi_buf;
- }
- s.bi_buf = 0;
- s.bi_valid = 0;
- }
- /* ===========================================================================
- * Copy a stored block, storing first the length and its
- * one's complement if requested.
- */
- function copy_block(s, buf, len, header)
- //DeflateState *s;
- //charf *buf; /* the input data */
- //unsigned len; /* its length */
- //int header; /* true if block header must be written */
- {
- bi_windup(s); /* align on byte boundary */
- if (header) {
- put_short(s, len);
- put_short(s, ~len);
- }
- // while (len--) {
- // put_byte(s, *buf++);
- // }
- utils.arraySet(s.pending_buf, s.window, buf, len, s.pending);
- s.pending += len;
- }
- /* ===========================================================================
- * Compares to subtrees, using the tree depth as tie breaker when
- * the subtrees have equal frequency. This minimizes the worst case length.
- */
- function smaller(tree, n, m, depth) {
- var _n2 = n * 2;
- var _m2 = m * 2;
- return (tree[_n2]/*.Freq*/ < tree[_m2]/*.Freq*/ ||
- (tree[_n2]/*.Freq*/ === tree[_m2]/*.Freq*/ && depth[n] <= depth[m]));
- }
- /* ===========================================================================
- * Restore the heap property by moving down the tree starting at node k,
- * exchanging a node with the smallest of its two sons if necessary, stopping
- * when the heap property is re-established (each father smaller than its
- * two sons).
- */
- function pqdownheap(s, tree, k)
- // deflate_state *s;
- // ct_data *tree; /* the tree to restore */
- // int k; /* node to move down */
- {
- var v = s.heap[k];
- var j = k << 1; /* left son of k */
- while (j <= s.heap_len) {
- /* Set j to the smallest of the two sons: */
- if (j < s.heap_len &&
- smaller(tree, s.heap[j + 1], s.heap[j], s.depth)) {
- j++;
- }
- /* Exit if v is smaller than both sons */
- if (smaller(tree, v, s.heap[j], s.depth)) { break; }
- /* Exchange v with the smallest son */
- s.heap[k] = s.heap[j];
- k = j;
- /* And continue down the tree, setting j to the left son of k */
- j <<= 1;
- }
- s.heap[k] = v;
- }
- // inlined manually
- // var SMALLEST = 1;
- /* ===========================================================================
- * Send the block data compressed using the given Huffman trees
- */
- function compress_block(s, ltree, dtree)
- // deflate_state *s;
- // const ct_data *ltree; /* literal tree */
- // const ct_data *dtree; /* distance tree */
- {
- var dist; /* distance of matched string */
- var lc; /* match length or unmatched char (if dist == 0) */
- var lx = 0; /* running index in l_buf */
- var code; /* the code to send */
- var extra; /* number of extra bits to send */
- if (s.last_lit !== 0) {
- do {
- dist = (s.pending_buf[s.d_buf + lx * 2] << 8) | (s.pending_buf[s.d_buf + lx * 2 + 1]);
- lc = s.pending_buf[s.l_buf + lx];
- lx++;
- if (dist === 0) {
- send_code(s, lc, ltree); /* send a literal byte */
- //Tracecv(isgraph(lc), (stderr," '%c' ", lc));
- } else {
- /* Here, lc is the match length - MIN_MATCH */
- code = _length_code[lc];
- send_code(s, code + LITERALS + 1, ltree); /* send the length code */
- extra = extra_lbits[code];
- if (extra !== 0) {
- lc -= base_length[code];
- send_bits(s, lc, extra); /* send the extra length bits */
- }
- dist--; /* dist is now the match distance - 1 */
- code = d_code(dist);
- //Assert (code < D_CODES, "bad d_code");
- send_code(s, code, dtree); /* send the distance code */
- extra = extra_dbits[code];
- if (extra !== 0) {
- dist -= base_dist[code];
- send_bits(s, dist, extra); /* send the extra distance bits */
- }
- } /* literal or match pair ? */
- /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
- //Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
- // "pendingBuf overflow");
- } while (lx < s.last_lit);
- }
- send_code(s, END_BLOCK, ltree);
- }
- /* ===========================================================================
- * Construct one Huffman tree and assigns the code bit strings and lengths.
- * Update the total bit length for the current block.
- * IN assertion: the field freq is set for all tree elements.
- * OUT assertions: the fields len and code are set to the optimal bit length
- * and corresponding code. The length opt_len is updated; static_len is
- * also updated if stree is not null. The field max_code is set.
- */
- function build_tree(s, desc)
- // deflate_state *s;
- // tree_desc *desc; /* the tree descriptor */
- {
- var tree = desc.dyn_tree;
- var stree = desc.stat_desc.static_tree;
- var has_stree = desc.stat_desc.has_stree;
- var elems = desc.stat_desc.elems;
- var n, m; /* iterate over heap elements */
- var max_code = -1; /* largest code with non zero frequency */
- var node; /* new node being created */
- /* Construct the initial heap, with least frequent element in
- * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
- * heap[0] is not used.
- */
- s.heap_len = 0;
- s.heap_max = HEAP_SIZE;
- for (n = 0; n < elems; n++) {
- if (tree[n * 2]/*.Freq*/ !== 0) {
- s.heap[++s.heap_len] = max_code = n;
- s.depth[n] = 0;
- } else {
- tree[n * 2 + 1]/*.Len*/ = 0;
- }
- }
- /* The pkzip format requires that at least one distance code exists,
- * and that at least one bit should be sent even if there is only one
- * possible code. So to avoid special checks later on we force at least
- * two codes of non zero frequency.
- */
- while (s.heap_len < 2) {
- node = s.heap[++s.heap_len] = (max_code < 2 ? ++max_code : 0);
- tree[node * 2]/*.Freq*/ = 1;
- s.depth[node] = 0;
- s.opt_len--;
- if (has_stree) {
- s.static_len -= stree[node * 2 + 1]/*.Len*/;
- }
- /* node is 0 or 1 so it does not have extra bits */
- }
- desc.max_code = max_code;
- /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
- * establish sub-heaps of increasing lengths:
- */
- for (n = (s.heap_len >> 1/*int /2*/); n >= 1; n--) { pqdownheap(s, tree, n); }
- /* Construct the Huffman tree by repeatedly combining the least two
- * frequent nodes.
- */
- node = elems; /* next internal node of the tree */
- do {
- //pqremove(s, tree, n); /* n = node of least frequency */
- /*** pqremove ***/
- n = s.heap[1/*SMALLEST*/];
- s.heap[1/*SMALLEST*/] = s.heap[s.heap_len--];
- pqdownheap(s, tree, 1/*SMALLEST*/);
- /***/
- m = s.heap[1/*SMALLEST*/]; /* m = node of next least frequency */
- s.heap[--s.heap_max] = n; /* keep the nodes sorted by frequency */
- s.heap[--s.heap_max] = m;
- /* Create a new node father of n and m */
- tree[node * 2]/*.Freq*/ = tree[n * 2]/*.Freq*/ + tree[m * 2]/*.Freq*/;
- s.depth[node] = (s.depth[n] >= s.depth[m] ? s.depth[n] : s.depth[m]) + 1;
- tree[n * 2 + 1]/*.Dad*/ = tree[m * 2 + 1]/*.Dad*/ = node;
- /* and insert the new node in the heap */
- s.heap[1/*SMALLEST*/] = node++;
- pqdownheap(s, tree, 1/*SMALLEST*/);
- } while (s.heap_len >= 2);
- s.heap[--s.heap_max] = s.heap[1/*SMALLEST*/];
- /* At this point, the fields freq and dad are set. We can now
- * generate the bit lengths.
- */
- gen_bitlen(s, desc);
- /* The field len is now set, we can generate the bit codes */
- gen_codes(tree, max_code, s.bl_count);
- }
- /* ===========================================================================
- * Scan a literal or distance tree to determine the frequencies of the codes
- * in the bit length tree.
- */
- function scan_tree(s, tree, max_code)
- // deflate_state *s;
- // ct_data *tree; /* the tree to be scanned */
- // int max_code; /* and its largest code of non zero frequency */
- {
- var n; /* iterates over all tree elements */
- var prevlen = -1; /* last emitted length */
- var curlen; /* length of current code */
- var nextlen = tree[0 * 2 + 1]/*.Len*/; /* length of next code */
- var count = 0; /* repeat count of the current code */
- var max_count = 7; /* max repeat count */
- var min_count = 4; /* min repeat count */
- if (nextlen === 0) {
- max_count = 138;
- min_count = 3;
- }
- tree[(max_code + 1) * 2 + 1]/*.Len*/ = 0xffff; /* guard */
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen;
- nextlen = tree[(n + 1) * 2 + 1]/*.Len*/;
- if (++count < max_count && curlen === nextlen) {
- continue;
- } else if (count < min_count) {
- s.bl_tree[curlen * 2]/*.Freq*/ += count;
- } else if (curlen !== 0) {
- if (curlen !== prevlen) { s.bl_tree[curlen * 2]/*.Freq*/++; }
- s.bl_tree[REP_3_6 * 2]/*.Freq*/++;
- } else if (count <= 10) {
- s.bl_tree[REPZ_3_10 * 2]/*.Freq*/++;
- } else {
- s.bl_tree[REPZ_11_138 * 2]/*.Freq*/++;
- }
- count = 0;
- prevlen = curlen;
- if (nextlen === 0) {
- max_count = 138;
- min_count = 3;
- } else if (curlen === nextlen) {
- max_count = 6;
- min_count = 3;
- } else {
- max_count = 7;
- min_count = 4;
- }
- }
- }
- /* ===========================================================================
- * Send a literal or distance tree in compressed form, using the codes in
- * bl_tree.
- */
- function send_tree(s, tree, max_code)
- // deflate_state *s;
- // ct_data *tree; /* the tree to be scanned */
- // int max_code; /* and its largest code of non zero frequency */
- {
- var n; /* iterates over all tree elements */
- var prevlen = -1; /* last emitted length */
- var curlen; /* length of current code */
- var nextlen = tree[0 * 2 + 1]/*.Len*/; /* length of next code */
- var count = 0; /* repeat count of the current code */
- var max_count = 7; /* max repeat count */
- var min_count = 4; /* min repeat count */
- /* tree[max_code+1].Len = -1; */ /* guard already set */
- if (nextlen === 0) {
- max_count = 138;
- min_count = 3;
- }
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen;
- nextlen = tree[(n + 1) * 2 + 1]/*.Len*/;
- if (++count < max_count && curlen === nextlen) {
- continue;
- } else if (count < min_count) {
- do { send_code(s, curlen, s.bl_tree); } while (--count !== 0);
- } else if (curlen !== 0) {
- if (curlen !== prevlen) {
- send_code(s, curlen, s.bl_tree);
- count--;
- }
- //Assert(count >= 3 && count <= 6, " 3_6?");
- send_code(s, REP_3_6, s.bl_tree);
- send_bits(s, count - 3, 2);
- } else if (count <= 10) {
- send_code(s, REPZ_3_10, s.bl_tree);
- send_bits(s, count - 3, 3);
- } else {
- send_code(s, REPZ_11_138, s.bl_tree);
- send_bits(s, count - 11, 7);
- }
- count = 0;
- prevlen = curlen;
- if (nextlen === 0) {
- max_count = 138;
- min_count = 3;
- } else if (curlen === nextlen) {
- max_count = 6;
- min_count = 3;
- } else {
- max_count = 7;
- min_count = 4;
- }
- }
- }
- /* ===========================================================================
- * Construct the Huffman tree for the bit lengths and return the index in
- * bl_order of the last bit length code to send.
- */
- function build_bl_tree(s) {
- var max_blindex; /* index of last bit length code of non zero freq */
- /* Determine the bit length frequencies for literal and distance trees */
- scan_tree(s, s.dyn_ltree, s.l_desc.max_code);
- scan_tree(s, s.dyn_dtree, s.d_desc.max_code);
- /* Build the bit length tree: */
- build_tree(s, s.bl_desc);
- /* opt_len now includes the length of the tree representations, except
- * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
- */
- /* Determine the number of bit length codes to send. The pkzip format
- * requires that at least 4 bit length codes be sent. (appnote.txt says
- * 3 but the actual value used is 4.)
- */
- for (max_blindex = BL_CODES - 1; max_blindex >= 3; max_blindex--) {
- if (s.bl_tree[bl_order[max_blindex] * 2 + 1]/*.Len*/ !== 0) {
- break;
- }
- }
- /* Update opt_len to include the bit length tree and counts */
- s.opt_len += 3 * (max_blindex + 1) + 5 + 5 + 4;
- //Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
- // s->opt_len, s->static_len));
- return max_blindex;
- }
- /* ===========================================================================
- * Send the header for a block using dynamic Huffman trees: the counts, the
- * lengths of the bit length codes, the literal tree and the distance tree.
- * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
- */
- function send_all_trees(s, lcodes, dcodes, blcodes)
- // deflate_state *s;
- // int lcodes, dcodes, blcodes; /* number of codes for each tree */
- {
- var rank; /* index in bl_order */
- //Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
- //Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
- // "too many codes");
- //Tracev((stderr, "\nbl counts: "));
- send_bits(s, lcodes - 257, 5); /* not +255 as stated in appnote.txt */
- send_bits(s, dcodes - 1, 5);
- send_bits(s, blcodes - 4, 4); /* not -3 as stated in appnote.txt */
- for (rank = 0; rank < blcodes; rank++) {
- //Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
- send_bits(s, s.bl_tree[bl_order[rank] * 2 + 1]/*.Len*/, 3);
- }
- //Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
- send_tree(s, s.dyn_ltree, lcodes - 1); /* literal tree */
- //Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
- send_tree(s, s.dyn_dtree, dcodes - 1); /* distance tree */
- //Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
- }
- /* ===========================================================================
- * Check if the data type is TEXT or BINARY, using the following algorithm:
- * - TEXT if the two conditions below are satisfied:
- * a) There are no non-portable control characters belonging to the
- * "black list" (0..6, 14..25, 28..31).
- * b) There is at least one printable character belonging to the
- * "white list" (9 {TAB}, 10 {LF}, 13 {CR}, 32..255).
- * - BINARY otherwise.
- * - The following partially-portable control characters form a
- * "gray list" that is ignored in this detection algorithm:
- * (7 {BEL}, 8 {BS}, 11 {VT}, 12 {FF}, 26 {SUB}, 27 {ESC}).
- * IN assertion: the fields Freq of dyn_ltree are set.
- */
- function detect_data_type(s) {
- /* black_mask is the bit mask of black-listed bytes
- * set bits 0..6, 14..25, and 28..31
- * 0xf3ffc07f = binary 11110011111111111100000001111111
- */
- var black_mask = 0xf3ffc07f;
- var n;
- /* Check for non-textual ("black-listed") bytes. */
- for (n = 0; n <= 31; n++, black_mask >>>= 1) {
- if ((black_mask & 1) && (s.dyn_ltree[n * 2]/*.Freq*/ !== 0)) {
- return Z_BINARY;
- }
- }
- /* Check for textual ("white-listed") bytes. */
- if (s.dyn_ltree[9 * 2]/*.Freq*/ !== 0 || s.dyn_ltree[10 * 2]/*.Freq*/ !== 0 ||
- s.dyn_ltree[13 * 2]/*.Freq*/ !== 0) {
- return Z_TEXT;
- }
- for (n = 32; n < LITERALS; n++) {
- if (s.dyn_ltree[n * 2]/*.Freq*/ !== 0) {
- return Z_TEXT;
- }
- }
- /* There are no "black-listed" or "white-listed" bytes:
- * this stream either is empty or has tolerated ("gray-listed") bytes only.
- */
- return Z_BINARY;
- }
- var static_init_done = false;
- /* ===========================================================================
- * Initialize the tree data structures for a new zlib stream.
- */
- function _tr_init(s)
- {
- if (!static_init_done) {
- tr_static_init();
- static_init_done = true;
- }
- s.l_desc = new TreeDesc(s.dyn_ltree, static_l_desc);
- s.d_desc = new TreeDesc(s.dyn_dtree, static_d_desc);
- s.bl_desc = new TreeDesc(s.bl_tree, static_bl_desc);
- s.bi_buf = 0;
- s.bi_valid = 0;
- /* Initialize the first block of the first file: */
- init_block(s);
- }
- /* ===========================================================================
- * Send a stored block
- */
- function _tr_stored_block(s, buf, stored_len, last)
- //DeflateState *s;
- //charf *buf; /* input block */
- //ulg stored_len; /* length of input block */
- //int last; /* one if this is the last block for a file */
- {
- send_bits(s, (STORED_BLOCK << 1) + (last ? 1 : 0), 3); /* send block type */
- copy_block(s, buf, stored_len, true); /* with header */
- }
- /* ===========================================================================
- * Send one empty static block to give enough lookahead for inflate.
- * This takes 10 bits, of which 7 may remain in the bit buffer.
- */
- function _tr_align(s) {
- send_bits(s, STATIC_TREES << 1, 3);
- send_code(s, END_BLOCK, static_ltree);
- bi_flush(s);
- }
- /* ===========================================================================
- * Determine the best encoding for the current block: dynamic trees, static
- * trees or store, and output the encoded block to the zip file.
- */
- function _tr_flush_block(s, buf, stored_len, last)
- //DeflateState *s;
- //charf *buf; /* input block, or NULL if too old */
- //ulg stored_len; /* length of input block */
- //int last; /* one if this is the last block for a file */
- {
- var opt_lenb, static_lenb; /* opt_len and static_len in bytes */
- var max_blindex = 0; /* index of last bit length code of non zero freq */
- /* Build the Huffman trees unless a stored block is forced */
- if (s.level > 0) {
- /* Check if the file is binary or text */
- if (s.strm.data_type === Z_UNKNOWN) {
- s.strm.data_type = detect_data_type(s);
- }
- /* Construct the literal and distance trees */
- build_tree(s, s.l_desc);
- // Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
- // s->static_len));
- build_tree(s, s.d_desc);
- // Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
- // s->static_len));
- /* At this point, opt_len and static_len are the total bit lengths of
- * the compressed block data, excluding the tree representations.
- */
- /* Build the bit length tree for the above two trees, and get the index
- * in bl_order of the last bit length code to send.
- */
- max_blindex = build_bl_tree(s);
- /* Determine the best encoding. Compute the block lengths in bytes. */
- opt_lenb = (s.opt_len + 3 + 7) >>> 3;
- static_lenb = (s.static_len + 3 + 7) >>> 3;
- // Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
- // opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
- // s->last_lit));
- if (static_lenb <= opt_lenb) { opt_lenb = static_lenb; }
- } else {
- // Assert(buf != (char*)0, "lost buf");
- opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
- }
- if ((stored_len + 4 <= opt_lenb) && (buf !== -1)) {
- /* 4: two words for the lengths */
- /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
- * Otherwise we can't have processed more than WSIZE input bytes since
- * the last block flush, because compression would have been
- * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
- * transform a block into a stored block.
- */
- _tr_stored_block(s, buf, stored_len, last);
- } else if (s.strategy === Z_FIXED || static_lenb === opt_lenb) {
- send_bits(s, (STATIC_TREES << 1) + (last ? 1 : 0), 3);
- compress_block(s, static_ltree, static_dtree);
- } else {
- send_bits(s, (DYN_TREES << 1) + (last ? 1 : 0), 3);
- send_all_trees(s, s.l_desc.max_code + 1, s.d_desc.max_code + 1, max_blindex + 1);
- compress_block(s, s.dyn_ltree, s.dyn_dtree);
- }
- // Assert (s->compressed_len == s->bits_sent, "bad compressed size");
- /* The above check is made mod 2^32, for files larger than 512 MB
- * and uLong implemented on 32 bits.
- */
- init_block(s);
- if (last) {
- bi_windup(s);
- }
- // Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
- // s->compressed_len-7*last));
- }
- /* ===========================================================================
- * Save the match info and tally the frequency counts. Return true if
- * the current block must be flushed.
- */
- function _tr_tally(s, dist, lc)
- // deflate_state *s;
- // unsigned dist; /* distance of matched string */
- // unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
- {
- //var out_length, in_length, dcode;
- s.pending_buf[s.d_buf + s.last_lit * 2] = (dist >>> 8) & 0xff;
- s.pending_buf[s.d_buf + s.last_lit * 2 + 1] = dist & 0xff;
- s.pending_buf[s.l_buf + s.last_lit] = lc & 0xff;
- s.last_lit++;
- if (dist === 0) {
- /* lc is the unmatched char */
- s.dyn_ltree[lc * 2]/*.Freq*/++;
- } else {
- s.matches++;
- /* Here, lc is the match length - MIN_MATCH */
- dist--; /* dist = match distance - 1 */
- //Assert((ush)dist < (ush)MAX_DIST(s) &&
- // (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
- // (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
- s.dyn_ltree[(_length_code[lc] + LITERALS + 1) * 2]/*.Freq*/++;
- s.dyn_dtree[d_code(dist) * 2]/*.Freq*/++;
- }
- // (!) This block is disabled in zlib defaults,
- // don't enable it for binary compatibility
- //#ifdef TRUNCATE_BLOCK
- // /* Try to guess if it is profitable to stop the current block here */
- // if ((s.last_lit & 0x1fff) === 0 && s.level > 2) {
- // /* Compute an upper bound for the compressed length */
- // out_length = s.last_lit*8;
- // in_length = s.strstart - s.block_start;
- //
- // for (dcode = 0; dcode < D_CODES; dcode++) {
- // out_length += s.dyn_dtree[dcode*2]/*.Freq*/ * (5 + extra_dbits[dcode]);
- // }
- // out_length >>>= 3;
- // //Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
- // // s->last_lit, in_length, out_length,
- // // 100L - out_length*100L/in_length));
- // if (s.matches < (s.last_lit>>1)/*int /2*/ && out_length < (in_length>>1)/*int /2*/) {
- // return true;
- // }
- // }
- //#endif
- return (s.last_lit === s.lit_bufsize - 1);
- /* We avoid equality with lit_bufsize because of wraparound at 64K
- * on 16 bit machines and because stored blocks are restricted to
- * 64K-1 bytes.
- */
- }
- exports._tr_init = _tr_init;
- exports._tr_stored_block = _tr_stored_block;
- exports._tr_flush_block = _tr_flush_block;
- exports._tr_tally = _tr_tally;
- exports._tr_align = _tr_align;
- },{"../utils/common":53}],65:[function(require,module,exports){
- 'use strict';
- // (C) 1995-2013 Jean-loup Gailly and Mark Adler
- // (C) 2014-2017 Vitaly Puzrin and Andrey Tupitsin
- //
- // This software is provided 'as-is', without any express or implied
- // warranty. In no event will the authors be held liable for any damages
- // arising from the use of this software.
- //
- // Permission is granted to anyone to use this software for any purpose,
- // including commercial applications, and to alter it and redistribute it
- // freely, subject to the following restrictions:
- //
- // 1. The origin of this software must not be misrepresented; you must not
- // claim that you wrote the original software. If you use this software
- // in a product, an acknowledgment in the product documentation would be
- // appreciated but is not required.
- // 2. Altered source versions must be plainly marked as such, and must not be
- // misrepresented as being the original software.
- // 3. This notice may not be removed or altered from any source distribution.
- function ZStream() {
- /* next input byte */
- this.input = null; // JS specific, because we have no pointers
- this.next_in = 0;
- /* number of bytes available at input */
- this.avail_in = 0;
- /* total number of input bytes read so far */
- this.total_in = 0;
- /* next output byte should be put there */
- this.output = null; // JS specific, because we have no pointers
- this.next_out = 0;
- /* remaining free space at output */
- this.avail_out = 0;
- /* total number of bytes output so far */
- this.total_out = 0;
- /* last error message, NULL if no error */
- this.msg = ''/*Z_NULL*/;
- /* not visible by applications */
- this.state = null;
- /* best guess about the data type: binary or text */
- this.data_type = 2/*Z_UNKNOWN*/;
- /* adler32 value of the uncompressed data */
- this.adler = 0;
- }
- module.exports = ZStream;
- },{}],66:[function(require,module,exports){
- // shim for using process in browser
- var process = module.exports = {};
- // cached from whatever global is present so that test runners that stub it
- // don't break things. But we need to wrap it in a try catch in case it is
- // wrapped in strict mode code which doesn't define any globals. It's inside a
- // function because try/catches deoptimize in certain engines.
- var cachedSetTimeout;
- var cachedClearTimeout;
- function defaultSetTimout() {
- throw new Error('setTimeout has not been defined');
- }
- function defaultClearTimeout () {
- throw new Error('clearTimeout has not been defined');
- }
- (function () {
- try {
- if (typeof setTimeout === 'function') {
- cachedSetTimeout = setTimeout;
- } else {
- cachedSetTimeout = defaultSetTimout;
- }
- } catch (e) {
- cachedSetTimeout = defaultSetTimout;
- }
- try {
- if (typeof clearTimeout === 'function') {
- cachedClearTimeout = clearTimeout;
- } else {
- cachedClearTimeout = defaultClearTimeout;
- }
- } catch (e) {
- cachedClearTimeout = defaultClearTimeout;
- }
- } ())
- function runTimeout(fun) {
- if (cachedSetTimeout === setTimeout) {
- //normal enviroments in sane situations
- return setTimeout(fun, 0);
- }
- // if setTimeout wasn't available but was latter defined
- if ((cachedSetTimeout === defaultSetTimout || !cachedSetTimeout) && setTimeout) {
- cachedSetTimeout = setTimeout;
- return setTimeout(fun, 0);
- }
- try {
- // when when somebody has screwed with setTimeout but no I.E. maddness
- return cachedSetTimeout(fun, 0);
- } catch(e){
- try {
- // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
- return cachedSetTimeout.call(null, fun, 0);
- } catch(e){
- // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error
- return cachedSetTimeout.call(this, fun, 0);
- }
- }
- }
- function runClearTimeout(marker) {
- if (cachedClearTimeout === clearTimeout) {
- //normal enviroments in sane situations
- return clearTimeout(marker);
- }
- // if clearTimeout wasn't available but was latter defined
- if ((cachedClearTimeout === defaultClearTimeout || !cachedClearTimeout) && clearTimeout) {
- cachedClearTimeout = clearTimeout;
- return clearTimeout(marker);
- }
- try {
- // when when somebody has screwed with setTimeout but no I.E. maddness
- return cachedClearTimeout(marker);
- } catch (e){
- try {
- // When we are in I.E. but the script has been evaled so I.E. doesn't trust the global object when called normally
- return cachedClearTimeout.call(null, marker);
- } catch (e){
- // same as above but when it's a version of I.E. that must have the global object for 'this', hopfully our context correct otherwise it will throw a global error.
- // Some versions of I.E. have different rules for clearTimeout vs setTimeout
- return cachedClearTimeout.call(this, marker);
- }
- }
- }
- var queue = [];
- var draining = false;
- var currentQueue;
- var queueIndex = -1;
- function cleanUpNextTick() {
- if (!draining || !currentQueue) {
- return;
- }
- draining = false;
- if (currentQueue.length) {
- queue = currentQueue.concat(queue);
- } else {
- queueIndex = -1;
- }
- if (queue.length) {
- drainQueue();
- }
- }
- function drainQueue() {
- if (draining) {
- return;
- }
- var timeout = runTimeout(cleanUpNextTick);
- draining = true;
- var len = queue.length;
- while(len) {
- currentQueue = queue;
- queue = [];
- while (++queueIndex < len) {
- if (currentQueue) {
- currentQueue[queueIndex].run();
- }
- }
- queueIndex = -1;
- len = queue.length;
- }
- currentQueue = null;
- draining = false;
- runClearTimeout(timeout);
- }
- process.nextTick = function (fun) {
- var args = new Array(arguments.length - 1);
- if (arguments.length > 1) {
- for (var i = 1; i < arguments.length; i++) {
- args[i - 1] = arguments[i];
- }
- }
- queue.push(new Item(fun, args));
- if (queue.length === 1 && !draining) {
- runTimeout(drainQueue);
- }
- };
- // v8 likes predictible objects
- function Item(fun, array) {
- this.fun = fun;
- this.array = array;
- }
- Item.prototype.run = function () {
- this.fun.apply(null, this.array);
- };
- process.title = 'browser';
- process.browser = true;
- process.env = {};
- process.argv = [];
- process.version = ''; // empty string to avoid regexp issues
- process.versions = {};
- function noop() {}
- process.on = noop;
- process.addListener = noop;
- process.once = noop;
- process.off = noop;
- process.removeListener = noop;
- process.removeAllListeners = noop;
- process.emit = noop;
- process.prependListener = noop;
- process.prependOnceListener = noop;
- process.listeners = function (name) { return [] }
- process.binding = function (name) {
- throw new Error('process.binding is not supported');
- };
- process.cwd = function () { return '/' };
- process.chdir = function (dir) {
- throw new Error('process.chdir is not supported');
- };
- process.umask = function() { return 0; };
- },{}],67:[function(require,module,exports){
- 'use strict';
- /*
- node-bzip - a pure-javascript Node.JS module for decoding bzip2 data
- Copyright (C) 2012 Eli Skeggs
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, see
- http://www.gnu.org/licenses/lgpl-2.1.html
- Adapted from bzip2.js, copyright 2011 antimatter15 (antimatter15@gmail.com).
- Based on micro-bunzip by Rob Landley (rob@landley.net).
- Based on bzip2 decompression code by Julian R Seward (jseward@acm.org),
- which also acknowledges contributions by Mike Burrows, David Wheeler,
- Peter Fenwick, Alistair Moffat, Radford Neal, Ian H. Witten,
- Robert Sedgewick, and Jon L. Bentley.
- */
- var BITMASK = [0x00, 0x01, 0x03, 0x07, 0x0F, 0x1F, 0x3F, 0x7F, 0xFF];
- // offset in bytes
- var BitReader = function BitReader(stream) {
- this.stream = stream;
- this.bitOffset = 0;
- this.curByte = 0;
- this.hasByte = false;
- };
- BitReader.prototype._ensureByte = function () {
- if (!this.hasByte) {
- this.curByte = this.stream.readByte();
- this.hasByte = true;
- }
- };
- // reads bits from the buffer
- BitReader.prototype.read = function (bits) {
- var result = 0;
- while (bits > 0) {
- this._ensureByte();
- var remaining = 8 - this.bitOffset;
- // if we're in a byte
- if (bits >= remaining) {
- result <<= remaining;
- result |= BITMASK[remaining] & this.curByte;
- this.hasByte = false;
- this.bitOffset = 0;
- bits -= remaining;
- } else {
- result <<= bits;
- var shift = remaining - bits;
- result |= (this.curByte & BITMASK[bits] << shift) >> shift;
- this.bitOffset += bits;
- bits = 0;
- }
- }
- return result;
- };
- // seek to an arbitrary point in the buffer (expressed in bits)
- BitReader.prototype.seek = function (pos) {
- var n_bit = pos % 8;
- var n_byte = (pos - n_bit) / 8;
- this.bitOffset = n_bit;
- this.stream.seek(n_byte);
- this.hasByte = false;
- };
- // reads 6 bytes worth of data using the read method
- BitReader.prototype.pi = function () {
- var buf = new Uint8Array(6),
- i;
- for (i = 0; i < buf.length; i++) {
- buf[i] = this.read(8);
- }
- return bufToHex(buf);
- };
- function bufToHex(buf) {
- return Array.prototype.map.call(buf, x => ('00' + x.toString(16)).slice(-2)).join('');
- }
- module.exports = BitReader;
- },{}],68:[function(require,module,exports){
- "use strict";
- /* CRC32, used in Bzip2 implementation.
- * This is a port of CRC32.java from the jbzip2 implementation at
- * https://code.google.com/p/jbzip2
- * which is:
- * Copyright (c) 2011 Matthew Francis
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following
- * conditions:
- *
- * The above copyright notice and this permission notice shall be
- * included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- * This JavaScript implementation is:
- * Copyright (c) 2013 C. Scott Ananian
- * with the same licensing terms as Matthew Francis' original implementation.
- */
- module.exports = function () {
- /**
- * A static CRC lookup table
- */
- var crc32Lookup = new Uint32Array([0x00000000, 0x04c11db7, 0x09823b6e, 0x0d4326d9, 0x130476dc, 0x17c56b6b, 0x1a864db2, 0x1e475005, 0x2608edb8, 0x22c9f00f, 0x2f8ad6d6, 0x2b4bcb61, 0x350c9b64, 0x31cd86d3, 0x3c8ea00a, 0x384fbdbd, 0x4c11db70, 0x48d0c6c7, 0x4593e01e, 0x4152fda9, 0x5f15adac, 0x5bd4b01b, 0x569796c2, 0x52568b75, 0x6a1936c8, 0x6ed82b7f, 0x639b0da6, 0x675a1011, 0x791d4014, 0x7ddc5da3, 0x709f7b7a, 0x745e66cd, 0x9823b6e0, 0x9ce2ab57, 0x91a18d8e, 0x95609039, 0x8b27c03c, 0x8fe6dd8b, 0x82a5fb52, 0x8664e6e5, 0xbe2b5b58, 0xbaea46ef, 0xb7a96036, 0xb3687d81, 0xad2f2d84, 0xa9ee3033, 0xa4ad16ea, 0xa06c0b5d, 0xd4326d90, 0xd0f37027, 0xddb056fe, 0xd9714b49, 0xc7361b4c, 0xc3f706fb, 0xceb42022, 0xca753d95, 0xf23a8028, 0xf6fb9d9f, 0xfbb8bb46, 0xff79a6f1, 0xe13ef6f4, 0xe5ffeb43, 0xe8bccd9a, 0xec7dd02d, 0x34867077, 0x30476dc0, 0x3d044b19, 0x39c556ae, 0x278206ab, 0x23431b1c, 0x2e003dc5, 0x2ac12072, 0x128e9dcf, 0x164f8078, 0x1b0ca6a1, 0x1fcdbb16, 0x018aeb13, 0x054bf6a4, 0x0808d07d, 0x0cc9cdca, 0x7897ab07, 0x7c56b6b0, 0x71159069, 0x75d48dde, 0x6b93dddb, 0x6f52c06c, 0x6211e6b5, 0x66d0fb02, 0x5e9f46bf, 0x5a5e5b08, 0x571d7dd1, 0x53dc6066, 0x4d9b3063, 0x495a2dd4, 0x44190b0d, 0x40d816ba, 0xaca5c697, 0xa864db20, 0xa527fdf9, 0xa1e6e04e, 0xbfa1b04b, 0xbb60adfc, 0xb6238b25, 0xb2e29692, 0x8aad2b2f, 0x8e6c3698, 0x832f1041, 0x87ee0df6, 0x99a95df3, 0x9d684044, 0x902b669d, 0x94ea7b2a, 0xe0b41de7, 0xe4750050, 0xe9362689, 0xedf73b3e, 0xf3b06b3b, 0xf771768c, 0xfa325055, 0xfef34de2, 0xc6bcf05f, 0xc27dede8, 0xcf3ecb31, 0xcbffd686, 0xd5b88683, 0xd1799b34, 0xdc3abded, 0xd8fba05a, 0x690ce0ee, 0x6dcdfd59, 0x608edb80, 0x644fc637, 0x7a089632, 0x7ec98b85, 0x738aad5c, 0x774bb0eb, 0x4f040d56, 0x4bc510e1, 0x46863638, 0x42472b8f, 0x5c007b8a, 0x58c1663d, 0x558240e4, 0x51435d53, 0x251d3b9e, 0x21dc2629, 0x2c9f00f0, 0x285e1d47, 0x36194d42, 0x32d850f5, 0x3f9b762c, 0x3b5a6b9b, 0x0315d626, 0x07d4cb91, 0x0a97ed48, 0x0e56f0ff, 0x1011a0fa, 0x14d0bd4d, 0x19939b94, 0x1d528623, 0xf12f560e, 0xf5ee4bb9, 0xf8ad6d60, 0xfc6c70d7, 0xe22b20d2, 0xe6ea3d65, 0xeba91bbc, 0xef68060b, 0xd727bbb6, 0xd3e6a601, 0xdea580d8, 0xda649d6f, 0xc423cd6a, 0xc0e2d0dd, 0xcda1f604, 0xc960ebb3, 0xbd3e8d7e, 0xb9ff90c9, 0xb4bcb610, 0xb07daba7, 0xae3afba2, 0xaafbe615, 0xa7b8c0cc, 0xa379dd7b, 0x9b3660c6, 0x9ff77d71, 0x92b45ba8, 0x9675461f, 0x8832161a, 0x8cf30bad, 0x81b02d74, 0x857130c3, 0x5d8a9099, 0x594b8d2e, 0x5408abf7, 0x50c9b640, 0x4e8ee645, 0x4a4ffbf2, 0x470cdd2b, 0x43cdc09c, 0x7b827d21, 0x7f436096, 0x7200464f, 0x76c15bf8, 0x68860bfd, 0x6c47164a, 0x61043093, 0x65c52d24, 0x119b4be9, 0x155a565e, 0x18197087, 0x1cd86d30, 0x029f3d35, 0x065e2082, 0x0b1d065b, 0x0fdc1bec, 0x3793a651, 0x3352bbe6, 0x3e119d3f, 0x3ad08088, 0x2497d08d, 0x2056cd3a, 0x2d15ebe3, 0x29d4f654, 0xc5a92679, 0xc1683bce, 0xcc2b1d17, 0xc8ea00a0, 0xd6ad50a5, 0xd26c4d12, 0xdf2f6bcb, 0xdbee767c, 0xe3a1cbc1, 0xe760d676, 0xea23f0af, 0xeee2ed18, 0xf0a5bd1d, 0xf464a0aa, 0xf9278673, 0xfde69bc4, 0x89b8fd09, 0x8d79e0be, 0x803ac667, 0x84fbdbd0, 0x9abc8bd5, 0x9e7d9662, 0x933eb0bb, 0x97ffad0c, 0xafb010b1, 0xab710d06, 0xa6322bdf, 0xa2f33668, 0xbcb4666d, 0xb8757bda, 0xb5365d03, 0xb1f740b4]);
- var CRC32 = function CRC32() {
- /**
- * The current CRC
- */
- var crc = 0xffffffff;
- /**
- * @return The current CRC
- */
- this.getCRC = function () {
- return ~crc >>> 0; // return an unsigned value
- };
- /**
- * Update the CRC with a single byte
- * @param value The value to update the CRC with
- */
- this.updateCRC = function (value) {
- crc = crc << 8 ^ crc32Lookup[(crc >>> 24 ^ value) & 0xff];
- };
- /**
- * Update the CRC with a sequence of identical bytes
- * @param value The value to update the CRC with
- * @param count The number of bytes
- */
- this.updateCRCRun = function (value, count) {
- while (count-- > 0) {
- crc = crc << 8 ^ crc32Lookup[(crc >>> 24 ^ value) & 0xff];
- }
- };
- };
- return CRC32;
- }();
- },{}],69:[function(require,module,exports){
- 'use strict';
- /*
- seek-bzip - a pure-javascript module for seeking within bzip2 data
- Copyright (C) 2013 C. Scott Ananian
- Copyright (C) 2012 Eli Skeggs
- Copyright (C) 2011 Kevin Kwok
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, see
- http://www.gnu.org/licenses/lgpl-2.1.html
- Adapted from node-bzip, copyright 2012 Eli Skeggs.
- Adapted from bzip2.js, copyright 2011 Kevin Kwok (antimatter15@gmail.com).
- Based on micro-bunzip by Rob Landley (rob@landley.net).
- Based on bzip2 decompression code by Julian R Seward (jseward@acm.org),
- which also acknowledges contributions by Mike Burrows, David Wheeler,
- Peter Fenwick, Alistair Moffat, Radford Neal, Ian H. Witten,
- Robert Sedgewick, and Jon L. Bentley.
- */
- var BitReader = require('./bitreader');
- var Stream = require('./stream');
- var CRC32 = require('./crc32');
- var MAX_HUFCODE_BITS = 20;
- var MAX_SYMBOLS = 258;
- var SYMBOL_RUNA = 0;
- var SYMBOL_RUNB = 1;
- var MIN_GROUPS = 2;
- var MAX_GROUPS = 6;
- var GROUP_SIZE = 50;
- var WHOLEPI = "314159265359";
- var SQRTPI = "177245385090";
- var mtf = function mtf(array, index) {
- var src = array[index],
- i;
- for (i = index; i > 0; i--) {
- array[i] = array[i - 1];
- }
- array[0] = src;
- return src;
- };
- var Err = {
- OK: 0,
- LAST_BLOCK: -1,
- NOT_BZIP_DATA: -2,
- UNEXPECTED_INPUT_EOF: -3,
- UNEXPECTED_OUTPUT_EOF: -4,
- DATA_ERROR: -5,
- OUT_OF_MEMORY: -6,
- OBSOLETE_INPUT: -7,
- END_OF_BLOCK: -8
- };
- var ErrorMessages = {};
- ErrorMessages[Err.LAST_BLOCK] = "Bad file checksum";
- ErrorMessages[Err.NOT_BZIP_DATA] = "Not bzip data";
- ErrorMessages[Err.UNEXPECTED_INPUT_EOF] = "Unexpected input EOF";
- ErrorMessages[Err.UNEXPECTED_OUTPUT_EOF] = "Unexpected output EOF";
- ErrorMessages[Err.DATA_ERROR] = "Data error";
- ErrorMessages[Err.OUT_OF_MEMORY] = "Out of memory";
- ErrorMessages[Err.OBSOLETE_INPUT] = "Obsolete (pre 0.9.5) bzip format not supported.";
- var _throw = function _throw(status, optDetail) {
- var msg = ErrorMessages[status] || 'unknown error';
- if (optDetail) {
- msg += ': ' + optDetail;
- }
- var e = new TypeError(msg);
- e.errorCode = status;
- throw e;
- };
- var Bunzip = function Bunzip(inputStream, outputStream) {
- this.writePos = this.writeCurrent = this.writeCount = 0;
- this._start_bunzip(inputStream, outputStream);
- };
- Bunzip.prototype._init_block = function () {
- var moreBlocks = this._get_next_block();
- if (!moreBlocks) {
- this.writeCount = -1;
- return false; /* no more blocks */
- }
- this.blockCRC = new CRC32();
- return true;
- };
- /* XXX micro-bunzip uses (inputStream, inputBuffer, len) as arguments */
- Bunzip.prototype._start_bunzip = function (inputStream, outputStream) {
- /* Ensure that file starts with "BZh['1'-'9']." */
- var buf = new Uint8Array(4);
- if (inputStream.read(buf, 0, 4) !== 4 || String.fromCharCode(buf[0], buf[1], buf[2]) !== 'BZh') _throw(Err.NOT_BZIP_DATA, 'bad magic');
- var level = buf[3] - 0x30;
- if (level < 1 || level > 9) _throw(Err.NOT_BZIP_DATA, 'level out of range');
- this.reader = new BitReader(inputStream);
- /* Fourth byte (ascii '1'-'9'), indicates block size in units of 100k of
- uncompressed data. Allocate intermediate buffer for block. */
- this.dbufSize = 100000 * level;
- this.nextoutput = 0;
- this.outputStream = outputStream;
- this.streamCRC = 0;
- };
- Bunzip.prototype._get_next_block = function () {
- var i, j, k;
- var reader = this.reader;
- // this is get_next_block() function from micro-bunzip:
- /* Read in header signature and CRC, then validate signature.
- (last block signature means CRC is for whole file, return now) */
- var h = reader.pi();
- if (h === SQRTPI) {
- // last block
- return false; /* no more blocks */
- }
- if (h !== WHOLEPI) _throw(Err.NOT_BZIP_DATA);
- this.targetBlockCRC = reader.read(32) >>> 0; // (convert to unsigned)
- this.streamCRC = (this.targetBlockCRC ^ (this.streamCRC << 1 | this.streamCRC >>> 31)) >>> 0;
- /* We can add support for blockRandomised if anybody complains. There was
- some code for this in busybox 1.0.0-pre3, but nobody ever noticed that
- it didn't actually work. */
- if (reader.read(1)) _throw(Err.OBSOLETE_INPUT);
- var origPointer = reader.read(24);
- if (origPointer > this.dbufSize) _throw(Err.DATA_ERROR, 'initial position out of bounds');
- /* mapping table: if some byte values are never used (encoding things
- like ascii text), the compression code removes the gaps to have fewer
- symbols to deal with, and writes a sparse bitfield indicating which
- values were present. We make a translation table to convert the symbols
- back to the corresponding bytes. */
- var t = reader.read(16);
- var symToByte = new Uint8Array(256),
- symTotal = 0;
- for (i = 0; i < 16; i++) {
- if (t & 1 << 0xF - i) {
- var o = i * 16;
- k = reader.read(16);
- for (j = 0; j < 16; j++) if (k & 1 << 0xF - j) symToByte[symTotal++] = o + j;
- }
- }
- /* How many different huffman coding groups does this block use? */
- var groupCount = reader.read(3);
- if (groupCount < MIN_GROUPS || groupCount > MAX_GROUPS) _throw(Err.DATA_ERROR);
- /* nSelectors: Every GROUP_SIZE many symbols we select a new huffman coding
- group. Read in the group selector list, which is stored as MTF encoded
- bit runs. (MTF=Move To Front, as each value is used it's moved to the
- start of the list.) */
- var nSelectors = reader.read(15);
- if (nSelectors === 0) _throw(Err.DATA_ERROR);
- var mtfSymbol = new Uint8Array(256);
- for (i = 0; i < groupCount; i++) mtfSymbol[i] = i;
- var selectors = new Uint8Array(nSelectors); // was 32768...
- for (i = 0; i < nSelectors; i++) {
- /* Get next value */
- for (j = 0; reader.read(1); j++) if (j >= groupCount) _throw(Err.DATA_ERROR);
- /* Decode MTF to get the next selector */
- selectors[i] = mtf(mtfSymbol, j);
- }
- /* Read the huffman coding tables for each group, which code for symTotal
- literal symbols, plus two run symbols (RUNA, RUNB) */
- var symCount = symTotal + 2;
- var groups = [],
- hufGroup;
- for (j = 0; j < groupCount; j++) {
- var length = new Uint8Array(symCount),
- temp = new Uint16Array(MAX_HUFCODE_BITS + 1);
- /* Read huffman code lengths for each symbol. They're stored in
- a way similar to mtf; record a starting value for the first symbol,
- and an offset from the previous value for everys symbol after that. */
- t = reader.read(5); // lengths
- for (i = 0; i < symCount; i++) {
- for (;;) {
- if (t < 1 || t > MAX_HUFCODE_BITS) _throw(Err.DATA_ERROR);
- /* If first bit is 0, stop. Else second bit indicates whether
- to increment or decrement the value. */
- if (!reader.read(1)) break;
- if (!reader.read(1)) t++;else t--;
- }
- length[i] = t;
- }
- /* Find largest and smallest lengths in this group */
- var minLen, maxLen;
- minLen = maxLen = length[0];
- for (i = 1; i < symCount; i++) {
- if (length[i] > maxLen) maxLen = length[i];else if (length[i] < minLen) minLen = length[i];
- }
- /* Calculate permute[], base[], and limit[] tables from length[].
- *
- * permute[] is the lookup table for converting huffman coded symbols
- * into decoded symbols. base[] is the amount to subtract from the
- * value of a huffman symbol of a given length when using permute[].
- *
- * limit[] indicates the largest numerical value a symbol with a given
- * number of bits can have. This is how the huffman codes can vary in
- * length: each code with a value>limit[length] needs another bit.
- */
- hufGroup = {};
- groups.push(hufGroup);
- hufGroup.permute = new Uint16Array(MAX_SYMBOLS);
- hufGroup.limit = new Uint32Array(MAX_HUFCODE_BITS + 2);
- hufGroup.base = new Uint32Array(MAX_HUFCODE_BITS + 1);
- hufGroup.minLen = minLen;
- hufGroup.maxLen = maxLen;
- /* Calculate permute[]. Concurently, initialize temp[] and limit[]. */
- var pp = 0;
- for (i = minLen; i <= maxLen; i++) {
- temp[i] = hufGroup.limit[i] = 0;
- for (t = 0; t < symCount; t++) if (length[t] === i) hufGroup.permute[pp++] = t;
- }
- /* Count symbols coded for at each bit length */
- for (i = 0; i < symCount; i++) temp[length[i]]++;
- /* Calculate limit[] (the largest symbol-coding value at each bit
- * length, which is (previous limit<<1)+symbols at this level), and
- * base[] (number of symbols to ignore at each bit length, which is
- * limit minus the cumulative count of symbols coded for already). */
- pp = t = 0;
- for (i = minLen; i < maxLen; i++) {
- pp += temp[i];
- /* We read the largest possible symbol size and then unget bits
- after determining how many we need, and those extra bits could
- be set to anything. (They're noise from future symbols.) At
- each level we're really only interested in the first few bits,
- so here we set all the trailing to-be-ignored bits to 1 so they
- don't affect the value>limit[length] comparison. */
- hufGroup.limit[i] = pp - 1;
- pp <<= 1;
- t += temp[i];
- hufGroup.base[i + 1] = pp - t;
- }
- hufGroup.limit[maxLen + 1] = Number.MAX_VALUE; /* Sentinal value for reading next sym. */
- hufGroup.limit[maxLen] = pp + temp[maxLen] - 1;
- hufGroup.base[minLen] = 0;
- }
- /* We've finished reading and digesting the block header. Now read this
- block's huffman coded symbols from the file and undo the huffman coding
- and run length encoding, saving the result into dbuf[dbufCount++]=uc */
- /* Initialize symbol occurrence counters and symbol Move To Front table */
- var byteCount = new Uint32Array(256);
- for (i = 0; i < 256; i++) mtfSymbol[i] = i;
- /* Loop through compressed symbols. */
- var runPos = 0,
- dbufCount = 0,
- selector = 0,
- uc;
- var dbuf = this.dbuf = new Uint32Array(this.dbufSize);
- symCount = 0;
- for (;;) {
- /* Determine which huffman coding group to use. */
- if (!symCount--) {
- symCount = GROUP_SIZE - 1;
- if (selector >= nSelectors) {
- _throw(Err.DATA_ERROR);
- }
- hufGroup = groups[selectors[selector++]];
- }
- /* Read next huffman-coded symbol. */
- i = hufGroup.minLen;
- j = reader.read(i);
- for (;; i++) {
- if (i > hufGroup.maxLen) {
- _throw(Err.DATA_ERROR);
- }
- if (j <= hufGroup.limit[i]) break;
- j = j << 1 | reader.read(1);
- }
- /* Huffman decode value to get nextSym (with bounds checking) */
- j -= hufGroup.base[i];
- if (j < 0 || j >= MAX_SYMBOLS) {
- _throw(Err.DATA_ERROR);
- }
- var nextSym = hufGroup.permute[j];
- /* We have now decoded the symbol, which indicates either a new literal
- byte, or a repeated run of the most recent literal byte. First,
- check if nextSym indicates a repeated run, and if so loop collecting
- how many times to repeat the last literal. */
- if (nextSym === SYMBOL_RUNA || nextSym === SYMBOL_RUNB) {
- /* If this is the start of a new run, zero out counter */
- if (!runPos) {
- runPos = 1;
- t = 0;
- }
- /* Neat trick that saves 1 symbol: instead of or-ing 0 or 1 at
- each bit position, add 1 or 2 instead. For example,
- 1011 is 1<<0 + 1<<1 + 2<<2. 1010 is 2<<0 + 2<<1 + 1<<2.
- You can make any bit pattern that way using 1 less symbol than
- the basic or 0/1 method (except all bits 0, which would use no
- symbols, but a run of length 0 doesn't mean anything in this
- context). Thus space is saved. */
- if (nextSym === SYMBOL_RUNA) t += runPos;else t += 2 * runPos;
- runPos <<= 1;
- continue;
- }
- /* When we hit the first non-run symbol after a run, we now know
- how many times to repeat the last literal, so append that many
- copies to our buffer of decoded symbols (dbuf) now. (The last
- literal used is the one at the head of the mtfSymbol array.) */
- if (runPos) {
- runPos = 0;
- if (dbufCount + t > this.dbufSize) {
- _throw(Err.DATA_ERROR);
- }
- uc = symToByte[mtfSymbol[0]];
- byteCount[uc] += t;
- while (t--) dbuf[dbufCount++] = uc;
- }
- /* Is this the terminating symbol? */
- if (nextSym > symTotal) break;
- /* At this point, nextSym indicates a new literal character. Subtract
- one to get the position in the MTF array at which this literal is
- currently to be found. (Note that the result can't be -1 or 0,
- because 0 and 1 are RUNA and RUNB. But another instance of the
- first symbol in the mtf array, position 0, would have been handled
- as part of a run above. Therefore 1 unused mtf position minus
- 2 non-literal nextSym values equals -1.) */
- if (dbufCount >= this.dbufSize) {
- _throw(Err.DATA_ERROR);
- }
- i = nextSym - 1;
- uc = mtf(mtfSymbol, i);
- uc = symToByte[uc];
- /* We have our literal byte. Save it into dbuf. */
- byteCount[uc]++;
- dbuf[dbufCount++] = uc;
- }
- /* At this point, we've read all the huffman-coded symbols (and repeated
- runs) for this block from the input stream, and decoded them into the
- intermediate buffer. There are dbufCount many decoded bytes in dbuf[].
- Now undo the Burrows-Wheeler transform on dbuf.
- See http://dogma.net/markn/articles/bwt/bwt.htm
- */
- if (origPointer < 0 || origPointer >= dbufCount) {
- _throw(Err.DATA_ERROR);
- }
- /* Turn byteCount into cumulative occurrence counts of 0 to n-1. */
- j = 0;
- for (i = 0; i < 256; i++) {
- k = j + byteCount[i];
- byteCount[i] = j;
- j = k;
- }
- /* Figure out what order dbuf would be in if we sorted it. */
- for (i = 0; i < dbufCount; i++) {
- uc = dbuf[i] & 0xff;
- dbuf[byteCount[uc]] |= i << 8;
- byteCount[uc]++;
- }
- /* Decode first byte by hand to initialize "previous" byte. Note that it
- doesn't get output, and if the first three characters are identical
- it doesn't qualify as a run (hence writeRunCountdown=5). */
- var pos = 0,
- current = 0,
- run = 0;
- if (dbufCount) {
- pos = dbuf[origPointer];
- current = pos & 0xff;
- pos >>= 8;
- run = -1;
- }
- this.writePos = pos;
- this.writeCurrent = current;
- this.writeCount = dbufCount;
- this.writeRun = run;
- return true; /* more blocks to come */
- };
- /* Undo burrows-wheeler transform on intermediate buffer to produce output.
- If start_bunzip was initialized with out_fd=-1, then up to len bytes of
- data are written to outbuf. Return value is number of bytes written or
- error (all errors are negative numbers). If out_fd!=-1, outbuf and len
- are ignored, data is written to out_fd and return is RETVAL_OK or error.
- */
- Bunzip.prototype._read_bunzip = function (outputBuffer, len) {
- var copies, previous, outbyte;
- /* james@jamestaylor.org: writeCount goes to -1 when the buffer is fully
- decoded, which results in this returning RETVAL_LAST_BLOCK, also
- equal to -1... Confusing, I'm returning 0 here to indicate no
- bytes written into the buffer */
- if (this.writeCount < 0) {
- return 0;
- }
- var gotcount = 0;
- var dbuf = this.dbuf,
- pos = this.writePos,
- current = this.writeCurrent;
- var dbufCount = this.writeCount,
- outputsize = this.outputsize;
- var run = this.writeRun;
- while (dbufCount) {
- dbufCount--;
- previous = current;
- pos = dbuf[pos];
- current = pos & 0xff;
- pos >>= 8;
- if (run++ === 3) {
- copies = current;
- outbyte = previous;
- current = -1;
- } else {
- copies = 1;
- outbyte = current;
- }
- this.blockCRC.updateCRCRun(outbyte, copies);
- while (copies--) {
- this.outputStream.writeByte(outbyte);
- this.nextoutput++;
- }
- if (current != previous) run = 0;
- }
- this.writeCount = dbufCount;
- // check CRC
- if (this.blockCRC.getCRC() !== this.targetBlockCRC) {
- _throw(Err.DATA_ERROR, "Bad block CRC " + "(got " + this.blockCRC.getCRC().toString(16) + " expected " + this.targetBlockCRC.toString(16) + ")");
- }
- return this.nextoutput;
- };
- var coerceInputStream = function coerceInputStream(input) {
- if ('readByte' in input) {
- return input;
- }
- var inputStream = new Stream();
- inputStream.pos = 0;
- inputStream.readByte = function () {
- return input[this.pos++];
- };
- inputStream.seek = function (pos) {
- this.pos = pos;
- };
- inputStream.eof = function () {
- return this.pos >= input.length;
- };
- return inputStream;
- };
- var coerceOutputStream = function coerceOutputStream(output) {
- var outputStream = new Stream();
- var resizeOk = true;
- if (output) {
- if (typeof output === 'number') {
- outputStream.buffer = new Uint8Array(output);
- resizeOk = false;
- } else if ('writeByte' in output) {
- return output;
- } else {
- outputStream.buffer = output;
- resizeOk = false;
- }
- } else {
- outputStream.buffer = new Uint8Array(16384);
- }
- outputStream.pos = 0;
- outputStream.writeByte = function (_byte) {
- if (resizeOk && this.pos >= this.buffer.length) {
- var newBuffer = new Uint8Array(this.buffer.length * 2);
- newBuffer.set(this.buffer);
- this.buffer = newBuffer;
- }
- this.buffer[this.pos++] = _byte;
- };
- outputStream.getBuffer = function () {
- // trim buffer
- if (this.pos !== this.buffer.length) {
- if (!resizeOk) throw new TypeError('outputsize does not match decoded input');
- var newBuffer = new Uint8Array(this.pos);
- newBuffer.set(this.buffer.subarray(0, this.pos));
- this.buffer = newBuffer;
- }
- return this.buffer;
- };
- outputStream._coerced = true;
- return outputStream;
- };
- /* Static helper functions */
- Bunzip.Err = Err;
- // 'input' can be a stream or a buffer
- // 'output' can be a stream or a buffer or a number (buffer size)
- Bunzip.decode = function (input, output, multistream) {
- // make a stream from a buffer, if necessary
- var inputStream = coerceInputStream(input);
- var outputStream = coerceOutputStream(output);
- var bz = new Bunzip(inputStream, outputStream);
- while (true) {
- if ('eof' in inputStream && inputStream.eof()) break;
- if (bz._init_block()) {
- bz._read_bunzip();
- } else {
- var targetStreamCRC = bz.reader.read(32) >>> 0; // (convert to unsigned)
- if (targetStreamCRC !== bz.streamCRC) {
- _throw(Err.DATA_ERROR, "Bad stream CRC " + "(got " + bz.streamCRC.toString(16) + " expected " + targetStreamCRC.toString(16) + ")");
- }
- if (multistream && 'eof' in inputStream && !inputStream.eof()) {
- // note that start_bunzip will also resync the bit reader to next byte
- bz._start_bunzip(inputStream, outputStream);
- } else break;
- }
- }
- if ('getBuffer' in outputStream) return outputStream.getBuffer();
- };
- Bunzip.decodeBlock = function (input, pos, output) {
- // make a stream from a buffer, if necessary
- var inputStream = coerceInputStream(input);
- var outputStream = coerceOutputStream(output);
- var bz = new Bunzip(inputStream, outputStream);
- bz.reader.seek(pos);
- /* Fill the decode buffer for the block */
- var moreBlocks = bz._get_next_block();
- if (moreBlocks) {
- /* Init the CRC for writing */
- bz.blockCRC = new CRC32();
- /* Zero this so the current byte from before the seek is not written */
- bz.writeCopies = 0;
- /* Decompress the block and write to stdout */
- bz._read_bunzip();
- // XXX keep writing?
- }
- if ('getBuffer' in outputStream) return outputStream.getBuffer();
- };
- /* Reads bzip2 file from stream or buffer `input`, and invoke
- * `callback(position, size)` once for each bzip2 block,
- * where position gives the starting position (in *bits*)
- * and size gives uncompressed size of the block (in *bytes*). */
- Bunzip.table = function (input, callback, multistream) {
- // make a stream from a buffer, if necessary
- var inputStream = new Stream();
- inputStream.delegate = coerceInputStream(input);
- inputStream.pos = 0;
- inputStream.readByte = function () {
- this.pos++;
- return this.delegate.readByte();
- };
- if (inputStream.delegate.eof) {
- inputStream.eof = inputStream.delegate.eof.bind(inputStream.delegate);
- }
- var outputStream = new Stream();
- outputStream.pos = 0;
- outputStream.writeByte = function () {
- this.pos++;
- };
- var bz = new Bunzip(inputStream, outputStream);
- var blockSize = bz.dbufSize;
- while (true) {
- if ('eof' in inputStream && inputStream.eof()) break;
- var position = inputStream.pos * 8 + bz.reader.bitOffset;
- if (bz.reader.hasByte) {
- position -= 8;
- }
- if (bz._init_block()) {
- var start = outputStream.pos;
- bz._read_bunzip();
- callback(position, outputStream.pos - start);
- } else {
- var crc = bz.reader.read(32); // (but we ignore the crc)
- if (multistream && 'eof' in inputStream && !inputStream.eof()) {
- // note that start_bunzip will also resync the bit reader to next byte
- bz._start_bunzip(inputStream, outputStream);
- console.assert(bz.dbufSize === blockSize, "shouldn't change block size within multistream file");
- } else break;
- }
- }
- };
- Bunzip.Stream = Stream;
- module.exports = Bunzip;
- },{"./bitreader":67,"./crc32":68,"./stream":70}],70:[function(require,module,exports){
- "use strict";
- /* very simple input/output stream interface */
- var Stream = function Stream() {};
- // input streams //////////////
- /** Returns the next byte, or -1 for EOF. */
- Stream.prototype.readByte = function () {
- throw new Error("abstract method readByte() not implemented");
- };
- /** Attempts to fill the buffer; returns number of bytes read, or
- * -1 for EOF. */
- Stream.prototype.read = function (buffer, bufOffset, length) {
- var bytesRead = 0;
- while (bytesRead < length) {
- var c = this.readByte();
- if (c < 0) {
- // EOF
- return bytesRead === 0 ? -1 : bytesRead;
- }
- buffer[bufOffset++] = c;
- bytesRead++;
- }
- return bytesRead;
- };
- Stream.prototype.seek = function (new_pos) {
- throw new Error("abstract method seek() not implemented");
- };
- // output streams ///////////
- Stream.prototype.writeByte = function (_byte) {
- throw new Error("abstract method readByte() not implemented");
- };
- Stream.prototype.write = function (buffer, bufOffset, length) {
- var i;
- for (i = 0; i < length; i++) {
- this.writeByte(buffer[bufOffset++]);
- }
- return length;
- };
- Stream.prototype.flush = function () {};
- module.exports = Stream;
- },{}],71:[function(require,module,exports){
- 'use strict';
- // This is free and unencumbered software released into the public domain.
- // See LICENSE.md for more information.
- //
- // Utilities
- //
- /**
- * @param {number} a The number to test.
- * @param {number} min The minimum value in the range, inclusive.
- * @param {number} max The maximum value in the range, inclusive.
- * @return {boolean} True if a >= min and a <= max.
- */
- function inRange(a, min, max) {
- return min <= a && a <= max;
- }
- /**
- * @param {*} o
- * @return {Object}
- */
- function ToDictionary(o) {
- if (o === undefined) return {};
- if (o === Object(o)) return o;
- throw TypeError('Could not convert argument to dictionary');
- }
- /**
- * @param {string} string Input string of UTF-16 code units.
- * @return {!Array.<number>} Code points.
- */
- function stringToCodePoints(string) {
- // https://heycam.github.io/webidl/#dfn-obtain-unicode
- // 1. Let S be the DOMString value.
- var s = String(string);
- // 2. Let n be the length of S.
- var n = s.length;
- // 3. Initialize i to 0.
- var i = 0;
- // 4. Initialize U to be an empty sequence of Unicode characters.
- var u = [];
- // 5. While i < n:
- while (i < n) {
- // 1. Let c be the code unit in S at index i.
- var c = s.charCodeAt(i);
- // 2. Depending on the value of c:
- // c < 0xD800 or c > 0xDFFF
- if (c < 0xD800 || c > 0xDFFF) {
- // Append to U the Unicode character with code point c.
- u.push(c);
- }
- // 0xDC00 ≤ c ≤ 0xDFFF
- else if (0xDC00 <= c && c <= 0xDFFF) {
- // Append to U a U+FFFD REPLACEMENT CHARACTER.
- u.push(0xFFFD);
- }
- // 0xD800 ≤ c ≤ 0xDBFF
- else if (0xD800 <= c && c <= 0xDBFF) {
- // 1. If i = n−1, then append to U a U+FFFD REPLACEMENT
- // CHARACTER.
- if (i === n - 1) {
- u.push(0xFFFD);
- }
- // 2. Otherwise, i < n−1:
- else {
- // 1. Let d be the code unit in S at index i+1.
- var d = string.charCodeAt(i + 1);
- // 2. If 0xDC00 ≤ d ≤ 0xDFFF, then:
- if (0xDC00 <= d && d <= 0xDFFF) {
- // 1. Let a be c & 0x3FF.
- var a = c & 0x3FF;
- // 2. Let b be d & 0x3FF.
- var b = d & 0x3FF;
- // 3. Append to U the Unicode character with code point
- // 2^16+2^10*a+b.
- u.push(0x10000 + (a << 10) + b);
- // 4. Set i to i+1.
- i += 1;
- }
- // 3. Otherwise, d < 0xDC00 or d > 0xDFFF. Append to U a
- // U+FFFD REPLACEMENT CHARACTER.
- else {
- u.push(0xFFFD);
- }
- }
- }
- // 3. Set i to i+1.
- i += 1;
- }
- // 6. Return U.
- return u;
- }
- /**
- * @param {!Array.<number>} code_points Array of code points.
- * @return {string} string String of UTF-16 code units.
- */
- function codePointsToString(code_points) {
- var s = '';
- for (var i = 0; i < code_points.length; ++i) {
- var cp = code_points[i];
- if (cp <= 0xFFFF) {
- s += String.fromCharCode(cp);
- } else {
- cp -= 0x10000;
- s += String.fromCharCode((cp >> 10) + 0xD800,
- (cp & 0x3FF) + 0xDC00);
- }
- }
- return s;
- }
- //
- // Implementation of Encoding specification
- // https://encoding.spec.whatwg.org/
- //
- //
- // 3. Terminology
- //
- /**
- * End-of-stream is a special token that signifies no more tokens
- * are in the stream.
- * @const
- */ var end_of_stream = -1;
- /**
- * A stream represents an ordered sequence of tokens.
- *
- * @constructor
- * @param {!(Array.<number>|Uint8Array)} tokens Array of tokens that provide the
- * stream.
- */
- function Stream(tokens) {
- /** @type {!Array.<number>} */
- this.tokens = [].slice.call(tokens);
- }
- Stream.prototype = {
- /**
- * @return {boolean} True if end-of-stream has been hit.
- */
- endOfStream: function() {
- return !this.tokens.length;
- },
- /**
- * When a token is read from a stream, the first token in the
- * stream must be returned and subsequently removed, and
- * end-of-stream must be returned otherwise.
- *
- * @return {number} Get the next token from the stream, or
- * end_of_stream.
- */
- read: function() {
- if (!this.tokens.length)
- return end_of_stream;
- return this.tokens.shift();
- },
- /**
- * When one or more tokens are prepended to a stream, those tokens
- * must be inserted, in given order, before the first token in the
- * stream.
- *
- * @param {(number|!Array.<number>)} token The token(s) to prepend to the stream.
- */
- prepend: function(token) {
- if (Array.isArray(token)) {
- var tokens = /**@type {!Array.<number>}*/(token);
- while (tokens.length)
- this.tokens.unshift(tokens.pop());
- } else {
- this.tokens.unshift(token);
- }
- },
- /**
- * When one or more tokens are pushed to a stream, those tokens
- * must be inserted, in given order, after the last token in the
- * stream.
- *
- * @param {(number|!Array.<number>)} token The tokens(s) to prepend to the stream.
- */
- push: function(token) {
- if (Array.isArray(token)) {
- var tokens = /**@type {!Array.<number>}*/(token);
- while (tokens.length)
- this.tokens.push(tokens.shift());
- } else {
- this.tokens.push(token);
- }
- }
- };
- //
- // 4. Encodings
- //
- // 4.1 Encoders and decoders
- /** @const */
- var finished = -1;
- /**
- * @param {boolean} fatal If true, decoding errors raise an exception.
- * @param {number=} opt_code_point Override the standard fallback code point.
- * @return {number} The code point to insert on a decoding error.
- */
- function decoderError(fatal, opt_code_point) {
- if (fatal)
- throw TypeError('Decoder error');
- return opt_code_point || 0xFFFD;
- }
- //
- // 7. API
- //
- /** @const */ var DEFAULT_ENCODING = 'utf-8';
- // 7.1 Interface TextDecoder
- /**
- * @constructor
- * @param {string=} encoding The label of the encoding;
- * defaults to 'utf-8'.
- * @param {Object=} options
- */
- function TextDecoder(encoding, options) {
- if (!(this instanceof TextDecoder)) {
- return new TextDecoder(encoding, options);
- }
- encoding = encoding !== undefined ? String(encoding).toLowerCase() : DEFAULT_ENCODING;
- if (encoding !== DEFAULT_ENCODING) {
- throw new Error('Encoding not supported. Only utf-8 is supported');
- }
- options = ToDictionary(options);
- /** @private @type {boolean} */
- this._streaming = false;
- /** @private @type {boolean} */
- this._BOMseen = false;
- /** @private @type {?Decoder} */
- this._decoder = null;
- /** @private @type {boolean} */
- this._fatal = Boolean(options['fatal']);
- /** @private @type {boolean} */
- this._ignoreBOM = Boolean(options['ignoreBOM']);
- Object.defineProperty(this, 'encoding', {value: 'utf-8'});
- Object.defineProperty(this, 'fatal', {value: this._fatal});
- Object.defineProperty(this, 'ignoreBOM', {value: this._ignoreBOM});
- }
- TextDecoder.prototype = {
- /**
- * @param {ArrayBufferView=} input The buffer of bytes to decode.
- * @param {Object=} options
- * @return {string} The decoded string.
- */
- decode: function decode(input, options) {
- var bytes;
- if (typeof input === 'object' && input instanceof ArrayBuffer) {
- bytes = new Uint8Array(input);
- } else if (typeof input === 'object' && 'buffer' in input &&
- input.buffer instanceof ArrayBuffer) {
- bytes = new Uint8Array(input.buffer,
- input.byteOffset,
- input.byteLength);
- } else {
- bytes = new Uint8Array(0);
- }
- options = ToDictionary(options);
- if (!this._streaming) {
- this._decoder = new UTF8Decoder({fatal: this._fatal});
- this._BOMseen = false;
- }
- this._streaming = Boolean(options['stream']);
- var input_stream = new Stream(bytes);
- var code_points = [];
- /** @type {?(number|!Array.<number>)} */
- var result;
- while (!input_stream.endOfStream()) {
- result = this._decoder.handler(input_stream, input_stream.read());
- if (result === finished)
- break;
- if (result === null)
- continue;
- if (Array.isArray(result))
- code_points.push.apply(code_points, /**@type {!Array.<number>}*/(result));
- else
- code_points.push(result);
- }
- if (!this._streaming) {
- do {
- result = this._decoder.handler(input_stream, input_stream.read());
- if (result === finished)
- break;
- if (result === null)
- continue;
- if (Array.isArray(result))
- code_points.push.apply(code_points, /**@type {!Array.<number>}*/(result));
- else
- code_points.push(result);
- } while (!input_stream.endOfStream());
- this._decoder = null;
- }
- if (code_points.length) {
- // If encoding is one of utf-8, utf-16be, and utf-16le, and
- // ignore BOM flag and BOM seen flag are unset, run these
- // subsubsteps:
- if (['utf-8'].indexOf(this.encoding) !== -1 &&
- !this._ignoreBOM && !this._BOMseen) {
- // If token is U+FEFF, set BOM seen flag.
- if (code_points[0] === 0xFEFF) {
- this._BOMseen = true;
- code_points.shift();
- } else {
- // Otherwise, if token is not end-of-stream, set BOM seen
- // flag and append token to output.
- this._BOMseen = true;
- }
- }
- }
- return codePointsToString(code_points);
- }
- };
- // 7.2 Interface TextEncoder
- /**
- * @constructor
- * @param {string=} encoding The label of the encoding;
- * defaults to 'utf-8'.
- * @param {Object=} options
- */
- function TextEncoder(encoding, options) {
- if (!(this instanceof TextEncoder))
- return new TextEncoder(encoding, options);
- encoding = encoding !== undefined ? String(encoding).toLowerCase() : DEFAULT_ENCODING;
- if (encoding !== DEFAULT_ENCODING) {
- throw new Error('Encoding not supported. Only utf-8 is supported');
- }
- options = ToDictionary(options);
- /** @private @type {boolean} */
- this._streaming = false;
- /** @private @type {?Encoder} */
- this._encoder = null;
- /** @private @type {{fatal: boolean}} */
- this._options = {fatal: Boolean(options['fatal'])};
- Object.defineProperty(this, 'encoding', {value: 'utf-8'});
- }
- TextEncoder.prototype = {
- /**
- * @param {string=} opt_string The string to encode.
- * @param {Object=} options
- * @return {Uint8Array} Encoded bytes, as a Uint8Array.
- */
- encode: function encode(opt_string, options) {
- opt_string = opt_string ? String(opt_string) : '';
- options = ToDictionary(options);
- // NOTE: This option is nonstandard. None of the encodings
- // permitted for encoding (i.e. UTF-8, UTF-16) are stateful,
- // so streaming is not necessary.
- if (!this._streaming)
- this._encoder = new UTF8Encoder(this._options);
- this._streaming = Boolean(options['stream']);
- var bytes = [];
- var input_stream = new Stream(stringToCodePoints(opt_string));
- /** @type {?(number|!Array.<number>)} */
- var result;
- while (!input_stream.endOfStream()) {
- result = this._encoder.handler(input_stream, input_stream.read());
- if (result === finished)
- break;
- if (Array.isArray(result))
- bytes.push.apply(bytes, /**@type {!Array.<number>}*/(result));
- else
- bytes.push(result);
- }
- if (!this._streaming) {
- while (true) {
- result = this._encoder.handler(input_stream, input_stream.read());
- if (result === finished)
- break;
- if (Array.isArray(result))
- bytes.push.apply(bytes, /**@type {!Array.<number>}*/(result));
- else
- bytes.push(result);
- }
- this._encoder = null;
- }
- return new Uint8Array(bytes);
- }
- };
- //
- // 8. The encoding
- //
- // 8.1 utf-8
- /**
- * @constructor
- * @implements {Decoder}
- * @param {{fatal: boolean}} options
- */
- function UTF8Decoder(options) {
- var fatal = options.fatal;
- // utf-8's decoder's has an associated utf-8 code point, utf-8
- // bytes seen, and utf-8 bytes needed (all initially 0), a utf-8
- // lower boundary (initially 0x80), and a utf-8 upper boundary
- // (initially 0xBF).
- var /** @type {number} */ utf8_code_point = 0,
- /** @type {number} */ utf8_bytes_seen = 0,
- /** @type {number} */ utf8_bytes_needed = 0,
- /** @type {number} */ utf8_lower_boundary = 0x80,
- /** @type {number} */ utf8_upper_boundary = 0xBF;
- /**
- * @param {Stream} stream The stream of bytes being decoded.
- * @param {number} bite The next byte read from the stream.
- * @return {?(number|!Array.<number>)} The next code point(s)
- * decoded, or null if not enough data exists in the input
- * stream to decode a complete code point.
- */
- this.handler = function(stream, bite) {
- // 1. If byte is end-of-stream and utf-8 bytes needed is not 0,
- // set utf-8 bytes needed to 0 and return error.
- if (bite === end_of_stream && utf8_bytes_needed !== 0) {
- utf8_bytes_needed = 0;
- return decoderError(fatal);
- }
- // 2. If byte is end-of-stream, return finished.
- if (bite === end_of_stream)
- return finished;
- // 3. If utf-8 bytes needed is 0, based on byte:
- if (utf8_bytes_needed === 0) {
- // 0x00 to 0x7F
- if (inRange(bite, 0x00, 0x7F)) {
- // Return a code point whose value is byte.
- return bite;
- }
- // 0xC2 to 0xDF
- if (inRange(bite, 0xC2, 0xDF)) {
- // Set utf-8 bytes needed to 1 and utf-8 code point to byte
- // − 0xC0.
- utf8_bytes_needed = 1;
- utf8_code_point = bite - 0xC0;
- }
- // 0xE0 to 0xEF
- else if (inRange(bite, 0xE0, 0xEF)) {
- // 1. If byte is 0xE0, set utf-8 lower boundary to 0xA0.
- if (bite === 0xE0)
- utf8_lower_boundary = 0xA0;
- // 2. If byte is 0xED, set utf-8 upper boundary to 0x9F.
- if (bite === 0xED)
- utf8_upper_boundary = 0x9F;
- // 3. Set utf-8 bytes needed to 2 and utf-8 code point to
- // byte − 0xE0.
- utf8_bytes_needed = 2;
- utf8_code_point = bite - 0xE0;
- }
- // 0xF0 to 0xF4
- else if (inRange(bite, 0xF0, 0xF4)) {
- // 1. If byte is 0xF0, set utf-8 lower boundary to 0x90.
- if (bite === 0xF0)
- utf8_lower_boundary = 0x90;
- // 2. If byte is 0xF4, set utf-8 upper boundary to 0x8F.
- if (bite === 0xF4)
- utf8_upper_boundary = 0x8F;
- // 3. Set utf-8 bytes needed to 3 and utf-8 code point to
- // byte − 0xF0.
- utf8_bytes_needed = 3;
- utf8_code_point = bite - 0xF0;
- }
- // Otherwise
- else {
- // Return error.
- return decoderError(fatal);
- }
- // Then (byte is in the range 0xC2 to 0xF4) set utf-8 code
- // point to utf-8 code point << (6 × utf-8 bytes needed) and
- // return continue.
- utf8_code_point = utf8_code_point << (6 * utf8_bytes_needed);
- return null;
- }
- // 4. If byte is not in the range utf-8 lower boundary to utf-8
- // upper boundary, run these substeps:
- if (!inRange(bite, utf8_lower_boundary, utf8_upper_boundary)) {
- // 1. Set utf-8 code point, utf-8 bytes needed, and utf-8
- // bytes seen to 0, set utf-8 lower boundary to 0x80, and set
- // utf-8 upper boundary to 0xBF.
- utf8_code_point = utf8_bytes_needed = utf8_bytes_seen = 0;
- utf8_lower_boundary = 0x80;
- utf8_upper_boundary = 0xBF;
- // 2. Prepend byte to stream.
- stream.prepend(bite);
- // 3. Return error.
- return decoderError(fatal);
- }
- // 5. Set utf-8 lower boundary to 0x80 and utf-8 upper boundary
- // to 0xBF.
- utf8_lower_boundary = 0x80;
- utf8_upper_boundary = 0xBF;
- // 6. Increase utf-8 bytes seen by one and set utf-8 code point
- // to utf-8 code point + (byte − 0x80) << (6 × (utf-8 bytes
- // needed − utf-8 bytes seen)).
- utf8_bytes_seen += 1;
- utf8_code_point += (bite - 0x80) << (6 * (utf8_bytes_needed - utf8_bytes_seen));
- // 7. If utf-8 bytes seen is not equal to utf-8 bytes needed,
- // continue.
- if (utf8_bytes_seen !== utf8_bytes_needed)
- return null;
- // 8. Let code point be utf-8 code point.
- var code_point = utf8_code_point;
- // 9. Set utf-8 code point, utf-8 bytes needed, and utf-8 bytes
- // seen to 0.
- utf8_code_point = utf8_bytes_needed = utf8_bytes_seen = 0;
- // 10. Return a code point whose value is code point.
- return code_point;
- };
- }
- /**
- * @constructor
- * @implements {Encoder}
- * @param {{fatal: boolean}} options
- */
- function UTF8Encoder(options) {
- var fatal = options.fatal;
- /**
- * @param {Stream} stream Input stream.
- * @param {number} code_point Next code point read from the stream.
- * @return {(number|!Array.<number>)} Byte(s) to emit.
- */
- this.handler = function(stream, code_point) {
- // 1. If code point is end-of-stream, return finished.
- if (code_point === end_of_stream)
- return finished;
- // 2. If code point is in the range U+0000 to U+007F, return a
- // byte whose value is code point.
- if (inRange(code_point, 0x0000, 0x007f))
- return code_point;
- // 3. Set count and offset based on the range code point is in:
- var count, offset;
- // U+0080 to U+07FF: 1 and 0xC0
- if (inRange(code_point, 0x0080, 0x07FF)) {
- count = 1;
- offset = 0xC0;
- }
- // U+0800 to U+FFFF: 2 and 0xE0
- else if (inRange(code_point, 0x0800, 0xFFFF)) {
- count = 2;
- offset = 0xE0;
- }
- // U+10000 to U+10FFFF: 3 and 0xF0
- else if (inRange(code_point, 0x10000, 0x10FFFF)) {
- count = 3;
- offset = 0xF0;
- }
- // 4.Let bytes be a byte sequence whose first byte is (code
- // point >> (6 × count)) + offset.
- var bytes = [(code_point >> (6 * count)) + offset];
- // 5. Run these substeps while count is greater than 0:
- while (count > 0) {
- // 1. Set temp to code point >> (6 × (count − 1)).
- var temp = code_point >> (6 * (count - 1));
- // 2. Append to bytes 0x80 | (temp & 0x3F).
- bytes.push(0x80 | (temp & 0x3F));
- // 3. Decrease count by one.
- count -= 1;
- }
- // 6. Return bytes bytes, in order.
- return bytes;
- };
- }
- exports.TextEncoder = TextEncoder;
- exports.TextDecoder = TextDecoder;
- },{}],72:[function(require,module,exports){
- /*jshint bitwise: false*/
- (function(nacl) {
- 'use strict';
- // Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.
- // Public domain.
- //
- // Implementation derived from TweetNaCl version 20140427.
- // See for details: http://tweetnacl.cr.yp.to/
- var gf = function(init) {
- var i, r = new Float64Array(16);
- if (init) for (i = 0; i < init.length; i++) r[i] = init[i];
- return r;
- };
- // Pluggable, initialized in high-level API below.
- var randombytes = function(/* x, n */) { throw new Error('no PRNG'); };
- var _9 = new Uint8Array(32); _9[0] = 9;
- var gf0 = gf(),
- gf1 = gf([1]),
- _121665 = gf([0xdb41, 1]),
- D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),
- D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),
- X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),
- Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),
- I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);
- function vn(x, xi, y, yi, n) {
- var i,d = 0;
- for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];
- return (1 & ((d - 1) >>> 8)) - 1;
- }
- function crypto_verify_32(x, xi, y, yi) {
- return vn(x,xi,y,yi,32);
- }
- function set25519(r, a) {
- var i;
- for (i = 0; i < 16; i++) r[i] = a[i]|0;
- }
- function car25519(o) {
- var i, v, c = 1;
- for (i = 0; i < 16; i++) {
- v = o[i] + c + 65535;
- c = Math.floor(v / 65536);
- o[i] = v - c * 65536;
- }
- o[0] += c-1 + 37 * (c-1);
- }
- function sel25519(p, q, b) {
- var t, c = ~(b-1);
- for (var i = 0; i < 16; i++) {
- t = c & (p[i] ^ q[i]);
- p[i] ^= t;
- q[i] ^= t;
- }
- }
- function pack25519(o, n) {
- var i, j, b;
- var m = gf(), t = gf();
- for (i = 0; i < 16; i++) t[i] = n[i];
- car25519(t);
- car25519(t);
- car25519(t);
- for (j = 0; j < 2; j++) {
- m[0] = t[0] - 0xffed;
- for (i = 1; i < 15; i++) {
- m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);
- m[i-1] &= 0xffff;
- }
- m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);
- b = (m[15]>>16) & 1;
- m[14] &= 0xffff;
- sel25519(t, m, 1-b);
- }
- for (i = 0; i < 16; i++) {
- o[2*i] = t[i] & 0xff;
- o[2*i+1] = t[i]>>8;
- }
- }
- function neq25519(a, b) {
- var c = new Uint8Array(32), d = new Uint8Array(32);
- pack25519(c, a);
- pack25519(d, b);
- return crypto_verify_32(c, 0, d, 0);
- }
- function par25519(a) {
- var d = new Uint8Array(32);
- pack25519(d, a);
- return d[0] & 1;
- }
- function unpack25519(o, n) {
- var i;
- for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);
- o[15] &= 0x7fff;
- }
- function A(o, a, b) {
- for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];
- }
- function Z(o, a, b) {
- for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];
- }
- function M(o, a, b) {
- var v, c,
- t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0,
- t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,
- t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,
- t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,
- b0 = b[0],
- b1 = b[1],
- b2 = b[2],
- b3 = b[3],
- b4 = b[4],
- b5 = b[5],
- b6 = b[6],
- b7 = b[7],
- b8 = b[8],
- b9 = b[9],
- b10 = b[10],
- b11 = b[11],
- b12 = b[12],
- b13 = b[13],
- b14 = b[14],
- b15 = b[15];
- v = a[0];
- t0 += v * b0;
- t1 += v * b1;
- t2 += v * b2;
- t3 += v * b3;
- t4 += v * b4;
- t5 += v * b5;
- t6 += v * b6;
- t7 += v * b7;
- t8 += v * b8;
- t9 += v * b9;
- t10 += v * b10;
- t11 += v * b11;
- t12 += v * b12;
- t13 += v * b13;
- t14 += v * b14;
- t15 += v * b15;
- v = a[1];
- t1 += v * b0;
- t2 += v * b1;
- t3 += v * b2;
- t4 += v * b3;
- t5 += v * b4;
- t6 += v * b5;
- t7 += v * b6;
- t8 += v * b7;
- t9 += v * b8;
- t10 += v * b9;
- t11 += v * b10;
- t12 += v * b11;
- t13 += v * b12;
- t14 += v * b13;
- t15 += v * b14;
- t16 += v * b15;
- v = a[2];
- t2 += v * b0;
- t3 += v * b1;
- t4 += v * b2;
- t5 += v * b3;
- t6 += v * b4;
- t7 += v * b5;
- t8 += v * b6;
- t9 += v * b7;
- t10 += v * b8;
- t11 += v * b9;
- t12 += v * b10;
- t13 += v * b11;
- t14 += v * b12;
- t15 += v * b13;
- t16 += v * b14;
- t17 += v * b15;
- v = a[3];
- t3 += v * b0;
- t4 += v * b1;
- t5 += v * b2;
- t6 += v * b3;
- t7 += v * b4;
- t8 += v * b5;
- t9 += v * b6;
- t10 += v * b7;
- t11 += v * b8;
- t12 += v * b9;
- t13 += v * b10;
- t14 += v * b11;
- t15 += v * b12;
- t16 += v * b13;
- t17 += v * b14;
- t18 += v * b15;
- v = a[4];
- t4 += v * b0;
- t5 += v * b1;
- t6 += v * b2;
- t7 += v * b3;
- t8 += v * b4;
- t9 += v * b5;
- t10 += v * b6;
- t11 += v * b7;
- t12 += v * b8;
- t13 += v * b9;
- t14 += v * b10;
- t15 += v * b11;
- t16 += v * b12;
- t17 += v * b13;
- t18 += v * b14;
- t19 += v * b15;
- v = a[5];
- t5 += v * b0;
- t6 += v * b1;
- t7 += v * b2;
- t8 += v * b3;
- t9 += v * b4;
- t10 += v * b5;
- t11 += v * b6;
- t12 += v * b7;
- t13 += v * b8;
- t14 += v * b9;
- t15 += v * b10;
- t16 += v * b11;
- t17 += v * b12;
- t18 += v * b13;
- t19 += v * b14;
- t20 += v * b15;
- v = a[6];
- t6 += v * b0;
- t7 += v * b1;
- t8 += v * b2;
- t9 += v * b3;
- t10 += v * b4;
- t11 += v * b5;
- t12 += v * b6;
- t13 += v * b7;
- t14 += v * b8;
- t15 += v * b9;
- t16 += v * b10;
- t17 += v * b11;
- t18 += v * b12;
- t19 += v * b13;
- t20 += v * b14;
- t21 += v * b15;
- v = a[7];
- t7 += v * b0;
- t8 += v * b1;
- t9 += v * b2;
- t10 += v * b3;
- t11 += v * b4;
- t12 += v * b5;
- t13 += v * b6;
- t14 += v * b7;
- t15 += v * b8;
- t16 += v * b9;
- t17 += v * b10;
- t18 += v * b11;
- t19 += v * b12;
- t20 += v * b13;
- t21 += v * b14;
- t22 += v * b15;
- v = a[8];
- t8 += v * b0;
- t9 += v * b1;
- t10 += v * b2;
- t11 += v * b3;
- t12 += v * b4;
- t13 += v * b5;
- t14 += v * b6;
- t15 += v * b7;
- t16 += v * b8;
- t17 += v * b9;
- t18 += v * b10;
- t19 += v * b11;
- t20 += v * b12;
- t21 += v * b13;
- t22 += v * b14;
- t23 += v * b15;
- v = a[9];
- t9 += v * b0;
- t10 += v * b1;
- t11 += v * b2;
- t12 += v * b3;
- t13 += v * b4;
- t14 += v * b5;
- t15 += v * b6;
- t16 += v * b7;
- t17 += v * b8;
- t18 += v * b9;
- t19 += v * b10;
- t20 += v * b11;
- t21 += v * b12;
- t22 += v * b13;
- t23 += v * b14;
- t24 += v * b15;
- v = a[10];
- t10 += v * b0;
- t11 += v * b1;
- t12 += v * b2;
- t13 += v * b3;
- t14 += v * b4;
- t15 += v * b5;
- t16 += v * b6;
- t17 += v * b7;
- t18 += v * b8;
- t19 += v * b9;
- t20 += v * b10;
- t21 += v * b11;
- t22 += v * b12;
- t23 += v * b13;
- t24 += v * b14;
- t25 += v * b15;
- v = a[11];
- t11 += v * b0;
- t12 += v * b1;
- t13 += v * b2;
- t14 += v * b3;
- t15 += v * b4;
- t16 += v * b5;
- t17 += v * b6;
- t18 += v * b7;
- t19 += v * b8;
- t20 += v * b9;
- t21 += v * b10;
- t22 += v * b11;
- t23 += v * b12;
- t24 += v * b13;
- t25 += v * b14;
- t26 += v * b15;
- v = a[12];
- t12 += v * b0;
- t13 += v * b1;
- t14 += v * b2;
- t15 += v * b3;
- t16 += v * b4;
- t17 += v * b5;
- t18 += v * b6;
- t19 += v * b7;
- t20 += v * b8;
- t21 += v * b9;
- t22 += v * b10;
- t23 += v * b11;
- t24 += v * b12;
- t25 += v * b13;
- t26 += v * b14;
- t27 += v * b15;
- v = a[13];
- t13 += v * b0;
- t14 += v * b1;
- t15 += v * b2;
- t16 += v * b3;
- t17 += v * b4;
- t18 += v * b5;
- t19 += v * b6;
- t20 += v * b7;
- t21 += v * b8;
- t22 += v * b9;
- t23 += v * b10;
- t24 += v * b11;
- t25 += v * b12;
- t26 += v * b13;
- t27 += v * b14;
- t28 += v * b15;
- v = a[14];
- t14 += v * b0;
- t15 += v * b1;
- t16 += v * b2;
- t17 += v * b3;
- t18 += v * b4;
- t19 += v * b5;
- t20 += v * b6;
- t21 += v * b7;
- t22 += v * b8;
- t23 += v * b9;
- t24 += v * b10;
- t25 += v * b11;
- t26 += v * b12;
- t27 += v * b13;
- t28 += v * b14;
- t29 += v * b15;
- v = a[15];
- t15 += v * b0;
- t16 += v * b1;
- t17 += v * b2;
- t18 += v * b3;
- t19 += v * b4;
- t20 += v * b5;
- t21 += v * b6;
- t22 += v * b7;
- t23 += v * b8;
- t24 += v * b9;
- t25 += v * b10;
- t26 += v * b11;
- t27 += v * b12;
- t28 += v * b13;
- t29 += v * b14;
- t30 += v * b15;
- t0 += 38 * t16;
- t1 += 38 * t17;
- t2 += 38 * t18;
- t3 += 38 * t19;
- t4 += 38 * t20;
- t5 += 38 * t21;
- t6 += 38 * t22;
- t7 += 38 * t23;
- t8 += 38 * t24;
- t9 += 38 * t25;
- t10 += 38 * t26;
- t11 += 38 * t27;
- t12 += 38 * t28;
- t13 += 38 * t29;
- t14 += 38 * t30;
- // t15 left as is
- // first car
- c = 1;
- v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;
- v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;
- v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;
- v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;
- v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;
- v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;
- v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;
- v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;
- v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;
- v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;
- v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;
- v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;
- v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;
- v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;
- v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;
- v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;
- t0 += c-1 + 37 * (c-1);
- // second car
- c = 1;
- v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;
- v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;
- v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;
- v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;
- v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;
- v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;
- v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;
- v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;
- v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;
- v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;
- v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;
- v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;
- v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;
- v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;
- v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;
- v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;
- t0 += c-1 + 37 * (c-1);
- o[ 0] = t0;
- o[ 1] = t1;
- o[ 2] = t2;
- o[ 3] = t3;
- o[ 4] = t4;
- o[ 5] = t5;
- o[ 6] = t6;
- o[ 7] = t7;
- o[ 8] = t8;
- o[ 9] = t9;
- o[10] = t10;
- o[11] = t11;
- o[12] = t12;
- o[13] = t13;
- o[14] = t14;
- o[15] = t15;
- }
- function S(o, a) {
- M(o, a, a);
- }
- function inv25519(o, i) {
- var c = gf();
- var a;
- for (a = 0; a < 16; a++) c[a] = i[a];
- for (a = 253; a >= 0; a--) {
- S(c, c);
- if(a !== 2 && a !== 4) M(c, c, i);
- }
- for (a = 0; a < 16; a++) o[a] = c[a];
- }
- function pow2523(o, i) {
- var c = gf();
- var a;
- for (a = 0; a < 16; a++) c[a] = i[a];
- for (a = 250; a >= 0; a--) {
- S(c, c);
- if(a !== 1) M(c, c, i);
- }
- for (a = 0; a < 16; a++) o[a] = c[a];
- }
- function crypto_scalarmult(q, n, p) {
- var z = new Uint8Array(32);
- var x = new Float64Array(80), r, i;
- var a = gf(), b = gf(), c = gf(),
- d = gf(), e = gf(), f = gf();
- for (i = 0; i < 31; i++) z[i] = n[i];
- z[31]=(n[31]&127)|64;
- z[0]&=248;
- unpack25519(x,p);
- for (i = 0; i < 16; i++) {
- b[i]=x[i];
- d[i]=a[i]=c[i]=0;
- }
- a[0]=d[0]=1;
- for (i=254; i>=0; --i) {
- r=(z[i>>>3]>>>(i&7))&1;
- sel25519(a,b,r);
- sel25519(c,d,r);
- A(e,a,c);
- Z(a,a,c);
- A(c,b,d);
- Z(b,b,d);
- S(d,e);
- S(f,a);
- M(a,c,a);
- M(c,b,e);
- A(e,a,c);
- Z(a,a,c);
- S(b,a);
- Z(c,d,f);
- M(a,c,_121665);
- A(a,a,d);
- M(c,c,a);
- M(a,d,f);
- M(d,b,x);
- S(b,e);
- sel25519(a,b,r);
- sel25519(c,d,r);
- }
- for (i = 0; i < 16; i++) {
- x[i+16]=a[i];
- x[i+32]=c[i];
- x[i+48]=b[i];
- x[i+64]=d[i];
- }
- var x32 = x.subarray(32);
- var x16 = x.subarray(16);
- inv25519(x32,x32);
- M(x16,x16,x32);
- pack25519(q,x16);
- return 0;
- }
- function crypto_scalarmult_base(q, n) {
- return crypto_scalarmult(q, n, _9);
- }
- function crypto_box_keypair(y, x) {
- randombytes(x, 32);
- return crypto_scalarmult_base(y, x);
- }
- function add(p, q) {
- var a = gf(), b = gf(), c = gf(),
- d = gf(), e = gf(), f = gf(),
- g = gf(), h = gf(), t = gf();
- Z(a, p[1], p[0]);
- Z(t, q[1], q[0]);
- M(a, a, t);
- A(b, p[0], p[1]);
- A(t, q[0], q[1]);
- M(b, b, t);
- M(c, p[3], q[3]);
- M(c, c, D2);
- M(d, p[2], q[2]);
- A(d, d, d);
- Z(e, b, a);
- Z(f, d, c);
- A(g, d, c);
- A(h, b, a);
- M(p[0], e, f);
- M(p[1], h, g);
- M(p[2], g, f);
- M(p[3], e, h);
- }
- function cswap(p, q, b) {
- var i;
- for (i = 0; i < 4; i++) {
- sel25519(p[i], q[i], b);
- }
- }
- function pack(r, p) {
- var tx = gf(), ty = gf(), zi = gf();
- inv25519(zi, p[2]);
- M(tx, p[0], zi);
- M(ty, p[1], zi);
- pack25519(r, ty);
- r[31] ^= par25519(tx) << 7;
- }
- function scalarmult(p, q, s) {
- var b, i;
- set25519(p[0], gf0);
- set25519(p[1], gf1);
- set25519(p[2], gf1);
- set25519(p[3], gf0);
- for (i = 255; i >= 0; --i) {
- b = (s[(i/8)|0] >> (i&7)) & 1;
- cswap(p, q, b);
- add(q, p);
- add(p, p);
- cswap(p, q, b);
- }
- }
- function scalarbase(p, s) {
- var q = [gf(), gf(), gf(), gf()];
- set25519(q[0], X);
- set25519(q[1], Y);
- set25519(q[2], gf1);
- M(q[3], X, Y);
- scalarmult(p, q, s);
- }
- function crypto_sign_keypair(pk, sk, seeded) {
- var d;
- var p = [gf(), gf(), gf(), gf()];
- var i;
- if (!seeded) randombytes(sk, 32);
- d = nacl.hash(sk.subarray(0, 32));
- d[0] &= 248;
- d[31] &= 127;
- d[31] |= 64;
- scalarbase(p, d);
- pack(pk, p);
- for (i = 0; i < 32; i++) sk[i+32] = pk[i];
- return 0;
- }
- var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);
- function modL(r, x) {
- var carry, i, j, k;
- for (i = 63; i >= 32; --i) {
- carry = 0;
- for (j = i - 32, k = i - 12; j < k; ++j) {
- x[j] += carry - 16 * x[i] * L[j - (i - 32)];
- carry = (x[j] + 128) >> 8;
- x[j] -= carry * 256;
- }
- x[j] += carry;
- x[i] = 0;
- }
- carry = 0;
- for (j = 0; j < 32; j++) {
- x[j] += carry - (x[31] >> 4) * L[j];
- carry = x[j] >> 8;
- x[j] &= 255;
- }
- for (j = 0; j < 32; j++) x[j] -= carry * L[j];
- for (i = 0; i < 32; i++) {
- x[i+1] += x[i] >> 8;
- r[i] = x[i] & 255;
- }
- }
- function reduce(r) {
- var x = new Float64Array(64), i;
- for (i = 0; i < 64; i++) x[i] = r[i];
- for (i = 0; i < 64; i++) r[i] = 0;
- modL(r, x);
- }
- // Note: difference from C - smlen returned, not passed as argument.
- function crypto_sign(sm, m, n, sk) {
- var d, h, r;
- var i, j, x = new Float64Array(64);
- var p = [gf(), gf(), gf(), gf()];
- d = nacl.hash(sk.subarray(0, 32));
- d[0] &= 248;
- d[31] &= 127;
- d[31] |= 64;
- var smlen = n + 64;
- for (i = 0; i < n; i++) sm[64 + i] = m[i];
- for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];
- r = nacl.hash(sm.subarray(32, smlen));
- reduce(r);
- scalarbase(p, r);
- pack(sm, p);
- for (i = 32; i < 64; i++) sm[i] = sk[i];
- h = nacl.hash(sm.subarray(0, smlen));
- reduce(h);
- for (i = 0; i < 64; i++) x[i] = 0;
- for (i = 0; i < 32; i++) x[i] = r[i];
- for (i = 0; i < 32; i++) {
- for (j = 0; j < 32; j++) {
- x[i+j] += h[i] * d[j];
- }
- }
- modL(sm.subarray(32), x);
- return smlen;
- }
- function unpackneg(r, p) {
- var t = gf(), chk = gf(), num = gf(),
- den = gf(), den2 = gf(), den4 = gf(),
- den6 = gf();
- set25519(r[2], gf1);
- unpack25519(r[1], p);
- S(num, r[1]);
- M(den, num, D);
- Z(num, num, r[2]);
- A(den, r[2], den);
- S(den2, den);
- S(den4, den2);
- M(den6, den4, den2);
- M(t, den6, num);
- M(t, t, den);
- pow2523(t, t);
- M(t, t, num);
- M(t, t, den);
- M(t, t, den);
- M(r[0], t, den);
- S(chk, r[0]);
- M(chk, chk, den);
- if (neq25519(chk, num)) M(r[0], r[0], I);
- S(chk, r[0]);
- M(chk, chk, den);
- if (neq25519(chk, num)) return -1;
- if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);
- M(r[3], r[0], r[1]);
- return 0;
- }
- function crypto_sign_open(m, sm, n, pk) {
- var i, mlen;
- var t = new Uint8Array(32), h;
- var p = [gf(), gf(), gf(), gf()],
- q = [gf(), gf(), gf(), gf()];
- mlen = -1;
- if (n < 64) return -1;
- if (unpackneg(q, pk)) return -1;
- for (i = 0; i < n; i++) m[i] = sm[i];
- for (i = 0; i < 32; i++) m[i+32] = pk[i];
- h = nacl.hash(m.subarray(0, n));
- reduce(h);
- scalarmult(p, q, h);
- scalarbase(q, sm.subarray(32));
- add(p, q);
- pack(t, p);
- n -= 64;
- if (crypto_verify_32(sm, 0, t, 0)) {
- for (i = 0; i < n; i++) m[i] = 0;
- return -1;
- }
- for (i = 0; i < n; i++) m[i] = sm[i + 64];
- mlen = n;
- return mlen;
- }
- var crypto_scalarmult_BYTES = 32,
- crypto_scalarmult_SCALARBYTES = 32,
- crypto_box_PUBLICKEYBYTES = 32,
- crypto_box_SECRETKEYBYTES = 32,
- crypto_sign_BYTES = 64,
- crypto_sign_PUBLICKEYBYTES = 32,
- crypto_sign_SECRETKEYBYTES = 64,
- crypto_sign_SEEDBYTES = 32;
- function checkArrayTypes() {
- for (var i = 0; i < arguments.length; i++) {
- if (!(arguments[i] instanceof Uint8Array))
- throw new TypeError('unexpected type, use Uint8Array');
- }
- }
- function cleanup(arr) {
- for (var i = 0; i < arr.length; i++) arr[i] = 0;
- }
- nacl.scalarMult = function(n, p) {
- checkArrayTypes(n, p);
- if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');
- if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');
- var q = new Uint8Array(crypto_scalarmult_BYTES);
- crypto_scalarmult(q, n, p);
- return q;
- };
- nacl.box = {};
- nacl.box.keyPair = function() {
- var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
- var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);
- crypto_box_keypair(pk, sk);
- return {publicKey: pk, secretKey: sk};
- };
- nacl.box.keyPair.fromSecretKey = function(secretKey) {
- checkArrayTypes(secretKey);
- if (secretKey.length !== crypto_box_SECRETKEYBYTES)
- throw new Error('bad secret key size');
- var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
- crypto_scalarmult_base(pk, secretKey);
- return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
- };
- nacl.sign = function(msg, secretKey) {
- checkArrayTypes(msg, secretKey);
- if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
- throw new Error('bad secret key size');
- var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);
- crypto_sign(signedMsg, msg, msg.length, secretKey);
- return signedMsg;
- };
- nacl.sign.detached = function(msg, secretKey) {
- var signedMsg = nacl.sign(msg, secretKey);
- var sig = new Uint8Array(crypto_sign_BYTES);
- for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];
- return sig;
- };
- nacl.sign.detached.verify = function(msg, sig, publicKey) {
- checkArrayTypes(msg, sig, publicKey);
- if (sig.length !== crypto_sign_BYTES)
- throw new Error('bad signature size');
- if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)
- throw new Error('bad public key size');
- var sm = new Uint8Array(crypto_sign_BYTES + msg.length);
- var m = new Uint8Array(crypto_sign_BYTES + msg.length);
- var i;
- for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];
- for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];
- return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);
- };
- nacl.sign.keyPair = function() {
- var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
- var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
- crypto_sign_keypair(pk, sk);
- return {publicKey: pk, secretKey: sk};
- };
- nacl.sign.keyPair.fromSecretKey = function(secretKey) {
- checkArrayTypes(secretKey);
- if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
- throw new Error('bad secret key size');
- var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
- for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];
- return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
- };
- nacl.sign.keyPair.fromSeed = function(seed) {
- checkArrayTypes(seed);
- if (seed.length !== crypto_sign_SEEDBYTES)
- throw new Error('bad seed size');
- var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
- var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
- for (var i = 0; i < 32; i++) sk[i] = seed[i];
- crypto_sign_keypair(pk, sk, true);
- return {publicKey: pk, secretKey: sk};
- };
- nacl.setPRNG = function(fn) {
- randombytes = fn;
- };
- (function() {
- // Initialize PRNG if environment provides CSPRNG.
- // If not, methods calling randombytes will throw.
- var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;
- if (crypto && crypto.getRandomValues) {
- // Browsers.
- var QUOTA = 65536;
- nacl.setPRNG(function(x, n) {
- var i, v = new Uint8Array(n);
- for (i = 0; i < n; i += QUOTA) {
- crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
- }
- for (i = 0; i < n; i++) x[i] = v[i];
- cleanup(v);
- });
- } else if (typeof require !== 'undefined') {
- // Node.js.
- crypto = require('crypto');
- if (crypto && crypto.randomBytes) {
- nacl.setPRNG(function(x, n) {
- var i, v = crypto.randomBytes(n);
- for (i = 0; i < n; i++) x[i] = v[i];
- cleanup(v);
- });
- }
- }
- })();
- })(typeof module !== 'undefined' && module.exports ? module.exports : (self.nacl = self.nacl || {}));
- },{"crypto":"crypto"}],73:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.webToNode = exports.nodeToWeb = undefined;
- var _util = require('./util');
- var _streams = require('./streams');
- var _streams2 = _interopRequireDefault(_streams);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const NodeReadableStream = _util.isNode && require('stream').Readable;
- /**
- * Web / node stream conversion functions
- * From https://github.com/gwicke/node-web-streams
- */
- let nodeToWeb;
- let webToNode;
- if (NodeReadableStream) {
- /**
- * Convert a Node Readable Stream to a Web ReadableStream
- * @param {Readable} nodeStream
- * @returns {ReadableStream}
- */
- exports.nodeToWeb = nodeToWeb = function nodeToWeb(nodeStream) {
- return new ReadableStream({
- start(controller) {
- nodeStream.pause();
- nodeStream.on('data', chunk => {
- controller.enqueue(chunk);
- nodeStream.pause();
- });
- nodeStream.on('end', () => controller.close());
- nodeStream.on('error', e => controller.error(e));
- },
- pull() {
- nodeStream.resume();
- },
- cancel(reason) {
- nodeStream.pause();
- if (nodeStream.cancel) {
- return nodeStream.cancel(reason);
- }
- }
- });
- };
- class NodeReadable extends NodeReadableStream {
- constructor(webStream, options) {
- super(options);
- this._webStream = webStream;
- this._reader = _streams2.default.getReader(webStream);
- this._reading = false;
- this._doneReadingPromise = Promise.resolve();
- this._cancelling = false;
- }
- _read(size) {
- if (this._reading || this._cancelling) {
- return;
- }
- this._reading = true;
- const doRead = async () => {
- try {
- while (true) {
- var _ref = await this._reader.read();
- const done = _ref.done,
- value = _ref.value;
- if (done) {
- this.push(null);
- break;
- }
- if (!this.push(value) || this._cancelling) {
- this._reading = false;
- break;
- }
- }
- } catch (e) {
- this.emit('error', e);
- }
- };
- this._doneReadingPromise = doRead();
- }
- async cancel(reason) {
- this._cancelling = true;
- await this._doneReadingPromise;
- this._reader.releaseLock();
- return this._webStream.cancel(reason);
- }
- }
- /**
- * Convert a Web ReadableStream to a Node Readable Stream
- * @param {ReadableStream} webStream
- * @returns {Readable}
- */
- exports.webToNode = webToNode = function webToNode(webStream) {
- return new NodeReadable(webStream);
- };
- }
- exports.nodeToWeb = nodeToWeb;
- exports.webToNode = webToNode;
- },{"./streams":75,"./util":76,"stream":"stream"}],74:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.externalBuffer = exports.Reader = undefined;
- var _streams = require('./streams');
- var _streams2 = _interopRequireDefault(_streams);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const doneReadingSet = new WeakSet();
- const externalBuffer = Symbol('externalBuffer');
- /**
- * A wrapper class over the native ReadableStreamDefaultReader.
- * This additionally implements pushing back data on the stream, which
- * lets us implement peeking and a host of convenience functions.
- * It also lets you read data other than streams, such as a Uint8Array.
- * @class
- */
- function Reader(input) {
- this.stream = input;
- if (input[externalBuffer]) {
- this[externalBuffer] = input[externalBuffer].slice();
- }
- let streamType = _streams2.default.isStream(input);
- if (streamType === 'node') {
- input = _streams2.default.nodeToWeb(input);
- }
- if (streamType) {
- const reader = input.getReader();
- this._read = reader.read.bind(reader);
- this._releaseLock = () => {
- reader.closed.catch(function () {});
- reader.releaseLock();
- };
- return;
- }
- let doneReading = false;
- this._read = async () => {
- if (doneReading || doneReadingSet.has(input)) {
- return { value: undefined, done: true };
- }
- doneReading = true;
- return { value: input, done: false };
- };
- this._releaseLock = () => {
- if (doneReading) {
- try {
- doneReadingSet.add(input);
- } catch (e) {}
- }
- };
- }
- /**
- * Read a chunk of data.
- * @returns {Promise<Object>} Either { done: false, value: Uint8Array | String } or { done: true, value: undefined }
- * @async
- */
- Reader.prototype.read = async function () {
- if (this[externalBuffer] && this[externalBuffer].length) {
- const value = this[externalBuffer].shift();
- return { done: false, value };
- }
- return this._read();
- };
- /**
- * Allow others to read the stream.
- */
- Reader.prototype.releaseLock = function () {
- if (this[externalBuffer]) {
- this.stream[externalBuffer] = this[externalBuffer];
- }
- this._releaseLock();
- };
- /**
- * Read up to and including the first \n character.
- * @returns {Promise<String|Undefined>}
- * @async
- */
- Reader.prototype.readLine = async function () {
- let buffer = [];
- let returnVal;
- while (!returnVal) {
- var _ref = await this.read();
- let done = _ref.done,
- value = _ref.value;
- value += '';
- if (done) {
- if (buffer.length) return _streams2.default.concat(buffer);
- return;
- }
- const lineEndIndex = value.indexOf('\n') + 1;
- if (lineEndIndex) {
- returnVal = _streams2.default.concat(buffer.concat(value.substr(0, lineEndIndex)));
- buffer = [];
- }
- if (lineEndIndex !== value.length) {
- buffer.push(value.substr(lineEndIndex));
- }
- }
- this.unshift(...buffer);
- return returnVal;
- };
- /**
- * Read a single byte/character.
- * @returns {Promise<Number|String|Undefined>}
- * @async
- */
- Reader.prototype.readByte = async function () {
- var _ref2 = await this.read();
- const done = _ref2.done,
- value = _ref2.value;
- if (done) return;
- const byte = value[0];
- this.unshift(_streams2.default.slice(value, 1));
- return byte;
- };
- /**
- * Read a specific amount of bytes/characters, unless the stream ends before that amount.
- * @returns {Promise<Uint8Array|String|Undefined>}
- * @async
- */
- Reader.prototype.readBytes = async function (length) {
- const buffer = [];
- let bufferLength = 0;
- while (true) {
- var _ref3 = await this.read();
- const done = _ref3.done,
- value = _ref3.value;
- if (done) {
- if (buffer.length) return _streams2.default.concat(buffer);
- return;
- }
- buffer.push(value);
- bufferLength += value.length;
- if (bufferLength >= length) {
- const bufferConcat = _streams2.default.concat(buffer);
- this.unshift(_streams2.default.slice(bufferConcat, length));
- return _streams2.default.slice(bufferConcat, 0, length);
- }
- }
- };
- /**
- * Peek (look ahead) a specific amount of bytes/characters, unless the stream ends before that amount.
- * @returns {Promise<Uint8Array|String|Undefined>}
- * @async
- */
- Reader.prototype.peekBytes = async function (length) {
- const bytes = await this.readBytes(length);
- this.unshift(bytes);
- return bytes;
- };
- /**
- * Push data to the front of the stream.
- * @param {...(Uint8Array|String|Undefined)} values
- */
- Reader.prototype.unshift = function (...values) {
- if (!this[externalBuffer]) {
- this[externalBuffer] = [];
- }
- this[externalBuffer].unshift(...values.filter(value => value && value.length));
- };
- /**
- * Read the stream to the end and return its contents, concatenated by the join function (defaults to streams.concat).
- * @param {Function} join
- * @returns {Promise<Uint8array|String|Any>} the return value of join()
- * @async
- */
- Reader.prototype.readToEnd = async function (join = _streams2.default.concat) {
- const result = [];
- while (true) {
- var _ref4 = await this.read();
- const done = _ref4.done,
- value = _ref4.value;
- if (done) break;
- result.push(value);
- }
- return join(result);
- };
- exports.Reader = Reader;
- exports.externalBuffer = externalBuffer;
- },{"./streams":75}],75:[function(require,module,exports){
- (function (process){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('./util');
- var _nodeConversions = require('./node-conversions');
- var _reader = require('./reader');
- const NodeBuffer = _util.isNode && require('buffer').Buffer;
- /**
- * Convert data to Stream
- * @param {ReadableStream|Uint8array|String} input data to convert
- * @returns {ReadableStream} Converted data
- */
- function toStream(input) {
- let streamType = (0, _util.isStream)(input);
- if (streamType === 'node') {
- return (0, _nodeConversions.nodeToWeb)(input);
- } else if (streamType) {
- return input;
- }
- return new ReadableStream({
- start(controller) {
- controller.enqueue(input);
- controller.close();
- }
- });
- }
- /**
- * Concat a list of Uint8Arrays, Strings or Streams
- * The caller should not mix Uint8Arrays with Strings, but may mix Streams with non-Streams.
- * @param {Array<Uint8array|String|ReadableStream>} Array of Uint8Arrays/Strings/Streams to concatenate
- * @returns {Uint8array|String|ReadableStream} Concatenated array
- */
- function concat(list) {
- if (list.some(_util.isStream)) {
- return concatStream(list);
- }
- if (typeof list[0] === 'string') {
- return list.join('');
- }
- if (NodeBuffer && NodeBuffer.isBuffer(list[0])) {
- return NodeBuffer.concat(list);
- }
- return (0, _util.concatUint8Array)(list);
- }
- /**
- * Concat a list of Streams
- * @param {Array<ReadableStream|Uint8array|String>} list Array of Uint8Arrays/Strings/Streams to concatenate
- * @returns {ReadableStream} Concatenated list
- */
- function concatStream(list) {
- list = list.map(toStream);
- const transform = transformWithCancel(async function (reason) {
- await Promise.all(transforms.map(stream => cancel(stream, reason)));
- });
- let prev = Promise.resolve();
- const transforms = list.map((stream, i) => transformPair(stream, (readable, writable) => {
- prev = prev.then(() => pipe(readable, transform.writable, {
- preventClose: i !== list.length - 1
- }));
- return prev;
- }));
- return transform.readable;
- }
- /**
- * Get a Reader
- * @param {ReadableStream|Uint8array|String} input
- * @returns {Reader}
- */
- function getReader(input) {
- return new _reader.Reader(input);
- }
- /**
- * Get a Writer
- * @param {WritableStream} input
- * @returns {WritableStreamDefaultWriter}
- */
- function getWriter(input) {
- const writer = input.getWriter();
- const releaseLock = writer.releaseLock;
- writer.releaseLock = () => {
- writer.closed.catch(function () {});
- releaseLock.call(writer);
- };
- return writer;
- }
- /**
- * Pipe a readable stream to a writable stream. Don't throw on input stream errors, but forward them to the output stream.
- * @param {ReadableStream|Uint8array|String} input
- * @param {WritableStream} target
- * @param {Object} (optional) options
- * @returns {Promise<undefined>} Promise indicating when piping has finished (input stream closed or errored)
- * @async
- */
- async function pipe(input, target, options) {
- input = toStream(input);
- try {
- if (input[_reader.externalBuffer]) {
- const writer = getWriter(target);
- for (let i = 0; i < input[_reader.externalBuffer].length; i++) {
- await writer.ready;
- await writer.write(input[_reader.externalBuffer][i]);
- }
- writer.releaseLock();
- }
- return await input.pipeTo(target, options);
- } catch (e) {}
- }
- /**
- * Pipe a readable stream through a transform stream.
- * @param {ReadableStream|Uint8array|String} input
- * @param {Object} (optional) options
- * @returns {ReadableStream} transformed stream
- */
- function transformRaw(input, options) {
- const transformStream = new TransformStream(options);
- pipe(input, transformStream.writable);
- return transformStream.readable;
- }
- /**
- * Create a cancelable TransformStream.
- * @param {Function} cancel
- * @returns {TransformStream}
- */
- function transformWithCancel(cancel) {
- let pulled = false;
- let backpressureChangePromiseResolve;
- let outputController;
- return {
- readable: new ReadableStream({
- start(controller) {
- outputController = controller;
- },
- pull() {
- if (backpressureChangePromiseResolve) {
- backpressureChangePromiseResolve();
- } else {
- pulled = true;
- }
- },
- cancel
- }, { highWaterMark: 0 }),
- writable: new WritableStream({
- write: async function write(chunk) {
- outputController.enqueue(chunk);
- if (!pulled) {
- await new Promise(resolve => {
- backpressureChangePromiseResolve = resolve;
- });
- backpressureChangePromiseResolve = null;
- } else {
- pulled = false;
- }
- },
- close: outputController.close.bind(outputController),
- abort: outputController.error.bind(outputController)
- })
- };
- }
- /**
- * Transform a stream using helper functions which are called on each chunk, and on stream close, respectively.
- * @param {ReadableStream|Uint8array|String} input
- * @param {Function} process
- * @param {Function} finish
- * @returns {ReadableStream|Uint8array|String}
- */
- function transform(input, process = () => undefined, finish = () => undefined) {
- if ((0, _util.isStream)(input)) {
- return transformRaw(input, {
- async transform(value, controller) {
- try {
- const result = await process(value);
- if (result !== undefined) controller.enqueue(result);
- } catch (e) {
- controller.error(e);
- }
- },
- async flush(controller) {
- try {
- const result = await finish();
- if (result !== undefined) controller.enqueue(result);
- } catch (e) {
- controller.error(e);
- }
- }
- });
- }
- const result1 = process(input);
- const result2 = finish();
- if (result1 !== undefined && result2 !== undefined) return concat([result1, result2]);
- return result1 !== undefined ? result1 : result2;
- }
- /**
- * Transform a stream using a helper function which is passed a readable and a writable stream.
- * This function also maintains the possibility to cancel the input stream,
- * and does so on cancelation of the output stream, despite cancelation
- * normally being impossible when the input stream is being read from.
- * @param {ReadableStream|Uint8array|String} input
- * @param {Function} fn
- * @returns {ReadableStream}
- */
- function transformPair(input, fn) {
- let incomingTransformController;
- const incoming = new TransformStream({
- start(controller) {
- incomingTransformController = controller;
- }
- });
- const pipeDonePromise = pipe(input, incoming.writable);
- const outgoing = transformWithCancel(async function () {
- incomingTransformController.error(new Error('Readable side was canceled.'));
- await pipeDonePromise;
- await new Promise(setTimeout);
- });
- fn(incoming.readable, outgoing.writable);
- return outgoing.readable;
- }
- /**
- * Parse a stream using a helper function which is passed a Reader.
- * The reader additionally has a remainder() method which returns a
- * stream pointing to the remainder of input, and is linked to input
- * for cancelation.
- * @param {ReadableStream|Uint8array|String} input
- * @param {Function} fn
- * @returns {Any} the return value of fn()
- */
- function parse(input, fn) {
- let returnValue;
- const transformed = transformPair(input, (readable, writable) => {
- const reader = getReader(readable);
- reader.remainder = () => {
- reader.releaseLock();
- pipe(readable, writable);
- return transformed;
- };
- returnValue = fn(reader);
- });
- return returnValue;
- }
- /**
- * Tee a Stream for reading it twice. The input stream can no longer be read after tee()ing.
- * Reading either of the two returned streams will pull from the input stream.
- * The input stream will only be canceled if both of the returned streams are canceled.
- * @param {ReadableStream|Uint8array|String} input
- * @returns {Array<ReadableStream|Uint8array|String>} array containing two copies of input
- */
- function tee(input) {
- if ((0, _util.isStream)(input)) {
- const teed = toStream(input).tee();
- teed[0][_reader.externalBuffer] = teed[1][_reader.externalBuffer] = input[_reader.externalBuffer];
- return teed;
- }
- return [slice(input), slice(input)];
- }
- /**
- * Clone a Stream for reading it twice. The input stream can still be read after clone()ing.
- * Reading from the clone will pull from the input stream.
- * The input stream will only be canceled if both the clone and the input stream are canceled.
- * @param {ReadableStream|Uint8array|String} input
- * @returns {ReadableStream|Uint8array|String} cloned input
- */
- function clone(input) {
- if ((0, _util.isStream)(input)) {
- const teed = tee(input);
- overwrite(input, teed[0]);
- return teed[1];
- }
- return slice(input);
- }
- /**
- * Clone a Stream for reading it twice. Data will arrive at the same rate as the input stream is being read.
- * Reading from the clone will NOT pull from the input stream. Data only arrives when reading the input stream.
- * The input stream will NOT be canceled if the clone is canceled, only if the input stream are canceled.
- * If the input stream is canceled, the clone will be errored.
- * @param {ReadableStream|Uint8array|String} input
- * @returns {ReadableStream|Uint8array|String} cloned input
- */
- function passiveClone(input) {
- if ((0, _util.isStream)(input)) {
- return new ReadableStream({
- start(controller) {
- const transformed = transformPair(input, async (readable, writable) => {
- const reader = getReader(readable);
- const writer = getWriter(writable);
- try {
- while (true) {
- await writer.ready;
- var _ref = await reader.read();
- const done = _ref.done,
- value = _ref.value;
- if (done) {
- try {
- controller.close();
- } catch (e) {}
- await writer.close();
- return;
- }
- try {
- controller.enqueue(value);
- } catch (e) {}
- await writer.write(value);
- }
- } catch (e) {
- controller.error(e);
- await writer.abort(e);
- }
- });
- overwrite(input, transformed);
- }
- });
- }
- return slice(input);
- }
- /**
- * Modify a stream object to point to a different stream object.
- * This is used internally by clone() and passiveClone() to provide an abstraction over tee().
- * @param {ReadableStream} input
- * @param {ReadableStream} clone
- */
- function overwrite(input, clone) {
- // Overwrite input.getReader, input.locked, etc to point to clone
- Object.entries(Object.getOwnPropertyDescriptors(ReadableStream.prototype)).forEach(([name, descriptor]) => {
- if (name === 'constructor') {
- return;
- }
- if (descriptor.value) {
- descriptor.value = descriptor.value.bind(clone);
- } else {
- descriptor.get = descriptor.get.bind(clone);
- }
- Object.defineProperty(input, name, descriptor);
- });
- }
- /**
- * Return a stream pointing to a part of the input stream.
- * @param {ReadableStream|Uint8array|String} input
- * @returns {ReadableStream|Uint8array|String} clone
- */
- function slice(input, begin = 0, end = Infinity) {
- if ((0, _util.isStream)(input)) {
- if (begin >= 0 && end >= 0) {
- let bytesRead = 0;
- return transformRaw(input, {
- transform(value, controller) {
- if (bytesRead < end) {
- if (bytesRead + value.length >= begin) {
- controller.enqueue(slice(value, Math.max(begin - bytesRead, 0), end - bytesRead));
- }
- bytesRead += value.length;
- } else {
- controller.terminate();
- }
- }
- });
- }
- if (begin < 0 && (end < 0 || end === Infinity)) {
- let lastBytes = [];
- return transform(input, value => {
- if (value.length >= -begin) lastBytes = [value];else lastBytes.push(value);
- }, () => slice(concat(lastBytes), begin, end));
- }
- if (begin === 0 && end < 0) {
- let lastBytes;
- return transform(input, value => {
- const returnValue = lastBytes ? concat([lastBytes, value]) : value;
- if (returnValue.length >= -end) {
- lastBytes = slice(returnValue, end);
- return slice(returnValue, begin, end);
- } else {
- lastBytes = returnValue;
- }
- });
- }
- console.warn(`stream.slice(input, ${begin}, ${end}) not implemented efficiently.`);
- return fromAsync(async () => slice((await readToEnd(input)), begin, end));
- }
- if (input[_reader.externalBuffer]) {
- input = concat(input[_reader.externalBuffer].concat([input]));
- }
- if ((0, _util.isUint8Array)(input) && !(NodeBuffer && NodeBuffer.isBuffer(input))) {
- if (end === Infinity) end = input.length;
- return input.subarray(begin, end);
- }
- return input.slice(begin, end);
- }
- /**
- * Read a stream to the end and return its contents, concatenated by the concat function (defaults to concat).
- * @param {ReadableStream|Uint8array|String} input
- * @param {Function} concat
- * @returns {Promise<Uint8array|String|Any>} the return value of concat()
- * @async
- */
- async function readToEnd(input, concat) {
- if ((0, _util.isStream)(input)) {
- return getReader(input).readToEnd(concat);
- }
- return input;
- }
- /**
- * Cancel a stream.
- * @param {ReadableStream|Uint8array|String} input
- * @param {Any} reason
- * @returns {Promise<Any>} indicates when the stream has been canceled
- * @async
- */
- async function cancel(input, reason) {
- if ((0, _util.isStream)(input) && input.cancel) {
- return input.cancel(reason);
- }
- }
- /**
- * Convert an async function to a Stream. When the function returns, its return value is enqueued to the stream.
- * @param {Function} fn
- * @returns {ReadableStream}
- */
- function fromAsync(fn) {
- return new ReadableStream({
- pull: async controller => {
- try {
- controller.enqueue((await fn()));
- controller.close();
- } catch (e) {
- controller.error(e);
- }
- }
- });
- }
- exports.default = { isStream: _util.isStream, isUint8Array: _util.isUint8Array, toStream, concatUint8Array: _util.concatUint8Array, concatStream, concat, getReader, getWriter, pipe, transformRaw, transform, transformPair, parse, clone, passiveClone, slice, readToEnd, cancel, fromAsync, nodeToWeb: _nodeConversions.nodeToWeb, webToNode: _nodeConversions.webToNode };
- }).call(this,require('_process'))
- },{"./node-conversions":73,"./reader":74,"./util":76,"_process":66,"buffer":"buffer"}],76:[function(require,module,exports){
- (function (global){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- const isNode = typeof global.process === 'object' && typeof global.process.versions === 'object';
- const NodeReadableStream = isNode && require('stream').Readable;
- /**
- * Check whether data is a Stream, and if so of which type
- * @param {Any} input data to check
- * @returns {'web'|'node'|false}
- */
- function isStream(input) {
- if (ReadableStream.prototype.isPrototypeOf(input)) {
- return 'web';
- }
- if (NodeReadableStream && NodeReadableStream.prototype.isPrototypeOf(input)) {
- return 'node';
- }
- return false;
- }
- /**
- * Check whether data is a Uint8Array
- * @param {Any} input data to check
- * @returns {Boolean}
- */
- function isUint8Array(input) {
- return Uint8Array.prototype.isPrototypeOf(input);
- }
- /**
- * Concat Uint8Arrays
- * @param {Array<Uint8array>} Array of Uint8Arrays to concatenate
- * @returns {Uint8array} Concatenated array
- */
- function concatUint8Array(arrays) {
- if (arrays.length === 1) return arrays[0];
- let totalLength = 0;
- for (let i = 0; i < arrays.length; i++) {
- if (!isUint8Array(arrays[i])) {
- throw new Error('concatUint8Array: Data must be in the form of a Uint8Array');
- }
- totalLength += arrays[i].length;
- }
- const result = new Uint8Array(totalLength);
- let pos = 0;
- arrays.forEach(function (element) {
- result.set(element, pos);
- pos += element.length;
- });
- return result;
- }
- exports.isNode = isNode;
- exports.isStream = isStream;
- exports.isUint8Array = isUint8Array;
- exports.concatUint8Array = concatUint8Array;
- }).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
- },{"stream":"stream"}],77:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.CleartextMessage = CleartextMessage;
- exports.readArmored = readArmored;
- exports.fromText = fromText;
- var _armor = require('./encoding/armor');
- var _armor2 = _interopRequireDefault(_armor);
- var _enums = require('./enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _signature = require('./signature');
- var _message = require('./message');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents an OpenPGP cleartext signed message.
- * See {@link https://tools.ietf.org/html/rfc4880#section-7}
- * @param {String} text The cleartext of the signed message
- * @param {module:signature.Signature} signature The detached signature or an empty signature for unsigned messages
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires encoding/armor
- * @requires enums
- * @requires util
- * @requires packet
- * @requires signature
- * @module cleartext
- */
- function CleartextMessage(text, signature) {
- if (!(this instanceof CleartextMessage)) {
- return new CleartextMessage(text, signature);
- }
- // normalize EOL to canonical form <CR><LF>
- this.text = _util2.default.canonicalizeEOL(_util2.default.removeTrailingSpaces(text));
- if (signature && !(signature instanceof _signature.Signature)) {
- throw new Error('Invalid signature input');
- }
- this.signature = signature || new _signature.Signature(new _packet2.default.List());
- }
- /**
- * Returns the key IDs of the keys that signed the cleartext message
- * @returns {Array<module:type/keyid>} array of keyid objects
- */
- CleartextMessage.prototype.getSigningKeyIds = function () {
- const keyIds = [];
- const signatureList = this.signature.packets;
- signatureList.forEach(function (packet) {
- keyIds.push(packet.issuerKeyId);
- });
- return keyIds;
- };
- /**
- * Sign the cleartext message
- * @param {Array<module:key.Key>} privateKeys private keys with decrypted secret key data for signing
- * @param {Signature} signature (optional) any existing detached signature
- * @param {Date} date (optional) The creation time of the signature that should be created
- * @param {Array} userIds (optional) user IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @returns {Promise<module:cleartext.CleartextMessage>} new cleartext message with signed content
- * @async
- */
- CleartextMessage.prototype.sign = async function (privateKeys, signature = null, date = new Date(), userIds = []) {
- return new CleartextMessage(this.text, (await this.signDetached(privateKeys, signature, date, userIds)));
- };
- /**
- * Sign the cleartext message
- * @param {Array<module:key.Key>} privateKeys private keys with decrypted secret key data for signing
- * @param {Signature} signature (optional) any existing detached signature
- * @param {Date} date (optional) The creation time of the signature that should be created
- * @param {Array} userIds (optional) user IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @returns {Promise<module:signature.Signature>} new detached signature of message content
- * @async
- */
- CleartextMessage.prototype.signDetached = async function (privateKeys, signature = null, date = new Date(), userIds = []) {
- const literalDataPacket = new _packet2.default.Literal();
- literalDataPacket.setText(this.text);
- return new _signature.Signature((await (0, _message.createSignaturePackets)(literalDataPacket, privateKeys, signature, date, userIds, true)));
- };
- /**
- * Verify signatures of cleartext signed message
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Date} date (optional) Verify the signature against the given date, i.e. check signature creation time < date < expiration time
- * @returns {Promise<Array<{keyid: module:type/keyid, valid: Boolean}>>} list of signer's keyid and validity of signature
- * @async
- */
- CleartextMessage.prototype.verify = function (keys, date = new Date()) {
- return this.verifyDetached(this.signature, keys, date);
- };
- /**
- * Verify signatures of cleartext signed message
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Date} date (optional) Verify the signature against the given date, i.e. check signature creation time < date < expiration time
- * @returns {Promise<Array<{keyid: module:type/keyid, valid: Boolean}>>} list of signer's keyid and validity of signature
- * @async
- */
- CleartextMessage.prototype.verifyDetached = function (signature, keys, date = new Date()) {
- const signatureList = signature.packets;
- const literalDataPacket = new _packet2.default.Literal();
- // we assume that cleartext signature is generated based on UTF8 cleartext
- literalDataPacket.setText(this.text);
- return (0, _message.createVerificationObjects)(signatureList, [literalDataPacket], keys, date, true);
- };
- /**
- * Get cleartext
- * @returns {String} cleartext of message
- */
- CleartextMessage.prototype.getText = function () {
- // normalize end of line to \n
- return _util2.default.nativeEOL(this.text);
- };
- /**
- * Returns ASCII armored text of cleartext signed message
- * @returns {String | ReadableStream<String>} ASCII armor
- */
- CleartextMessage.prototype.armor = function () {
- let hashes = this.signature.packets.map(function (packet) {
- return _enums2.default.read(_enums2.default.hash, packet.hashAlgorithm).toUpperCase();
- });
- hashes = hashes.filter(function (item, i, ar) {
- return ar.indexOf(item) === i;
- });
- const body = {
- hash: hashes.join(),
- text: this.text,
- data: this.signature.packets.write()
- };
- return _armor2.default.encode(_enums2.default.armor.signed, body);
- };
- /**
- * reads an OpenPGP cleartext signed message and returns a CleartextMessage object
- * @param {String | ReadableStream<String>} armoredText text to be parsed
- * @returns {module:cleartext.CleartextMessage} new cleartext message object
- * @async
- * @static
- */
- async function readArmored(armoredText) {
- const input = await _armor2.default.decode(armoredText);
- if (input.type !== _enums2.default.armor.signed) {
- throw new Error('No cleartext signed message.');
- }
- const packetlist = new _packet2.default.List();
- await packetlist.read(input.data);
- verifyHeaders(input.headers, packetlist);
- const signature = new _signature.Signature(packetlist);
- return new CleartextMessage(input.text, signature);
- }
- /**
- * Compare hash algorithm specified in the armor header with signatures
- * @param {Array<String>} headers Armor headers
- * @param {module:packet.List} packetlist The packetlist with signature packets
- * @private
- */
- function verifyHeaders(headers, packetlist) {
- const checkHashAlgos = function checkHashAlgos(hashAlgos) {
- const check = packet => algo => packet.hashAlgorithm === algo;
- for (let i = 0; i < packetlist.length; i++) {
- if (packetlist[i].tag === _enums2.default.packet.signature && !hashAlgos.some(check(packetlist[i]))) {
- return false;
- }
- }
- return true;
- };
- let oneHeader = null;
- let hashAlgos = [];
- headers.forEach(function (header) {
- oneHeader = header.match(/Hash: (.+)/); // get header value
- if (oneHeader) {
- oneHeader = oneHeader[1].replace(/\s/g, ''); // remove whitespace
- oneHeader = oneHeader.split(',');
- oneHeader = oneHeader.map(function (hash) {
- hash = hash.toLowerCase();
- try {
- return _enums2.default.write(_enums2.default.hash, hash);
- } catch (e) {
- throw new Error('Unknown hash algorithm in armor header: ' + hash);
- }
- });
- hashAlgos = hashAlgos.concat(oneHeader);
- } else {
- throw new Error('Only "Hash" header allowed in cleartext signed message');
- }
- });
- if (!hashAlgos.length && !checkHashAlgos([_enums2.default.hash.md5])) {
- throw new Error('If no "Hash" header in cleartext signed message, then only MD5 signatures allowed');
- } else if (hashAlgos.length && !checkHashAlgos(hashAlgos)) {
- throw new Error('Hash algorithm mismatch in armor header and signature');
- }
- }
- /**
- * Creates a new CleartextMessage object from text
- * @param {String} text
- * @static
- */
- function fromText(text) {
- return new CleartextMessage(text);
- }
- },{"./encoding/armor":111,"./enums":113,"./message":126,"./packet":131,"./signature":151,"./util":158}],78:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _enums = require("../enums");
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = {
- /**
- * @memberof module:config
- * @property {Integer} prefer_hash_algorithm Default hash algorithm {@link module:enums.hash}
- */
- prefer_hash_algorithm: _enums2.default.hash.sha256,
- /**
- * @memberof module:config
- * @property {Integer} encryption_cipher Default encryption cipher {@link module:enums.symmetric}
- */
- encryption_cipher: _enums2.default.symmetric.aes256,
- /**
- * @memberof module:config
- * @property {Integer} compression Default compression algorithm {@link module:enums.compression}
- */
- compression: _enums2.default.compression.uncompressed,
- /**
- * @memberof module:config
- * @property {Integer} deflate_level Default zip/zlib compression level, between 1 and 9
- */
- deflate_level: 6,
- /**
- * Use Authenticated Encryption with Additional Data (AEAD) protection for symmetric encryption.
- * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
- * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
- * @see {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-07|RFC4880bis-07}
- * @memberof module:config
- * @property {Boolean} aead_protect
- */
- aead_protect: false,
- /**
- * Default Authenticated Encryption with Additional Data (AEAD) encryption mode
- * Only has an effect when aead_protect is set to true.
- * @memberof module:config
- * @property {Integer} aead_mode Default AEAD mode {@link module:enums.aead}
- */
- aead_mode: _enums2.default.aead.eax,
- /**
- * Chunk Size Byte for Authenticated Encryption with Additional Data (AEAD) mode
- * Only has an effect when aead_protect is set to true.
- * Must be an integer value from 0 to 56.
- * @memberof module:config
- * @property {Integer} aead_chunk_size_byte
- */
- aead_chunk_size_byte: 12,
- /**
- * Use V5 keys.
- * **NOT INTEROPERABLE WITH OTHER OPENPGP IMPLEMENTATIONS**
- * **FUTURE OPENPGP.JS VERSIONS MAY BREAK COMPATIBILITY WHEN USING THIS OPTION**
- * @memberof module:config
- * @property {Boolean} v5_keys
- */
- v5_keys: false,
- /**
- * {@link https://tools.ietf.org/html/rfc4880#section-3.7.1.3|RFC4880 3.7.1.3}:
- * Iteration Count Byte for S2K (String to Key)
- * @memberof module:config
- * @property {Integer} s2k_iteration_count_byte
- */
- s2k_iteration_count_byte: 224,
- /** Use integrity protection for symmetric encryption
- * @memberof module:config
- * @property {Boolean} integrity_protect
- */
- integrity_protect: true,
- /**
- * @memberof module:config
- * @property {Boolean} ignore_mdc_error Fail on decrypt if message is not integrity protected
- */
- ignore_mdc_error: false,
- /**
- * @memberof module:config
- * @property {Boolean} allow_unauthenticated_stream Stream unauthenticated data before integrity has been checked
- */
- allow_unauthenticated_stream: false,
- /**
- * @memberof module:config
- * @property {Boolean} checksum_required Do not throw error when armor is missing a checksum
- */
- checksum_required: false,
- /**
- * @memberof module:config
- * @property {Boolean} rsa_blinding
- */
- rsa_blinding: true,
- /**
- * Work-around for rare GPG decryption bug when encrypting with multiple passwords.
- * **Slower and slightly less secure**
- * @memberof module:config
- * @property {Boolean} password_collision_check
- */
- password_collision_check: false,
- /**
- * @memberof module:config
- * @property {Boolean} revocations_expire If true, expired revocation signatures are ignored
- */
- revocations_expire: false,
- /**
- * @memberof module:config
- * @property {Boolean} use_native Use native Node.js crypto/zlib and WebCrypto APIs when available
- */
- use_native: true,
- /**
- * @memberof module:config
- * @property {Integer} min_bytes_for_web_crypto The minimum amount of bytes for which to use native WebCrypto APIs when available
- */
- min_bytes_for_web_crypto: 1000,
- /**
- * @memberof module:config
- * @property {Boolean} Use transferable objects between the Web Worker and main thread
- */
- zero_copy: false,
- /**
- * @memberof module:config
- * @property {Boolean} debug If enabled, debug messages will be printed
- */
- debug: false,
- /**
- * @memberof module:config
- * @property {Boolean} tolerant Ignore unsupported/unrecognizable packets instead of throwing an error
- */
- tolerant: true,
- /**
- * @memberof module:config
- * @property {Boolean} show_version Whether to include {@link module:config/config.versionstring} in armored messages
- */
- show_version: true,
- /**
- * @memberof module:config
- * @property {Boolean} show_comment Whether to include {@link module:config/config.commentstring} in armored messages
- */
- show_comment: true,
- /**
- * @memberof module:config
- * @property {String} versionstring A version string to be included in armored messages
- */
- versionstring: "OpenPGP.js v4.7.1",
- /**
- * @memberof module:config
- * @property {String} commentstring A comment string to be included in armored messages
- */
- commentstring: "https://openpgpjs.org",
- /**
- * @memberof module:config
- * @property {String} keyserver
- */
- keyserver: "https://keyserver.ubuntu.com",
- /**
- * @memberof module:config
- * @property {String} node_store
- */
- node_store: "./openpgp.store",
- /**
- * Max userid string length (used for parsing)
- * @memberof module:config
- * @property {Integer} max_userid_length
- */
- max_userid_length: 1024 * 5,
- /**
- * Contains notatations that are considered "known". Known notations do not trigger
- * validation error when the notation is marked as critical.
- * @memberof module:config
- * @property {Array} known_notations
- */
- known_notations: ["preferred-email-encoding@pgp.com", "pka-address@gnupg.org"],
- /**
- * @memberof module:config
- * @property {Boolean} use_indutny_elliptic Whether to use the indutny/elliptic library. When false, certain curves will not be supported.
- */
- use_indutny_elliptic: true,
- /**
- * @memberof module:config
- * @property {Boolean} external_indutny_elliptic Whether to lazily load the indutny/elliptic library from an external path on demand.
- */
- external_indutny_elliptic: false,
- /**
- * @memberof module:config
- * @property {String} indutny_elliptic_path The path to load the indutny/elliptic library from. Only has an effect if `config.external_indutny_elliptic` is true.
- */
- indutny_elliptic_path: './elliptic.min.js',
- /**
- * @memberof module:config
- * @property {Object} indutny_elliptic_fetch_options Options object to pass to `fetch` when loading the indutny/elliptic library. Only has an effect if `config.external_indutny_elliptic` is true.
- */
- indutny_elliptic_fetch_options: {}
- }; // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Global configuration values.
- * @requires enums
- */
- },{"../enums":113}],79:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _config = require('./config.js');
- Object.defineProperty(exports, 'default', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_config).default;
- }
- });
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- },{"./config.js":78}],80:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _cipher = require('./cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Implementation of RFC 3394 AES Key Wrap & Key Unwrap funcions
- * @see module:crypto/public_key/elliptic/ecdh
- * @requires crypto/cipher
- * @requires util
- * @module crypto/aes_kw
- */
- function wrap(key, data) {
- const aes = new _cipher2.default["aes" + key.length * 8](key);
- const IV = new Uint32Array([0xA6A6A6A6, 0xA6A6A6A6]);
- const P = unpack(data);
- let A = IV;
- const R = P;
- const n = P.length / 2;
- const t = new Uint32Array([0, 0]);
- let B = new Uint32Array(4);
- for (let j = 0; j <= 5; ++j) {
- for (let i = 0; i < n; ++i) {
- t[1] = n * j + (1 + i);
- // B = A
- B[0] = A[0];
- B[1] = A[1];
- // B = A || R[i]
- B[2] = R[2 * i];
- B[3] = R[2 * i + 1];
- // B = AES(K, B)
- B = unpack(aes.encrypt(pack(B)));
- // A = MSB(64, B) ^ t
- A = B.subarray(0, 2);
- A[0] ^= t[0];
- A[1] ^= t[1];
- // R[i] = LSB(64, B)
- R[2 * i] = B[2];
- R[2 * i + 1] = B[3];
- }
- }
- return pack(A, R);
- }
- function unwrap(key, data) {
- const aes = new _cipher2.default["aes" + key.length * 8](key);
- const IV = new Uint32Array([0xA6A6A6A6, 0xA6A6A6A6]);
- const C = unpack(data);
- let A = C.subarray(0, 2);
- const R = C.subarray(2);
- const n = C.length / 2 - 1;
- const t = new Uint32Array([0, 0]);
- let B = new Uint32Array(4);
- for (let j = 5; j >= 0; --j) {
- for (let i = n - 1; i >= 0; --i) {
- t[1] = n * j + (i + 1);
- // B = A ^ t
- B[0] = A[0] ^ t[0];
- B[1] = A[1] ^ t[1];
- // B = (A ^ t) || R[i]
- B[2] = R[2 * i];
- B[3] = R[2 * i + 1];
- // B = AES-1(B)
- B = unpack(aes.decrypt(pack(B)));
- // A = MSB(64, B)
- A = B.subarray(0, 2);
- // R[i] = LSB(64, B)
- R[2 * i] = B[2];
- R[2 * i + 1] = B[3];
- }
- }
- if (A[0] === IV[0] && A[1] === IV[1]) {
- return pack(R);
- }
- throw new Error("Key Data Integrity failed");
- }
- function createArrayBuffer(data) {
- if (_util2.default.isString(data)) {
- const length = data.length;
- const buffer = new ArrayBuffer(length);
- const view = new Uint8Array(buffer);
- for (let j = 0; j < length; ++j) {
- view[j] = data.charCodeAt(j);
- }
- return buffer;
- }
- return new Uint8Array(data).buffer;
- }
- function unpack(data) {
- const length = data.length;
- const buffer = createArrayBuffer(data);
- const view = new DataView(buffer);
- const arr = new Uint32Array(length / 4);
- for (let i = 0; i < length / 4; ++i) {
- arr[i] = view.getUint32(4 * i);
- }
- return arr;
- }
- function pack() {
- let length = 0;
- for (let k = 0; k < arguments.length; ++k) {
- length += 4 * arguments[k].length;
- }
- const buffer = new ArrayBuffer(length);
- const view = new DataView(buffer);
- let offset = 0;
- for (let i = 0; i < arguments.length; ++i) {
- for (let j = 0; j < arguments[i].length; ++j) {
- view.setUint32(offset + 4 * j, arguments[i][j]);
- }
- offset += 4 * arguments[i].length;
- }
- return new Uint8Array(buffer);
- }
- exports.default = {
- /**
- * AES key wrap
- * @function
- * @param {String} key
- * @param {String} data
- * @returns {Uint8Array}
- */
- wrap,
- /**
- * AES key unwrap
- * @function
- * @param {String} key
- * @param {String} data
- * @returns {Uint8Array}
- * @throws {Error}
- */
- unwrap
- };
- },{"../util":158,"./cipher":86}],81:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _cfb = require('asmcrypto.js/dist_es5/aes/cfb');
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _cipher = require('./cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const webCrypto = _util2.default.getWebCrypto(); // Modified by ProtonTech AG
- // Modified by Recurity Labs GmbH
- // modified version of https://www.hanewin.net/encrypt/PGdecode.js:
- /* OpenPGP encryption using RSA/AES
- * Copyright 2005-2006 Herbert Hanewinkel, www.haneWIN.de
- * version 2.0, check www.haneWIN.de for the latest version
- * This software is provided as-is, without express or implied warranty.
- * Permission to use, copy, modify, distribute or sell this software, with or
- * without fee, for any purpose and by any individual or organization, is hereby
- * granted, provided that the above copyright notice and this paragraph appear
- * in all copies. Distribution as a part of an application or binary must
- * include the above copyright notice in the documentation and/or other
- * materials provided with the application or distribution.
- */
- /**
- * @requires web-stream-tools
- * @requires crypto/cipher
- * @requires util
- * @module crypto/cfb
- */
- const nodeCrypto = _util2.default.getNodeCrypto();
- const Buffer = _util2.default.getNodeBuffer();
- exports.default = {
- encrypt: function encrypt(algo, key, plaintext, iv) {
- if (algo.substr(0, 3) === 'aes') {
- return aesEncrypt(algo, key, plaintext, iv);
- }
- const cipherfn = new _cipher2.default[algo](key);
- const block_size = cipherfn.blockSize;
- let blocki = new Uint8Array(block_size);
- const blockc = iv.slice();
- let pos = 0;
- const ciphertext = new Uint8Array(plaintext.length);
- let i;
- let j = 0;
- while (plaintext.length > block_size * pos) {
- const encblock = cipherfn.encrypt(blockc);
- blocki = plaintext.subarray(pos * block_size, pos * block_size + block_size);
- for (i = 0; i < blocki.length; i++) {
- blockc[i] = blocki[i] ^ encblock[i];
- ciphertext[j++] = blockc[i];
- }
- pos++;
- }
- return ciphertext;
- },
- decrypt: async function decrypt(algo, key, ciphertext, iv) {
- if (algo.substr(0, 3) === 'aes') {
- return aesDecrypt(algo, key, ciphertext, iv);
- }
- ciphertext = await _webStreamTools2.default.readToEnd(ciphertext);
- const cipherfn = new _cipher2.default[algo](key);
- const block_size = cipherfn.blockSize;
- let blockp = iv;
- let pos = 0;
- const plaintext = new Uint8Array(ciphertext.length);
- const offset = 0;
- let i;
- let j = 0;
- while (ciphertext.length > block_size * pos) {
- const decblock = cipherfn.encrypt(blockp);
- blockp = ciphertext.subarray(pos * block_size + offset, pos * block_size + block_size + offset);
- for (i = 0; i < blockp.length; i++) {
- plaintext[j++] = blockp[i] ^ decblock[i];
- }
- pos++;
- }
- return plaintext;
- }
- };
- function aesEncrypt(algo, key, pt, iv) {
- if (_util2.default.getWebCrypto() && key.length !== 24 && // Chrome doesn't support 192 bit keys, see https://www.chromium.org/blink/webcrypto#TOC-AES-support
- !_util2.default.isStream(pt) && pt.length >= 3000 * _config2.default.min_bytes_for_web_crypto // Default to a 3MB minimum. Chrome is pretty slow for small messages, see: https://bugs.chromium.org/p/chromium/issues/detail?id=701188#c2
- ) {
- // Web Crypto
- return webEncrypt(algo, key, pt, iv);
- }
- if (nodeCrypto) {
- // Node crypto library.
- return nodeEncrypt(algo, key, pt, iv);
- } // asm.js fallback
- const cfb = new _cfb.AES_CFB(key, iv);
- return _webStreamTools2.default.transform(pt, value => cfb.AES_Encrypt_process(value), () => cfb.AES_Encrypt_finish());
- }
- function aesDecrypt(algo, key, ct, iv) {
- if (nodeCrypto) {
- // Node crypto library.
- return nodeDecrypt(algo, key, ct, iv);
- }
- if (_util2.default.isStream(ct)) {
- const cfb = new _cfb.AES_CFB(key, iv);
- return _webStreamTools2.default.transform(ct, value => cfb.AES_Decrypt_process(value), () => cfb.AES_Decrypt_finish());
- }
- return _cfb.AES_CFB.decrypt(ct, key, iv);
- }
- function xorMut(a, b) {
- for (let i = 0; i < a.length; i++) {
- a[i] = a[i] ^ b[i];
- }
- }
- async function webEncrypt(algo, key, pt, iv) {
- const ALGO = 'AES-CBC';
- const _key = await webCrypto.importKey('raw', key, { name: ALGO }, false, ['encrypt']);
- const blockSize = _cipher2.default[algo].blockSize;
- const cbc_pt = _util2.default.concatUint8Array([new Uint8Array(blockSize), pt]);
- const ct = new Uint8Array((await webCrypto.encrypt({ name: ALGO, iv }, _key, cbc_pt))).subarray(0, pt.length);
- xorMut(ct, pt);
- return ct;
- }
- function nodeEncrypt(algo, key, pt, iv) {
- key = Buffer.from(key);
- iv = Buffer.from(iv);
- const cipherObj = new nodeCrypto.createCipheriv('aes-' + algo.substr(3, 3) + '-cfb', key, iv);
- return _webStreamTools2.default.transform(pt, value => new Uint8Array(cipherObj.update(Buffer.from(value))));
- }
- function nodeDecrypt(algo, key, ct, iv) {
- key = Buffer.from(key);
- iv = Buffer.from(iv);
- const decipherObj = new nodeCrypto.createDecipheriv('aes-' + algo.substr(3, 3) + '-cfb', key, iv);
- return _webStreamTools2.default.transform(ct, value => new Uint8Array(decipherObj.update(Buffer.from(value))));
- }
- },{"../config":79,"../util":158,"./cipher":86,"asmcrypto.js/dist_es5/aes/cfb":5,"web-stream-tools":75}],82:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _ecb = require('asmcrypto.js/dist_es5/aes/ecb');
- // TODO use webCrypto or nodeCrypto when possible.
- function aes(length) {
- const C = function C(key) {
- const aes_ecb = new _ecb.AES_ECB(key);
- this.encrypt = function (block) {
- return aes_ecb.encrypt(block);
- };
- this.decrypt = function (block) {
- return aes_ecb.decrypt(block);
- };
- };
- C.blockSize = C.prototype.blockSize = 16;
- C.keySize = C.prototype.keySize = length / 8;
- return C;
- } /**
- * @requires asmcrypto.js
- */
- exports.default = aes;
- },{"asmcrypto.js/dist_es5/aes/ecb":7}],83:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- /* Modified by Recurity Labs GmbH
- *
- * Originally written by nklein software (nklein.com)
- */
- /*
- * Javascript implementation based on Bruce Schneier's reference implementation.
- *
- *
- * The constructor doesn't do much of anything. It's just here
- * so we can start defining properties and methods and such.
- */
- function Blowfish() {}
- /*
- * Declare the block size so that protocols know what size
- * Initialization Vector (IV) they will need.
- */
- Blowfish.prototype.BLOCKSIZE = 8;
- /*
- * These are the default SBOXES.
- */
- Blowfish.prototype.SBOXES = [[0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a], [0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7], [0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0], [0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6]];
- //*
- //* This is the default PARRAY
- //*
- Blowfish.prototype.PARRAY = [0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b];
- //*
- //* This is the number of rounds the cipher will go
- //*
- Blowfish.prototype.NN = 16;
- //*
- //* This function is needed to get rid of problems
- //* with the high-bit getting set. If we don't do
- //* this, then sometimes ( aa & 0x00FFFFFFFF ) is not
- //* equal to ( bb & 0x00FFFFFFFF ) even when they
- //* agree bit-for-bit for the first 32 bits.
- //*
- Blowfish.prototype._clean = function (xx) {
- if (xx < 0) {
- const yy = xx & 0x7FFFFFFF;
- xx = yy + 0x80000000;
- }
- return xx;
- };
- //*
- //* This is the mixing function that uses the sboxes
- //*
- Blowfish.prototype._F = function (xx) {
- let yy;
- const dd = xx & 0x00FF;
- xx >>>= 8;
- const cc = xx & 0x00FF;
- xx >>>= 8;
- const bb = xx & 0x00FF;
- xx >>>= 8;
- const aa = xx & 0x00FF;
- yy = this.sboxes[0][aa] + this.sboxes[1][bb];
- yy ^= this.sboxes[2][cc];
- yy += this.sboxes[3][dd];
- return yy;
- };
- //*
- //* This method takes an array with two values, left and right
- //* and does NN rounds of Blowfish on them.
- //*
- Blowfish.prototype._encrypt_block = function (vals) {
- let dataL = vals[0];
- let dataR = vals[1];
- let ii;
- for (ii = 0; ii < this.NN; ++ii) {
- dataL ^= this.parray[ii];
- dataR = this._F(dataL) ^ dataR;
- const tmp = dataL;
- dataL = dataR;
- dataR = tmp;
- }
- dataL ^= this.parray[this.NN + 0];
- dataR ^= this.parray[this.NN + 1];
- vals[0] = this._clean(dataR);
- vals[1] = this._clean(dataL);
- };
- //*
- //* This method takes a vector of numbers and turns them
- //* into long words so that they can be processed by the
- //* real algorithm.
- //*
- //* Maybe I should make the real algorithm above take a vector
- //* instead. That will involve more looping, but it won't require
- //* the F() method to deconstruct the vector.
- //*
- Blowfish.prototype.encrypt_block = function (vector) {
- let ii;
- const vals = [0, 0];
- const off = this.BLOCKSIZE / 2;
- for (ii = 0; ii < this.BLOCKSIZE / 2; ++ii) {
- vals[0] = vals[0] << 8 | vector[ii + 0] & 0x00FF;
- vals[1] = vals[1] << 8 | vector[ii + off] & 0x00FF;
- }
- this._encrypt_block(vals);
- const ret = [];
- for (ii = 0; ii < this.BLOCKSIZE / 2; ++ii) {
- ret[ii + 0] = vals[0] >>> 24 - 8 * ii & 0x00FF;
- ret[ii + off] = vals[1] >>> 24 - 8 * ii & 0x00FF;
- // vals[ 0 ] = ( vals[ 0 ] >>> 8 );
- // vals[ 1 ] = ( vals[ 1 ] >>> 8 );
- }
- return ret;
- };
- //*
- //* This method takes an array with two values, left and right
- //* and undoes NN rounds of Blowfish on them.
- //*
- Blowfish.prototype._decrypt_block = function (vals) {
- let dataL = vals[0];
- let dataR = vals[1];
- let ii;
- for (ii = this.NN + 1; ii > 1; --ii) {
- dataL ^= this.parray[ii];
- dataR = this._F(dataL) ^ dataR;
- const tmp = dataL;
- dataL = dataR;
- dataR = tmp;
- }
- dataL ^= this.parray[1];
- dataR ^= this.parray[0];
- vals[0] = this._clean(dataR);
- vals[1] = this._clean(dataL);
- };
- //*
- //* This method takes a key array and initializes the
- //* sboxes and parray for this encryption.
- //*
- Blowfish.prototype.init = function (key) {
- let ii;
- let jj = 0;
- this.parray = [];
- for (ii = 0; ii < this.NN + 2; ++ii) {
- let data = 0x00000000;
- for (let kk = 0; kk < 4; ++kk) {
- data = data << 8 | key[jj] & 0x00FF;
- if (++jj >= key.length) {
- jj = 0;
- }
- }
- this.parray[ii] = this.PARRAY[ii] ^ data;
- }
- this.sboxes = [];
- for (ii = 0; ii < 4; ++ii) {
- this.sboxes[ii] = [];
- for (jj = 0; jj < 256; ++jj) {
- this.sboxes[ii][jj] = this.SBOXES[ii][jj];
- }
- }
- const vals = [0x00000000, 0x00000000];
- for (ii = 0; ii < this.NN + 2; ii += 2) {
- this._encrypt_block(vals);
- this.parray[ii + 0] = vals[0];
- this.parray[ii + 1] = vals[1];
- }
- for (ii = 0; ii < 4; ++ii) {
- for (jj = 0; jj < 256; jj += 2) {
- this._encrypt_block(vals);
- this.sboxes[ii][jj + 0] = vals[0];
- this.sboxes[ii][jj + 1] = vals[1];
- }
- }
- };
- // added by Recurity Labs
- function BF(key) {
- this.bf = new Blowfish();
- this.bf.init(key);
- this.encrypt = function (block) {
- return this.bf.encrypt_block(block);
- };
- }
- BF.keySize = BF.prototype.keySize = 16;
- BF.blockSize = BF.prototype.blockSize = 16;
- exports.default = BF;
- },{}],84:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- // Copyright 2010 pjacobs@xeekr.com . All rights reserved.
- // Modified by Recurity Labs GmbH
- // fixed/modified by Herbert Hanewinkel, www.haneWIN.de
- // check www.haneWIN.de for the latest version
- // cast5.js is a Javascript implementation of CAST-128, as defined in RFC 2144.
- // CAST-128 is a common OpenPGP cipher.
- // CAST5 constructor
- function OpenpgpSymencCast5() {
- this.BlockSize = 8;
- this.KeySize = 16;
- this.setKey = function (key) {
- this.masking = new Array(16);
- this.rotate = new Array(16);
- this.reset();
- if (key.length === this.KeySize) {
- this.keySchedule(key);
- } else {
- throw new Error('CAST-128: keys must be 16 bytes');
- }
- return true;
- };
- this.reset = function () {
- for (let i = 0; i < 16; i++) {
- this.masking[i] = 0;
- this.rotate[i] = 0;
- }
- };
- this.getBlockSize = function () {
- return this.BlockSize;
- };
- this.encrypt = function (src) {
- const dst = new Array(src.length);
- for (let i = 0; i < src.length; i += 8) {
- let l = src[i] << 24 | src[i + 1] << 16 | src[i + 2] << 8 | src[i + 3];
- let r = src[i + 4] << 24 | src[i + 5] << 16 | src[i + 6] << 8 | src[i + 7];
- let t;
- t = r;
- r = l ^ f1(r, this.masking[0], this.rotate[0]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[1], this.rotate[1]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[2], this.rotate[2]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[3], this.rotate[3]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[4], this.rotate[4]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[5], this.rotate[5]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[6], this.rotate[6]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[7], this.rotate[7]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[8], this.rotate[8]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[9], this.rotate[9]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[10], this.rotate[10]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[11], this.rotate[11]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[12], this.rotate[12]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[13], this.rotate[13]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[14], this.rotate[14]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[15], this.rotate[15]);
- l = t;
- dst[i] = r >>> 24 & 255;
- dst[i + 1] = r >>> 16 & 255;
- dst[i + 2] = r >>> 8 & 255;
- dst[i + 3] = r & 255;
- dst[i + 4] = l >>> 24 & 255;
- dst[i + 5] = l >>> 16 & 255;
- dst[i + 6] = l >>> 8 & 255;
- dst[i + 7] = l & 255;
- }
- return dst;
- };
- this.decrypt = function (src) {
- const dst = new Array(src.length);
- for (let i = 0; i < src.length; i += 8) {
- let l = src[i] << 24 | src[i + 1] << 16 | src[i + 2] << 8 | src[i + 3];
- let r = src[i + 4] << 24 | src[i + 5] << 16 | src[i + 6] << 8 | src[i + 7];
- let t;
- t = r;
- r = l ^ f1(r, this.masking[15], this.rotate[15]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[14], this.rotate[14]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[13], this.rotate[13]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[12], this.rotate[12]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[11], this.rotate[11]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[10], this.rotate[10]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[9], this.rotate[9]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[8], this.rotate[8]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[7], this.rotate[7]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[6], this.rotate[6]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[5], this.rotate[5]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[4], this.rotate[4]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[3], this.rotate[3]);
- l = t;
- t = r;
- r = l ^ f3(r, this.masking[2], this.rotate[2]);
- l = t;
- t = r;
- r = l ^ f2(r, this.masking[1], this.rotate[1]);
- l = t;
- t = r;
- r = l ^ f1(r, this.masking[0], this.rotate[0]);
- l = t;
- dst[i] = r >>> 24 & 255;
- dst[i + 1] = r >>> 16 & 255;
- dst[i + 2] = r >>> 8 & 255;
- dst[i + 3] = r & 255;
- dst[i + 4] = l >>> 24 & 255;
- dst[i + 5] = l >> 16 & 255;
- dst[i + 6] = l >> 8 & 255;
- dst[i + 7] = l & 255;
- }
- return dst;
- };
- const scheduleA = new Array(4);
- scheduleA[0] = new Array(4);
- scheduleA[0][0] = [4, 0, 0xd, 0xf, 0xc, 0xe, 0x8];
- scheduleA[0][1] = [5, 2, 16 + 0, 16 + 2, 16 + 1, 16 + 3, 0xa];
- scheduleA[0][2] = [6, 3, 16 + 7, 16 + 6, 16 + 5, 16 + 4, 9];
- scheduleA[0][3] = [7, 1, 16 + 0xa, 16 + 9, 16 + 0xb, 16 + 8, 0xb];
- scheduleA[1] = new Array(4);
- scheduleA[1][0] = [0, 6, 16 + 5, 16 + 7, 16 + 4, 16 + 6, 16 + 0];
- scheduleA[1][1] = [1, 4, 0, 2, 1, 3, 16 + 2];
- scheduleA[1][2] = [2, 5, 7, 6, 5, 4, 16 + 1];
- scheduleA[1][3] = [3, 7, 0xa, 9, 0xb, 8, 16 + 3];
- scheduleA[2] = new Array(4);
- scheduleA[2][0] = [4, 0, 0xd, 0xf, 0xc, 0xe, 8];
- scheduleA[2][1] = [5, 2, 16 + 0, 16 + 2, 16 + 1, 16 + 3, 0xa];
- scheduleA[2][2] = [6, 3, 16 + 7, 16 + 6, 16 + 5, 16 + 4, 9];
- scheduleA[2][3] = [7, 1, 16 + 0xa, 16 + 9, 16 + 0xb, 16 + 8, 0xb];
- scheduleA[3] = new Array(4);
- scheduleA[3][0] = [0, 6, 16 + 5, 16 + 7, 16 + 4, 16 + 6, 16 + 0];
- scheduleA[3][1] = [1, 4, 0, 2, 1, 3, 16 + 2];
- scheduleA[3][2] = [2, 5, 7, 6, 5, 4, 16 + 1];
- scheduleA[3][3] = [3, 7, 0xa, 9, 0xb, 8, 16 + 3];
- const scheduleB = new Array(4);
- scheduleB[0] = new Array(4);
- scheduleB[0][0] = [16 + 8, 16 + 9, 16 + 7, 16 + 6, 16 + 2];
- scheduleB[0][1] = [16 + 0xa, 16 + 0xb, 16 + 5, 16 + 4, 16 + 6];
- scheduleB[0][2] = [16 + 0xc, 16 + 0xd, 16 + 3, 16 + 2, 16 + 9];
- scheduleB[0][3] = [16 + 0xe, 16 + 0xf, 16 + 1, 16 + 0, 16 + 0xc];
- scheduleB[1] = new Array(4);
- scheduleB[1][0] = [3, 2, 0xc, 0xd, 8];
- scheduleB[1][1] = [1, 0, 0xe, 0xf, 0xd];
- scheduleB[1][2] = [7, 6, 8, 9, 3];
- scheduleB[1][3] = [5, 4, 0xa, 0xb, 7];
- scheduleB[2] = new Array(4);
- scheduleB[2][0] = [16 + 3, 16 + 2, 16 + 0xc, 16 + 0xd, 16 + 9];
- scheduleB[2][1] = [16 + 1, 16 + 0, 16 + 0xe, 16 + 0xf, 16 + 0xc];
- scheduleB[2][2] = [16 + 7, 16 + 6, 16 + 8, 16 + 9, 16 + 2];
- scheduleB[2][3] = [16 + 5, 16 + 4, 16 + 0xa, 16 + 0xb, 16 + 6];
- scheduleB[3] = new Array(4);
- scheduleB[3][0] = [8, 9, 7, 6, 3];
- scheduleB[3][1] = [0xa, 0xb, 5, 4, 7];
- scheduleB[3][2] = [0xc, 0xd, 3, 2, 8];
- scheduleB[3][3] = [0xe, 0xf, 1, 0, 0xd];
- // changed 'in' to 'inn' (in javascript 'in' is a reserved word)
- this.keySchedule = function (inn) {
- const t = new Array(8);
- const k = new Array(32);
- let j;
- for (let i = 0; i < 4; i++) {
- j = i * 4;
- t[i] = inn[j] << 24 | inn[j + 1] << 16 | inn[j + 2] << 8 | inn[j + 3];
- }
- const x = [6, 7, 4, 5];
- let ki = 0;
- let w;
- for (let half = 0; half < 2; half++) {
- for (let round = 0; round < 4; round++) {
- for (j = 0; j < 4; j++) {
- const a = scheduleA[round][j];
- w = t[a[1]];
- w ^= sBox[4][t[a[2] >>> 2] >>> 24 - 8 * (a[2] & 3) & 0xff];
- w ^= sBox[5][t[a[3] >>> 2] >>> 24 - 8 * (a[3] & 3) & 0xff];
- w ^= sBox[6][t[a[4] >>> 2] >>> 24 - 8 * (a[4] & 3) & 0xff];
- w ^= sBox[7][t[a[5] >>> 2] >>> 24 - 8 * (a[5] & 3) & 0xff];
- w ^= sBox[x[j]][t[a[6] >>> 2] >>> 24 - 8 * (a[6] & 3) & 0xff];
- t[a[0]] = w;
- }
- for (j = 0; j < 4; j++) {
- const b = scheduleB[round][j];
- w = sBox[4][t[b[0] >>> 2] >>> 24 - 8 * (b[0] & 3) & 0xff];
- w ^= sBox[5][t[b[1] >>> 2] >>> 24 - 8 * (b[1] & 3) & 0xff];
- w ^= sBox[6][t[b[2] >>> 2] >>> 24 - 8 * (b[2] & 3) & 0xff];
- w ^= sBox[7][t[b[3] >>> 2] >>> 24 - 8 * (b[3] & 3) & 0xff];
- w ^= sBox[4 + j][t[b[4] >>> 2] >>> 24 - 8 * (b[4] & 3) & 0xff];
- k[ki] = w;
- ki++;
- }
- }
- }
- for (let i = 0; i < 16; i++) {
- this.masking[i] = k[i];
- this.rotate[i] = k[16 + i] & 0x1f;
- }
- };
- // These are the three 'f' functions. See RFC 2144, section 2.2.
- function f1(d, m, r) {
- const t = m + d;
- const I = t << r | t >>> 32 - r;
- return (sBox[0][I >>> 24] ^ sBox[1][I >>> 16 & 255]) - sBox[2][I >>> 8 & 255] + sBox[3][I & 255];
- }
- function f2(d, m, r) {
- const t = m ^ d;
- const I = t << r | t >>> 32 - r;
- return sBox[0][I >>> 24] - sBox[1][I >>> 16 & 255] + sBox[2][I >>> 8 & 255] ^ sBox[3][I & 255];
- }
- function f3(d, m, r) {
- const t = m - d;
- const I = t << r | t >>> 32 - r;
- return (sBox[0][I >>> 24] + sBox[1][I >>> 16 & 255] ^ sBox[2][I >>> 8 & 255]) - sBox[3][I & 255];
- }
- const sBox = new Array(8);
- sBox[0] = [0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949, 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, 0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, 0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0, 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7, 0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935, 0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d, 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, 0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe, 0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3, 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167, 0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291, 0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779, 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2, 0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511, 0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d, 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5, 0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324, 0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc, 0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d, 0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96, 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a, 0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, 0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6, 0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, 0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872, 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c, 0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e, 0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9, 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf];
- sBox[1] = [0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651, 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, 0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb, 0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b, 0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359, 0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b, 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c, 0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34, 0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb, 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd, 0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860, 0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b, 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, 0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b, 0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c, 0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13, 0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f, 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, 0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6, 0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58, 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, 0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, 0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6, 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, 0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6, 0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f, 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, 0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, 0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9, 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1];
- sBox[2] = [0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90, 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5, 0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e, 0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240, 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, 0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, 0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71, 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, 0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, 0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15, 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2, 0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176, 0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148, 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc, 0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, 0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e, 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, 0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f, 0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a, 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b, 0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, 0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, 0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536, 0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, 0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69, 0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49, 0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d, 0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a, 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783];
- sBox[3] = [0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1, 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf, 0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15, 0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121, 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25, 0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, 0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb, 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5, 0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d, 0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6, 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23, 0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003, 0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119, 0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, 0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a, 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79, 0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df, 0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab, 0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7, 0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2, 0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2, 0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919, 0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, 0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab, 0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04, 0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282, 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2];
- sBox[4] = [0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f, 0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a, 0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff, 0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02, 0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, 0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7, 0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9, 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, 0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774, 0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655, 0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2, 0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910, 0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1, 0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da, 0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049, 0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f, 0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba, 0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, 0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3, 0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840, 0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4, 0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2, 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, 0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5, 0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e, 0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e, 0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801, 0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, 0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, 0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20, 0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8, 0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4];
- sBox[5] = [0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac, 0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138, 0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367, 0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98, 0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, 0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3, 0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd, 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, 0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9, 0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54, 0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387, 0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc, 0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf, 0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf, 0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f, 0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289, 0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950, 0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, 0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b, 0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be, 0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13, 0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976, 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, 0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891, 0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da, 0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc, 0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084, 0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25, 0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121, 0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5, 0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd, 0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f];
- sBox[6] = [0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f, 0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de, 0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, 0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19, 0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2, 0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516, 0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88, 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, 0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756, 0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a, 0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264, 0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688, 0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28, 0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3, 0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7, 0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, 0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, 0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a, 0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566, 0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, 0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962, 0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e, 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, 0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c, 0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285, 0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301, 0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be, 0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767, 0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647, 0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914, 0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c, 0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3];
- sBox[7] = [0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5, 0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc, 0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd, 0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d, 0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2, 0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862, 0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc, 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, 0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e, 0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039, 0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, 0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42, 0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5, 0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472, 0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225, 0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c, 0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb, 0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054, 0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70, 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc, 0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c, 0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3, 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, 0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101, 0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f, 0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e, 0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a, 0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c, 0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384, 0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c, 0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82, 0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e];
- }
- function Cast5(key) {
- this.cast5 = new OpenpgpSymencCast5();
- this.cast5.setKey(key);
- this.encrypt = function (block) {
- return this.cast5.encrypt(block);
- };
- }
- Cast5.blockSize = Cast5.prototype.blockSize = 8;
- Cast5.keySize = Cast5.prototype.keySize = 16;
- exports.default = Cast5;
- },{}],85:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- //Paul Tero, July 2001
- //http://www.tero.co.uk/des/
- //
- //Optimised for performance with large blocks by Michael Hayworth, November 2001
- //http://www.netdealing.com
- //
- // Modified by Recurity Labs GmbH
- //THIS SOFTWARE IS PROVIDED "AS IS" AND
- //ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- //ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- //OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- //HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- //LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- //OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- //SUCH DAMAGE.
- //des
- //this takes the key, the message, and whether to encrypt or decrypt
- function des(keys, message, encrypt, mode, iv, padding) {
- //declaring this locally speeds things up a bit
- const spfunction1 = [0x1010400, 0, 0x10000, 0x1010404, 0x1010004, 0x10404, 0x4, 0x10000, 0x400, 0x1010400, 0x1010404, 0x400, 0x1000404, 0x1010004, 0x1000000, 0x4, 0x404, 0x1000400, 0x1000400, 0x10400, 0x10400, 0x1010000, 0x1010000, 0x1000404, 0x10004, 0x1000004, 0x1000004, 0x10004, 0, 0x404, 0x10404, 0x1000000, 0x10000, 0x1010404, 0x4, 0x1010000, 0x1010400, 0x1000000, 0x1000000, 0x400, 0x1010004, 0x10000, 0x10400, 0x1000004, 0x400, 0x4, 0x1000404, 0x10404, 0x1010404, 0x10004, 0x1010000, 0x1000404, 0x1000004, 0x404, 0x10404, 0x1010400, 0x404, 0x1000400, 0x1000400, 0, 0x10004, 0x10400, 0, 0x1010004];
- const spfunction2 = [-0x7fef7fe0, -0x7fff8000, 0x8000, 0x108020, 0x100000, 0x20, -0x7fefffe0, -0x7fff7fe0, -0x7fffffe0, -0x7fef7fe0, -0x7fef8000, -0x80000000, -0x7fff8000, 0x100000, 0x20, -0x7fefffe0, 0x108000, 0x100020, -0x7fff7fe0, 0, -0x80000000, 0x8000, 0x108020, -0x7ff00000, 0x100020, -0x7fffffe0, 0, 0x108000, 0x8020, -0x7fef8000, -0x7ff00000, 0x8020, 0, 0x108020, -0x7fefffe0, 0x100000, -0x7fff7fe0, -0x7ff00000, -0x7fef8000, 0x8000, -0x7ff00000, -0x7fff8000, 0x20, -0x7fef7fe0, 0x108020, 0x20, 0x8000, -0x80000000, 0x8020, -0x7fef8000, 0x100000, -0x7fffffe0, 0x100020, -0x7fff7fe0, -0x7fffffe0, 0x100020, 0x108000, 0, -0x7fff8000, 0x8020, -0x80000000, -0x7fefffe0, -0x7fef7fe0, 0x108000];
- const spfunction3 = [0x208, 0x8020200, 0, 0x8020008, 0x8000200, 0, 0x20208, 0x8000200, 0x20008, 0x8000008, 0x8000008, 0x20000, 0x8020208, 0x20008, 0x8020000, 0x208, 0x8000000, 0x8, 0x8020200, 0x200, 0x20200, 0x8020000, 0x8020008, 0x20208, 0x8000208, 0x20200, 0x20000, 0x8000208, 0x8, 0x8020208, 0x200, 0x8000000, 0x8020200, 0x8000000, 0x20008, 0x208, 0x20000, 0x8020200, 0x8000200, 0, 0x200, 0x20008, 0x8020208, 0x8000200, 0x8000008, 0x200, 0, 0x8020008, 0x8000208, 0x20000, 0x8000000, 0x8020208, 0x8, 0x20208, 0x20200, 0x8000008, 0x8020000, 0x8000208, 0x208, 0x8020000, 0x20208, 0x8, 0x8020008, 0x20200];
- const spfunction4 = [0x802001, 0x2081, 0x2081, 0x80, 0x802080, 0x800081, 0x800001, 0x2001, 0, 0x802000, 0x802000, 0x802081, 0x81, 0, 0x800080, 0x800001, 0x1, 0x2000, 0x800000, 0x802001, 0x80, 0x800000, 0x2001, 0x2080, 0x800081, 0x1, 0x2080, 0x800080, 0x2000, 0x802080, 0x802081, 0x81, 0x800080, 0x800001, 0x802000, 0x802081, 0x81, 0, 0, 0x802000, 0x2080, 0x800080, 0x800081, 0x1, 0x802001, 0x2081, 0x2081, 0x80, 0x802081, 0x81, 0x1, 0x2000, 0x800001, 0x2001, 0x802080, 0x800081, 0x2001, 0x2080, 0x800000, 0x802001, 0x80, 0x800000, 0x2000, 0x802080];
- const spfunction5 = [0x100, 0x2080100, 0x2080000, 0x42000100, 0x80000, 0x100, 0x40000000, 0x2080000, 0x40080100, 0x80000, 0x2000100, 0x40080100, 0x42000100, 0x42080000, 0x80100, 0x40000000, 0x2000000, 0x40080000, 0x40080000, 0, 0x40000100, 0x42080100, 0x42080100, 0x2000100, 0x42080000, 0x40000100, 0, 0x42000000, 0x2080100, 0x2000000, 0x42000000, 0x80100, 0x80000, 0x42000100, 0x100, 0x2000000, 0x40000000, 0x2080000, 0x42000100, 0x40080100, 0x2000100, 0x40000000, 0x42080000, 0x2080100, 0x40080100, 0x100, 0x2000000, 0x42080000, 0x42080100, 0x80100, 0x42000000, 0x42080100, 0x2080000, 0, 0x40080000, 0x42000000, 0x80100, 0x2000100, 0x40000100, 0x80000, 0, 0x40080000, 0x2080100, 0x40000100];
- const spfunction6 = [0x20000010, 0x20400000, 0x4000, 0x20404010, 0x20400000, 0x10, 0x20404010, 0x400000, 0x20004000, 0x404010, 0x400000, 0x20000010, 0x400010, 0x20004000, 0x20000000, 0x4010, 0, 0x400010, 0x20004010, 0x4000, 0x404000, 0x20004010, 0x10, 0x20400010, 0x20400010, 0, 0x404010, 0x20404000, 0x4010, 0x404000, 0x20404000, 0x20000000, 0x20004000, 0x10, 0x20400010, 0x404000, 0x20404010, 0x400000, 0x4010, 0x20000010, 0x400000, 0x20004000, 0x20000000, 0x4010, 0x20000010, 0x20404010, 0x404000, 0x20400000, 0x404010, 0x20404000, 0, 0x20400010, 0x10, 0x4000, 0x20400000, 0x404010, 0x4000, 0x400010, 0x20004010, 0, 0x20404000, 0x20000000, 0x400010, 0x20004010];
- const spfunction7 = [0x200000, 0x4200002, 0x4000802, 0, 0x800, 0x4000802, 0x200802, 0x4200800, 0x4200802, 0x200000, 0, 0x4000002, 0x2, 0x4000000, 0x4200002, 0x802, 0x4000800, 0x200802, 0x200002, 0x4000800, 0x4000002, 0x4200000, 0x4200800, 0x200002, 0x4200000, 0x800, 0x802, 0x4200802, 0x200800, 0x2, 0x4000000, 0x200800, 0x4000000, 0x200800, 0x200000, 0x4000802, 0x4000802, 0x4200002, 0x4200002, 0x2, 0x200002, 0x4000000, 0x4000800, 0x200000, 0x4200800, 0x802, 0x200802, 0x4200800, 0x802, 0x4000002, 0x4200802, 0x4200000, 0x200800, 0, 0x2, 0x4200802, 0, 0x200802, 0x4200000, 0x800, 0x4000002, 0x4000800, 0x800, 0x200002];
- const spfunction8 = [0x10001040, 0x1000, 0x40000, 0x10041040, 0x10000000, 0x10001040, 0x40, 0x10000000, 0x40040, 0x10040000, 0x10041040, 0x41000, 0x10041000, 0x41040, 0x1000, 0x40, 0x10040000, 0x10000040, 0x10001000, 0x1040, 0x41000, 0x40040, 0x10040040, 0x10041000, 0x1040, 0, 0, 0x10040040, 0x10000040, 0x10001000, 0x41040, 0x40000, 0x41040, 0x40000, 0x10041000, 0x1000, 0x40, 0x10040040, 0x1000, 0x41040, 0x10001000, 0x40, 0x10000040, 0x10040000, 0x10040040, 0x10000000, 0x40000, 0x10001040, 0, 0x10041040, 0x40040, 0x10000040, 0x10040000, 0x10001000, 0x10001040, 0, 0x10041040, 0x41000, 0x41000, 0x1040, 0x1040, 0x40040, 0x10000000, 0x10041000];
- //create the 16 or 48 subkeys we will need
- let m = 0;
- let i;
- let j;
- let temp;
- let right1;
- let right2;
- let left;
- let right;
- let looping;
- let cbcleft;
- let cbcleft2;
- let cbcright;
- let cbcright2;
- let endloop;
- let loopinc;
- let len = message.length;
- //set up the loops for single and triple des
- const iterations = keys.length === 32 ? 3 : 9; //single or triple des
- if (iterations === 3) {
- looping = encrypt ? [0, 32, 2] : [30, -2, -2];
- } else {
- looping = encrypt ? [0, 32, 2, 62, 30, -2, 64, 96, 2] : [94, 62, -2, 32, 64, 2, 30, -2, -2];
- }
- //pad the message depending on the padding parameter
- //only add padding if encrypting - note that you need to use the same padding option for both encrypt and decrypt
- if (encrypt) {
- message = des_addPadding(message, padding);
- len = message.length;
- }
- //store the result here
- let result = new Uint8Array(len);
- let k = 0;
- if (mode === 1) {
- //CBC mode
- cbcleft = iv[m++] << 24 | iv[m++] << 16 | iv[m++] << 8 | iv[m++];
- cbcright = iv[m++] << 24 | iv[m++] << 16 | iv[m++] << 8 | iv[m++];
- m = 0;
- }
- //loop through each 64 bit chunk of the message
- while (m < len) {
- left = message[m++] << 24 | message[m++] << 16 | message[m++] << 8 | message[m++];
- right = message[m++] << 24 | message[m++] << 16 | message[m++] << 8 | message[m++];
- //for Cipher Block Chaining mode, xor the message with the previous result
- if (mode === 1) {
- if (encrypt) {
- left ^= cbcleft;
- right ^= cbcright;
- } else {
- cbcleft2 = cbcleft;
- cbcright2 = cbcright;
- cbcleft = left;
- cbcright = right;
- }
- }
- //first each 64 but chunk of the message must be permuted according to IP
- temp = (left >>> 4 ^ right) & 0x0f0f0f0f;
- right ^= temp;
- left ^= temp << 4;
- temp = (left >>> 16 ^ right) & 0x0000ffff;
- right ^= temp;
- left ^= temp << 16;
- temp = (right >>> 2 ^ left) & 0x33333333;
- left ^= temp;
- right ^= temp << 2;
- temp = (right >>> 8 ^ left) & 0x00ff00ff;
- left ^= temp;
- right ^= temp << 8;
- temp = (left >>> 1 ^ right) & 0x55555555;
- right ^= temp;
- left ^= temp << 1;
- left = left << 1 | left >>> 31;
- right = right << 1 | right >>> 31;
- //do this either 1 or 3 times for each chunk of the message
- for (j = 0; j < iterations; j += 3) {
- endloop = looping[j + 1];
- loopinc = looping[j + 2];
- //now go through and perform the encryption or decryption
- for (i = looping[j]; i !== endloop; i += loopinc) {
- //for efficiency
- right1 = right ^ keys[i];
- right2 = (right >>> 4 | right << 28) ^ keys[i + 1];
- //the result is attained by passing these bytes through the S selection functions
- temp = left;
- left = right;
- right = temp ^ (spfunction2[right1 >>> 24 & 0x3f] | spfunction4[right1 >>> 16 & 0x3f] | spfunction6[right1 >>> 8 & 0x3f] | spfunction8[right1 & 0x3f] | spfunction1[right2 >>> 24 & 0x3f] | spfunction3[right2 >>> 16 & 0x3f] | spfunction5[right2 >>> 8 & 0x3f] | spfunction7[right2 & 0x3f]);
- }
- temp = left;
- left = right;
- right = temp; //unreverse left and right
- } //for either 1 or 3 iterations
- //move then each one bit to the right
- left = left >>> 1 | left << 31;
- right = right >>> 1 | right << 31;
- //now perform IP-1, which is IP in the opposite direction
- temp = (left >>> 1 ^ right) & 0x55555555;
- right ^= temp;
- left ^= temp << 1;
- temp = (right >>> 8 ^ left) & 0x00ff00ff;
- left ^= temp;
- right ^= temp << 8;
- temp = (right >>> 2 ^ left) & 0x33333333;
- left ^= temp;
- right ^= temp << 2;
- temp = (left >>> 16 ^ right) & 0x0000ffff;
- right ^= temp;
- left ^= temp << 16;
- temp = (left >>> 4 ^ right) & 0x0f0f0f0f;
- right ^= temp;
- left ^= temp << 4;
- //for Cipher Block Chaining mode, xor the message with the previous result
- if (mode === 1) {
- if (encrypt) {
- cbcleft = left;
- cbcright = right;
- } else {
- left ^= cbcleft2;
- right ^= cbcright2;
- }
- }
- result[k++] = left >>> 24;
- result[k++] = left >>> 16 & 0xff;
- result[k++] = left >>> 8 & 0xff;
- result[k++] = left & 0xff;
- result[k++] = right >>> 24;
- result[k++] = right >>> 16 & 0xff;
- result[k++] = right >>> 8 & 0xff;
- result[k++] = right & 0xff;
- } //for every 8 characters, or 64 bits in the message
- //only remove padding if decrypting - note that you need to use the same padding option for both encrypt and decrypt
- if (!encrypt) {
- result = des_removePadding(result, padding);
- }
- return result;
- } //end of des
- //des_createKeys
- //this takes as input a 64 bit key (even though only 56 bits are used)
- //as an array of 2 integers, and returns 16 48 bit keys
- function des_createKeys(key) {
- //declaring this locally speeds things up a bit
- const pc2bytes0 = [0, 0x4, 0x20000000, 0x20000004, 0x10000, 0x10004, 0x20010000, 0x20010004, 0x200, 0x204, 0x20000200, 0x20000204, 0x10200, 0x10204, 0x20010200, 0x20010204];
- const pc2bytes1 = [0, 0x1, 0x100000, 0x100001, 0x4000000, 0x4000001, 0x4100000, 0x4100001, 0x100, 0x101, 0x100100, 0x100101, 0x4000100, 0x4000101, 0x4100100, 0x4100101];
- const pc2bytes2 = [0, 0x8, 0x800, 0x808, 0x1000000, 0x1000008, 0x1000800, 0x1000808, 0, 0x8, 0x800, 0x808, 0x1000000, 0x1000008, 0x1000800, 0x1000808];
- const pc2bytes3 = [0, 0x200000, 0x8000000, 0x8200000, 0x2000, 0x202000, 0x8002000, 0x8202000, 0x20000, 0x220000, 0x8020000, 0x8220000, 0x22000, 0x222000, 0x8022000, 0x8222000];
- const pc2bytes4 = [0, 0x40000, 0x10, 0x40010, 0, 0x40000, 0x10, 0x40010, 0x1000, 0x41000, 0x1010, 0x41010, 0x1000, 0x41000, 0x1010, 0x41010];
- const pc2bytes5 = [0, 0x400, 0x20, 0x420, 0, 0x400, 0x20, 0x420, 0x2000000, 0x2000400, 0x2000020, 0x2000420, 0x2000000, 0x2000400, 0x2000020, 0x2000420];
- const pc2bytes6 = [0, 0x10000000, 0x80000, 0x10080000, 0x2, 0x10000002, 0x80002, 0x10080002, 0, 0x10000000, 0x80000, 0x10080000, 0x2, 0x10000002, 0x80002, 0x10080002];
- const pc2bytes7 = [0, 0x10000, 0x800, 0x10800, 0x20000000, 0x20010000, 0x20000800, 0x20010800, 0x20000, 0x30000, 0x20800, 0x30800, 0x20020000, 0x20030000, 0x20020800, 0x20030800];
- const pc2bytes8 = [0, 0x40000, 0, 0x40000, 0x2, 0x40002, 0x2, 0x40002, 0x2000000, 0x2040000, 0x2000000, 0x2040000, 0x2000002, 0x2040002, 0x2000002, 0x2040002];
- const pc2bytes9 = [0, 0x10000000, 0x8, 0x10000008, 0, 0x10000000, 0x8, 0x10000008, 0x400, 0x10000400, 0x408, 0x10000408, 0x400, 0x10000400, 0x408, 0x10000408];
- const pc2bytes10 = [0, 0x20, 0, 0x20, 0x100000, 0x100020, 0x100000, 0x100020, 0x2000, 0x2020, 0x2000, 0x2020, 0x102000, 0x102020, 0x102000, 0x102020];
- const pc2bytes11 = [0, 0x1000000, 0x200, 0x1000200, 0x200000, 0x1200000, 0x200200, 0x1200200, 0x4000000, 0x5000000, 0x4000200, 0x5000200, 0x4200000, 0x5200000, 0x4200200, 0x5200200];
- const pc2bytes12 = [0, 0x1000, 0x8000000, 0x8001000, 0x80000, 0x81000, 0x8080000, 0x8081000, 0x10, 0x1010, 0x8000010, 0x8001010, 0x80010, 0x81010, 0x8080010, 0x8081010];
- const pc2bytes13 = [0, 0x4, 0x100, 0x104, 0, 0x4, 0x100, 0x104, 0x1, 0x5, 0x101, 0x105, 0x1, 0x5, 0x101, 0x105];
- //how many iterations (1 for des, 3 for triple des)
- const iterations = key.length > 8 ? 3 : 1; //changed by Paul 16/6/2007 to use Triple DES for 9+ byte keys
- //stores the return keys
- const keys = new Array(32 * iterations);
- //now define the left shifts which need to be done
- const shifts = [0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0];
- //other variables
- let lefttemp;
- let righttemp;
- let m = 0;
- let n = 0;
- let temp;
- for (let j = 0; j < iterations; j++) {
- //either 1 or 3 iterations
- let left = key[m++] << 24 | key[m++] << 16 | key[m++] << 8 | key[m++];
- let right = key[m++] << 24 | key[m++] << 16 | key[m++] << 8 | key[m++];
- temp = (left >>> 4 ^ right) & 0x0f0f0f0f;
- right ^= temp;
- left ^= temp << 4;
- temp = (right >>> -16 ^ left) & 0x0000ffff;
- left ^= temp;
- right ^= temp << -16;
- temp = (left >>> 2 ^ right) & 0x33333333;
- right ^= temp;
- left ^= temp << 2;
- temp = (right >>> -16 ^ left) & 0x0000ffff;
- left ^= temp;
- right ^= temp << -16;
- temp = (left >>> 1 ^ right) & 0x55555555;
- right ^= temp;
- left ^= temp << 1;
- temp = (right >>> 8 ^ left) & 0x00ff00ff;
- left ^= temp;
- right ^= temp << 8;
- temp = (left >>> 1 ^ right) & 0x55555555;
- right ^= temp;
- left ^= temp << 1;
- //the right side needs to be shifted and to get the last four bits of the left side
- temp = left << 8 | right >>> 20 & 0x000000f0;
- //left needs to be put upside down
- left = right << 24 | right << 8 & 0xff0000 | right >>> 8 & 0xff00 | right >>> 24 & 0xf0;
- right = temp;
- //now go through and perform these shifts on the left and right keys
- for (let i = 0; i < shifts.length; i++) {
- //shift the keys either one or two bits to the left
- if (shifts[i]) {
- left = left << 2 | left >>> 26;
- right = right << 2 | right >>> 26;
- } else {
- left = left << 1 | left >>> 27;
- right = right << 1 | right >>> 27;
- }
- left &= -0xf;
- right &= -0xf;
- //now apply PC-2, in such a way that E is easier when encrypting or decrypting
- //this conversion will look like PC-2 except only the last 6 bits of each byte are used
- //rather than 48 consecutive bits and the order of lines will be according to
- //how the S selection functions will be applied: S2, S4, S6, S8, S1, S3, S5, S7
- lefttemp = pc2bytes0[left >>> 28] | pc2bytes1[left >>> 24 & 0xf] | pc2bytes2[left >>> 20 & 0xf] | pc2bytes3[left >>> 16 & 0xf] | pc2bytes4[left >>> 12 & 0xf] | pc2bytes5[left >>> 8 & 0xf] | pc2bytes6[left >>> 4 & 0xf];
- righttemp = pc2bytes7[right >>> 28] | pc2bytes8[right >>> 24 & 0xf] | pc2bytes9[right >>> 20 & 0xf] | pc2bytes10[right >>> 16 & 0xf] | pc2bytes11[right >>> 12 & 0xf] | pc2bytes12[right >>> 8 & 0xf] | pc2bytes13[right >>> 4 & 0xf];
- temp = (righttemp >>> 16 ^ lefttemp) & 0x0000ffff;
- keys[n++] = lefttemp ^ temp;
- keys[n++] = righttemp ^ temp << 16;
- }
- } //for each iterations
- //return the keys we've created
- return keys;
- } //end of des_createKeys
- function des_addPadding(message, padding) {
- const padLength = 8 - message.length % 8;
- let pad;
- if (padding === 2 && padLength < 8) {
- //pad the message with spaces
- pad = " ".charCodeAt(0);
- } else if (padding === 1) {
- //PKCS7 padding
- pad = padLength;
- } else if (!padding && padLength < 8) {
- //pad the message out with null bytes
- pad = 0;
- } else if (padLength === 8) {
- return message;
- } else {
- throw new Error('des: invalid padding');
- }
- const paddedMessage = new Uint8Array(message.length + padLength);
- for (let i = 0; i < message.length; i++) {
- paddedMessage[i] = message[i];
- }
- for (let j = 0; j < padLength; j++) {
- paddedMessage[message.length + j] = pad;
- }
- return paddedMessage;
- }
- function des_removePadding(message, padding) {
- let padLength = null;
- let pad;
- if (padding === 2) {
- // space padded
- pad = " ".charCodeAt(0);
- } else if (padding === 1) {
- // PKCS7
- padLength = message[message.length - 1];
- } else if (!padding) {
- // null padding
- pad = 0;
- } else {
- throw new Error('des: invalid padding');
- }
- if (!padLength) {
- padLength = 1;
- while (message[message.length - padLength] === pad) {
- padLength++;
- }
- padLength--;
- }
- return message.subarray(0, message.length - padLength);
- }
- // added by Recurity Labs
- function TripleDES(key) {
- this.key = [];
- for (let i = 0; i < 3; i++) {
- this.key.push(new Uint8Array(key.subarray(i * 8, i * 8 + 8)));
- }
- this.encrypt = function (block) {
- return des(des_createKeys(this.key[2]), des(des_createKeys(this.key[1]), des(des_createKeys(this.key[0]), block, true, 0, null, null), false, 0, null, null), true, 0, null, null);
- };
- }
- TripleDES.keySize = TripleDES.prototype.keySize = 24;
- TripleDES.blockSize = TripleDES.prototype.blockSize = 8;
- // This is "original" DES
- function DES(key) {
- this.key = key;
- this.encrypt = function (block, padding) {
- const keys = des_createKeys(this.key);
- return des(keys, block, true, 0, null, padding);
- };
- this.decrypt = function (block, padding) {
- const keys = des_createKeys(this.key);
- return des(keys, block, false, 0, null, padding);
- };
- }
- exports.default = { DES, TripleDES };
- },{}],86:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _aes = require('./aes');
- var _aes2 = _interopRequireDefault(_aes);
- var _des = require('./des.js');
- var _des2 = _interopRequireDefault(_des);
- var _cast = require('./cast5');
- var _cast2 = _interopRequireDefault(_cast);
- var _twofish = require('./twofish');
- var _twofish2 = _interopRequireDefault(_twofish);
- var _blowfish = require('./blowfish');
- var _blowfish2 = _interopRequireDefault(_blowfish);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = {
- /**
- * AES-128 encryption and decryption (ID 7)
- * @function
- * @param {String} key 128-bit key
- * @see {@link https://github.com/asmcrypto/asmcrypto.js|asmCrypto}
- * @see {@link https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf|NIST FIPS-197}
- * @returns {Object}
- * @requires asmcrypto.js
- */
- aes128: (0, _aes2.default)(128),
- /**
- * AES-128 Block Cipher (ID 8)
- * @function
- * @param {String} key 192-bit key
- * @see {@link https://github.com/asmcrypto/asmcrypto.js|asmCrypto}
- * @see {@link https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf|NIST FIPS-197}
- * @returns {Object}
- * @requires asmcrypto.js
- */
- aes192: (0, _aes2.default)(192),
- /**
- * AES-128 Block Cipher (ID 9)
- * @function
- * @param {String} key 256-bit key
- * @see {@link https://github.com/asmcrypto/asmcrypto.js|asmCrypto}
- * @see {@link https://csrc.nist.gov/publications/fips/fips197/fips-197.pdf|NIST FIPS-197}
- * @returns {Object}
- * @requires asmcrypto.js
- */
- aes256: (0, _aes2.default)(256),
- // Not in OpenPGP specifications
- des: _des2.default.DES,
- /**
- * Triple DES Block Cipher (ID 2)
- * @function
- * @param {String} key 192-bit key
- * @see {@link https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf|NIST SP 800-67}
- * @returns {Object}
- */
- tripledes: _des2.default.TripleDES,
- '3des': _des2.default.TripleDES,
- /**
- * CAST-128 Block Cipher (ID 3)
- * @function
- * @param {String} key 128-bit key
- * @see {@link https://tools.ietf.org/html/rfc2144|The CAST-128 Encryption Algorithm}
- * @returns {Object}
- */
- cast5: _cast2.default,
- /**
- * Twofish Block Cipher (ID 10)
- * @function
- * @param {String} key 256-bit key
- * @see {@link https://tools.ietf.org/html/rfc4880#ref-TWOFISH|TWOFISH}
- * @returns {Object}
- */
- twofish: _twofish2.default,
- /**
- * Blowfish Block Cipher (ID 4)
- * @function
- * @param {String} key 128-bit key
- * @see {@link https://tools.ietf.org/html/rfc4880#ref-BLOWFISH|BLOWFISH}
- * @returns {Object}
- */
- blowfish: _blowfish2.default,
- /**
- * Not implemented
- * @function
- * @throws {Error}
- */
- idea: function idea() {
- throw new Error('IDEA symmetric-key algorithm not implemented');
- }
- }; /**
- * @fileoverview Symmetric cryptography functions
- * @requires crypto/cipher/aes
- * @requires crypto/cipher/des
- * @requires crypto/cipher/cast5
- * @requires crypto/cipher/twofish
- * @requires crypto/cipher/blowfish
- * @module crypto/cipher
- */
- },{"./aes":82,"./blowfish":83,"./cast5":84,"./des.js":85,"./twofish":87}],87:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- /* eslint-disable no-mixed-operators, no-fallthrough */
- /* Modified by Recurity Labs GmbH
- *
- * Cipher.js
- * A block-cipher algorithm implementation on JavaScript
- * See Cipher.readme.txt for further information.
- *
- * Copyright(c) 2009 Atsushi Oka [ http://oka.nu/ ]
- * This script file is distributed under the LGPL
- *
- * ACKNOWLEDGMENT
- *
- * The main subroutines are written by Michiel van Everdingen.
- *
- * Michiel van Everdingen
- * http://home.versatel.nl/MAvanEverdingen/index.html
- *
- * All rights for these routines are reserved to Michiel van Everdingen.
- *
- */
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- //Math
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- const MAXINT = 0xFFFFFFFF;
- function rotw(w, n) {
- return (w << n | w >>> 32 - n) & MAXINT;
- }
- function getW(a, i) {
- return a[i] | a[i + 1] << 8 | a[i + 2] << 16 | a[i + 3] << 24;
- }
- function setW(a, i, w) {
- a.splice(i, 4, w & 0xFF, w >>> 8 & 0xFF, w >>> 16 & 0xFF, w >>> 24 & 0xFF);
- }
- function getB(x, n) {
- return x >>> n * 8 & 0xFF;
- }
- // //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- // Twofish
- // //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- function createTwofish() {
- //
- let keyBytes = null;
- let dataBytes = null;
- let dataOffset = -1;
- // var dataLength = -1;
- // var idx2 = -1;
- //
- let tfsKey = [];
- let tfsM = [[], [], [], []];
- function tfsInit(key) {
- keyBytes = key;
- let i;
- let a;
- let b;
- let c;
- let d;
- const meKey = [];
- const moKey = [];
- const inKey = [];
- let kLen;
- const sKey = [];
- let f01;
- let f5b;
- let fef;
- const q0 = [[8, 1, 7, 13, 6, 15, 3, 2, 0, 11, 5, 9, 14, 12, 10, 4], [2, 8, 11, 13, 15, 7, 6, 14, 3, 1, 9, 4, 0, 10, 12, 5]];
- const q1 = [[14, 12, 11, 8, 1, 2, 3, 5, 15, 4, 10, 6, 7, 0, 9, 13], [1, 14, 2, 11, 4, 12, 3, 7, 6, 13, 10, 5, 15, 9, 0, 8]];
- const q2 = [[11, 10, 5, 14, 6, 13, 9, 0, 12, 8, 15, 3, 2, 4, 7, 1], [4, 12, 7, 5, 1, 6, 9, 10, 0, 14, 13, 8, 2, 11, 3, 15]];
- const q3 = [[13, 7, 15, 4, 1, 2, 6, 14, 9, 11, 3, 0, 8, 5, 12, 10], [11, 9, 5, 1, 12, 3, 13, 14, 6, 4, 7, 15, 2, 0, 8, 10]];
- const ror4 = [0, 8, 1, 9, 2, 10, 3, 11, 4, 12, 5, 13, 6, 14, 7, 15];
- const ashx = [0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12, 5, 14, 7];
- const q = [[], []];
- const m = [[], [], [], []];
- function ffm5b(x) {
- return x ^ x >> 2 ^ [0, 90, 180, 238][x & 3];
- }
- function ffmEf(x) {
- return x ^ x >> 1 ^ x >> 2 ^ [0, 238, 180, 90][x & 3];
- }
- function mdsRem(p, q) {
- let i;
- let t;
- let u;
- for (i = 0; i < 8; i++) {
- t = q >>> 24;
- q = q << 8 & MAXINT | p >>> 24;
- p = p << 8 & MAXINT;
- u = t << 1;
- if (t & 128) {
- u ^= 333;
- }
- q ^= t ^ u << 16;
- u ^= t >>> 1;
- if (t & 1) {
- u ^= 166;
- }
- q ^= u << 24 | u << 8;
- }
- return q;
- }
- function qp(n, x) {
- const a = x >> 4;
- const b = x & 15;
- const c = q0[n][a ^ b];
- const d = q1[n][ror4[b] ^ ashx[a]];
- return q3[n][ror4[d] ^ ashx[c]] << 4 | q2[n][c ^ d];
- }
- function hFun(x, key) {
- let a = getB(x, 0);
- let b = getB(x, 1);
- let c = getB(x, 2);
- let d = getB(x, 3);
- switch (kLen) {
- case 4:
- a = q[1][a] ^ getB(key[3], 0);
- b = q[0][b] ^ getB(key[3], 1);
- c = q[0][c] ^ getB(key[3], 2);
- d = q[1][d] ^ getB(key[3], 3);
- case 3:
- a = q[1][a] ^ getB(key[2], 0);
- b = q[1][b] ^ getB(key[2], 1);
- c = q[0][c] ^ getB(key[2], 2);
- d = q[0][d] ^ getB(key[2], 3);
- case 2:
- a = q[0][q[0][a] ^ getB(key[1], 0)] ^ getB(key[0], 0);
- b = q[0][q[1][b] ^ getB(key[1], 1)] ^ getB(key[0], 1);
- c = q[1][q[0][c] ^ getB(key[1], 2)] ^ getB(key[0], 2);
- d = q[1][q[1][d] ^ getB(key[1], 3)] ^ getB(key[0], 3);
- }
- return m[0][a] ^ m[1][b] ^ m[2][c] ^ m[3][d];
- }
- keyBytes = keyBytes.slice(0, 32);
- i = keyBytes.length;
- while (i !== 16 && i !== 24 && i !== 32) {
- keyBytes[i++] = 0;
- }
- for (i = 0; i < keyBytes.length; i += 4) {
- inKey[i >> 2] = getW(keyBytes, i);
- }
- for (i = 0; i < 256; i++) {
- q[0][i] = qp(0, i);
- q[1][i] = qp(1, i);
- }
- for (i = 0; i < 256; i++) {
- f01 = q[1][i];
- f5b = ffm5b(f01);
- fef = ffmEf(f01);
- m[0][i] = f01 + (f5b << 8) + (fef << 16) + (fef << 24);
- m[2][i] = f5b + (fef << 8) + (f01 << 16) + (fef << 24);
- f01 = q[0][i];
- f5b = ffm5b(f01);
- fef = ffmEf(f01);
- m[1][i] = fef + (fef << 8) + (f5b << 16) + (f01 << 24);
- m[3][i] = f5b + (f01 << 8) + (fef << 16) + (f5b << 24);
- }
- kLen = inKey.length / 2;
- for (i = 0; i < kLen; i++) {
- a = inKey[i + i];
- meKey[i] = a;
- b = inKey[i + i + 1];
- moKey[i] = b;
- sKey[kLen - i - 1] = mdsRem(a, b);
- }
- for (i = 0; i < 40; i += 2) {
- a = 0x1010101 * i;
- b = a + 0x1010101;
- a = hFun(a, meKey);
- b = rotw(hFun(b, moKey), 8);
- tfsKey[i] = a + b & MAXINT;
- tfsKey[i + 1] = rotw(a + 2 * b, 9);
- }
- for (i = 0; i < 256; i++) {
- a = b = c = d = i;
- switch (kLen) {
- case 4:
- a = q[1][a] ^ getB(sKey[3], 0);
- b = q[0][b] ^ getB(sKey[3], 1);
- c = q[0][c] ^ getB(sKey[3], 2);
- d = q[1][d] ^ getB(sKey[3], 3);
- case 3:
- a = q[1][a] ^ getB(sKey[2], 0);
- b = q[1][b] ^ getB(sKey[2], 1);
- c = q[0][c] ^ getB(sKey[2], 2);
- d = q[0][d] ^ getB(sKey[2], 3);
- case 2:
- tfsM[0][i] = m[0][q[0][q[0][a] ^ getB(sKey[1], 0)] ^ getB(sKey[0], 0)];
- tfsM[1][i] = m[1][q[0][q[1][b] ^ getB(sKey[1], 1)] ^ getB(sKey[0], 1)];
- tfsM[2][i] = m[2][q[1][q[0][c] ^ getB(sKey[1], 2)] ^ getB(sKey[0], 2)];
- tfsM[3][i] = m[3][q[1][q[1][d] ^ getB(sKey[1], 3)] ^ getB(sKey[0], 3)];
- }
- }
- }
- function tfsG0(x) {
- return tfsM[0][getB(x, 0)] ^ tfsM[1][getB(x, 1)] ^ tfsM[2][getB(x, 2)] ^ tfsM[3][getB(x, 3)];
- }
- function tfsG1(x) {
- return tfsM[0][getB(x, 3)] ^ tfsM[1][getB(x, 0)] ^ tfsM[2][getB(x, 1)] ^ tfsM[3][getB(x, 2)];
- }
- function tfsFrnd(r, blk) {
- let a = tfsG0(blk[0]);
- let b = tfsG1(blk[1]);
- blk[2] = rotw(blk[2] ^ a + b + tfsKey[4 * r + 8] & MAXINT, 31);
- blk[3] = rotw(blk[3], 1) ^ a + 2 * b + tfsKey[4 * r + 9] & MAXINT;
- a = tfsG0(blk[2]);
- b = tfsG1(blk[3]);
- blk[0] = rotw(blk[0] ^ a + b + tfsKey[4 * r + 10] & MAXINT, 31);
- blk[1] = rotw(blk[1], 1) ^ a + 2 * b + tfsKey[4 * r + 11] & MAXINT;
- }
- function tfsIrnd(i, blk) {
- let a = tfsG0(blk[0]);
- let b = tfsG1(blk[1]);
- blk[2] = rotw(blk[2], 1) ^ a + b + tfsKey[4 * i + 10] & MAXINT;
- blk[3] = rotw(blk[3] ^ a + 2 * b + tfsKey[4 * i + 11] & MAXINT, 31);
- a = tfsG0(blk[2]);
- b = tfsG1(blk[3]);
- blk[0] = rotw(blk[0], 1) ^ a + b + tfsKey[4 * i + 8] & MAXINT;
- blk[1] = rotw(blk[1] ^ a + 2 * b + tfsKey[4 * i + 9] & MAXINT, 31);
- }
- function tfsClose() {
- tfsKey = [];
- tfsM = [[], [], [], []];
- }
- function tfsEncrypt(data, offset) {
- dataBytes = data;
- dataOffset = offset;
- const blk = [getW(dataBytes, dataOffset) ^ tfsKey[0], getW(dataBytes, dataOffset + 4) ^ tfsKey[1], getW(dataBytes, dataOffset + 8) ^ tfsKey[2], getW(dataBytes, dataOffset + 12) ^ tfsKey[3]];
- for (let j = 0; j < 8; j++) {
- tfsFrnd(j, blk);
- }
- setW(dataBytes, dataOffset, blk[2] ^ tfsKey[4]);
- setW(dataBytes, dataOffset + 4, blk[3] ^ tfsKey[5]);
- setW(dataBytes, dataOffset + 8, blk[0] ^ tfsKey[6]);
- setW(dataBytes, dataOffset + 12, blk[1] ^ tfsKey[7]);
- dataOffset += 16;
- return dataBytes;
- }
- function tfsDecrypt(data, offset) {
- dataBytes = data;
- dataOffset = offset;
- const blk = [getW(dataBytes, dataOffset) ^ tfsKey[4], getW(dataBytes, dataOffset + 4) ^ tfsKey[5], getW(dataBytes, dataOffset + 8) ^ tfsKey[6], getW(dataBytes, dataOffset + 12) ^ tfsKey[7]];
- for (let j = 7; j >= 0; j--) {
- tfsIrnd(j, blk);
- }
- setW(dataBytes, dataOffset, blk[2] ^ tfsKey[0]);
- setW(dataBytes, dataOffset + 4, blk[3] ^ tfsKey[1]);
- setW(dataBytes, dataOffset + 8, blk[0] ^ tfsKey[2]);
- setW(dataBytes, dataOffset + 12, blk[1] ^ tfsKey[3]);
- dataOffset += 16;
- }
- // added by Recurity Labs
- function tfsFinal() {
- return dataBytes;
- }
- return {
- name: "twofish",
- blocksize: 128 / 8,
- open: tfsInit,
- close: tfsClose,
- encrypt: tfsEncrypt,
- decrypt: tfsDecrypt,
- // added by Recurity Labs
- finalize: tfsFinal
- };
- }
- // added by Recurity Labs
- function TF(key) {
- this.tf = createTwofish();
- this.tf.open(Array.from(key), 0);
- this.encrypt = function (block) {
- return this.tf.encrypt(Array.from(block), 0);
- };
- }
- TF.keySize = TF.prototype.keySize = 32;
- TF.blockSize = TF.prototype.blockSize = 16;
- exports.default = TF;
- },{}],88:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _cbc = require('asmcrypto.js/dist_es5/aes/cbc');
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @fileoverview This module implements AES-CMAC on top of
- * native AES-CBC using either the WebCrypto API or Node.js' crypto API.
- * @requires asmcrypto.js
- * @requires util
- * @module crypto/cmac
- */
- const webCrypto = _util2.default.getWebCrypto();
- const nodeCrypto = _util2.default.getNodeCrypto();
- const Buffer = _util2.default.getNodeBuffer();
- /**
- * This implementation of CMAC is based on the description of OMAC in
- * http://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf. As per that
- * document:
- *
- * We have made a small modification to the OMAC algorithm as it was
- * originally presented, changing one of its two constants.
- * Specifically, the constant 4 at line 85 was the constant 1/2 (the
- * multiplicative inverse of 2) in the original definition of OMAC [14].
- * The OMAC authors indicate that they will promulgate this modification
- * [15], which slightly simplifies implementations.
- */
- const blockLength = 16;
- /**
- * xor `padding` into the end of `data`. This function implements "the
- * operation xor→ [which] xors the shorter string into the end of longer
- * one". Since data is always as least as long as padding, we can
- * simplify the implementation.
- * @param {Uint8Array} data
- * @param {Uint8Array} padding
- */
- function rightXorMut(data, padding) {
- const offset = data.length - blockLength;
- for (let i = 0; i < blockLength; i++) {
- data[i + offset] ^= padding[i];
- }
- return data;
- }
- function pad(data, padding, padding2) {
- // if |M| in {n, 2n, 3n, ...}
- if (data.length && data.length % blockLength === 0) {
- // then return M xor→ B,
- return rightXorMut(data, padding);
- }
- // else return (M || 10^(n−1−(|M| mod n))) xor→ P
- const padded = new Uint8Array(data.length + (blockLength - data.length % blockLength));
- padded.set(data);
- padded[data.length] = 0b10000000;
- return rightXorMut(padded, padding2);
- }
- const zeroBlock = new Uint8Array(blockLength);
- exports.default = async function CMAC(key) {
- const cbc = await CBC(key);
- // L ← E_K(0^n); B ← 2L; P ← 4L
- const padding = _util2.default.double((await cbc(zeroBlock)));
- const padding2 = _util2.default.double(padding);
- return async function (data) {
- // return CBC_K(pad(M; B, P))
- return (await cbc(pad(data, padding, padding2))).subarray(-blockLength);
- };
- };
- async function CBC(key) {
- if (_util2.default.getWebCrypto() && key.length !== 24) {
- // WebCrypto (no 192 bit support) see: https://www.chromium.org/blink/webcrypto#TOC-AES-support
- key = await webCrypto.importKey('raw', key, { name: 'AES-CBC', length: key.length * 8 }, false, ['encrypt']);
- return async function (pt) {
- const ct = await webCrypto.encrypt({ name: 'AES-CBC', iv: zeroBlock, length: blockLength * 8 }, key, pt);
- return new Uint8Array(ct).subarray(0, ct.byteLength - blockLength);
- };
- }
- if (_util2.default.getNodeCrypto()) {
- // Node crypto library
- key = Buffer.from(key);
- return async function (pt) {
- pt = Buffer.from(pt);
- const en = new nodeCrypto.createCipheriv('aes-' + key.length * 8 + '-cbc', key, zeroBlock);
- const ct = en.update(pt);
- return new Uint8Array(ct);
- };
- }
- // asm.js fallback
- return async function (pt) {
- return _cbc.AES_CBC.encrypt(pt, key, false, zeroBlock);
- };
- }
- },{"../util":158,"asmcrypto.js/dist_es5/aes/cbc":4}],89:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _public_key = require('./public_key');
- var _public_key2 = _interopRequireDefault(_public_key);
- var _cipher = require('./cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _random = require('./random');
- var _random2 = _interopRequireDefault(_random);
- var _ecdh_symkey = require('../type/ecdh_symkey');
- var _ecdh_symkey2 = _interopRequireDefault(_ecdh_symkey);
- var _kdf_params = require('../type/kdf_params');
- var _kdf_params2 = _interopRequireDefault(_kdf_params);
- var _mpi = require('../type/mpi');
- var _mpi2 = _interopRequireDefault(_mpi);
- var _oid = require('../type/oid');
- var _oid2 = _interopRequireDefault(_oid);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- var _pkcs = require('./pkcs1');
- var _pkcs2 = _interopRequireDefault(_pkcs);
- var _pkcs3 = require('./pkcs5');
- var _pkcs4 = _interopRequireDefault(_pkcs3);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- function constructParams(types, data) {
- return types.map(function (type, i) {
- if (data && data[i]) {
- return new type(data[i]);
- }
- return new type();
- });
- } // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- // The GPG4Browsers crypto interface
- /**
- * @fileoverview Provides functions for asymmetric encryption and decryption as
- * well as key generation and parameter handling for all public-key cryptosystems.
- * @requires crypto/public_key
- * @requires crypto/cipher
- * @requires crypto/random
- * @requires type/ecdh_symkey
- * @requires type/kdf_params
- * @requires type/mpi
- * @requires type/oid
- * @requires enums
- * @requires util
- * @module crypto/crypto
- */
- exports.default = {
- /**
- * Encrypts data using specified algorithm and public key parameters.
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1} for public key algorithms.
- * @param {module:enums.publicKey} algo Public key algorithm
- * @param {Array<module:type/mpi|
- module:type/oid|
- module:type/kdf_params>} pub_params Algorithm-specific public key parameters
- * @param {String} data Data to be encrypted
- * @param {String} fingerprint Recipient fingerprint
- * @returns {Array<module:type/mpi|
- * module:type/ecdh_symkey>} encrypted session key parameters
- * @async
- */
- publicKeyEncrypt: async function publicKeyEncrypt(algo, pub_params, data, fingerprint) {
- const types = this.getEncSessionKeyParamTypes(algo);
- switch (algo) {
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_encrypt_sign:
- {
- data = _util2.default.str_to_Uint8Array(data);
- const n = pub_params[0].toUint8Array();
- const e = pub_params[1].toUint8Array();
- const res = await _public_key2.default.rsa.encrypt(data, n, e);
- return constructParams(types, [res]);
- }
- case _enums2.default.publicKey.elgamal:
- {
- data = new _mpi2.default((await _pkcs2.default.eme.encode(data, pub_params[0].byteLength())));
- const m = data.toBN();
- const p = pub_params[0].toBN();
- const g = pub_params[1].toBN();
- const y = pub_params[2].toBN();
- const res = await _public_key2.default.elgamal.encrypt(m, p, g, y);
- return constructParams(types, [res.c1, res.c2]);
- }
- case _enums2.default.publicKey.ecdh:
- {
- data = new _mpi2.default(_pkcs4.default.encode(data));
- const oid = pub_params[0];
- const Q = pub_params[1].toUint8Array();
- const kdf_params = pub_params[2];
- var _ref = await _public_key2.default.elliptic.ecdh.encrypt(oid, kdf_params.cipher, kdf_params.hash, data, Q, fingerprint);
- const V = _ref.publicKey,
- C = _ref.wrappedKey;
- return constructParams(types, [V, C]);
- }
- default:
- return [];
- }
- },
- /**
- * Decrypts data using specified algorithm and private key parameters.
- * See {@link https://tools.ietf.org/html/rfc4880#section-5.5.3|RFC 4880 5.5.3}
- * @param {module:enums.publicKey} algo Public key algorithm
- * @param {Array<module:type/mpi|
- module:type/oid|
- module:type/kdf_params>} key_params Algorithm-specific public, private key parameters
- * @param {Array<module:type/mpi|
- module:type/ecdh_symkey>}
- data_params encrypted session key parameters
- * @param {String} fingerprint Recipient fingerprint
- * @returns {String} String containing the decrypted data
- * @async
- */
- publicKeyDecrypt: async function publicKeyDecrypt(algo, key_params, data_params, fingerprint) {
- switch (algo) {
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_encrypt:
- {
- const c = data_params[0].toUint8Array();
- const n = key_params[0].toUint8Array(); // n = pq
- const e = key_params[1].toUint8Array();
- const d = key_params[2].toUint8Array(); // de = 1 mod (p-1)(q-1)
- const p = key_params[3].toUint8Array();
- const q = key_params[4].toUint8Array();
- const u = key_params[5].toUint8Array(); // p^-1 mod q
- return _public_key2.default.rsa.decrypt(c, n, e, d, p, q, u);
- }
- case _enums2.default.publicKey.elgamal:
- {
- const c1 = data_params[0].toBN();
- const c2 = data_params[1].toBN();
- const p = key_params[0].toBN();
- const x = key_params[3].toBN();
- const result = new _mpi2.default((await _public_key2.default.elgamal.decrypt(c1, c2, p, x)));
- return _pkcs2.default.eme.decode(result.toString());
- }
- case _enums2.default.publicKey.ecdh:
- {
- const oid = key_params[0];
- const kdf_params = key_params[2];
- const V = data_params[0].toUint8Array();
- const C = data_params[1].data;
- const Q = key_params[1].toUint8Array();
- const d = key_params[3].toUint8Array();
- const result = new _mpi2.default((await _public_key2.default.elliptic.ecdh.decrypt(oid, kdf_params.cipher, kdf_params.hash, V, C, Q, d, fingerprint)));
- return _pkcs4.default.decode(result.toString());
- }
- default:
- throw new Error('Invalid public key encryption algorithm.');
- }
- },
- /** Returns the types comprising the private key of an algorithm
- * @param {String} algo The public key algorithm
- * @returns {Array<String>} The array of types
- */
- getPrivKeyParamTypes: function getPrivKeyParamTypes(algo) {
- switch (algo) {
- // Algorithm-Specific Fields for RSA secret keys:
- // - multiprecision integer (MPI) of RSA secret exponent d.
- // - MPI of RSA secret prime value p.
- // - MPI of RSA secret prime value q (p < q).
- // - MPI of u, the multiplicative inverse of p, mod q.
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_sign:
- return [_mpi2.default, _mpi2.default, _mpi2.default, _mpi2.default];
- // Algorithm-Specific Fields for Elgamal secret keys:
- // - MPI of Elgamal secret exponent x.
- case _enums2.default.publicKey.elgamal:
- return [_mpi2.default];
- // Algorithm-Specific Fields for DSA secret keys:
- // - MPI of DSA secret exponent x.
- case _enums2.default.publicKey.dsa:
- return [_mpi2.default];
- // Algorithm-Specific Fields for ECDSA or ECDH secret keys:
- // - MPI of an integer representing the secret key.
- case _enums2.default.publicKey.ecdh:
- case _enums2.default.publicKey.ecdsa:
- case _enums2.default.publicKey.eddsa:
- return [_mpi2.default];
- default:
- throw new Error('Invalid public key encryption algorithm.');
- }
- },
- /** Returns the types comprising the public key of an algorithm
- * @param {String} algo The public key algorithm
- * @returns {Array<String>} The array of types
- */
- getPubKeyParamTypes: function getPubKeyParamTypes(algo) {
- switch (algo) {
- // Algorithm-Specific Fields for RSA public keys:
- // - a multiprecision integer (MPI) of RSA public modulus n;
- // - an MPI of RSA public encryption exponent e.
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_sign:
- return [_mpi2.default, _mpi2.default];
- // Algorithm-Specific Fields for Elgamal public keys:
- // - MPI of Elgamal prime p;
- // - MPI of Elgamal group generator g;
- // - MPI of Elgamal public key value y (= g**x mod p where x is secret).
- case _enums2.default.publicKey.elgamal:
- return [_mpi2.default, _mpi2.default, _mpi2.default];
- // Algorithm-Specific Fields for DSA public keys:
- // - MPI of DSA prime p;
- // - MPI of DSA group order q (q is a prime divisor of p-1);
- // - MPI of DSA group generator g;
- // - MPI of DSA public-key value y (= g**x mod p where x is secret).
- case _enums2.default.publicKey.dsa:
- return [_mpi2.default, _mpi2.default, _mpi2.default, _mpi2.default];
- // Algorithm-Specific Fields for ECDSA/EdDSA public keys:
- // - OID of curve;
- // - MPI of EC point representing public key.
- case _enums2.default.publicKey.ecdsa:
- case _enums2.default.publicKey.eddsa:
- return [_oid2.default, _mpi2.default];
- // Algorithm-Specific Fields for ECDH public keys:
- // - OID of curve;
- // - MPI of EC point representing public key.
- // - KDF: variable-length field containing KDF parameters.
- case _enums2.default.publicKey.ecdh:
- return [_oid2.default, _mpi2.default, _kdf_params2.default];
- default:
- throw new Error('Invalid public key encryption algorithm.');
- }
- },
- /** Returns the types comprising the encrypted session key of an algorithm
- * @param {String} algo The public key algorithm
- * @returns {Array<String>} The array of types
- */
- getEncSessionKeyParamTypes: function getEncSessionKeyParamTypes(algo) {
- switch (algo) {
- // Algorithm-Specific Fields for RSA encrypted session keys:
- // - MPI of RSA encrypted value m**e mod n.
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_encrypt_sign:
- return [_mpi2.default];
- // Algorithm-Specific Fields for Elgamal encrypted session keys:
- // - MPI of Elgamal value g**k mod p
- // - MPI of Elgamal value m * y**k mod p
- case _enums2.default.publicKey.elgamal:
- return [_mpi2.default, _mpi2.default];
- // Algorithm-Specific Fields for ECDH encrypted session keys:
- // - MPI containing the ephemeral key used to establish the shared secret
- // - ECDH Symmetric Key
- case _enums2.default.publicKey.ecdh:
- return [_mpi2.default, _ecdh_symkey2.default];
- default:
- throw new Error('Invalid public key encryption algorithm.');
- }
- },
- /** Generate algorithm-specific key parameters
- * @param {String} algo The public key algorithm
- * @param {Integer} bits Bit length for RSA keys
- * @param {module:type/oid} oid Object identifier for ECC keys
- * @returns {Array} The array of parameters
- * @async
- */
- generateParams: function generateParams(algo, bits, oid) {
- const types = [].concat(this.getPubKeyParamTypes(algo), this.getPrivKeyParamTypes(algo));
- switch (algo) {
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_sign:
- {
- return _public_key2.default.rsa.generate(bits, "10001").then(function (keyObject) {
- return constructParams(types, [keyObject.n, keyObject.e, keyObject.d, keyObject.p, keyObject.q, keyObject.u]);
- });
- }
- case _enums2.default.publicKey.dsa:
- case _enums2.default.publicKey.elgamal:
- throw new Error('Unsupported algorithm for key generation.');
- case _enums2.default.publicKey.ecdsa:
- case _enums2.default.publicKey.eddsa:
- return _public_key2.default.elliptic.generate(oid).then(function (keyObject) {
- return constructParams(types, [keyObject.oid, keyObject.Q, keyObject.d]);
- });
- case _enums2.default.publicKey.ecdh:
- return _public_key2.default.elliptic.generate(oid).then(function (keyObject) {
- return constructParams(types, [keyObject.oid, keyObject.Q, [keyObject.hash, keyObject.cipher], keyObject.d]);
- });
- default:
- throw new Error('Invalid public key algorithm.');
- }
- },
- /**
- * Generates a random byte prefix for the specified algorithm
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} algo Symmetric encryption algorithm
- * @returns {Uint8Array} Random bytes with length equal to the block size of the cipher, plus the last two bytes repeated.
- * @async
- */
- getPrefixRandom: async function getPrefixRandom(algo) {
- const prefixrandom = await _random2.default.getRandomBytes(_cipher2.default[algo].blockSize);
- const repeat = new Uint8Array([prefixrandom[prefixrandom.length - 2], prefixrandom[prefixrandom.length - 1]]);
- return _util2.default.concat([prefixrandom, repeat]);
- },
- /**
- * Generating a session key for the specified symmetric algorithm
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} algo Symmetric encryption algorithm
- * @returns {Uint8Array} Random bytes as a string to be used as a key
- * @async
- */
- generateSessionKey: function generateSessionKey(algo) {
- return _random2.default.getRandomBytes(_cipher2.default[algo].keySize);
- },
- constructParams: constructParams
- };
- },{"../enums":113,"../type/ecdh_symkey":152,"../type/kdf_params":153,"../type/mpi":155,"../type/oid":156,"../util":158,"./cipher":86,"./pkcs1":96,"./pkcs5":97,"./public_key":106,"./random":109}],90:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _slicedToArray = function () { function sliceIterator(arr, i) { var _arr = []; var _n = true; var _d = false; var _e = undefined; try { for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"]) _i["return"](); } finally { if (_d) throw _e; } } return _arr; } return function (arr, i) { if (Array.isArray(arr)) { return arr; } else if (Symbol.iterator in Object(arr)) { return sliceIterator(arr, i); } else { throw new TypeError("Invalid attempt to destructure non-iterable instance"); } }; }(); // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2018 ProtonTech AG
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This module implements AES-EAX en/decryption on top of
- * native AES-CTR using either the WebCrypto API or Node.js' crypto API.
- * @requires asmcrypto.js
- * @requires crypto/cmac
- * @requires util
- * @module crypto/eax
- */
- var _ctr = require('asmcrypto.js/dist_es5/aes/ctr');
- var _cmac = require('./cmac');
- var _cmac2 = _interopRequireDefault(_cmac);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const webCrypto = _util2.default.getWebCrypto();
- const nodeCrypto = _util2.default.getNodeCrypto();
- const Buffer = _util2.default.getNodeBuffer();
- const blockLength = 16;
- const ivLength = blockLength;
- const tagLength = blockLength;
- const zero = new Uint8Array(blockLength);
- const one = new Uint8Array(blockLength);one[blockLength - 1] = 1;
- const two = new Uint8Array(blockLength);two[blockLength - 1] = 2;
- async function OMAC(key) {
- const cmac = await (0, _cmac2.default)(key);
- return function (t, message) {
- return cmac(_util2.default.concatUint8Array([t, message]));
- };
- }
- async function CTR(key) {
- if (_util2.default.getWebCrypto() && key.length !== 24 && // WebCrypto (no 192 bit support) see: https://www.chromium.org/blink/webcrypto#TOC-AES-support
- navigator.userAgent.indexOf('Edge') === -1) {
- key = await webCrypto.importKey('raw', key, { name: 'AES-CTR', length: key.length * 8 }, false, ['encrypt']);
- return async function (pt, iv) {
- const ct = await webCrypto.encrypt({ name: 'AES-CTR', counter: iv, length: blockLength * 8 }, key, pt);
- return new Uint8Array(ct);
- };
- }
- if (_util2.default.getNodeCrypto()) {
- // Node crypto library
- key = Buffer.from(key);
- return async function (pt, iv) {
- pt = Buffer.from(pt);
- iv = Buffer.from(iv);
- const en = new nodeCrypto.createCipheriv('aes-' + key.length * 8 + '-ctr', key, iv);
- const ct = Buffer.concat([en.update(pt), en.final()]);
- return new Uint8Array(ct);
- };
- }
- // asm.js fallback
- return async function (pt, iv) {
- return _ctr.AES_CTR.encrypt(pt, key, iv);
- };
- }
- /**
- * Class to en/decrypt using EAX mode.
- * @param {String} cipher The symmetric cipher algorithm to use e.g. 'aes128'
- * @param {Uint8Array} key The encryption key
- */
- async function EAX(cipher, key) {
- if (cipher.substr(0, 3) !== 'aes') {
- throw new Error('EAX mode supports only AES cipher');
- }
- var _ref = await Promise.all([OMAC(key), CTR(key)]),
- _ref2 = _slicedToArray(_ref, 2);
- const omac = _ref2[0],
- ctr = _ref2[1];
- return {
- /**
- * Encrypt plaintext input.
- * @param {Uint8Array} plaintext The cleartext input to be encrypted
- * @param {Uint8Array} nonce The nonce (16 bytes)
- * @param {Uint8Array} adata Associated data to sign
- * @returns {Promise<Uint8Array>} The ciphertext output
- */
- encrypt: async function encrypt(plaintext, nonce, adata) {
- var _ref3 = await Promise.all([omac(zero, nonce), omac(one, adata)]),
- _ref4 = _slicedToArray(_ref3, 2);
- const omacNonce = _ref4[0],
- omacAdata = _ref4[1];
- const ciphered = await ctr(plaintext, omacNonce);
- const omacCiphered = await omac(two, ciphered);
- const tag = omacCiphered; // Assumes that omac(*).length === tagLength.
- for (let i = 0; i < tagLength; i++) {
- tag[i] ^= omacAdata[i] ^ omacNonce[i];
- }
- return _util2.default.concatUint8Array([ciphered, tag]);
- },
- /**
- * Decrypt ciphertext input.
- * @param {Uint8Array} ciphertext The ciphertext input to be decrypted
- * @param {Uint8Array} nonce The nonce (16 bytes)
- * @param {Uint8Array} adata Associated data to verify
- * @returns {Promise<Uint8Array>} The plaintext output
- */
- decrypt: async function decrypt(ciphertext, nonce, adata) {
- if (ciphertext.length < tagLength) throw new Error('Invalid EAX ciphertext');
- const ciphered = ciphertext.subarray(0, -tagLength);
- const ctTag = ciphertext.subarray(-tagLength);
- var _ref5 = await Promise.all([omac(zero, nonce), omac(one, adata), omac(two, ciphered)]),
- _ref6 = _slicedToArray(_ref5, 3);
- const omacNonce = _ref6[0],
- omacAdata = _ref6[1],
- omacCiphered = _ref6[2];
- const tag = omacCiphered; // Assumes that omac(*).length === tagLength.
- for (let i = 0; i < tagLength; i++) {
- tag[i] ^= omacAdata[i] ^ omacNonce[i];
- }
- if (!_util2.default.equalsUint8Array(ctTag, tag)) throw new Error('Authentication tag mismatch');
- const plaintext = await ctr(ciphered, omacNonce);
- return plaintext;
- }
- };
- }
- /**
- * Get EAX nonce as defined by {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.16.1|RFC4880bis-04, section 5.16.1}.
- * @param {Uint8Array} iv The initialization vector (16 bytes)
- * @param {Uint8Array} chunkIndex The chunk index (8 bytes)
- */
- EAX.getNonce = function (iv, chunkIndex) {
- const nonce = iv.slice();
- for (let i = 0; i < chunkIndex.length; i++) {
- nonce[8 + i] ^= chunkIndex[i];
- }
- return nonce;
- };
- EAX.blockLength = blockLength;
- EAX.ivLength = ivLength;
- EAX.tagLength = tagLength;
- exports.default = EAX;
- },{"../util":158,"./cmac":88,"asmcrypto.js/dist_es5/aes/ctr":6}],91:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _gcm = require('asmcrypto.js/dist_es5/aes/gcm');
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2016 Tankred Hase
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This module wraps native AES-GCM en/decryption for both
- * the WebCrypto api as well as node.js' crypto api.
- * @requires asmcrypto.js
- * @requires util
- * @module crypto/gcm
- */
- const webCrypto = _util2.default.getWebCrypto(); // no GCM support in IE11, Safari 9
- const nodeCrypto = _util2.default.getNodeCrypto();
- const Buffer = _util2.default.getNodeBuffer();
- const blockLength = 16;
- const ivLength = 12; // size of the IV in bytes
- const tagLength = 16; // size of the tag in bytes
- const ALGO = 'AES-GCM';
- /**
- * Class to en/decrypt using GCM mode.
- * @param {String} cipher The symmetric cipher algorithm to use e.g. 'aes128'
- * @param {Uint8Array} key The encryption key
- */
- async function GCM(cipher, key) {
- if (cipher.substr(0, 3) !== 'aes') {
- throw new Error('GCM mode supports only AES cipher');
- }
- if (_util2.default.getWebCrypto() && key.length !== 24) {
- // WebCrypto (no 192 bit support) see: https://www.chromium.org/blink/webcrypto#TOC-AES-support
- const _key = await webCrypto.importKey('raw', key, { name: ALGO }, false, ['encrypt', 'decrypt']);
- return {
- encrypt: async function encrypt(pt, iv, adata = new Uint8Array()) {
- if (!pt.length ||
- // iOS does not support GCM-en/decrypting empty messages
- // Also, synchronous en/decryption might be faster in this case.
- !adata.length && navigator.userAgent.indexOf('Edge') !== -1
- // Edge does not support GCM-en/decrypting without ADATA
- ) {
- return _gcm.AES_GCM.encrypt(pt, key, iv, adata);
- }
- const ct = await webCrypto.encrypt({ name: ALGO, iv, additionalData: adata, tagLength: tagLength * 8 }, _key, pt);
- return new Uint8Array(ct);
- },
- decrypt: async function decrypt(ct, iv, adata = new Uint8Array()) {
- if (ct.length === tagLength ||
- // iOS does not support GCM-en/decrypting empty messages
- // Also, synchronous en/decryption might be faster in this case.
- !adata.length && navigator.userAgent.indexOf('Edge') !== -1
- // Edge does not support GCM-en/decrypting without ADATA
- ) {
- return _gcm.AES_GCM.decrypt(ct, key, iv, adata);
- }
- const pt = await webCrypto.decrypt({ name: ALGO, iv, additionalData: adata, tagLength: tagLength * 8 }, _key, ct);
- return new Uint8Array(pt);
- }
- };
- }
- if (_util2.default.getNodeCrypto()) {
- // Node crypto library
- key = Buffer.from(key);
- return {
- encrypt: async function encrypt(pt, iv, adata = new Uint8Array()) {
- pt = Buffer.from(pt);
- iv = Buffer.from(iv);
- adata = Buffer.from(adata);
- const en = new nodeCrypto.createCipheriv('aes-' + key.length * 8 + '-gcm', key, iv);
- en.setAAD(adata);
- const ct = Buffer.concat([en.update(pt), en.final(), en.getAuthTag()]); // append auth tag to ciphertext
- return new Uint8Array(ct);
- },
- decrypt: async function decrypt(ct, iv, adata = new Uint8Array()) {
- ct = Buffer.from(ct);
- iv = Buffer.from(iv);
- adata = Buffer.from(adata);
- const de = new nodeCrypto.createDecipheriv('aes-' + key.length * 8 + '-gcm', key, iv);
- de.setAAD(adata);
- de.setAuthTag(ct.slice(ct.length - tagLength, ct.length)); // read auth tag at end of ciphertext
- const pt = Buffer.concat([de.update(ct.slice(0, ct.length - tagLength)), de.final()]);
- return new Uint8Array(pt);
- }
- };
- }
- return {
- encrypt: async function encrypt(pt, iv, adata) {
- return _gcm.AES_GCM.encrypt(pt, key, iv, adata);
- },
- decrypt: async function decrypt(ct, iv, adata) {
- return _gcm.AES_GCM.decrypt(ct, key, iv, adata);
- }
- };
- }
- /**
- * Get GCM nonce. Note: this operation is not defined by the standard.
- * A future version of the standard may define GCM mode differently,
- * hopefully under a different ID (we use Private/Experimental algorithm
- * ID 100) so that we can maintain backwards compatibility.
- * @param {Uint8Array} iv The initialization vector (12 bytes)
- * @param {Uint8Array} chunkIndex The chunk index (8 bytes)
- */
- GCM.getNonce = function (iv, chunkIndex) {
- const nonce = iv.slice();
- for (let i = 0; i < chunkIndex.length; i++) {
- nonce[4 + i] ^= chunkIndex[i];
- }
- return nonce;
- };
- GCM.blockLength = blockLength;
- GCM.ivLength = ivLength;
- GCM.tagLength = tagLength;
- exports.default = GCM;
- },{"../util":158,"asmcrypto.js/dist_es5/aes/gcm":8}],92:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _sha = require('asmcrypto.js/dist_es5/hash/sha1/sha1');
- var _sha2 = require('asmcrypto.js/dist_es5/hash/sha256/sha256');
- var _ = require('hash.js/lib/hash/sha/224');
- var _2 = _interopRequireDefault(_);
- var _3 = require('hash.js/lib/hash/sha/384');
- var _4 = _interopRequireDefault(_3);
- var _5 = require('hash.js/lib/hash/sha/512');
- var _6 = _interopRequireDefault(_5);
- var _ripemd = require('hash.js/lib/hash/ripemd');
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _md = require('./md5');
- var _md2 = _interopRequireDefault(_md);
- var _config = require('../../config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('../../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @fileoverview Provides an interface to hashing functions available in Node.js or external libraries.
- * @see {@link https://github.com/asmcrypto/asmcrypto.js|asmCrypto}
- * @see {@link https://github.com/indutny/hash.js|hash.js}
- * @requires asmcrypto.js
- * @requires hash.js
- * @requires web-stream-tools
- * @requires crypto/hash/md5
- * @requires config
- * @requires util
- * @module crypto/hash
- */
- const webCrypto = _util2.default.getWebCrypto();
- const nodeCrypto = _util2.default.getNodeCrypto();
- const Buffer = _util2.default.getNodeBuffer();
- function node_hash(type) {
- return async function (data) {
- const shasum = nodeCrypto.createHash(type);
- return _webStreamTools2.default.transform(data, value => {
- shasum.update(Buffer.from(value));
- }, () => new Uint8Array(shasum.digest()));
- };
- }
- function hashjs_hash(hash, webCryptoHash) {
- return async function (data) {
- if (!_util2.default.isStream(data) && webCrypto && webCryptoHash && data.length >= _config2.default.min_bytes_for_web_crypto) {
- return new Uint8Array((await webCrypto.digest(webCryptoHash, data)));
- }
- const hashInstance = hash();
- return _webStreamTools2.default.transform(data, value => {
- hashInstance.update(value);
- }, () => new Uint8Array(hashInstance.digest()));
- };
- }
- function asmcrypto_hash(hash, webCryptoHash) {
- return async function (data) {
- if (_util2.default.isStream(data)) {
- const hashInstance = new hash();
- return _webStreamTools2.default.transform(data, value => {
- hashInstance.process(value);
- }, () => hashInstance.finish().result);
- } else if (webCrypto && webCryptoHash && data.length >= _config2.default.min_bytes_for_web_crypto) {
- return new Uint8Array((await webCrypto.digest(webCryptoHash, data)));
- } else {
- return hash.bytes(data);
- }
- };
- }
- let hash_fns;
- if (nodeCrypto) {
- // Use Node native crypto for all hash functions
- hash_fns = {
- md5: node_hash('md5'),
- sha1: node_hash('sha1'),
- sha224: node_hash('sha224'),
- sha256: node_hash('sha256'),
- sha384: node_hash('sha384'),
- sha512: node_hash('sha512'),
- ripemd: node_hash('ripemd160')
- };
- } else {
- // Use JS fallbacks
- hash_fns = {
- md5: _md2.default,
- sha1: asmcrypto_hash(_sha.Sha1, navigator.userAgent.indexOf('Edge') === -1 && 'SHA-1'),
- sha224: hashjs_hash(_2.default),
- sha256: asmcrypto_hash(_sha2.Sha256, 'SHA-256'),
- sha384: hashjs_hash(_4.default, 'SHA-384'),
- sha512: hashjs_hash(_6.default, 'SHA-512'), // asmcrypto sha512 is huge.
- ripemd: hashjs_hash(_ripemd.ripemd160)
- };
- }
- exports.default = {
- /** @see module:md5 */
- md5: hash_fns.md5,
- /** @see asmCrypto */
- sha1: hash_fns.sha1,
- /** @see hash.js */
- sha224: hash_fns.sha224,
- /** @see asmCrypto */
- sha256: hash_fns.sha256,
- /** @see hash.js */
- sha384: hash_fns.sha384,
- /** @see asmCrypto */
- sha512: hash_fns.sha512,
- /** @see hash.js */
- ripemd: hash_fns.ripemd,
- /**
- * Create a hash on the specified data using the specified algorithm
- * @param {module:enums.hash} algo Hash algorithm type (see {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4})
- * @param {Uint8Array} data Data to be hashed
- * @returns {Promise<Uint8Array>} hash value
- */
- digest: function digest(algo, data) {
- switch (algo) {
- case 1:
- // - MD5 [HAC]
- return this.md5(data);
- case 2:
- // - SHA-1 [FIPS180]
- return this.sha1(data);
- case 3:
- // - RIPE-MD/160 [HAC]
- return this.ripemd(data);
- case 8:
- // - SHA256 [FIPS180]
- return this.sha256(data);
- case 9:
- // - SHA384 [FIPS180]
- return this.sha384(data);
- case 10:
- // - SHA512 [FIPS180]
- return this.sha512(data);
- case 11:
- // - SHA224 [FIPS180]
- return this.sha224(data);
- default:
- throw new Error('Invalid hash function.');
- }
- },
- /**
- * Returns the hash size in bytes of the specified hash algorithm type
- * @param {module:enums.hash} algo Hash algorithm type (See {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4})
- * @returns {Integer} Size in bytes of the resulting hash
- */
- getHashByteLength: function getHashByteLength(algo) {
- switch (algo) {
- case 1:
- // - MD5 [HAC]
- return 16;
- case 2: // - SHA-1 [FIPS180]
- case 3:
- // - RIPE-MD/160 [HAC]
- return 20;
- case 8:
- // - SHA256 [FIPS180]
- return 32;
- case 9:
- // - SHA384 [FIPS180]
- return 48;
- case 10:
- // - SHA512 [FIPS180]
- return 64;
- case 11:
- // - SHA224 [FIPS180]
- return 28;
- default:
- throw new Error('Invalid hash algorithm.');
- }
- }
- };
- },{"../../config":79,"../../util":158,"./md5":93,"asmcrypto.js/dist_es5/hash/sha1/sha1":11,"asmcrypto.js/dist_es5/hash/sha256/sha256":13,"hash.js/lib/hash/ripemd":37,"hash.js/lib/hash/sha/224":40,"hash.js/lib/hash/sha/384":42,"hash.js/lib/hash/sha/512":43,"web-stream-tools":75}],93:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('../../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // MD5 Digest
- async function md5(entree) {
- const digest = md51(_util2.default.Uint8Array_to_str(entree));
- return _util2.default.hex_to_Uint8Array(hex(digest));
- } /**
- * A fast MD5 JavaScript implementation
- * Copyright (c) 2012 Joseph Myers
- * http://www.myersdaily.org/joseph/javascript/md5-text.html
- *
- * Permission to use, copy, modify, and distribute this software
- * and its documentation for any purposes and without
- * fee is hereby granted provided that this copyright notice
- * appears in all copies.
- *
- * Of course, this soft is provided "as is" without express or implied
- * warranty of any kind.
- */
- /**
- * @requires util
- */
- function md5cycle(x, k) {
- let a = x[0];
- let b = x[1];
- let c = x[2];
- let d = x[3];
- a = ff(a, b, c, d, k[0], 7, -680876936);
- d = ff(d, a, b, c, k[1], 12, -389564586);
- c = ff(c, d, a, b, k[2], 17, 606105819);
- b = ff(b, c, d, a, k[3], 22, -1044525330);
- a = ff(a, b, c, d, k[4], 7, -176418897);
- d = ff(d, a, b, c, k[5], 12, 1200080426);
- c = ff(c, d, a, b, k[6], 17, -1473231341);
- b = ff(b, c, d, a, k[7], 22, -45705983);
- a = ff(a, b, c, d, k[8], 7, 1770035416);
- d = ff(d, a, b, c, k[9], 12, -1958414417);
- c = ff(c, d, a, b, k[10], 17, -42063);
- b = ff(b, c, d, a, k[11], 22, -1990404162);
- a = ff(a, b, c, d, k[12], 7, 1804603682);
- d = ff(d, a, b, c, k[13], 12, -40341101);
- c = ff(c, d, a, b, k[14], 17, -1502002290);
- b = ff(b, c, d, a, k[15], 22, 1236535329);
- a = gg(a, b, c, d, k[1], 5, -165796510);
- d = gg(d, a, b, c, k[6], 9, -1069501632);
- c = gg(c, d, a, b, k[11], 14, 643717713);
- b = gg(b, c, d, a, k[0], 20, -373897302);
- a = gg(a, b, c, d, k[5], 5, -701558691);
- d = gg(d, a, b, c, k[10], 9, 38016083);
- c = gg(c, d, a, b, k[15], 14, -660478335);
- b = gg(b, c, d, a, k[4], 20, -405537848);
- a = gg(a, b, c, d, k[9], 5, 568446438);
- d = gg(d, a, b, c, k[14], 9, -1019803690);
- c = gg(c, d, a, b, k[3], 14, -187363961);
- b = gg(b, c, d, a, k[8], 20, 1163531501);
- a = gg(a, b, c, d, k[13], 5, -1444681467);
- d = gg(d, a, b, c, k[2], 9, -51403784);
- c = gg(c, d, a, b, k[7], 14, 1735328473);
- b = gg(b, c, d, a, k[12], 20, -1926607734);
- a = hh(a, b, c, d, k[5], 4, -378558);
- d = hh(d, a, b, c, k[8], 11, -2022574463);
- c = hh(c, d, a, b, k[11], 16, 1839030562);
- b = hh(b, c, d, a, k[14], 23, -35309556);
- a = hh(a, b, c, d, k[1], 4, -1530992060);
- d = hh(d, a, b, c, k[4], 11, 1272893353);
- c = hh(c, d, a, b, k[7], 16, -155497632);
- b = hh(b, c, d, a, k[10], 23, -1094730640);
- a = hh(a, b, c, d, k[13], 4, 681279174);
- d = hh(d, a, b, c, k[0], 11, -358537222);
- c = hh(c, d, a, b, k[3], 16, -722521979);
- b = hh(b, c, d, a, k[6], 23, 76029189);
- a = hh(a, b, c, d, k[9], 4, -640364487);
- d = hh(d, a, b, c, k[12], 11, -421815835);
- c = hh(c, d, a, b, k[15], 16, 530742520);
- b = hh(b, c, d, a, k[2], 23, -995338651);
- a = ii(a, b, c, d, k[0], 6, -198630844);
- d = ii(d, a, b, c, k[7], 10, 1126891415);
- c = ii(c, d, a, b, k[14], 15, -1416354905);
- b = ii(b, c, d, a, k[5], 21, -57434055);
- a = ii(a, b, c, d, k[12], 6, 1700485571);
- d = ii(d, a, b, c, k[3], 10, -1894986606);
- c = ii(c, d, a, b, k[10], 15, -1051523);
- b = ii(b, c, d, a, k[1], 21, -2054922799);
- a = ii(a, b, c, d, k[8], 6, 1873313359);
- d = ii(d, a, b, c, k[15], 10, -30611744);
- c = ii(c, d, a, b, k[6], 15, -1560198380);
- b = ii(b, c, d, a, k[13], 21, 1309151649);
- a = ii(a, b, c, d, k[4], 6, -145523070);
- d = ii(d, a, b, c, k[11], 10, -1120210379);
- c = ii(c, d, a, b, k[2], 15, 718787259);
- b = ii(b, c, d, a, k[9], 21, -343485551);
- x[0] = add32(a, x[0]);
- x[1] = add32(b, x[1]);
- x[2] = add32(c, x[2]);
- x[3] = add32(d, x[3]);
- }
- function cmn(q, a, b, x, s, t) {
- a = add32(add32(a, q), add32(x, t));
- return add32(a << s | a >>> 32 - s, b);
- }
- function ff(a, b, c, d, x, s, t) {
- return cmn(b & c | ~b & d, a, b, x, s, t);
- }
- function gg(a, b, c, d, x, s, t) {
- return cmn(b & d | c & ~d, a, b, x, s, t);
- }
- function hh(a, b, c, d, x, s, t) {
- return cmn(b ^ c ^ d, a, b, x, s, t);
- }
- function ii(a, b, c, d, x, s, t) {
- return cmn(c ^ (b | ~d), a, b, x, s, t);
- }
- function md51(s) {
- const n = s.length;
- const state = [1732584193, -271733879, -1732584194, 271733878];
- let i;
- for (i = 64; i <= s.length; i += 64) {
- md5cycle(state, md5blk(s.substring(i - 64, i)));
- }
- s = s.substring(i - 64);
- const tail = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
- for (i = 0; i < s.length; i++) {
- tail[i >> 2] |= s.charCodeAt(i) << (i % 4 << 3);
- }
- tail[i >> 2] |= 0x80 << (i % 4 << 3);
- if (i > 55) {
- md5cycle(state, tail);
- for (i = 0; i < 16; i++) {
- tail[i] = 0;
- }
- }
- tail[14] = n * 8;
- md5cycle(state, tail);
- return state;
- }
- /* there needs to be support for Unicode here,
- * unless we pretend that we can redefine the MD-5
- * algorithm for multi-byte characters (perhaps
- * by adding every four 16-bit characters and
- * shortening the sum to 32 bits). Otherwise
- * I suggest performing MD-5 as if every character
- * was two bytes--e.g., 0040 0025 = @%--but then
- * how will an ordinary MD-5 sum be matched?
- * There is no way to standardize text to something
- * like UTF-8 before transformation; speed cost is
- * utterly prohibitive. The JavaScript standard
- * itself needs to look at this: it should start
- * providing access to strings as preformed UTF-8
- * 8-bit unsigned value arrays.
- */
- function md5blk(s) {
- /* I figured global was faster. */
- const md5blks = [];
- let i; /* Andy King said do it this way. */
- for (i = 0; i < 64; i += 4) {
- md5blks[i >> 2] = s.charCodeAt(i) + (s.charCodeAt(i + 1) << 8) + (s.charCodeAt(i + 2) << 16) + (s.charCodeAt(i + 3) << 24);
- }
- return md5blks;
- }
- const hex_chr = '0123456789abcdef'.split('');
- function rhex(n) {
- let s = '';
- let j = 0;
- for (; j < 4; j++) {
- s += hex_chr[n >> j * 8 + 4 & 0x0F] + hex_chr[n >> j * 8 & 0x0F];
- }
- return s;
- }
- function hex(x) {
- for (let i = 0; i < x.length; i++) {
- x[i] = rhex(x[i]);
- }
- return x.join('');
- }
- /* this function is much faster,
- so if possible we use it. Some IEs
- are the only ones I know of that
- need the idiotic second function,
- generated by an if clause. */
- function add32(a, b) {
- return a + b & 0xFFFFFFFF;
- }
- exports.default = md5;
- },{"../../util":158}],94:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _cipher = require('./cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _hash = require('./hash');
- var _hash2 = _interopRequireDefault(_hash);
- var _cfb = require('./cfb');
- var _cfb2 = _interopRequireDefault(_cfb);
- var _gcm = require('./gcm');
- var _gcm2 = _interopRequireDefault(_gcm);
- var _eax = require('./eax');
- var _eax2 = _interopRequireDefault(_eax);
- var _ocb = require('./ocb');
- var _ocb2 = _interopRequireDefault(_ocb);
- var _public_key = require('./public_key');
- var _public_key2 = _interopRequireDefault(_public_key);
- var _signature = require('./signature');
- var _signature2 = _interopRequireDefault(_signature);
- var _random = require('./random');
- var _random2 = _interopRequireDefault(_random);
- var _pkcs = require('./pkcs1');
- var _pkcs2 = _interopRequireDefault(_pkcs);
- var _pkcs3 = require('./pkcs5');
- var _pkcs4 = _interopRequireDefault(_pkcs3);
- var _crypto = require('./crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _aes_kw = require('./aes_kw');
- var _aes_kw2 = _interopRequireDefault(_aes_kw);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // TODO move cfb and gcm to cipher
- const mod = {
- /** @see module:crypto/cipher */
- cipher: _cipher2.default,
- /** @see module:crypto/hash */
- hash: _hash2.default,
- /** @see module:crypto/cfb */
- cfb: _cfb2.default,
- /** @see module:crypto/gcm */
- gcm: _gcm2.default,
- experimental_gcm: _gcm2.default,
- /** @see module:crypto/eax */
- eax: _eax2.default,
- /** @see module:crypto/ocb */
- ocb: _ocb2.default,
- /** @see module:crypto/public_key */
- publicKey: _public_key2.default,
- /** @see module:crypto/signature */
- signature: _signature2.default,
- /** @see module:crypto/random */
- random: _random2.default,
- /** @see module:crypto/pkcs1 */
- pkcs1: _pkcs2.default,
- /** @see module:crypto/pkcs5 */
- pkcs5: _pkcs4.default,
- /** @see module:crypto/aes_kw */
- aes_kw: _aes_kw2.default
- }; /**
- * @fileoverview Provides access to all cryptographic primitives used in OpenPGP.js
- * @see module:crypto/crypto
- * @see module:crypto/signature
- * @see module:crypto/public_key
- * @see module:crypto/cipher
- * @see module:crypto/random
- * @see module:crypto/hash
- * @module crypto
- */
- Object.assign(mod, _crypto2.default);
- exports.default = mod;
- },{"./aes_kw":80,"./cfb":81,"./cipher":86,"./crypto":89,"./eax":90,"./gcm":91,"./hash":92,"./ocb":95,"./pkcs1":96,"./pkcs5":97,"./public_key":106,"./random":109,"./signature":110}],95:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _cipher = require('./cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2018 ProtonTech AG
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This module implements AES-OCB en/decryption.
- * @requires crypto/cipher
- * @requires util
- * @module crypto/ocb
- */
- const blockLength = 16;
- const ivLength = 15;
- // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.16.2:
- // While OCB [RFC7253] allows the authentication tag length to be of any
- // number up to 128 bits long, this document requires a fixed
- // authentication tag length of 128 bits (16 octets) for simplicity.
- const tagLength = 16;
- function ntz(n) {
- let ntz = 0;
- for (let i = 1; (n & i) === 0; i <<= 1) {
- ntz++;
- }
- return ntz;
- }
- function xorMut(S, T) {
- for (let i = 0; i < S.length; i++) {
- S[i] ^= T[i];
- }
- return S;
- }
- function xor(S, T) {
- return xorMut(S.slice(), T);
- }
- const zeroBlock = new Uint8Array(blockLength);
- const one = new Uint8Array([1]);
- /**
- * Class to en/decrypt using OCB mode.
- * @param {String} cipher The symmetric cipher algorithm to use e.g. 'aes128'
- * @param {Uint8Array} key The encryption key
- */
- async function OCB(cipher, key) {
- let maxNtz = 0;
- let encipher;
- let decipher;
- let mask;
- constructKeyVariables(cipher, key);
- function constructKeyVariables(cipher, key) {
- const aes = new _cipher2.default[cipher](key);
- encipher = aes.encrypt.bind(aes);
- decipher = aes.decrypt.bind(aes);
- const mask_x = encipher(zeroBlock);
- const mask_$ = _util2.default.double(mask_x);
- mask = [];
- mask[0] = _util2.default.double(mask_$);
- mask.x = mask_x;
- mask.$ = mask_$;
- }
- function extendKeyVariables(text, adata) {
- const newMaxNtz = _util2.default.nbits(Math.max(text.length, adata.length) / blockLength | 0) - 1;
- for (let i = maxNtz + 1; i <= newMaxNtz; i++) {
- mask[i] = _util2.default.double(mask[i - 1]);
- }
- maxNtz = newMaxNtz;
- }
- function hash(adata) {
- if (!adata.length) {
- // Fast path
- return zeroBlock;
- }
- //
- // Consider A as a sequence of 128-bit blocks
- //
- const m = adata.length / blockLength | 0;
- const offset = new Uint8Array(blockLength);
- const sum = new Uint8Array(blockLength);
- for (let i = 0; i < m; i++) {
- xorMut(offset, mask[ntz(i + 1)]);
- xorMut(sum, encipher(xor(offset, adata)));
- adata = adata.subarray(blockLength);
- }
- //
- // Process any final partial block; compute final hash value
- //
- if (adata.length) {
- xorMut(offset, mask.x);
- const cipherInput = new Uint8Array(blockLength);
- cipherInput.set(adata, 0);
- cipherInput[adata.length] = 0b10000000;
- xorMut(cipherInput, offset);
- xorMut(sum, encipher(cipherInput));
- }
- return sum;
- }
- /**
- * Encrypt/decrypt data.
- * @param {encipher|decipher} fn Encryption/decryption block cipher function
- * @param {Uint8Array} text The cleartext or ciphertext (without tag) input
- * @param {Uint8Array} nonce The nonce (15 bytes)
- * @param {Uint8Array} adata Associated data to sign
- * @returns {Promise<Uint8Array>} The ciphertext or plaintext output, with tag appended in both cases
- */
- function crypt(fn, text, nonce, adata) {
- //
- // Consider P as a sequence of 128-bit blocks
- //
- const m = text.length / blockLength | 0;
- //
- // Key-dependent variables
- //
- extendKeyVariables(text, adata);
- //
- // Nonce-dependent and per-encryption variables
- //
- // Nonce = num2str(TAGLEN mod 128,7) || zeros(120-bitlen(N)) || 1 || N
- // Note: We assume here that tagLength mod 16 == 0.
- const paddedNonce = _util2.default.concatUint8Array([zeroBlock.subarray(0, ivLength - nonce.length), one, nonce]);
- // bottom = str2num(Nonce[123..128])
- const bottom = paddedNonce[blockLength - 1] & 0b111111;
- // Ktop = ENCIPHER(K, Nonce[1..122] || zeros(6))
- paddedNonce[blockLength - 1] &= 0b11000000;
- const kTop = encipher(paddedNonce);
- // Stretch = Ktop || (Ktop[1..64] xor Ktop[9..72])
- const stretched = _util2.default.concatUint8Array([kTop, xor(kTop.subarray(0, 8), kTop.subarray(1, 9))]);
- // Offset_0 = Stretch[1+bottom..128+bottom]
- const offset = _util2.default.shiftRight(stretched.subarray(0 + (bottom >> 3), 17 + (bottom >> 3)), 8 - (bottom & 7)).subarray(1);
- // Checksum_0 = zeros(128)
- const checksum = new Uint8Array(blockLength);
- const ct = new Uint8Array(text.length + tagLength);
- //
- // Process any whole blocks
- //
- let i;
- let pos = 0;
- for (i = 0; i < m; i++) {
- // Offset_i = Offset_{i-1} xor L_{ntz(i)}
- xorMut(offset, mask[ntz(i + 1)]);
- // C_i = Offset_i xor ENCIPHER(K, P_i xor Offset_i)
- // P_i = Offset_i xor DECIPHER(K, C_i xor Offset_i)
- ct.set(xorMut(fn(xor(offset, text)), offset), pos);
- // Checksum_i = Checksum_{i-1} xor P_i
- xorMut(checksum, fn === encipher ? text : ct.subarray(pos));
- text = text.subarray(blockLength);
- pos += blockLength;
- }
- //
- // Process any final partial block and compute raw tag
- //
- if (text.length) {
- // Offset_* = Offset_m xor L_*
- xorMut(offset, mask.x);
- // Pad = ENCIPHER(K, Offset_*)
- const padding = encipher(offset);
- // C_* = P_* xor Pad[1..bitlen(P_*)]
- ct.set(xor(text, padding), pos);
- // Checksum_* = Checksum_m xor (P_* || 1 || new Uint8Array(127-bitlen(P_*)))
- const xorInput = new Uint8Array(blockLength);
- xorInput.set(fn === encipher ? text : ct.subarray(pos, -tagLength), 0);
- xorInput[text.length] = 0b10000000;
- xorMut(checksum, xorInput);
- pos += text.length;
- }
- // Tag = ENCIPHER(K, Checksum_* xor Offset_* xor L_$) xor HASH(K,A)
- const tag = xorMut(encipher(xorMut(xorMut(checksum, offset), mask.$)), hash(adata));
- //
- // Assemble ciphertext
- //
- // C = C_1 || C_2 || ... || C_m || C_* || Tag[1..TAGLEN]
- ct.set(tag, pos);
- return ct;
- }
- return {
- /**
- * Encrypt plaintext input.
- * @param {Uint8Array} plaintext The cleartext input to be encrypted
- * @param {Uint8Array} nonce The nonce (15 bytes)
- * @param {Uint8Array} adata Associated data to sign
- * @returns {Promise<Uint8Array>} The ciphertext output
- */
- encrypt: async function encrypt(plaintext, nonce, adata) {
- return crypt(encipher, plaintext, nonce, adata);
- },
- /**
- * Decrypt ciphertext input.
- * @param {Uint8Array} ciphertext The ciphertext input to be decrypted
- * @param {Uint8Array} nonce The nonce (15 bytes)
- * @param {Uint8Array} adata Associated data to sign
- * @returns {Promise<Uint8Array>} The ciphertext output
- */
- decrypt: async function decrypt(ciphertext, nonce, adata) {
- if (ciphertext.length < tagLength) throw new Error('Invalid OCB ciphertext');
- const tag = ciphertext.subarray(-tagLength);
- ciphertext = ciphertext.subarray(0, -tagLength);
- const crypted = crypt(decipher, ciphertext, nonce, adata);
- // if (Tag[1..TAGLEN] == T)
- if (_util2.default.equalsUint8Array(tag, crypted.subarray(-tagLength))) {
- return crypted.subarray(0, -tagLength);
- }
- throw new Error('Authentication tag mismatch');
- }
- };
- }
- /**
- * Get OCB nonce as defined by {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.16.2|RFC4880bis-04, section 5.16.2}.
- * @param {Uint8Array} iv The initialization vector (15 bytes)
- * @param {Uint8Array} chunkIndex The chunk index (8 bytes)
- */
- OCB.getNonce = function (iv, chunkIndex) {
- const nonce = iv.slice();
- for (let i = 0; i < chunkIndex.length; i++) {
- nonce[7 + i] ^= chunkIndex[i];
- }
- return nonce;
- };
- OCB.blockLength = blockLength;
- OCB.ivLength = ivLength;
- OCB.tagLength = tagLength;
- exports.default = OCB;
- },{"../util":158,"./cipher":86}],96:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _random = require('./random');
- var _random2 = _interopRequireDefault(_random);
- var _hash = require('./hash');
- var _hash2 = _interopRequireDefault(_hash);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /** @namespace */
- const eme = {};
- /** @namespace */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Provides EME-PKCS1-v1_5 encoding and decoding and EMSA-PKCS1-v1_5 encoding function
- * @see module:crypto/public_key/rsa
- * @see module:crypto/public_key/elliptic/ecdh
- * @see module:packet.PublicKeyEncryptedSessionKey
- * @requires crypto/random
- * @requires crypto/hash
- * @requires util
- * @module crypto/pkcs1
- */
- const emsa = {};
- /**
- * ASN1 object identifiers for hashes
- * @see {@link https://tools.ietf.org/html/rfc4880#section-5.2.2}
- */
- const hash_headers = [];
- hash_headers[1] = [0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10];
- hash_headers[2] = [0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14];
- hash_headers[3] = [0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x24, 0x03, 0x02, 0x01, 0x05, 0x00, 0x04, 0x14];
- hash_headers[8] = [0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20];
- hash_headers[9] = [0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30];
- hash_headers[10] = [0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40];
- hash_headers[11] = [0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1C];
- /**
- * Create padding with secure random data
- * @private
- * @param {Integer} length Length of the padding in bytes
- * @returns {String} Padding as string
- * @async
- */
- async function getPkcs1Padding(length) {
- let result = '';
- while (result.length < length) {
- const randomBytes = await _random2.default.getRandomBytes(length - result.length);
- for (let i = 0; i < randomBytes.length; i++) {
- if (randomBytes[i] !== 0) {
- result += String.fromCharCode(randomBytes[i]);
- }
- }
- }
- return result;
- }
- /**
- * Create a EME-PKCS1-v1_5 padded message
- * @see {@link https://tools.ietf.org/html/rfc4880#section-13.1.1|RFC 4880 13.1.1}
- * @param {String} M message to be encoded
- * @param {Integer} k the length in octets of the key modulus
- * @returns {Promise<String>} EME-PKCS1 padded message
- * @async
- */
- eme.encode = async function (M, k) {
- const mLen = M.length;
- // length checking
- if (mLen > k - 11) {
- throw new Error('Message too long');
- }
- // Generate an octet string PS of length k - mLen - 3 consisting of
- // pseudo-randomly generated nonzero octets
- const PS = await getPkcs1Padding(k - mLen - 3);
- // Concatenate PS, the message M, and other padding to form an
- // encoded message EM of length k octets as EM = 0x00 || 0x02 || PS || 0x00 || M.
- return String.fromCharCode(0) + String.fromCharCode(2) + PS + String.fromCharCode(0) + M;
- };
- /**
- * Decode a EME-PKCS1-v1_5 padded message
- * @see {@link https://tools.ietf.org/html/rfc4880#section-13.1.2|RFC 4880 13.1.2}
- * @param {String} EM encoded message, an octet string
- * @returns {String} message, an octet string
- */
- eme.decode = function (EM) {
- // leading zeros truncated by bn.js
- if (EM.charCodeAt(0) !== 0) {
- EM = String.fromCharCode(0) + EM;
- }
- const firstOct = EM.charCodeAt(0);
- const secondOct = EM.charCodeAt(1);
- let i = 2;
- while (EM.charCodeAt(i) !== 0 && i < EM.length) {
- i++;
- }
- const psLen = i - 2;
- const separator = EM.charCodeAt(i++);
- if (firstOct === 0 && secondOct === 2 && psLen >= 8 && separator === 0) {
- return EM.substr(i);
- }
- throw new Error('Decryption error');
- };
- /**
- * Create a EMSA-PKCS1-v1_5 padded message
- * @see {@link https://tools.ietf.org/html/rfc4880#section-13.1.3|RFC 4880 13.1.3}
- * @param {Integer} algo Hash algorithm type used
- * @param {Uint8Array} hashed message to be encoded
- * @param {Integer} emLen intended length in octets of the encoded message
- * @returns {String} encoded message
- */
- emsa.encode = async function (algo, hashed, emLen) {
- let i;
- const H = _util2.default.Uint8Array_to_str(hashed);
- if (H.length !== _hash2.default.getHashByteLength(algo)) {
- throw new Error('Invalid hash length');
- }
- // produce an ASN.1 DER value for the hash function used.
- // Let T be the full hash prefix
- let T = '';
- for (i = 0; i < hash_headers[algo].length; i++) {
- T += String.fromCharCode(hash_headers[algo][i]);
- }
- // add hash value to prefix
- T += H;
- // and let tLen be the length in octets of T
- const tLen = T.length;
- if (emLen < tLen + 11) {
- throw new Error('Intended encoded message length too short');
- }
- // an octet string PS consisting of emLen - tLen - 3 octets with hexadecimal value 0xFF
- // The length of PS will be at least 8 octets
- let PS = '';
- for (i = 0; i < emLen - tLen - 3; i++) {
- PS += String.fromCharCode(0xff);
- }
- // Concatenate PS, the hash prefix T, and other padding to form the
- // encoded message EM as EM = 0x00 || 0x01 || PS || 0x00 || T.
- const EM = String.fromCharCode(0x00) + String.fromCharCode(0x01) + PS + String.fromCharCode(0x00) + T;
- return _util2.default.str_to_hex(EM);
- };
- exports.default = { eme, emsa };
- },{"../util":158,"./hash":92,"./random":109}],97:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Functions to add and remove PKCS5 padding
- * @see module:packet.PublicKeyEncryptedSessionKey
- * @module crypto/pkcs5
- */
- /**
- * Add pkcs5 padding to a text.
- * @param {String} msg Text to add padding
- * @returns {String} Text with padding added
- */
- function encode(msg) {
- const c = 8 - msg.length % 8;
- const padding = String.fromCharCode(c).repeat(c);
- return msg + padding;
- }
- /**
- * Remove pkcs5 padding from a string.
- * @param {String} msg Text to remove padding from
- * @returns {String} Text with padding removed
- */
- function decode(msg) {
- const len = msg.length;
- if (len > 0) {
- const c = msg.charCodeAt(len - 1);
- if (c >= 1 && c <= 8) {
- const provided = msg.substr(len - c);
- const computed = String.fromCharCode(c).repeat(c);
- if (provided === computed) {
- return msg.substr(0, len - c);
- }
- }
- }
- throw new Error('Invalid padding');
- }
- exports.default = { encode, decode };
- },{}],98:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _random = require('../random');
- var _random2 = _interopRequireDefault(_random);
- var _util = require('../../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const one = new _bn2.default(1); // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview A Digital signature algorithm implementation
- * @requires bn.js
- * @requires crypto/random
- * @requires util
- * @module crypto/public_key/dsa
- */
- const zero = new _bn2.default(0);
- /*
- TODO regarding the hash function, read:
- https://tools.ietf.org/html/rfc4880#section-13.6
- https://tools.ietf.org/html/rfc4880#section-14
- */
- exports.default = {
- /**
- * DSA Sign function
- * @param {Integer} hash_algo
- * @param {Uint8Array} hashed
- * @param {BN} g
- * @param {BN} p
- * @param {BN} q
- * @param {BN} x
- * @returns {{ r: BN, s: BN }}
- * @async
- */
- sign: async function sign(hash_algo, hashed, g, p, q, x) {
- let k;
- let r;
- let s;
- let t;
- const redp = new _bn2.default.red(p);
- const redq = new _bn2.default.red(q);
- const gred = g.toRed(redp);
- const xred = x.toRed(redq);
- // If the output size of the chosen hash is larger than the number of
- // bits of q, the hash result is truncated to fit by taking the number
- // of leftmost bits equal to the number of bits of q. This (possibly
- // truncated) hash function result is treated as a number and used
- // directly in the DSA signature algorithm.
- const h = new _bn2.default(hashed.subarray(0, q.byteLength())).toRed(redq);
- // FIPS-186-4, section 4.6:
- // The values of r and s shall be checked to determine if r = 0 or s = 0.
- // If either r = 0 or s = 0, a new value of k shall be generated, and the
- // signature shall be recalculated. It is extremely unlikely that r = 0
- // or s = 0 if signatures are generated properly.
- while (true) {
- // See Appendix B here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- k = await _random2.default.getRandomBN(one, q); // returns in [1, q-1]
- r = gred.redPow(k).fromRed().toRed(redq); // (g**k mod p) mod q
- if (zero.cmp(r) === 0) {
- continue;
- }
- t = h.redAdd(xred.redMul(r)); // H(m) + x*r mod q
- s = k.toRed(redq).redInvm().redMul(t); // k**-1 * (H(m) + x*r) mod q
- if (zero.cmp(s) === 0) {
- continue;
- }
- break;
- }
- return {
- r: r.toArrayLike(Uint8Array, 'be', q.byteLength()),
- s: s.toArrayLike(Uint8Array, 'be', q.byteLength())
- };
- },
- /**
- * DSA Verify function
- * @param {Integer} hash_algo
- * @param {BN} r
- * @param {BN} s
- * @param {Uint8Array} hashed
- * @param {BN} g
- * @param {BN} p
- * @param {BN} q
- * @param {BN} y
- * @returns {boolean}
- * @async
- */
- verify: async function verify(hash_algo, r, s, hashed, g, p, q, y) {
- if (zero.ucmp(r) >= 0 || r.ucmp(q) >= 0 || zero.ucmp(s) >= 0 || s.ucmp(q) >= 0) {
- _util2.default.print_debug("invalid DSA Signature");
- return null;
- }
- const redp = new _bn2.default.red(p);
- const redq = new _bn2.default.red(q);
- const h = new _bn2.default(hashed.subarray(0, q.byteLength()));
- const w = s.toRed(redq).redInvm(); // s**-1 mod q
- if (zero.cmp(w) === 0) {
- _util2.default.print_debug("invalid DSA Signature");
- return null;
- }
- const u1 = h.toRed(redq).redMul(w); // H(m) * w mod q
- const u2 = r.toRed(redq).redMul(w); // r * w mod q
- const t1 = g.toRed(redp).redPow(u1.fromRed()); // g**u1 mod p
- const t2 = y.toRed(redp).redPow(u2.fromRed()); // y**u2 mod p
- const v = t1.redMul(t2).fromRed().mod(q); // (g**u1 * y**u2 mod p) mod q
- return v.cmp(r) === 0;
- }
- };
- },{"../../util":158,"../random":109,"bn.js":16}],99:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _random = require('../random');
- var _random2 = _interopRequireDefault(_random);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview ElGamal implementation
- * @requires bn.js
- * @requires crypto/random
- * @module crypto/public_key/elgamal
- */
- const zero = new _bn2.default(0);
- exports.default = {
- /**
- * ElGamal Encryption function
- * @param {BN} m
- * @param {BN} p
- * @param {BN} g
- * @param {BN} y
- * @returns {{ c1: BN, c2: BN }}
- * @async
- */
- encrypt: async function encrypt(m, p, g, y) {
- const redp = new _bn2.default.red(p);
- const mred = m.toRed(redp);
- const gred = g.toRed(redp);
- const yred = y.toRed(redp);
- // See Section 11.5 here: https://crypto.stanford.edu/~dabo/cryptobook/BonehShoup_0_4.pdf
- const k = await _random2.default.getRandomBN(zero, p); // returns in [0, p-1]
- return {
- c1: gred.redPow(k).fromRed(),
- c2: yred.redPow(k).redMul(mred).fromRed()
- };
- },
- /**
- * ElGamal Encryption function
- * @param {BN} c1
- * @param {BN} c2
- * @param {BN} p
- * @param {BN} x
- * @returns BN
- * @async
- */
- decrypt: async function decrypt(c1, c2, p, x) {
- const redp = new _bn2.default.red(p);
- const c1red = c1.toRed(redp);
- const c2red = c2.toRed(redp);
- return c1red.redPow(x).redInvm().redMul(c2red).fromRed();
- }
- };
- },{"../random":109,"bn.js":16}],100:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.privateToJwk = exports.rawPublicToJwk = exports.jwkToRawPublic = exports.getPreferredHashAlgo = exports.generate = exports.nodeCurves = exports.webCurves = exports.curves = undefined;
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _naclFastLight = require('tweetnacl/nacl-fast-light.js');
- var _naclFastLight2 = _interopRequireDefault(_naclFastLight);
- var _random = require('../../random');
- var _random2 = _interopRequireDefault(_random);
- var _enums = require('../../../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../../../util');
- var _util2 = _interopRequireDefault(_util);
- var _oid = require('../../../type/oid');
- var _oid2 = _interopRequireDefault(_oid);
- var _indutnyKey = require('./indutnyKey');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const webCrypto = _util2.default.getWebCrypto(); // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Wrapper of an instance of an Elliptic Curve
- * @requires bn.js
- * @requires tweetnacl
- * @requires crypto/public_key/elliptic/key
- * @requires crypto/random
- * @requires enums
- * @requires util
- * @requires type/oid
- * @requires config
- * @module crypto/public_key/elliptic/curve
- */
- const nodeCrypto = _util2.default.getNodeCrypto();
- const webCurves = {
- 'p256': 'P-256',
- 'p384': 'P-384',
- 'p521': 'P-521'
- };
- const knownCurves = nodeCrypto ? nodeCrypto.getCurves() : [];
- const nodeCurves = nodeCrypto ? {
- secp256k1: knownCurves.includes('secp256k1') ? 'secp256k1' : undefined,
- p256: knownCurves.includes('prime256v1') ? 'prime256v1' : undefined,
- p384: knownCurves.includes('secp384r1') ? 'secp384r1' : undefined,
- p521: knownCurves.includes('secp521r1') ? 'secp521r1' : undefined,
- ed25519: knownCurves.includes('ED25519') ? 'ED25519' : undefined,
- curve25519: knownCurves.includes('X25519') ? 'X25519' : undefined,
- brainpoolP256r1: knownCurves.includes('brainpoolP256r1') ? 'brainpoolP256r1' : undefined,
- brainpoolP384r1: knownCurves.includes('brainpoolP384r1') ? 'brainpoolP384r1' : undefined,
- brainpoolP512r1: knownCurves.includes('brainpoolP512r1') ? 'brainpoolP512r1' : undefined
- } : {};
- const curves = {
- p256: {
- oid: [0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha256,
- cipher: _enums2.default.symmetric.aes128,
- node: nodeCurves.p256,
- web: webCurves.p256,
- payloadSize: 32,
- sharedSize: 256
- },
- p384: {
- oid: [0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha384,
- cipher: _enums2.default.symmetric.aes192,
- node: nodeCurves.p384,
- web: webCurves.p384,
- payloadSize: 48,
- sharedSize: 384
- },
- p521: {
- oid: [0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x23],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha512,
- cipher: _enums2.default.symmetric.aes256,
- node: nodeCurves.p521,
- web: webCurves.p521,
- payloadSize: 66,
- sharedSize: 528
- },
- secp256k1: {
- oid: [0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x0A],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha256,
- cipher: _enums2.default.symmetric.aes128,
- node: nodeCurves.secp256k1,
- payloadSize: 32
- },
- ed25519: {
- oid: [0x06, 0x09, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01],
- keyType: _enums2.default.publicKey.eddsa,
- hash: _enums2.default.hash.sha512,
- node: false, // nodeCurves.ed25519 TODO
- payloadSize: 32
- },
- curve25519: {
- oid: [0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha256,
- cipher: _enums2.default.symmetric.aes128,
- node: false, // nodeCurves.curve25519 TODO
- payloadSize: 32
- },
- brainpoolP256r1: {
- oid: [0x06, 0x09, 0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha256,
- cipher: _enums2.default.symmetric.aes128,
- node: nodeCurves.brainpoolP256r1,
- payloadSize: 32
- },
- brainpoolP384r1: {
- oid: [0x06, 0x09, 0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0B],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha384,
- cipher: _enums2.default.symmetric.aes192,
- node: nodeCurves.brainpoolP384r1,
- payloadSize: 48
- },
- brainpoolP512r1: {
- oid: [0x06, 0x09, 0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0D],
- keyType: _enums2.default.publicKey.ecdsa,
- hash: _enums2.default.hash.sha512,
- cipher: _enums2.default.symmetric.aes256,
- node: nodeCurves.brainpoolP512r1,
- payloadSize: 64
- }
- };
- /**
- * @constructor
- */
- function Curve(oid_or_name, params) {
- try {
- if (_util2.default.isArray(oid_or_name) || _util2.default.isUint8Array(oid_or_name)) {
- // by oid byte array
- oid_or_name = new _oid2.default(oid_or_name);
- }
- if (oid_or_name instanceof _oid2.default) {
- // by curve OID
- oid_or_name = oid_or_name.getName();
- }
- // by curve name or oid string
- this.name = _enums2.default.write(_enums2.default.curve, oid_or_name);
- } catch (err) {
- throw new Error('Not valid curve');
- }
- params = params || curves[this.name];
- this.keyType = params.keyType;
- this.oid = params.oid;
- this.hash = params.hash;
- this.cipher = params.cipher;
- this.node = params.node && curves[this.name];
- this.web = params.web && curves[this.name];
- this.payloadSize = params.payloadSize;
- if (this.web && _util2.default.getWebCrypto()) {
- this.type = 'web';
- } else if (this.node && _util2.default.getNodeCrypto()) {
- this.type = 'node';
- } else if (this.name === 'curve25519') {
- this.type = 'curve25519';
- } else if (this.name === 'ed25519') {
- this.type = 'ed25519';
- }
- }
- Curve.prototype.genKeyPair = async function () {
- let keyPair;
- switch (this.type) {
- case 'web':
- try {
- return await webGenKeyPair(this.name);
- } catch (err) {
- _util2.default.print_debug_error("Browser did not support generating ec key " + err.message);
- break;
- }
- case 'node':
- return nodeGenKeyPair(this.name);
- case 'curve25519':
- {
- const privateKey = await _random2.default.getRandomBytes(32);
- privateKey[0] = privateKey[0] & 127 | 64;
- privateKey[31] &= 248;
- const secretKey = privateKey.slice().reverse();
- keyPair = _naclFastLight2.default.box.keyPair.fromSecretKey(secretKey);
- const publicKey = _util2.default.concatUint8Array([new Uint8Array([0x40]), keyPair.publicKey]);
- return { publicKey, privateKey };
- }
- case 'ed25519':
- {
- const privateKey = await _random2.default.getRandomBytes(32);
- const keyPair = _naclFastLight2.default.sign.keyPair.fromSeed(privateKey);
- const publicKey = _util2.default.concatUint8Array([new Uint8Array([0x40]), keyPair.publicKey]);
- return { publicKey, privateKey };
- }
- }
- const indutnyCurve = await (0, _indutnyKey.getIndutnyCurve)(this.name);
- keyPair = await indutnyCurve.genKeyPair({
- entropy: _util2.default.Uint8Array_to_str((await _random2.default.getRandomBytes(32)))
- });
- return { publicKey: new Uint8Array(keyPair.getPublic('array', false)), privateKey: keyPair.getPrivate().toArrayLike(Uint8Array) };
- };
- async function generate(curve) {
- curve = new Curve(curve);
- const keyPair = await curve.genKeyPair();
- return {
- oid: curve.oid,
- Q: new _bn2.default(keyPair.publicKey),
- d: new _bn2.default(keyPair.privateKey),
- hash: curve.hash,
- cipher: curve.cipher
- };
- }
- function getPreferredHashAlgo(oid) {
- return curves[_enums2.default.write(_enums2.default.curve, oid.toHex())].hash;
- }
- exports.default = Curve;
- exports.curves = curves;
- exports.webCurves = webCurves;
- exports.nodeCurves = nodeCurves;
- exports.generate = generate;
- exports.getPreferredHashAlgo = getPreferredHashAlgo;
- exports.jwkToRawPublic = jwkToRawPublic;
- exports.rawPublicToJwk = rawPublicToJwk;
- exports.privateToJwk = privateToJwk;
- //////////////////////////
- // //
- // Helper functions //
- // //
- //////////////////////////
- async function webGenKeyPair(name) {
- // Note: keys generated with ECDSA and ECDH are structurally equivalent
- const webCryptoKey = await webCrypto.generateKey({ name: "ECDSA", namedCurve: webCurves[name] }, true, ["sign", "verify"]);
- const privateKey = await webCrypto.exportKey("jwk", webCryptoKey.privateKey);
- const publicKey = await webCrypto.exportKey("jwk", webCryptoKey.publicKey);
- return {
- publicKey: jwkToRawPublic(publicKey),
- privateKey: _util2.default.b64_to_Uint8Array(privateKey.d, true)
- };
- }
- async function nodeGenKeyPair(name) {
- // Note: ECDSA and ECDH key generation is structurally equivalent
- const ecdh = nodeCrypto.createECDH(nodeCurves[name]);
- await ecdh.generateKeys();
- return {
- publicKey: new Uint8Array(ecdh.getPublicKey()),
- privateKey: new Uint8Array(ecdh.getPrivateKey())
- };
- }
- //////////////////////////
- // //
- // Helper functions //
- // //
- //////////////////////////
- /**
- * @param {JsonWebKey} jwk key for conversion
- *
- * @returns {Uint8Array} raw public key
- */
- function jwkToRawPublic(jwk) {
- const bufX = _util2.default.b64_to_Uint8Array(jwk.x);
- const bufY = _util2.default.b64_to_Uint8Array(jwk.y);
- const publicKey = new Uint8Array(bufX.length + bufY.length + 1);
- publicKey[0] = 0x04;
- publicKey.set(bufX, 1);
- publicKey.set(bufY, bufX.length + 1);
- return publicKey;
- }
- /**
- * @param {Integer} payloadSize ec payload size
- * @param {String} name curve name
- * @param {Uint8Array} publicKey public key
- *
- * @returns {JsonWebKey} public key in jwk format
- */
- function rawPublicToJwk(payloadSize, name, publicKey) {
- const len = payloadSize;
- const bufX = publicKey.slice(1, len + 1);
- const bufY = publicKey.slice(len + 1, len * 2 + 1);
- // https://www.rfc-editor.org/rfc/rfc7518.txt
- const jwk = {
- kty: "EC",
- crv: name,
- x: _util2.default.Uint8Array_to_b64(bufX, true),
- y: _util2.default.Uint8Array_to_b64(bufY, true),
- ext: true
- };
- return jwk;
- }
- /**
- * @param {Integer} payloadSize ec payload size
- * @param {String} name curve name
- * @param {Uint8Array} publicKey public key
- * @param {Uint8Array} privateKey private key
- *
- * @returns {JsonWebKey} private key in jwk format
- */
- function privateToJwk(payloadSize, name, publicKey, privateKey) {
- const jwk = rawPublicToJwk(payloadSize, name, publicKey);
- jwk.d = _util2.default.Uint8Array_to_b64(privateKey, true);
- return jwk;
- }
- },{"../../../enums":113,"../../../type/oid":156,"../../../util":158,"../../random":109,"./indutnyKey":105,"bn.js":16,"tweetnacl/nacl-fast-light.js":72}],101:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _slicedToArray = function () { function sliceIterator(arr, i) { var _arr = []; var _n = true; var _d = false; var _e = undefined; try { for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"]) _i["return"](); } finally { if (_d) throw _e; } } return _arr; } return function (arr, i) { if (Array.isArray(arr)) { return arr; } else if (Symbol.iterator in Object(arr)) { return sliceIterator(arr, i); } else { throw new TypeError("Invalid attempt to destructure non-iterable instance"); } }; }(); // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Key encryption and decryption for RFC 6637 ECDH
- * @requires bn.js
- * @requires tweetnacl
- * @requires crypto/public_key/elliptic/curve
- * @requires crypto/aes_kw
- * @requires crypto/cipher
- * @requires crypto/random
- * @requires crypto/hash
- * @requires type/kdf_params
- * @requires enums
- * @requires util
- * @module crypto/public_key/elliptic/ecdh
- */
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _naclFastLight = require('tweetnacl/nacl-fast-light.js');
- var _naclFastLight2 = _interopRequireDefault(_naclFastLight);
- var _curves = require('./curves');
- var _curves2 = _interopRequireDefault(_curves);
- var _aes_kw = require('../../aes_kw');
- var _aes_kw2 = _interopRequireDefault(_aes_kw);
- var _cipher = require('../../cipher');
- var _cipher2 = _interopRequireDefault(_cipher);
- var _random = require('../../random');
- var _random2 = _interopRequireDefault(_random);
- var _hash = require('../../hash');
- var _hash2 = _interopRequireDefault(_hash);
- var _kdf_params = require('../../../type/kdf_params');
- var _kdf_params2 = _interopRequireDefault(_kdf_params);
- var _enums = require('../../../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../../../util');
- var _util2 = _interopRequireDefault(_util);
- var _indutnyKey = require('./indutnyKey');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const webCrypto = _util2.default.getWebCrypto();
- const nodeCrypto = _util2.default.getNodeCrypto();
- // Build Param for ECDH algorithm (RFC 6637)
- function buildEcdhParam(public_algo, oid, cipher_algo, hash_algo, fingerprint) {
- const kdf_params = new _kdf_params2.default([hash_algo, cipher_algo]);
- return _util2.default.concatUint8Array([oid.write(), new Uint8Array([public_algo]), kdf_params.write(), _util2.default.str_to_Uint8Array("Anonymous Sender "), fingerprint.subarray(0, 20)]);
- }
- // Key Derivation Function (RFC 6637)
- async function kdf(hash_algo, X, length, param, stripLeading = false, stripTrailing = false) {
- // Note: X is little endian for Curve25519, big-endian for all others.
- // This is not ideal, but the RFC's are unclear
- // https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02#appendix-B
- let i;
- if (stripLeading) {
- // Work around old go crypto bug
- for (i = 0; i < X.length && X[i] === 0; i++);
- X = X.subarray(i);
- }
- if (stripTrailing) {
- // Work around old OpenPGP.js bug
- for (i = X.length - 1; i >= 0 && X[i] === 0; i--);
- X = X.subarray(0, i + 1);
- }
- const digest = await _hash2.default.digest(hash_algo, _util2.default.concatUint8Array([new Uint8Array([0, 0, 0, 1]), X, param]));
- return digest.subarray(0, length);
- }
- /**
- * Generate ECDHE ephemeral key and secret from public key
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} Q Recipient public key
- * @returns {Promise<{publicKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function genPublicEphemeralKey(curve, Q) {
- switch (curve.type) {
- case 'curve25519':
- {
- const d = await _random2.default.getRandomBytes(32);
- var _ref = await genPrivateEphemeralKey(curve, Q, null, d);
- const secretKey = _ref.secretKey,
- sharedKey = _ref.sharedKey;
- var _nacl$box$keyPair$fro = _naclFastLight2.default.box.keyPair.fromSecretKey(secretKey);
- let publicKey = _nacl$box$keyPair$fro.publicKey;
- publicKey = _util2.default.concatUint8Array([new Uint8Array([0x40]), publicKey]);
- return { publicKey, sharedKey }; // Note: sharedKey is little-endian here, unlike below
- }
- case 'web':
- if (curve.web && _util2.default.getWebCrypto()) {
- try {
- return await webPublicEphemeralKey(curve, Q);
- } catch (err) {
- _util2.default.print_debug_error(err);
- }
- }
- break;
- case 'node':
- return nodePublicEphemeralKey(curve, Q);
- }
- return ellipticPublicEphemeralKey(curve, Q);
- }
- /**
- * Encrypt and wrap a session key
- *
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.symmetric} cipher_algo Symmetric cipher to use
- * @param {module:enums.hash} hash_algo Hash algorithm to use
- * @param {module:type/mpi} m Value derived from session key (RFC 6637)
- * @param {Uint8Array} Q Recipient public key
- * @param {String} fingerprint Recipient fingerprint
- * @returns {Promise<{publicKey: Uint8Array, wrappedKey: Uint8Array}>}
- * @async
- */
- async function encrypt(oid, cipher_algo, hash_algo, m, Q, fingerprint) {
- const curve = new _curves2.default(oid);
- var _ref2 = await genPublicEphemeralKey(curve, Q);
- const publicKey = _ref2.publicKey,
- sharedKey = _ref2.sharedKey;
- const param = buildEcdhParam(_enums2.default.publicKey.ecdh, oid, cipher_algo, hash_algo, fingerprint);
- cipher_algo = _enums2.default.read(_enums2.default.symmetric, cipher_algo);
- const Z = await kdf(hash_algo, sharedKey, _cipher2.default[cipher_algo].keySize, param);
- const wrappedKey = _aes_kw2.default.wrap(Z, m.toString());
- return { publicKey, wrappedKey };
- }
- /**
- * Generate ECDHE secret from private key and public part of ephemeral key
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} V Public part of ephemeral key
- * @param {Uint8Array} Q Recipient public key
- * @param {Uint8Array} d Recipient private key
- * @returns {Promise<{secretKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function genPrivateEphemeralKey(curve, V, Q, d) {
- if (d.length !== curve.payloadSize) {
- const privateKey = new Uint8Array(curve.payloadSize);
- privateKey.set(d, curve.payloadSize - d.length);
- d = privateKey;
- }
- switch (curve.type) {
- case 'curve25519':
- {
- const secretKey = d.slice().reverse();
- const sharedKey = _naclFastLight2.default.scalarMult(secretKey, V.subarray(1));
- return { secretKey, sharedKey }; // Note: sharedKey is little-endian here, unlike below
- }
- case 'web':
- if (curve.web && _util2.default.getWebCrypto()) {
- try {
- return await webPrivateEphemeralKey(curve, V, Q, d);
- } catch (err) {
- _util2.default.print_debug_error(err);
- }
- }
- break;
- case 'node':
- return nodePrivateEphemeralKey(curve, V, d);
- }
- return ellipticPrivateEphemeralKey(curve, V, d);
- }
- /**
- * Decrypt and unwrap the value derived from session key
- *
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.symmetric} cipher_algo Symmetric cipher to use
- * @param {module:enums.hash} hash_algo Hash algorithm to use
- * @param {Uint8Array} V Public part of ephemeral key
- * @param {Uint8Array} C Encrypted and wrapped value derived from session key
- * @param {Uint8Array} Q Recipient public key
- * @param {Uint8Array} d Recipient private key
- * @param {String} fingerprint Recipient fingerprint
- * @returns {Promise<BN>} Value derived from session key
- * @async
- */
- async function decrypt(oid, cipher_algo, hash_algo, V, C, Q, d, fingerprint) {
- const curve = new _curves2.default(oid);
- var _ref3 = await genPrivateEphemeralKey(curve, V, Q, d);
- const sharedKey = _ref3.sharedKey;
- const param = buildEcdhParam(_enums2.default.publicKey.ecdh, oid, cipher_algo, hash_algo, fingerprint);
- cipher_algo = _enums2.default.read(_enums2.default.symmetric, cipher_algo);
- let err;
- for (let i = 0; i < 3; i++) {
- try {
- // Work around old go crypto bug and old OpenPGP.js bug, respectively.
- const Z = await kdf(hash_algo, sharedKey, _cipher2.default[cipher_algo].keySize, param, i === 1, i === 2);
- return new _bn2.default(_aes_kw2.default.unwrap(Z, C));
- } catch (e) {
- err = e;
- }
- }
- throw err;
- }
- /**
- * Generate ECDHE secret from private key and public part of ephemeral key using webCrypto
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} V Public part of ephemeral key
- * @param {Uint8Array} Q Recipient public key
- * @param {Uint8Array} d Recipient private key
- * @returns {Promise<{secretKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function webPrivateEphemeralKey(curve, V, Q, d) {
- const recipient = (0, _curves.privateToJwk)(curve.payloadSize, curve.web.web, Q, d);
- let privateKey = webCrypto.importKey("jwk", recipient, {
- name: "ECDH",
- namedCurve: curve.web.web
- }, true, ["deriveKey", "deriveBits"]);
- const jwk = (0, _curves.rawPublicToJwk)(curve.payloadSize, curve.web.web, V);
- let sender = webCrypto.importKey("jwk", jwk, {
- name: "ECDH",
- namedCurve: curve.web.web
- }, true, []);
- var _ref4 = await Promise.all([privateKey, sender]);
- var _ref5 = _slicedToArray(_ref4, 2);
- privateKey = _ref5[0];
- sender = _ref5[1];
- let S = webCrypto.deriveBits({
- name: "ECDH",
- namedCurve: curve.web.web,
- public: sender
- }, privateKey, curve.web.sharedSize);
- let secret = webCrypto.exportKey("jwk", privateKey);
- var _ref6 = await Promise.all([S, secret]);
- var _ref7 = _slicedToArray(_ref6, 2);
- S = _ref7[0];
- secret = _ref7[1];
- const sharedKey = new Uint8Array(S);
- const secretKey = _util2.default.b64_to_Uint8Array(secret.d, true);
- return { secretKey, sharedKey };
- }
- /**
- * Generate ECDHE ephemeral key and secret from public key using webCrypto
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} Q Recipient public key
- * @returns {Promise<{publicKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function webPublicEphemeralKey(curve, Q) {
- const jwk = (0, _curves.rawPublicToJwk)(curve.payloadSize, curve.web.web, Q);
- let keyPair = webCrypto.generateKey({
- name: "ECDH",
- namedCurve: curve.web.web
- }, true, ["deriveKey", "deriveBits"]);
- let recipient = webCrypto.importKey("jwk", jwk, {
- name: "ECDH",
- namedCurve: curve.web.web
- }, false, []);
- var _ref8 = await Promise.all([keyPair, recipient]);
- var _ref9 = _slicedToArray(_ref8, 2);
- keyPair = _ref9[0];
- recipient = _ref9[1];
- let s = webCrypto.deriveBits({
- name: "ECDH",
- namedCurve: curve.web.web,
- public: recipient
- }, keyPair.privateKey, curve.web.sharedSize);
- let p = webCrypto.exportKey("jwk", keyPair.publicKey);
- var _ref10 = await Promise.all([s, p]);
- var _ref11 = _slicedToArray(_ref10, 2);
- s = _ref11[0];
- p = _ref11[1];
- const sharedKey = new Uint8Array(s);
- const publicKey = new Uint8Array((0, _curves.jwkToRawPublic)(p));
- return { publicKey, sharedKey };
- }
- /**
- * Generate ECDHE secret from private key and public part of ephemeral key using indutny/elliptic
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} V Public part of ephemeral key
- * @param {Uint8Array} d Recipient private key
- * @returns {Promise<{secretKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function ellipticPrivateEphemeralKey(curve, V, d) {
- const indutnyCurve = await (0, _indutnyKey.getIndutnyCurve)(curve.name);
- V = (0, _indutnyKey.keyFromPublic)(indutnyCurve, V);
- d = (0, _indutnyKey.keyFromPrivate)(indutnyCurve, d);
- const secretKey = new Uint8Array(d.getPrivate());
- const S = d.derive(V.getPublic());
- const len = indutnyCurve.curve.p.byteLength();
- const sharedKey = S.toArrayLike(Uint8Array, 'be', len);
- return { secretKey, sharedKey };
- }
- /**
- * Generate ECDHE ephemeral key and secret from public key using indutny/elliptic
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} Q Recipient public key
- * @returns {Promise<{publicKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function ellipticPublicEphemeralKey(curve, Q) {
- const indutnyCurve = await (0, _indutnyKey.getIndutnyCurve)(curve.name);
- const v = await curve.genKeyPair();
- Q = (0, _indutnyKey.keyFromPublic)(indutnyCurve, Q);
- const V = (0, _indutnyKey.keyFromPrivate)(indutnyCurve, v.privateKey);
- const publicKey = v.publicKey;
- const S = V.derive(Q.getPublic());
- const len = indutnyCurve.curve.p.byteLength();
- const sharedKey = S.toArrayLike(Uint8Array, 'be', len);
- return { publicKey, sharedKey };
- }
- /**
- * Generate ECDHE secret from private key and public part of ephemeral key using nodeCrypto
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} V Public part of ephemeral key
- * @param {Uint8Array} d Recipient private key
- * @returns {Promise<{secretKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function nodePrivateEphemeralKey(curve, V, d) {
- const recipient = nodeCrypto.createECDH(curve.node.node);
- recipient.setPrivateKey(d);
- const sharedKey = new Uint8Array(recipient.computeSecret(V));
- const secretKey = new Uint8Array(recipient.getPrivateKey());
- return { secretKey, sharedKey };
- }
- /**
- * Generate ECDHE ephemeral key and secret from public key using nodeCrypto
- *
- * @param {Curve} curve Elliptic curve object
- * @param {Uint8Array} Q Recipient public key
- * @returns {Promise<{publicKey: Uint8Array, sharedKey: Uint8Array}>}
- * @async
- */
- async function nodePublicEphemeralKey(curve, Q) {
- const sender = nodeCrypto.createECDH(curve.node.node);
- sender.generateKeys();
- const sharedKey = new Uint8Array(sender.computeSecret(Q));
- const publicKey = new Uint8Array(sender.getPublicKey());
- return { publicKey, sharedKey };
- }
- exports.default = { encrypt, decrypt, genPublicEphemeralKey, genPrivateEphemeralKey, buildEcdhParam, kdf, webPublicEphemeralKey, webPrivateEphemeralKey, ellipticPublicEphemeralKey, ellipticPrivateEphemeralKey, nodePublicEphemeralKey, nodePrivateEphemeralKey };
- },{"../../../enums":113,"../../../type/kdf_params":153,"../../../util":158,"../../aes_kw":80,"../../cipher":86,"../../hash":92,"../../random":109,"./curves":100,"./indutnyKey":105,"bn.js":16,"tweetnacl/nacl-fast-light.js":72}],102:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _enums = require('../../../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../../../util');
- var _util2 = _interopRequireDefault(_util);
- var _curves = require('./curves');
- var _curves2 = _interopRequireDefault(_curves);
- var _indutnyKey = require('./indutnyKey');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const webCrypto = _util2.default.getWebCrypto(); // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Implementation of ECDSA following RFC6637 for Openpgpjs
- * @requires bn.js
- * @requires web-stream-tools
- * @requires enums
- * @requires util
- * @requires crypto/public_key/elliptic/curves
- * @module crypto/public_key/elliptic/ecdsa
- */
- const nodeCrypto = _util2.default.getNodeCrypto();
- /**
- * Sign a message using the provided key
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.hash} hash_algo Hash algorithm used to sign
- * @param {Uint8Array} message Message to sign
- * @param {Uint8Array} publicKey Public key
- * @param {Uint8Array} privateKey Private key used to sign the message
- * @param {Uint8Array} hashed The hashed message
- * @returns {{r: Uint8Array,
- * s: Uint8Array}} Signature of the message
- * @async
- */
- async function sign(oid, hash_algo, message, publicKey, privateKey, hashed) {
- const curve = new _curves2.default(oid);
- if (message && !_util2.default.isStream(message)) {
- const keyPair = { publicKey, privateKey };
- switch (curve.type) {
- case 'web':
- {
- // If browser doesn't support a curve, we'll catch it
- try {
- // Need to await to make sure browser succeeds
- return await webSign(curve, hash_algo, message, keyPair);
- } catch (err) {
- _util2.default.print_debug_error("Browser did not support signing: " + err.message);
- }
- break;
- }
- case 'node':
- {
- const signature = await nodeSign(curve, hash_algo, message, keyPair);
- return {
- r: signature.r.toArrayLike(Uint8Array),
- s: signature.s.toArrayLike(Uint8Array)
- };
- }
- }
- }
- return ellipticSign(curve, hashed, privateKey);
- }
- /**
- * Verifies if a signature is valid for a message
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.hash} hash_algo Hash algorithm used in the signature
- * @param {{r: Uint8Array,
- s: Uint8Array}} signature Signature to verify
- * @param {Uint8Array} message Message to verify
- * @param {Uint8Array} publicKey Public key used to verify the message
- * @param {Uint8Array} hashed The hashed message
- * @returns {Boolean}
- * @async
- */
- async function verify(oid, hash_algo, signature, message, publicKey, hashed) {
- const curve = new _curves2.default(oid);
- if (message && !_util2.default.isStream(message)) {
- switch (curve.type) {
- case 'web':
- try {
- // Need to await to make sure browser succeeds
- return await webVerify(curve, hash_algo, signature, message, publicKey);
- } catch (err) {
- _util2.default.print_debug_error("Browser did not support verifying: " + err.message);
- }
- break;
- case 'node':
- return nodeVerify(curve, hash_algo, signature, message, publicKey);
- }
- }
- const digest = typeof hash_algo === 'undefined' ? message : hashed;
- return ellipticVerify(curve, signature, digest, publicKey);
- }
- exports.default = { sign, verify, ellipticVerify, ellipticSign };
- //////////////////////////
- // //
- // Helper functions //
- // //
- //////////////////////////
- async function ellipticSign(curve, hashed, privateKey) {
- const indutnyCurve = await (0, _indutnyKey.getIndutnyCurve)(curve.name);
- const key = (0, _indutnyKey.keyFromPrivate)(indutnyCurve, privateKey);
- const signature = key.sign(hashed);
- return {
- r: signature.r.toArrayLike(Uint8Array),
- s: signature.s.toArrayLike(Uint8Array)
- };
- }
- async function ellipticVerify(curve, signature, digest, publicKey) {
- const indutnyCurve = await (0, _indutnyKey.getIndutnyCurve)(curve.name);
- const key = (0, _indutnyKey.keyFromPublic)(indutnyCurve, publicKey);
- return key.verify(digest, signature);
- }
- async function webSign(curve, hash_algo, message, keyPair) {
- const len = curve.payloadSize;
- const jwk = (0, _curves.privateToJwk)(curve.payloadSize, _curves.webCurves[curve.name], keyPair.publicKey, keyPair.privateKey);
- const key = await webCrypto.importKey("jwk", jwk, {
- "name": "ECDSA",
- "namedCurve": _curves.webCurves[curve.name],
- "hash": { name: _enums2.default.read(_enums2.default.webHash, curve.hash) }
- }, false, ["sign"]);
- const signature = new Uint8Array((await webCrypto.sign({
- "name": 'ECDSA',
- "namedCurve": _curves.webCurves[curve.name],
- "hash": { name: _enums2.default.read(_enums2.default.webHash, hash_algo) }
- }, key, message)));
- return {
- r: signature.slice(0, len),
- s: signature.slice(len, len << 1)
- };
- }
- async function webVerify(curve, hash_algo, { r, s }, message, publicKey) {
- const len = curve.payloadSize;
- const jwk = (0, _curves.rawPublicToJwk)(curve.payloadSize, _curves.webCurves[curve.name], publicKey);
- const key = await webCrypto.importKey("jwk", jwk, {
- "name": "ECDSA",
- "namedCurve": _curves.webCurves[curve.name],
- "hash": { name: _enums2.default.read(_enums2.default.webHash, curve.hash) }
- }, false, ["verify"]);
- const signature = _util2.default.concatUint8Array([new Uint8Array(len - r.length), r, new Uint8Array(len - s.length), s]).buffer;
- return webCrypto.verify({
- "name": 'ECDSA',
- "namedCurve": _curves.webCurves[curve.name],
- "hash": { name: _enums2.default.read(_enums2.default.webHash, hash_algo) }
- }, key, signature, message);
- }
- async function nodeSign(curve, hash_algo, message, keyPair) {
- const sign = nodeCrypto.createSign(_enums2.default.read(_enums2.default.hash, hash_algo));
- sign.write(message);
- sign.end();
- const key = ECPrivateKey.encode({
- version: 1,
- parameters: curve.oid,
- privateKey: Array.from(keyPair.privateKey),
- publicKey: { unused: 0, data: Array.from(keyPair.publicKey) }
- }, 'pem', {
- label: 'EC PRIVATE KEY'
- });
- return ECDSASignature.decode(sign.sign(key), 'der');
- }
- async function nodeVerify(curve, hash_algo, { r, s }, message, publicKey) {
- const verify = nodeCrypto.createVerify(_enums2.default.read(_enums2.default.hash, hash_algo));
- verify.write(message);
- verify.end();
- const key = SubjectPublicKeyInfo.encode({
- algorithm: {
- algorithm: [1, 2, 840, 10045, 2, 1],
- parameters: curve.oid
- },
- subjectPublicKey: { unused: 0, data: Array.from(publicKey) }
- }, 'pem', {
- label: 'PUBLIC KEY'
- });
- const signature = ECDSASignature.encode({
- r: new _bn2.default(r), s: new _bn2.default(s)
- }, 'der');
- try {
- return verify.verify(key, signature);
- } catch (err) {
- return false;
- }
- }
- // Originally written by Owen Smith https://github.com/omsmith
- // Adapted on Feb 2018 from https://github.com/Brightspace/node-jwk-to-pem/
- /* eslint-disable no-invalid-this */
- const asn1 = nodeCrypto ? require('asn1.js') : undefined;
- const ECDSASignature = nodeCrypto ? asn1.define('ECDSASignature', function () {
- this.seq().obj(this.key('r').int(), this.key('s').int());
- }) : undefined;
- const ECPrivateKey = nodeCrypto ? asn1.define('ECPrivateKey', function () {
- this.seq().obj(this.key('version').int(), this.key('privateKey').octstr(), this.key('parameters').explicit(0).optional().any(), this.key('publicKey').explicit(1).optional().bitstr());
- }) : undefined;
- const AlgorithmIdentifier = nodeCrypto ? asn1.define('AlgorithmIdentifier', function () {
- this.seq().obj(this.key('algorithm').objid(), this.key('parameters').optional().any());
- }) : undefined;
- const SubjectPublicKeyInfo = nodeCrypto ? asn1.define('SubjectPublicKeyInfo', function () {
- this.seq().obj(this.key('algorithm').use(AlgorithmIdentifier), this.key('subjectPublicKey').bitstr());
- }) : undefined;
- },{"../../../enums":113,"../../../util":158,"./curves":100,"./indutnyKey":105,"asn1.js":"asn1.js","bn.js":16}],103:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _ = require('hash.js/lib/hash/sha/512');
- var _2 = _interopRequireDefault(_);
- var _naclFastLight = require('tweetnacl/nacl-fast-light.js');
- var _naclFastLight2 = _interopRequireDefault(_naclFastLight);
- var _util = require('../../../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- _naclFastLight2.default.hash = bytes => new Uint8Array((0, _2.default)().update(bytes).digest());
- /**
- * Sign a message using the provided key
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.hash} hash_algo Hash algorithm used to sign
- * @param {Uint8Array} message Message to sign
- * @param {Uint8Array} publicKey Public key
- * @param {Uint8Array} privateKey Private key used to sign the message
- * @param {Uint8Array} hashed The hashed message
- * @returns {{R: Uint8Array,
- * S: Uint8Array}} Signature of the message
- * @async
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2018 Proton Technologies AG
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Implementation of EdDSA following RFC4880bis-03 for OpenPGP
- * @requires hash.js
- * @requires tweetnacl
- * @requires crypto/public_key/elliptic/curve
- * @requires util
- * @module crypto/public_key/elliptic/eddsa
- */
- async function sign(oid, hash_algo, message, publicKey, privateKey, hashed) {
- const secretKey = _util2.default.concatUint8Array([privateKey, publicKey.subarray(1)]);
- const signature = _naclFastLight2.default.sign.detached(hashed, secretKey);
- // EdDSA signature params are returned in little-endian format
- return {
- R: signature.subarray(0, 32),
- S: signature.subarray(32)
- };
- }
- /**
- * Verifies if a signature is valid for a message
- * @param {module:type/oid} oid Elliptic curve object identifier
- * @param {module:enums.hash} hash_algo Hash algorithm used in the signature
- * @param {{R: Uint8Array,
- S: Uint8Array}} signature Signature to verify the message
- * @param {Uint8Array} m Message to verify
- * @param {Uint8Array} publicKey Public key used to verify the message
- * @param {Uint8Array} hashed The hashed message
- * @returns {Boolean}
- * @async
- */
- async function verify(oid, hash_algo, { R, S }, m, publicKey, hashed) {
- const signature = _util2.default.concatUint8Array([R, S]);
- return _naclFastLight2.default.sign.detached.verify(hashed, signature, publicKey.subarray(1));
- }
- exports.default = { sign, verify };
- },{"../../../util":158,"hash.js/lib/hash/sha/512":43,"tweetnacl/nacl-fast-light.js":72}],104:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _curves = require('./curves');
- var _curves2 = _interopRequireDefault(_curves);
- var _ecdsa = require('./ecdsa');
- var _ecdsa2 = _interopRequireDefault(_ecdsa);
- var _eddsa = require('./eddsa');
- var _eddsa2 = _interopRequireDefault(_eddsa);
- var _ecdh = require('./ecdh');
- var _ecdh2 = _interopRequireDefault(_ecdh);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Functions to access Elliptic Curve Cryptography
- * @see module:crypto/public_key/elliptic/curve
- * @see module:crypto/public_key/elliptic/ecdh
- * @see module:crypto/public_key/elliptic/ecdsa
- * @see module:crypto/public_key/elliptic/eddsa
- * @module crypto/public_key/elliptic
- */
- exports.default = {
- Curve: _curves2.default, ecdh: _ecdh2.default, ecdsa: _ecdsa2.default, eddsa: _eddsa2.default, generate: _curves.generate, getPreferredHashAlgo: _curves.getPreferredHashAlgo
- };
- },{"./curves":100,"./ecdh":101,"./ecdsa":102,"./eddsa":103}],105:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.keyFromPrivate = keyFromPrivate;
- exports.keyFromPublic = keyFromPublic;
- exports.getIndutnyCurve = getIndutnyCurve;
- var _lightweight_helper = require('../../../lightweight_helper');
- var _config = require('../../../config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('../../../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- function keyFromPrivate(indutnyCurve, priv) {
- const keyPair = indutnyCurve.keyPair({ priv: priv });
- return keyPair;
- } // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Wrapper for a KeyPair of an curve from indutny/elliptic library
- * @requires enums
- * @requires asn1.js
- * @module crypto/public_key/elliptic/indutnyKey
- */
- function keyFromPublic(indutnyCurve, pub) {
- const keyPair = indutnyCurve.keyPair({ pub: pub });
- if (keyPair.validate().result !== true) {
- throw new Error('Invalid elliptic public key');
- }
- return keyPair;
- }
- /**
- * Load elliptic on demand to the window.openpgp.elliptic
- * @returns {Promise<elliptic>}
- */
- async function loadEllipticPromise() {
- const path = _config2.default.indutny_elliptic_path;
- const options = _config2.default.indutny_elliptic_fetch_options;
- const ellipticDlPromise = (0, _lightweight_helper.dl)(path, options).catch(() => (0, _lightweight_helper.dl)(path, options));
- const ellipticContents = await ellipticDlPromise;
- const mainUrl = URL.createObjectURL(new Blob([ellipticContents], { type: 'text/javascript' }));
- await (0, _lightweight_helper.loadScript)(mainUrl);
- URL.revokeObjectURL(mainUrl);
- if (!window.openpgp.elliptic) {
- throw new Error('Elliptic library failed to load correctly');
- }
- return window.openpgp.elliptic;
- }
- let ellipticPromise;
- function loadElliptic() {
- if (!_config2.default.external_indutny_elliptic) {
- return require('elliptic');
- }
- if (_util2.default.detectNode()) {
- // eslint-disable-next-line
- return require(_config2.default.indutny_elliptic_path);
- }
- if (!ellipticPromise) {
- ellipticPromise = loadEllipticPromise().catch(e => {
- ellipticPromise = undefined;
- throw e;
- });
- }
- return ellipticPromise;
- }
- async function getIndutnyCurve(name) {
- if (!_config2.default.use_indutny_elliptic) {
- throw new Error('This curve is only supported in the full build of OpenPGP.js');
- }
- const elliptic = await loadElliptic();
- return new elliptic.ec(name);
- }
- },{"../../../config":79,"../../../lightweight_helper":125,"../../../util":158,"elliptic":18}],106:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _naclFastLight = require('tweetnacl/nacl-fast-light.js');
- var _naclFastLight2 = _interopRequireDefault(_naclFastLight);
- var _rsa = require('./rsa');
- var _rsa2 = _interopRequireDefault(_rsa);
- var _elgamal = require('./elgamal');
- var _elgamal2 = _interopRequireDefault(_elgamal);
- var _elliptic = require('./elliptic');
- var _elliptic2 = _interopRequireDefault(_elliptic);
- var _dsa = require('./dsa');
- var _dsa2 = _interopRequireDefault(_dsa);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = {
- /** @see module:crypto/public_key/rsa */
- rsa: _rsa2.default,
- /** @see module:crypto/public_key/elgamal */
- elgamal: _elgamal2.default,
- /** @see module:crypto/public_key/elliptic */
- elliptic: _elliptic2.default,
- /** @see module:crypto/public_key/dsa */
- dsa: _dsa2.default,
- /** @see tweetnacl */
- nacl: _naclFastLight2.default
- }; /**
- * @fileoverview Asymmetric cryptography functions
- * @requires tweetnacl
- * @requires crypto/public_key/dsa
- * @requires crypto/public_key/elgamal
- * @requires crypto/public_key/elliptic
- * @requires crypto/public_key/rsa
- * @module crypto/public_key
- */
- },{"./dsa":98,"./elgamal":99,"./elliptic":104,"./rsa":108,"tweetnacl/nacl-fast-light.js":72}],107:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _random = require('../random');
- var _random2 = _interopRequireDefault(_random);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2018 Proton Technologies AG
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Algorithms for probabilistic random prime generation
- * @requires bn.js
- * @requires crypto/random
- * @module crypto/public_key/prime
- */
- exports.default = {
- randomProbablePrime, isProbablePrime, fermat, millerRabin, divisionTest
- };
- /**
- * Probabilistic random number generator
- * @param {Integer} bits Bit length of the prime
- * @param {BN} e Optional RSA exponent to check against the prime
- * @param {Integer} k Optional number of iterations of Miller-Rabin test
- * @returns BN
- * @async
- */
- async function randomProbablePrime(bits, e, k) {
- const min = new _bn2.default(1).shln(bits - 1);
- const thirty = new _bn2.default(30);
- /*
- * We can avoid any multiples of 3 and 5 by looking at n mod 30
- * n mod 30 = 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
- * the next possible prime is mod 30:
- * 1 7 7 7 7 7 7 11 11 11 11 13 13 17 17 17 17 19 19 23 23 23 23 29 29 29 29 29 29 1
- */
- const adds = [1, 6, 5, 4, 3, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 6, 5, 4, 3, 2, 1, 2];
- let n = await _random2.default.getRandomBN(min, min.shln(1));
- let i = n.mod(thirty).toNumber();
- do {
- n.iaddn(adds[i]);
- i = (i + adds[i]) % adds.length;
- // If reached the maximum, go back to the minimum.
- if (n.bitLength() > bits) {
- n = n.mod(min.shln(1)).iadd(min);
- i = n.mod(thirty).toNumber();
- }
- } while (!(await isProbablePrime(n, e, k)));
- return n;
- }
- /**
- * Probabilistic primality testing
- * @param {BN} n Number to test
- * @param {BN} e Optional RSA exponent to check against the prime
- * @param {Integer} k Optional number of iterations of Miller-Rabin test
- * @returns {boolean}
- * @async
- */
- async function isProbablePrime(n, e, k) {
- if (e && !n.subn(1).gcd(e).eqn(1)) {
- return false;
- }
- if (!divisionTest(n)) {
- return false;
- }
- if (!fermat(n)) {
- return false;
- }
- if (!(await millerRabin(n, k))) {
- return false;
- }
- // TODO implement the Lucas test
- // See Section C.3.3 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- return true;
- }
- /**
- * Tests whether n is probably prime or not using Fermat's test with b = 2.
- * Fails if b^(n-1) mod n === 1.
- * @param {BN} n Number to test
- * @param {Integer} b Optional Fermat test base
- * @returns {boolean}
- */
- function fermat(n, b) {
- b = b || new _bn2.default(2);
- return b.toRed(_bn2.default.mont(n)).redPow(n.subn(1)).fromRed().cmpn(1) === 0;
- }
- function divisionTest(n) {
- return small_primes.every(m => {
- return n.modn(m) !== 0;
- });
- }
- // https://github.com/gpg/libgcrypt/blob/master/cipher/primegen.c
- const small_primes = [7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997, 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967, 4969, 4973, 4987, 4993, 4999];
- // Miller-Rabin - Miller Rabin algorithm for primality test
- // Copyright Fedor Indutny, 2014.
- //
- // This software is licensed under the MIT License.
- //
- // Permission is hereby granted, free of charge, to any person obtaining a
- // copy of this software and associated documentation files (the
- // "Software"), to deal in the Software without restriction, including
- // without limitation the rights to use, copy, modify, merge, publish,
- // distribute, sublicense, and/or sell copies of the Software, and to permit
- // persons to whom the Software is furnished to do so, subject to the
- // following conditions:
- //
- // The above copyright notice and this permission notice shall be included
- // in all copies or substantial portions of the Software.
- //
- // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
- // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
- // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
- // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
- // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
- // USE OR OTHER DEALINGS IN THE SOFTWARE.
- // Adapted on Jan 2018 from version 4.0.1 at https://github.com/indutny/miller-rabin
- // Sample syntax for Fixed-Base Miller-Rabin:
- // millerRabin(n, k, () => new BN(small_primes[Math.random() * small_primes.length | 0]))
- /**
- * Tests whether n is probably prime or not using the Miller-Rabin test.
- * See HAC Remark 4.28.
- * @param {BN} n Number to test
- * @param {Integer} k Optional number of iterations of Miller-Rabin test
- * @param {Function} rand Optional function to generate potential witnesses
- * @returns {boolean}
- * @async
- */
- async function millerRabin(n, k, rand) {
- const len = n.bitLength();
- const red = _bn2.default.mont(n);
- const rone = new _bn2.default(1).toRed(red);
- if (!k) {
- k = Math.max(1, len / 48 | 0);
- }
- const n1 = n.subn(1);
- const rn1 = n1.toRed(red);
- // Find d and s, (n - 1) = (2 ^ s) * d;
- let s = 0;
- while (!n1.testn(s)) {
- s++;
- }
- const d = n.shrn(s);
- for (; k > 0; k--) {
- const a = rand ? rand() : await _random2.default.getRandomBN(new _bn2.default(2), n1);
- let x = a.toRed(red).redPow(d);
- if (x.eq(rone) || x.eq(rn1)) {
- continue;
- }
- let i;
- for (i = 1; i < s; i++) {
- x = x.redSqr();
- if (x.eq(rone)) {
- return false;
- }
- if (x.eq(rn1)) {
- break;
- }
- }
- if (i === s) {
- return false;
- }
- }
- return true;
- }
- },{"../random":109,"bn.js":16}],108:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _prime = require('./prime');
- var _prime2 = _interopRequireDefault(_prime);
- var _random = require('../random');
- var _random2 = _interopRequireDefault(_random);
- var _config = require('../../config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('../../util');
- var _util2 = _interopRequireDefault(_util);
- var _pkcs = require('../pkcs1');
- var _pkcs2 = _interopRequireDefault(_pkcs);
- var _enums = require('../../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _mpi = require('../../type/mpi');
- var _mpi2 = _interopRequireDefault(_mpi);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview RSA implementation
- * @requires bn.js
- * @requires crypto/public_key/prime
- * @requires crypto/random
- * @requires config
- * @requires util
- * @module crypto/public_key/rsa
- */
- const webCrypto = _util2.default.getWebCrypto();
- const nodeCrypto = _util2.default.getNodeCrypto();
- const asn1 = nodeCrypto ? require('asn1.js') : undefined;
- // Helper for IE11 KeyOperation objects
- function promisifyIE11Op(keyObj, err) {
- if (typeof keyObj.then !== 'function') {
- // IE11 KeyOperation
- return new Promise(function (resolve, reject) {
- keyObj.onerror = function () {
- reject(new Error(err));
- };
- keyObj.oncomplete = function (e) {
- resolve(e.target.result);
- };
- });
- }
- return keyObj;
- }
- /* eslint-disable no-invalid-this */
- const RSAPrivateKey = _util2.default.detectNode() ? asn1.define('RSAPrivateKey', function () {
- this.seq().obj( // used for native NodeJS crypto
- this.key('version').int(), // 0
- this.key('modulus').int(), // n
- this.key('publicExponent').int(), // e
- this.key('privateExponent').int(), // d
- this.key('prime1').int(), // p
- this.key('prime2').int(), // q
- this.key('exponent1').int(), // dp
- this.key('exponent2').int(), // dq
- this.key('coefficient').int() // u
- );
- }) : undefined;
- const RSAPublicKey = _util2.default.detectNode() ? asn1.define('RSAPubliceKey', function () {
- this.seq().obj( // used for native NodeJS crypto
- this.key('modulus').int(), // n
- this.key('publicExponent').int() // e
- );
- }) : undefined;
- /* eslint-enable no-invalid-this */
- exports.default = {
- /** Create signature
- * @param {module:enums.hash} hash_algo Hash algorithm
- * @param {Uint8Array} data message
- * @param {Uint8Array} n RSA public modulus
- * @param {Uint8Array} e RSA public exponent
- * @param {Uint8Array} d RSA private exponent
- * @param {Uint8Array} p RSA private prime p
- * @param {Uint8Array} q RSA private prime q
- * @param {Uint8Array} u RSA private coefficient
- * @param {Uint8Array} hashed hashed message
- * @returns {Uint8Array} RSA Signature
- * @async
- */
- sign: async function sign(hash_algo, data, n, e, d, p, q, u, hashed) {
- if (data && !_util2.default.isStream(data)) {
- if (_util2.default.getWebCrypto()) {
- try {
- return await this.webSign(_enums2.default.read(_enums2.default.webHash, hash_algo), data, n, e, d, p, q, u);
- } catch (err) {
- _util2.default.print_debug_error(err);
- }
- } else if (_util2.default.getNodeCrypto()) {
- return this.nodeSign(hash_algo, data, n, e, d, p, q, u);
- }
- }
- return this.bnSign(hash_algo, n, d, hashed);
- },
- /**
- * Verify signature
- * @param {module:enums.hash} hash_algo Hash algorithm
- * @param {Uint8Array} data message
- * @param {Uint8Array} s signature
- * @param {Uint8Array} n RSA public modulus
- * @param {Uint8Array} e RSA public exponent
- * @param {Uint8Array} hashed hashed message
- * @returns {Boolean}
- * @async
- */
- verify: async function verify(hash_algo, data, s, n, e, hashed) {
- if (data && !_util2.default.isStream(data)) {
- if (_util2.default.getWebCrypto()) {
- try {
- return await this.webVerify(_enums2.default.read(_enums2.default.webHash, hash_algo), data, s, n, e);
- } catch (err) {
- _util2.default.print_debug_error(err);
- }
- } else if (_util2.default.getNodeCrypto()) {
- return this.nodeVerify(hash_algo, data, s, n, e);
- }
- }
- return this.bnVerify(hash_algo, s, n, e, hashed);
- },
- /**
- * Encrypt message
- * @param {Uint8Array} data message
- * @param {Uint8Array} n RSA public modulus
- * @param {Uint8Array} e RSA public exponent
- * @returns {Uint8Array} RSA Ciphertext
- * @async
- */
- encrypt: async function encrypt(data, n, e) {
- if (_util2.default.getNodeCrypto()) {
- return this.nodeEncrypt(data, n, e);
- }
- return this.bnEncrypt(data, n, e);
- },
- /**
- * Decrypt RSA message
- * @param {Uint8Array} m message
- * @param {Uint8Array} n RSA public modulus
- * @param {Uint8Array} e RSA public exponent
- * @param {Uint8Array} d RSA private exponent
- * @param {Uint8Array} p RSA private prime p
- * @param {Uint8Array} q RSA private prime q
- * @param {Uint8Array} u RSA private coefficient
- * @returns {String} RSA Plaintext
- * @async
- */
- decrypt: async function decrypt(data, n, e, d, p, q, u) {
- if (_util2.default.getNodeCrypto()) {
- return this.nodeDecrypt(data, n, e, d, p, q, u);
- }
- return this.bnDecrypt(data, n, e, d, p, q, u);
- },
- /**
- * Generate a new random private key B bits long with public exponent E.
- *
- * When possible, webCrypto or nodeCrypto is used. Otherwise, primes are generated using
- * 40 rounds of the Miller-Rabin probabilistic random prime generation algorithm.
- * @see module:crypto/public_key/prime
- * @param {Integer} B RSA bit length
- * @param {String} E RSA public exponent in hex string
- * @returns {{n: BN, e: BN, d: BN,
- * p: BN, q: BN, u: BN}} RSA public modulus, RSA public exponent, RSA private exponent,
- * RSA private prime p, RSA private prime q, u = q ** -1 mod p
- * @async
- */
- generate: async function generate(B, E) {
- let key;
- E = new _bn2.default(E, 16);
- // Native RSA keygen using Web Crypto
- if (_util2.default.getWebCrypto()) {
- let keyPair;
- let keyGenOpt;
- if (window.crypto && window.crypto.subtle || window.msCrypto) {
- // current standard spec
- keyGenOpt = {
- name: 'RSASSA-PKCS1-v1_5',
- modulusLength: B, // the specified keysize in bits
- publicExponent: E.toArrayLike(Uint8Array), // take three bytes (max 65537) for exponent
- hash: {
- name: 'SHA-1' // not required for actual RSA keys, but for crypto api 'sign' and 'verify'
- }
- };
- keyPair = webCrypto.generateKey(keyGenOpt, true, ['sign', 'verify']);
- keyPair = await promisifyIE11Op(keyPair, 'Error generating RSA key pair.');
- } else if (window.crypto && window.crypto.webkitSubtle) {
- // outdated spec implemented by old Webkit
- keyGenOpt = {
- name: 'RSA-OAEP',
- modulusLength: B, // the specified keysize in bits
- publicExponent: E.toArrayLike(Uint8Array), // take three bytes (max 65537) for exponent
- hash: {
- name: 'SHA-1' // not required for actual RSA keys, but for crypto api 'sign' and 'verify'
- }
- };
- keyPair = await webCrypto.generateKey(keyGenOpt, true, ['encrypt', 'decrypt']);
- } else {
- throw new Error('Unknown WebCrypto implementation');
- }
- // export the generated keys as JsonWebKey (JWK)
- // https://tools.ietf.org/html/draft-ietf-jose-json-web-key-33
- let jwk = webCrypto.exportKey('jwk', keyPair.privateKey);
- jwk = await promisifyIE11Op(jwk, 'Error exporting RSA key pair.');
- // parse raw ArrayBuffer bytes to jwk/json (WebKit/Safari/IE11 quirk)
- if (jwk instanceof ArrayBuffer) {
- jwk = JSON.parse(String.fromCharCode.apply(null, new Uint8Array(jwk)));
- }
- // map JWK parameters to BN
- key = {};
- key.n = new _bn2.default(_util2.default.b64_to_Uint8Array(jwk.n));
- key.e = E;
- key.d = new _bn2.default(_util2.default.b64_to_Uint8Array(jwk.d));
- // switch p and q
- key.p = new _bn2.default(_util2.default.b64_to_Uint8Array(jwk.q));
- key.q = new _bn2.default(_util2.default.b64_to_Uint8Array(jwk.p));
- // Since p and q are switched in places, we could keep u
- key.u = new _bn2.default(_util2.default.b64_to_Uint8Array(jwk.qi));
- return key;
- } else if (_util2.default.getNodeCrypto() && nodeCrypto.generateKeyPair && RSAPrivateKey) {
- const opts = {
- modulusLength: Number(B.toString(10)),
- publicExponent: Number(E.toString(10)),
- publicKeyEncoding: { type: 'pkcs1', format: 'der' },
- privateKeyEncoding: { type: 'pkcs1', format: 'der' }
- };
- const prv = await new Promise((resolve, reject) => nodeCrypto.generateKeyPair('rsa', opts, (err, _, der) => {
- if (err) {
- reject(err);
- } else {
- resolve(RSAPrivateKey.decode(der, 'der'));
- }
- }));
- /** PGP spec differs from DER spec, DER: `(inverse of q) mod p`, PGP: `(inverse of p) mod q`.
- * @link https://tools.ietf.org/html/rfc3447#section-3.2
- * @link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-08#section-5.6.1
- */
- return {
- n: prv.modulus,
- e: prv.publicExponent,
- d: prv.privateExponent,
- // switch p and q
- p: prv.prime2,
- q: prv.prime1,
- // Since p and q are switched in places, we could keep u
- u: prv.coefficient // PGP type of u
- };
- }
- // RSA keygen fallback using 40 iterations of the Miller-Rabin test
- // See https://stackoverflow.com/a/6330138 for justification
- // Also see section C.3 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST
- let q = await _prime2.default.randomProbablePrime(B - (B >> 1), E, 40);
- let p = await _prime2.default.randomProbablePrime(B >> 1, E, 40);
- if (q.cmp(p) < 0) {
- var _ref = [q, p];
- p = _ref[0];
- q = _ref[1];
- }
- const phi = p.subn(1).mul(q.subn(1));
- return {
- n: p.mul(q),
- e: E,
- d: E.invm(phi),
- p: p,
- q: q,
- // dp: d.mod(p.subn(1)),
- // dq: d.mod(q.subn(1)),
- u: p.invm(q)
- };
- },
- bnSign: async function bnSign(hash_algo, n, d, hashed) {
- n = new _bn2.default(n);
- const m = new _bn2.default((await _pkcs2.default.emsa.encode(hash_algo, hashed, n.byteLength())), 16);
- d = new _bn2.default(d);
- if (n.cmp(m) <= 0) {
- throw new Error('Message size cannot exceed modulus size');
- }
- const nred = new _bn2.default.red(n);
- return m.toRed(nred).redPow(d).toArrayLike(Uint8Array, 'be', n.byteLength());
- },
- webSign: async function webSign(hash_name, data, n, e, d, p, q, u) {
- /** OpenPGP keys require that p < q, and Safari Web Crypto requires that p > q.
- * We swap them in privateToJwk, so it usually works out, but nevertheless,
- * not all OpenPGP keys are compatible with this requirement.
- * OpenPGP.js used to generate RSA keys the wrong way around (p > q), and still
- * does if the underlying Web Crypto does so (e.g. old MS Edge 50% of the time).
- */
- const jwk = privateToJwk(n, e, d, p, q, u);
- const algo = {
- name: "RSASSA-PKCS1-v1_5",
- hash: { name: hash_name }
- };
- const key = await webCrypto.importKey("jwk", jwk, algo, false, ["sign"]);
- // add hash field for ms edge support
- return new Uint8Array((await webCrypto.sign({ "name": "RSASSA-PKCS1-v1_5", "hash": hash_name }, key, data)));
- },
- nodeSign: async function nodeSign(hash_algo, data, n, e, d, p, q, u) {
- const pBNum = new _bn2.default(p);
- const qBNum = new _bn2.default(q);
- const dBNum = new _bn2.default(d);
- const dq = dBNum.mod(qBNum.subn(1)); // d mod (q-1)
- const dp = dBNum.mod(pBNum.subn(1)); // d mod (p-1)
- const sign = nodeCrypto.createSign(_enums2.default.read(_enums2.default.hash, hash_algo));
- sign.write(data);
- sign.end();
- const keyObject = {
- version: 0,
- modulus: new _bn2.default(n),
- publicExponent: new _bn2.default(e),
- privateExponent: new _bn2.default(d),
- // switch p and q
- prime1: new _bn2.default(q),
- prime2: new _bn2.default(p),
- // switch dp and dq
- exponent1: dq,
- exponent2: dp,
- coefficient: new _bn2.default(u)
- };
- if (typeof nodeCrypto.createPrivateKey !== 'undefined') {
- //from version 11.6.0 Node supports der encoded key objects
- const der = RSAPrivateKey.encode(keyObject, 'der');
- return new Uint8Array(sign.sign({ key: der, format: 'der', type: 'pkcs1' }));
- }
- const pem = RSAPrivateKey.encode(keyObject, 'pem', {
- label: 'RSA PRIVATE KEY'
- });
- return new Uint8Array(sign.sign(pem));
- },
- bnVerify: async function bnVerify(hash_algo, s, n, e, hashed) {
- n = new _bn2.default(n);
- s = new _bn2.default(s);
- e = new _bn2.default(e);
- if (n.cmp(s) <= 0) {
- throw new Error('Signature size cannot exceed modulus size');
- }
- const nred = new _bn2.default.red(n);
- const EM1 = s.toRed(nred).redPow(e).toArrayLike(Uint8Array, 'be', n.byteLength());
- const EM2 = await _pkcs2.default.emsa.encode(hash_algo, hashed, n.byteLength());
- return _util2.default.Uint8Array_to_hex(EM1) === EM2;
- },
- webVerify: async function webVerify(hash_name, data, s, n, e) {
- const jwk = publicToJwk(n, e);
- const key = await webCrypto.importKey("jwk", jwk, {
- name: "RSASSA-PKCS1-v1_5",
- hash: { name: hash_name }
- }, false, ["verify"]);
- // add hash field for ms edge support
- return webCrypto.verify({ "name": "RSASSA-PKCS1-v1_5", "hash": hash_name }, key, s, data);
- },
- nodeVerify: async function nodeVerify(hash_algo, data, s, n, e) {
- const verify = nodeCrypto.createVerify(_enums2.default.read(_enums2.default.hash, hash_algo));
- verify.write(data);
- verify.end();
- const keyObject = {
- modulus: new _bn2.default(n),
- publicExponent: new _bn2.default(e)
- };
- let key;
- if (typeof nodeCrypto.createPrivateKey !== 'undefined') {
- //from version 11.6.0 Node supports der encoded key objects
- const der = RSAPublicKey.encode(keyObject, 'der');
- key = { key: der, format: 'der', type: 'pkcs1' };
- } else {
- key = RSAPublicKey.encode(keyObject, 'pem', {
- label: 'RSA PUBLIC KEY'
- });
- }
- try {
- return await verify.verify(key, s);
- } catch (err) {
- return false;
- }
- },
- nodeEncrypt: async function nodeEncrypt(data, n, e) {
- const keyObject = {
- modulus: new _bn2.default(n),
- publicExponent: new _bn2.default(e)
- };
- let key;
- if (typeof nodeCrypto.createPrivateKey !== 'undefined') {
- const der = RSAPublicKey.encode(keyObject, 'der');
- key = { key: der, format: 'der', type: 'pkcs1', padding: nodeCrypto.constants.RSA_PKCS1_PADDING };
- } else {
- const pem = RSAPublicKey.encode(keyObject, 'pem', {
- label: 'RSA PUBLIC KEY'
- });
- key = { key: pem, padding: nodeCrypto.constants.RSA_PKCS1_PADDING };
- }
- return new Uint8Array(nodeCrypto.publicEncrypt(key, data));
- },
- bnEncrypt: async function bnEncrypt(data, n, e) {
- n = new _bn2.default(n);
- data = new _mpi2.default((await _pkcs2.default.eme.encode(_util2.default.Uint8Array_to_str(data), n.byteLength())));
- data = data.toBN();
- e = new _bn2.default(e);
- if (n.cmp(data) <= 0) {
- throw new Error('Message size cannot exceed modulus size');
- }
- const nred = new _bn2.default.red(n);
- return data.toRed(nred).redPow(e).toArrayLike(Uint8Array, 'be', n.byteLength());
- },
- nodeDecrypt: function nodeDecrypt(data, n, e, d, p, q, u) {
- const pBNum = new _bn2.default(p);
- const qBNum = new _bn2.default(q);
- const dBNum = new _bn2.default(d);
- const dq = dBNum.mod(qBNum.subn(1)); // d mod (q-1)
- const dp = dBNum.mod(pBNum.subn(1)); // d mod (p-1)
- const keyObject = {
- version: 0,
- modulus: new _bn2.default(n),
- publicExponent: new _bn2.default(e),
- privateExponent: new _bn2.default(d),
- // switch p and q
- prime1: new _bn2.default(q),
- prime2: new _bn2.default(p),
- // switch dp and dq
- exponent1: dq,
- exponent2: dp,
- coefficient: new _bn2.default(u)
- };
- let key;
- if (typeof nodeCrypto.createPrivateKey !== 'undefined') {
- const der = RSAPrivateKey.encode(keyObject, 'der');
- key = { key: der, format: 'der', type: 'pkcs1', padding: nodeCrypto.constants.RSA_PKCS1_PADDING };
- } else {
- const pem = RSAPrivateKey.encode(keyObject, 'pem', {
- label: 'RSA PRIVATE KEY'
- });
- key = { key: pem, padding: nodeCrypto.constants.RSA_PKCS1_PADDING };
- }
- return _util2.default.Uint8Array_to_str(nodeCrypto.privateDecrypt(key, data));
- },
- bnDecrypt: async function bnDecrypt(data, n, e, d, p, q, u) {
- data = new _bn2.default(data);
- n = new _bn2.default(n);
- e = new _bn2.default(e);
- d = new _bn2.default(d);
- p = new _bn2.default(p);
- q = new _bn2.default(q);
- u = new _bn2.default(u);
- if (n.cmp(data) <= 0) {
- throw new Error('Data too large.');
- }
- const dq = d.mod(q.subn(1)); // d mod (q-1)
- const dp = d.mod(p.subn(1)); // d mod (p-1)
- const pred = new _bn2.default.red(p);
- const qred = new _bn2.default.red(q);
- const nred = new _bn2.default.red(n);
- let blinder;
- let unblinder;
- if (_config2.default.rsa_blinding) {
- unblinder = (await _random2.default.getRandomBN(new _bn2.default(2), n)).toRed(nred);
- blinder = unblinder.redInvm().redPow(e);
- data = data.toRed(nred).redMul(blinder).fromRed();
- }
- const mp = data.toRed(pred).redPow(dp);
- const mq = data.toRed(qred).redPow(dq);
- const t = mq.redSub(mp.fromRed().toRed(qred));
- const h = u.toRed(qred).redMul(t).fromRed();
- let result = h.mul(p).add(mp).toRed(nred);
- if (_config2.default.rsa_blinding) {
- result = result.redMul(unblinder);
- }
- return _pkcs2.default.eme.decode(new _mpi2.default(result).toString());
- },
- prime: _prime2.default
- };
- /** Convert Openpgp private key params to jwk key according to
- * @link https://tools.ietf.org/html/rfc7517
- * @param {String} hash_algo
- * @param {Uint8Array} n
- * @param {Uint8Array} e
- * @param {Uint8Array} d
- * @param {Uint8Array} p
- * @param {Uint8Array} q
- * @param {Uint8Array} u
- */
- function privateToJwk(n, e, d, p, q, u) {
- const pBNum = new _bn2.default(p);
- const qBNum = new _bn2.default(q);
- const dBNum = new _bn2.default(d);
- let dq = dBNum.mod(qBNum.subn(1)); // d mod (q-1)
- let dp = dBNum.mod(pBNum.subn(1)); // d mod (p-1)
- dp = dp.toArrayLike(Uint8Array);
- dq = dq.toArrayLike(Uint8Array);
- return {
- kty: 'RSA',
- n: _util2.default.Uint8Array_to_b64(n, true),
- e: _util2.default.Uint8Array_to_b64(e, true),
- d: _util2.default.Uint8Array_to_b64(d, true),
- // switch p and q
- p: _util2.default.Uint8Array_to_b64(q, true),
- q: _util2.default.Uint8Array_to_b64(p, true),
- // switch dp and dq
- dp: _util2.default.Uint8Array_to_b64(dq, true),
- dq: _util2.default.Uint8Array_to_b64(dp, true),
- qi: _util2.default.Uint8Array_to_b64(u, true),
- ext: true
- };
- }
- /** Convert Openpgp key public params to jwk key according to
- * @link https://tools.ietf.org/html/rfc7517
- * @param {String} hash_algo
- * @param {Uint8Array} n
- * @param {Uint8Array} e
- */
- function publicToJwk(n, e) {
- return {
- kty: 'RSA',
- n: _util2.default.Uint8Array_to_b64(n, true),
- e: _util2.default.Uint8Array_to_b64(e, true),
- ext: true
- };
- }
- },{"../../config":79,"../../enums":113,"../../type/mpi":155,"../../util":158,"../pkcs1":96,"../random":109,"./prime":107,"asn1.js":"asn1.js","bn.js":16}],109:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- // Do not use util.getNodeCrypto because we need this regardless of use_native setting
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- // The GPG4Browsers crypto interface
- /**
- * @fileoverview Provides tools for retrieving secure randomness from browsers or Node.js
- * @requires bn.js
- * @requires util
- * @module crypto/random
- */
- const nodeCrypto = _util2.default.detectNode() && require('crypto');
- exports.default = {
- /**
- * Retrieve secure random byte array of the specified length
- * @param {Integer} length Length in bytes to generate
- * @returns {Uint8Array} Random byte array
- * @async
- */
- getRandomBytes: async function getRandomBytes(length) {
- const buf = new Uint8Array(length);
- if (typeof crypto !== 'undefined' && crypto.getRandomValues) {
- crypto.getRandomValues(buf);
- } else if (typeof window !== 'undefined' && typeof window.msCrypto === 'object' && typeof window.msCrypto.getRandomValues === 'function') {
- window.msCrypto.getRandomValues(buf);
- } else if (nodeCrypto) {
- const bytes = nodeCrypto.randomBytes(buf.length);
- buf.set(bytes);
- } else if (this.randomBuffer.buffer) {
- await this.randomBuffer.get(buf);
- } else {
- throw new Error('No secure random number generator available.');
- }
- return buf;
- },
- /**
- * Create a secure random MPI that is greater than or equal to min and less than max.
- * @param {module:type/mpi} min Lower bound, included
- * @param {module:type/mpi} max Upper bound, excluded
- * @returns {module:BN} Random MPI
- * @async
- */
- getRandomBN: async function getRandomBN(min, max) {
- if (max.cmp(min) <= 0) {
- throw new Error('Illegal parameter value: max <= min');
- }
- const modulus = max.sub(min);
- const bytes = modulus.byteLength();
- // Using a while loop is necessary to avoid bias introduced by the mod operation.
- // However, we request 64 extra random bits so that the bias is negligible.
- // Section B.1.1 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- const r = new _bn2.default((await this.getRandomBytes(bytes + 8)));
- return r.mod(modulus).add(min);
- },
- randomBuffer: new RandomBuffer()
- };
- /**
- * Buffer for secure random numbers
- */
- function RandomBuffer() {
- this.buffer = null;
- this.size = null;
- this.callback = null;
- }
- /**
- * Initialize buffer
- * @param {Integer} size size of buffer
- */
- RandomBuffer.prototype.init = function (size, callback) {
- this.buffer = new Uint8Array(size);
- this.size = 0;
- this.callback = callback;
- };
- /**
- * Concat array of secure random numbers to buffer
- * @param {Uint8Array} buf
- */
- RandomBuffer.prototype.set = function (buf) {
- if (!this.buffer) {
- throw new Error('RandomBuffer is not initialized');
- }
- if (!(buf instanceof Uint8Array)) {
- throw new Error('Invalid type: buf not an Uint8Array');
- }
- const freeSpace = this.buffer.length - this.size;
- if (buf.length > freeSpace) {
- buf = buf.subarray(0, freeSpace);
- }
- // set buf with offset old size of buffer
- this.buffer.set(buf, this.size);
- this.size += buf.length;
- };
- /**
- * Take numbers out of buffer and copy to array
- * @param {Uint8Array} buf the destination array
- */
- RandomBuffer.prototype.get = async function (buf) {
- if (!this.buffer) {
- throw new Error('RandomBuffer is not initialized');
- }
- if (!(buf instanceof Uint8Array)) {
- throw new Error('Invalid type: buf not an Uint8Array');
- }
- if (this.size < buf.length) {
- if (!this.callback) {
- throw new Error('Random number buffer depleted');
- }
- // Wait for random bytes from main context, then try again
- await this.callback();
- return this.get(buf);
- }
- for (let i = 0; i < buf.length; i++) {
- buf[i] = this.buffer[--this.size];
- // clear buffer value
- this.buffer[this.size] = 0;
- }
- };
- },{"../util":158,"bn.js":16,"crypto":"crypto"}],110:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _crypto = require('./crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _public_key = require('./public_key');
- var _public_key2 = _interopRequireDefault(_public_key);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @fileoverview Provides functions for asymmetric signing and signature verification
- * @requires crypto/crypto
- * @requires crypto/public_key
- * @requires enums
- * @requires util
- * @module crypto/signature
- */
- exports.default = {
- /**
- * Verifies the signature provided for data using specified algorithms and public key parameters.
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1}
- * and {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4}
- * for public key and hash algorithms.
- * @param {module:enums.publicKey} algo Public key algorithm
- * @param {module:enums.hash} hash_algo Hash algorithm
- * @param {Array<module:type/mpi>} msg_MPIs Algorithm-specific signature parameters
- * @param {Array<module:type/mpi>} pub_MPIs Algorithm-specific public key parameters
- * @param {Uint8Array} data Data for which the signature was created
- * @param {Uint8Array} hashed The hashed data
- * @returns {Boolean} True if signature is valid
- * @async
- */
- verify: async function verify(algo, hash_algo, msg_MPIs, pub_MPIs, data, hashed) {
- const types = _crypto2.default.getPubKeyParamTypes(algo);
- if (pub_MPIs.length < types.length) {
- throw new Error('Missing public key parameters');
- }
- switch (algo) {
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_sign:
- {
- const n = pub_MPIs[0].toUint8Array();
- const e = pub_MPIs[1].toUint8Array();
- const m = msg_MPIs[0].toUint8Array('be', n.length);
- return _public_key2.default.rsa.verify(hash_algo, data, m, n, e, hashed);
- }
- case _enums2.default.publicKey.dsa:
- {
- const r = msg_MPIs[0].toBN();
- const s = msg_MPIs[1].toBN();
- const p = pub_MPIs[0].toBN();
- const q = pub_MPIs[1].toBN();
- const g = pub_MPIs[2].toBN();
- const y = pub_MPIs[3].toBN();
- return _public_key2.default.dsa.verify(hash_algo, r, s, hashed, g, p, q, y);
- }
- case _enums2.default.publicKey.ecdsa:
- {
- const oid = pub_MPIs[0];
- const signature = { r: msg_MPIs[0].toUint8Array(), s: msg_MPIs[1].toUint8Array() };
- const Q = pub_MPIs[1].toUint8Array();
- return _public_key2.default.elliptic.ecdsa.verify(oid, hash_algo, signature, data, Q, hashed);
- }
- case _enums2.default.publicKey.eddsa:
- {
- const oid = pub_MPIs[0];
- // EdDSA signature params are expected in little-endian format
- const signature = {
- R: msg_MPIs[0].toUint8Array('le', 32),
- S: msg_MPIs[1].toUint8Array('le', 32)
- };
- const Q = pub_MPIs[1].toUint8Array('be', 33);
- return _public_key2.default.elliptic.eddsa.verify(oid, hash_algo, signature, data, Q, hashed);
- }
- default:
- throw new Error('Invalid signature algorithm.');
- }
- },
- /**
- * Creates a signature on data using specified algorithms and private key parameters.
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC 4880 9.1}
- * and {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC 4880 9.4}
- * for public key and hash algorithms.
- * @param {module:enums.publicKey} algo Public key algorithm
- * @param {module:enums.hash} hash_algo Hash algorithm
- * @param {Array<module:type/mpi>} key_params Algorithm-specific public and private key parameters
- * @param {Uint8Array} data Data to be signed
- * @param {Uint8Array} hashed The hashed data
- * @returns {Uint8Array} Signature
- * @async
- */
- sign: async function sign(algo, hash_algo, key_params, data, hashed) {
- const types = [].concat(_crypto2.default.getPubKeyParamTypes(algo), _crypto2.default.getPrivKeyParamTypes(algo));
- if (key_params.length < types.length) {
- throw new Error('Missing private key parameters');
- }
- switch (algo) {
- case _enums2.default.publicKey.rsa_encrypt_sign:
- case _enums2.default.publicKey.rsa_encrypt:
- case _enums2.default.publicKey.rsa_sign:
- {
- const n = key_params[0].toUint8Array();
- const e = key_params[1].toUint8Array();
- const d = key_params[2].toUint8Array();
- const p = key_params[3].toUint8Array();
- const q = key_params[4].toUint8Array();
- const u = key_params[5].toUint8Array();
- const signature = await _public_key2.default.rsa.sign(hash_algo, data, n, e, d, p, q, u, hashed);
- return _util2.default.Uint8Array_to_MPI(signature);
- }
- case _enums2.default.publicKey.dsa:
- {
- const p = key_params[0].toBN();
- const q = key_params[1].toBN();
- const g = key_params[2].toBN();
- const x = key_params[4].toBN();
- const signature = await _public_key2.default.dsa.sign(hash_algo, hashed, g, p, q, x);
- return _util2.default.concatUint8Array([_util2.default.Uint8Array_to_MPI(signature.r), _util2.default.Uint8Array_to_MPI(signature.s)]);
- }
- case _enums2.default.publicKey.elgamal:
- {
- throw new Error('Signing with Elgamal is not defined in the OpenPGP standard.');
- }
- case _enums2.default.publicKey.ecdsa:
- {
- const oid = key_params[0];
- const Q = key_params[1].toUint8Array();
- const d = key_params[2].toUint8Array();
- const signature = await _public_key2.default.elliptic.ecdsa.sign(oid, hash_algo, data, Q, d, hashed);
- return _util2.default.concatUint8Array([_util2.default.Uint8Array_to_MPI(signature.r), _util2.default.Uint8Array_to_MPI(signature.s)]);
- }
- case _enums2.default.publicKey.eddsa:
- {
- const oid = key_params[0];
- const Q = key_params[1].toUint8Array('be', 33);
- const d = key_params[2].toUint8Array('be', 32);
- const signature = await _public_key2.default.elliptic.eddsa.sign(oid, hash_algo, data, Q, d, hashed);
- return _util2.default.concatUint8Array([_util2.default.Uint8Array_to_MPI(signature.R), _util2.default.Uint8Array_to_MPI(signature.S)]);
- }
- default:
- throw new Error('Invalid signature algorithm.');
- }
- }
- };
- },{"../enums":113,"../util":158,"./crypto":89,"./public_key":106}],111:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _base = require('./base64.js');
- var _base2 = _interopRequireDefault(_base);
- var _enums = require('../enums.js');
- var _enums2 = _interopRequireDefault(_enums);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Finds out which Ascii Armoring type is used. Throws error if unknown type.
- * @private
- * @param {String} text [String] ascii armored text
- * @returns {Integer} 0 = MESSAGE PART n of m
- * 1 = MESSAGE PART n
- * 2 = SIGNED MESSAGE
- * 3 = PGP MESSAGE
- * 4 = PUBLIC KEY BLOCK
- * 5 = PRIVATE KEY BLOCK
- * 6 = SIGNATURE
- */
- function getType(text) {
- const reHeader = /^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m;
- const header = text.match(reHeader);
- if (!header) {
- throw new Error('Unknown ASCII armor type');
- }
- // BEGIN PGP MESSAGE, PART X/Y
- // Used for multi-part messages, where the armor is split amongst Y
- // parts, and this is the Xth part out of Y.
- if (/MESSAGE, PART \d+\/\d+/.test(header[1])) {
- return _enums2.default.armor.multipart_section;
- } else
- // BEGIN PGP MESSAGE, PART X
- // Used for multi-part messages, where this is the Xth part of an
- // unspecified number of parts. Requires the MESSAGE-ID Armor
- // Header to be used.
- if (/MESSAGE, PART \d+/.test(header[1])) {
- return _enums2.default.armor.multipart_last;
- } else
- // BEGIN PGP SIGNED MESSAGE
- if (/SIGNED MESSAGE/.test(header[1])) {
- return _enums2.default.armor.signed;
- } else
- // BEGIN PGP MESSAGE
- // Used for signed, encrypted, or compressed files.
- if (/MESSAGE/.test(header[1])) {
- return _enums2.default.armor.message;
- } else
- // BEGIN PGP PUBLIC KEY BLOCK
- // Used for armoring public keys.
- if (/PUBLIC KEY BLOCK/.test(header[1])) {
- return _enums2.default.armor.public_key;
- } else
- // BEGIN PGP PRIVATE KEY BLOCK
- // Used for armoring private keys.
- if (/PRIVATE KEY BLOCK/.test(header[1])) {
- return _enums2.default.armor.private_key;
- } else
- // BEGIN PGP SIGNATURE
- // Used for detached signatures, OpenPGP/MIME signatures, and
- // cleartext signatures. Note that PGP 2.x uses BEGIN PGP MESSAGE
- // for detached signatures.
- if (/SIGNATURE/.test(header[1])) {
- return _enums2.default.armor.signature;
- }
- }
- /**
- * Add additional information to the armor version of an OpenPGP binary
- * packet block.
- * @author Alex
- * @version 2011-12-16
- * @param {String} customComment (optional) additional comment to add to the armored string
- * @returns {String} The header information
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires encoding/base64
- * @requires enums
- * @requires config
- * @requires util
- * @module encoding/armor
- */
- function addheader(customComment) {
- let result = "";
- if (_config2.default.show_version) {
- result += "Version: " + _config2.default.versionstring + '\r\n';
- }
- if (_config2.default.show_comment) {
- result += "Comment: " + _config2.default.commentstring + '\r\n';
- }
- if (customComment) {
- result += "Comment: " + customComment + '\r\n';
- }
- result += '\r\n';
- return result;
- }
- /**
- * Calculates a checksum over the given data and returns it base64 encoded
- * @param {String | ReadableStream<String>} data Data to create a CRC-24 checksum for
- * @returns {String | ReadableStream<String>} Base64 encoded checksum
- */
- function getCheckSum(data) {
- const crc = createcrc24(data);
- return _base2.default.encode(crc);
- }
- const crc_table = [0x00000000, 0x00864cfb, 0x018ad50d, 0x010c99f6, 0x0393e6e1, 0x0315aa1a, 0x021933ec, 0x029f7f17, 0x07a18139, 0x0727cdc2, 0x062b5434, 0x06ad18cf, 0x043267d8, 0x04b42b23, 0x05b8b2d5, 0x053efe2e, 0x0fc54e89, 0x0f430272, 0x0e4f9b84, 0x0ec9d77f, 0x0c56a868, 0x0cd0e493, 0x0ddc7d65, 0x0d5a319e, 0x0864cfb0, 0x08e2834b, 0x09ee1abd, 0x09685646, 0x0bf72951, 0x0b7165aa, 0x0a7dfc5c, 0x0afbb0a7, 0x1f0cd1e9, 0x1f8a9d12, 0x1e8604e4, 0x1e00481f, 0x1c9f3708, 0x1c197bf3, 0x1d15e205, 0x1d93aefe, 0x18ad50d0, 0x182b1c2b, 0x192785dd, 0x19a1c926, 0x1b3eb631, 0x1bb8faca, 0x1ab4633c, 0x1a322fc7, 0x10c99f60, 0x104fd39b, 0x11434a6d, 0x11c50696, 0x135a7981, 0x13dc357a, 0x12d0ac8c, 0x1256e077, 0x17681e59, 0x17ee52a2, 0x16e2cb54, 0x166487af, 0x14fbf8b8, 0x147db443, 0x15712db5, 0x15f7614e, 0x3e19a3d2, 0x3e9fef29, 0x3f9376df, 0x3f153a24, 0x3d8a4533, 0x3d0c09c8, 0x3c00903e, 0x3c86dcc5, 0x39b822eb, 0x393e6e10, 0x3832f7e6, 0x38b4bb1d, 0x3a2bc40a, 0x3aad88f1, 0x3ba11107, 0x3b275dfc, 0x31dced5b, 0x315aa1a0, 0x30563856, 0x30d074ad, 0x324f0bba, 0x32c94741, 0x33c5deb7, 0x3343924c, 0x367d6c62, 0x36fb2099, 0x37f7b96f, 0x3771f594, 0x35ee8a83, 0x3568c678, 0x34645f8e, 0x34e21375, 0x2115723b, 0x21933ec0, 0x209fa736, 0x2019ebcd, 0x228694da, 0x2200d821, 0x230c41d7, 0x238a0d2c, 0x26b4f302, 0x2632bff9, 0x273e260f, 0x27b86af4, 0x252715e3, 0x25a15918, 0x24adc0ee, 0x242b8c15, 0x2ed03cb2, 0x2e567049, 0x2f5ae9bf, 0x2fdca544, 0x2d43da53, 0x2dc596a8, 0x2cc90f5e, 0x2c4f43a5, 0x2971bd8b, 0x29f7f170, 0x28fb6886, 0x287d247d, 0x2ae25b6a, 0x2a641791, 0x2b688e67, 0x2beec29c, 0x7c3347a4, 0x7cb50b5f, 0x7db992a9, 0x7d3fde52, 0x7fa0a145, 0x7f26edbe, 0x7e2a7448, 0x7eac38b3, 0x7b92c69d, 0x7b148a66, 0x7a181390, 0x7a9e5f6b, 0x7801207c, 0x78876c87, 0x798bf571, 0x790db98a, 0x73f6092d, 0x737045d6, 0x727cdc20, 0x72fa90db, 0x7065efcc, 0x70e3a337, 0x71ef3ac1, 0x7169763a, 0x74578814, 0x74d1c4ef, 0x75dd5d19, 0x755b11e2, 0x77c46ef5, 0x7742220e, 0x764ebbf8, 0x76c8f703, 0x633f964d, 0x63b9dab6, 0x62b54340, 0x62330fbb, 0x60ac70ac, 0x602a3c57, 0x6126a5a1, 0x61a0e95a, 0x649e1774, 0x64185b8f, 0x6514c279, 0x65928e82, 0x670df195, 0x678bbd6e, 0x66872498, 0x66016863, 0x6cfad8c4, 0x6c7c943f, 0x6d700dc9, 0x6df64132, 0x6f693e25, 0x6fef72de, 0x6ee3eb28, 0x6e65a7d3, 0x6b5b59fd, 0x6bdd1506, 0x6ad18cf0, 0x6a57c00b, 0x68c8bf1c, 0x684ef3e7, 0x69426a11, 0x69c426ea, 0x422ae476, 0x42aca88d, 0x43a0317b, 0x43267d80, 0x41b90297, 0x413f4e6c, 0x4033d79a, 0x40b59b61, 0x458b654f, 0x450d29b4, 0x4401b042, 0x4487fcb9, 0x461883ae, 0x469ecf55, 0x479256a3, 0x47141a58, 0x4defaaff, 0x4d69e604, 0x4c657ff2, 0x4ce33309, 0x4e7c4c1e, 0x4efa00e5, 0x4ff69913, 0x4f70d5e8, 0x4a4e2bc6, 0x4ac8673d, 0x4bc4fecb, 0x4b42b230, 0x49ddcd27, 0x495b81dc, 0x4857182a, 0x48d154d1, 0x5d26359f, 0x5da07964, 0x5cace092, 0x5c2aac69, 0x5eb5d37e, 0x5e339f85, 0x5f3f0673, 0x5fb94a88, 0x5a87b4a6, 0x5a01f85d, 0x5b0d61ab, 0x5b8b2d50, 0x59145247, 0x59921ebc, 0x589e874a, 0x5818cbb1, 0x52e37b16, 0x526537ed, 0x5369ae1b, 0x53efe2e0, 0x51709df7, 0x51f6d10c, 0x50fa48fa, 0x507c0401, 0x5542fa2f, 0x55c4b6d4, 0x54c82f22, 0x544e63d9, 0x56d11cce, 0x56575035, 0x575bc9c3, 0x57dd8538];
- /**
- * Internal function to calculate a CRC-24 checksum over a given string (data)
- * @param {String | ReadableStream<String>} data Data to create a CRC-24 checksum for
- * @returns {Uint8Array | ReadableStream<Uint8Array>} The CRC-24 checksum
- */
- function createcrc24(input) {
- let crc = 0xB704CE;
- return _webStreamTools2.default.transform(input, value => {
- for (let index = 0; index < value.length; index++) {
- crc = crc << 8 ^ crc_table[(crc >> 16 ^ value[index]) & 0xff];
- }
- }, () => new Uint8Array([crc >> 16, crc >> 8, crc]));
- }
- /**
- * Verify armored headers. RFC4880, section 6.3: "OpenPGP should consider improperly formatted
- * Armor Headers to be corruption of the ASCII Armor."
- * @private
- * @param {Array<String>} headers Armor headers
- */
- function verifyHeaders(headers) {
- for (let i = 0; i < headers.length; i++) {
- if (!/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(headers[i])) {
- throw new Error('Improperly formatted armor header: ' + headers[i]);
- }
- if (!/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(headers[i])) {
- _util2.default.print_debug_error(new Error('Unknown header: ' + headers[i]));
- }
- }
- }
- /**
- * Splits a message into two parts, the body and the checksum. This is an internal function
- * @param {String} text OpenPGP armored message part
- * @returns {Object} An object with attribute "body" containing the body
- * and an attribute "checksum" containing the checksum.
- */
- function splitChecksum(text) {
- let body = text;
- let checksum = "";
- const lastEquals = text.lastIndexOf("=");
- if (lastEquals >= 0 && lastEquals !== text.length - 1) {
- // '=' as the last char means no checksum
- body = text.slice(0, lastEquals);
- checksum = text.slice(lastEquals + 1).substr(0, 4);
- }
- return { body: body, checksum: checksum };
- }
- /**
- * DeArmor an OpenPGP armored message; verify the checksum and return
- * the encoded bytes
- * @param {String} text OpenPGP armored message
- * @returns {Promise<Object>} An object with attribute "text" containing the message text,
- * an attribute "data" containing a stream of bytes and "type" for the ASCII armor type
- * @async
- * @static
- */
- function dearmor(input) {
- return new Promise(async (resolve, reject) => {
- try {
- const reSplit = /^-----[^-]+-----$/m;
- const reEmptyLine = /^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;
- let type;
- const headers = [];
- let lastHeaders = headers;
- let headersDone;
- let text = [];
- let textDone;
- let checksum;
- let data = _base2.default.decode(_webStreamTools2.default.transformPair(input, async (readable, writable) => {
- const reader = _webStreamTools2.default.getReader(readable);
- try {
- while (true) {
- let line = await reader.readLine();
- if (line === undefined) {
- throw new Error('Misformed armored text');
- }
- // remove trailing whitespace at end of lines
- line = _util2.default.removeTrailingSpaces(line.replace(/[\r\n]/g, ''));
- if (!type) {
- if (reSplit.test(line)) {
- type = getType(line);
- }
- } else if (!headersDone) {
- if (reSplit.test(line)) {
- reject(new Error('Mandatory blank line missing between armor headers and armor data'));
- }
- if (!reEmptyLine.test(line)) {
- lastHeaders.push(line);
- } else {
- verifyHeaders(lastHeaders);
- headersDone = true;
- if (textDone || type !== 2) {
- resolve({ text, data, headers, type });
- break;
- }
- }
- } else if (!textDone && type === 2) {
- if (!reSplit.test(line)) {
- // Reverse dash-escaping for msg
- text.push(line.replace(/^- /, ''));
- } else {
- text = text.join('\r\n');
- textDone = true;
- verifyHeaders(lastHeaders);
- lastHeaders = [];
- headersDone = false;
- }
- }
- }
- } catch (e) {
- reject(e);
- return;
- }
- const writer = _webStreamTools2.default.getWriter(writable);
- try {
- while (true) {
- await writer.ready;
- var _ref = await reader.read();
- const done = _ref.done,
- value = _ref.value;
- if (done) {
- throw new Error('Misformed armored text');
- }
- const line = value + '';
- if (line.indexOf('=') === -1 && line.indexOf('-') === -1) {
- await writer.write(line);
- } else {
- let remainder = await reader.readToEnd();
- if (!remainder.length) remainder = '';
- remainder = line + remainder;
- remainder = _util2.default.removeTrailingSpaces(remainder.replace(/\r/g, ''));
- const parts = remainder.split(reSplit);
- if (parts.length === 1) {
- throw new Error('Misformed armored text');
- }
- const split = splitChecksum(parts[0].slice(0, -1));
- checksum = split.checksum;
- await writer.write(split.body);
- break;
- }
- }
- await writer.ready;
- await writer.close();
- } catch (e) {
- await writer.abort(e);
- }
- }));
- data = _webStreamTools2.default.transformPair(data, async (readable, writable) => {
- const checksumVerified = getCheckSum(_webStreamTools2.default.passiveClone(readable));
- await _webStreamTools2.default.pipe(readable, writable, {
- preventClose: true
- });
- const writer = _webStreamTools2.default.getWriter(writable);
- try {
- const checksumVerifiedString = await _webStreamTools2.default.readToEnd(checksumVerified);
- if (checksum !== checksumVerifiedString && (checksum || _config2.default.checksum_required)) {
- throw new Error("Ascii armor integrity check on message failed: '" + checksum + "' should be '" + checksumVerifiedString + "'");
- }
- await writer.ready;
- await writer.close();
- } catch (e) {
- await writer.abort(e);
- }
- });
- } catch (e) {
- reject(e);
- }
- });
- }
- /**
- * Armor an OpenPGP binary packet block
- * @param {Integer} messagetype type of the message
- * @param body
- * @param {Integer} partindex
- * @param {Integer} parttotal
- * @param {String} customComment (optional) additional comment to add to the armored string
- * @returns {String | ReadableStream<String>} Armored text
- * @static
- */
- function armor(messagetype, body, partindex, parttotal, customComment) {
- let text;
- let hash;
- if (messagetype === _enums2.default.armor.signed) {
- text = body.text;
- hash = body.hash;
- body = body.data;
- }
- const bodyClone = _webStreamTools2.default.passiveClone(body);
- const result = [];
- switch (messagetype) {
- case _enums2.default.armor.multipart_section:
- result.push("-----BEGIN PGP MESSAGE, PART " + partindex + "/" + parttotal + "-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP MESSAGE, PART " + partindex + "/" + parttotal + "-----\r\n");
- break;
- case _enums2.default.armor.multipart_last:
- result.push("-----BEGIN PGP MESSAGE, PART " + partindex + "-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP MESSAGE, PART " + partindex + "-----\r\n");
- break;
- case _enums2.default.armor.signed:
- result.push("\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\n");
- result.push("Hash: " + hash + "\r\n\r\n");
- result.push(text.replace(/^-/mg, "- -"));
- result.push("\r\n-----BEGIN PGP SIGNATURE-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP SIGNATURE-----\r\n");
- break;
- case _enums2.default.armor.message:
- result.push("-----BEGIN PGP MESSAGE-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP MESSAGE-----\r\n");
- break;
- case _enums2.default.armor.public_key:
- result.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP PUBLIC KEY BLOCK-----\r\n");
- break;
- case _enums2.default.armor.private_key:
- result.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP PRIVATE KEY BLOCK-----\r\n");
- break;
- case _enums2.default.armor.signature:
- result.push("-----BEGIN PGP SIGNATURE-----\r\n");
- result.push(addheader(customComment));
- result.push(_base2.default.encode(body));
- result.push("\r\n=", getCheckSum(bodyClone), "\r\n");
- result.push("-----END PGP SIGNATURE-----\r\n");
- break;
- }
- return _util2.default.concat(result);
- }
- exports.default = {
- encode: armor,
- decode: dearmor
- };
- },{"../config":79,"../enums.js":113,"../util":158,"./base64.js":112,"web-stream-tools":75}],112:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const b64s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; // Standard radix-64
- /* OpenPGP radix-64/base64 string encoding/decoding
- * Copyright 2005 Herbert Hanewinkel, www.haneWIN.de
- * version 1.0, check www.haneWIN.de for the latest version
- *
- * This software is provided as-is, without express or implied warranty.
- * Permission to use, copy, modify, distribute or sell this software, with or
- * without fee, for any purpose and by any individual or organization, is hereby
- * granted, provided that the above copyright notice and this paragraph appear
- * in all copies. Distribution as a part of an application or binary must
- * include the above copyright notice in the documentation and/or other materials
- * provided with the application or distribution.
- */
- /**
- * @requires web-stream-tools
- * @module encoding/base64
- */
- const b64u = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_'; // URL-safe radix-64
- const b64toByte = [];
- for (let i = 0; i < b64s.length; i++) {
- b64toByte[b64s.charCodeAt(i)] = i;
- }
- b64toByte[b64u.charCodeAt(62)] = 62;
- b64toByte[b64u.charCodeAt(63)] = 63;
- /**
- * Convert binary array to radix-64
- * @param {Uint8Array | ReadableStream<Uint8Array>} t Uint8Array to convert
- * @param {bool} u if true, output is URL-safe
- * @returns {String | ReadableStream<String>} radix-64 version of input string
- * @static
- */
- function s2r(t, u = false) {
- // TODO check btoa alternative
- const b64 = u ? b64u : b64s;
- let a;
- let c;
- let l = 0;
- let s = 0;
- return _webStreamTools2.default.transform(t, value => {
- const r = [];
- const tl = value.length;
- for (let n = 0; n < tl; n++) {
- if (l && l % 60 === 0 && !u) {
- r.push("\r\n");
- }
- c = value[n];
- if (s === 0) {
- r.push(b64.charAt(c >> 2 & 63));
- a = (c & 3) << 4;
- } else if (s === 1) {
- r.push(b64.charAt(a | c >> 4 & 15));
- a = (c & 15) << 2;
- } else if (s === 2) {
- r.push(b64.charAt(a | c >> 6 & 3));
- l += 1;
- if (l % 60 === 0 && !u) {
- r.push("\r\n");
- }
- r.push(b64.charAt(c & 63));
- }
- l += 1;
- s += 1;
- if (s === 3) {
- s = 0;
- }
- }
- return r.join('');
- }, () => {
- const r = [];
- if (s > 0) {
- r.push(b64.charAt(a));
- l += 1;
- if (l % 60 === 0 && !u) {
- r.push("\r\n");
- }
- if (!u) {
- r.push('=');
- l += 1;
- }
- }
- if (s === 1 && !u) {
- if (l % 60 === 0 && !u) {
- r.push("\r\n");
- }
- r.push('=');
- }
- return r.join('');
- });
- }
- /**
- * Convert radix-64 to binary array
- * @param {String | ReadableStream<String>} t radix-64 string to convert
- * @returns {Uint8Array | ReadableStream<Uint8Array>} binary array version of input string
- * @static
- */
- function r2s(t) {
- // TODO check atob alternative
- let c;
- let s = 0;
- let a = 0;
- return _webStreamTools2.default.transform(t, value => {
- const tl = value.length;
- const r = new Uint8Array(Math.ceil(0.75 * tl));
- let index = 0;
- for (let n = 0; n < tl; n++) {
- c = b64toByte[value.charCodeAt(n)];
- if (c >= 0) {
- if (s) {
- r[index++] = a | c >> 6 - s & 255;
- }
- s = s + 2 & 7;
- a = c << s & 255;
- }
- }
- return r.subarray(0, index);
- });
- }
- exports.default = {
- encode: s2r,
- decode: r2s
- };
- },{"web-stream-tools":75}],113:[function(require,module,exports){
- "use strict";
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- /**
- * @module enums
- */
- const byValue = Symbol('byValue');
- exports.default = {
- /** Maps curve names under various standards to one
- * @see {@link https://wiki.gnupg.org/ECC|ECC - GnuPG wiki}
- * @enum {String}
- * @readonly
- */
- curve: {
- /** NIST P-256 Curve */
- "p256": "p256",
- "P-256": "p256",
- "secp256r1": "p256",
- "prime256v1": "p256",
- "1.2.840.10045.3.1.7": "p256",
- "2a8648ce3d030107": "p256",
- "2A8648CE3D030107": "p256",
- /** NIST P-384 Curve */
- "p384": "p384",
- "P-384": "p384",
- "secp384r1": "p384",
- "1.3.132.0.34": "p384",
- "2b81040022": "p384",
- "2B81040022": "p384",
- /** NIST P-521 Curve */
- "p521": "p521",
- "P-521": "p521",
- "secp521r1": "p521",
- "1.3.132.0.35": "p521",
- "2b81040023": "p521",
- "2B81040023": "p521",
- /** SECG SECP256k1 Curve */
- "secp256k1": "secp256k1",
- "1.3.132.0.10": "secp256k1",
- "2b8104000a": "secp256k1",
- "2B8104000A": "secp256k1",
- /** Ed25519 */
- "ED25519": "ed25519",
- "ed25519": "ed25519",
- "Ed25519": "ed25519",
- "1.3.6.1.4.1.11591.15.1": "ed25519",
- "2b06010401da470f01": "ed25519",
- "2B06010401DA470F01": "ed25519",
- /** Curve25519 */
- "X25519": "curve25519",
- "cv25519": "curve25519",
- "curve25519": "curve25519",
- "Curve25519": "curve25519",
- "1.3.6.1.4.1.3029.1.5.1": "curve25519",
- "2b060104019755010501": "curve25519",
- "2B060104019755010501": "curve25519",
- /** BrainpoolP256r1 Curve */
- "brainpoolP256r1": "brainpoolP256r1",
- "1.3.36.3.3.2.8.1.1.7": "brainpoolP256r1",
- "2b2403030208010107": "brainpoolP256r1",
- "2B2403030208010107": "brainpoolP256r1",
- /** BrainpoolP384r1 Curve */
- "brainpoolP384r1": "brainpoolP384r1",
- "1.3.36.3.3.2.8.1.1.11": "brainpoolP384r1",
- "2b240303020801010b": "brainpoolP384r1",
- "2B240303020801010B": "brainpoolP384r1",
- /** BrainpoolP512r1 Curve */
- "brainpoolP512r1": "brainpoolP512r1",
- "1.3.36.3.3.2.8.1.1.13": "brainpoolP512r1",
- "2b240303020801010d": "brainpoolP512r1",
- "2B240303020801010D": "brainpoolP512r1"
- },
- /** A string to key specifier type
- * @enum {Integer}
- * @readonly
- */
- s2k: {
- simple: 0,
- salted: 1,
- iterated: 3,
- gnu: 101
- },
- /** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.1|RFC4880bis-04, section 9.1}
- * @enum {Integer}
- * @readonly
- */
- publicKey: {
- /** RSA (Encrypt or Sign) [HAC] */
- rsa_encrypt_sign: 1,
- /** RSA (Encrypt only) [HAC] */
- rsa_encrypt: 2,
- /** RSA (Sign only) [HAC] */
- rsa_sign: 3,
- /** Elgamal (Encrypt only) [ELGAMAL] [HAC] */
- elgamal: 16,
- /** DSA (Sign only) [FIPS186] [HAC] */
- dsa: 17,
- /** ECDH (Encrypt only) [RFC6637] */
- ecdh: 18,
- /** ECDSA (Sign only) [RFC6637] */
- ecdsa: 19,
- /** EdDSA (Sign only)
- * [{@link https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-04|Draft RFC}] */
- eddsa: 22,
- /** Reserved for AEDH */
- aedh: 23,
- /** Reserved for AEDSA */
- aedsa: 24
- },
- /** {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC4880, section 9.2}
- * @enum {Integer}
- * @readonly
- */
- symmetric: {
- plaintext: 0,
- /** Not implemented! */
- idea: 1,
- '3des': 2,
- tripledes: 2,
- cast5: 3,
- blowfish: 4,
- aes128: 7,
- aes192: 8,
- aes256: 9,
- twofish: 10
- },
- /** {@link https://tools.ietf.org/html/rfc4880#section-9.3|RFC4880, section 9.3}
- * @enum {Integer}
- * @readonly
- */
- compression: {
- uncompressed: 0,
- /** RFC1951 */
- zip: 1,
- /** RFC1950 */
- zlib: 2,
- bzip2: 3
- },
- /** {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC4880, section 9.4}
- * @enum {Integer}
- * @readonly
- */
- hash: {
- md5: 1,
- sha1: 2,
- ripemd: 3,
- sha256: 8,
- sha384: 9,
- sha512: 10,
- sha224: 11
- },
- /** A list of hash names as accepted by webCrypto functions.
- * {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest|Parameters, algo}
- * @enum {String}
- */
- webHash: {
- 'SHA-1': 2,
- 'SHA-256': 8,
- 'SHA-384': 9,
- 'SHA-512': 10
- },
- /** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-9.6|RFC4880bis-04, section 9.6}
- * @enum {Integer}
- * @readonly
- */
- aead: {
- eax: 1,
- ocb: 2,
- experimental_gcm: 100 // Private algorithm
- },
- /** A list of packet types and numeric tags associated with them.
- * @enum {Integer}
- * @readonly
- */
- packet: {
- publicKeyEncryptedSessionKey: 1,
- signature: 2,
- symEncryptedSessionKey: 3,
- onePassSignature: 4,
- secretKey: 5,
- publicKey: 6,
- secretSubkey: 7,
- compressed: 8,
- symmetricallyEncrypted: 9,
- marker: 10,
- literal: 11,
- trust: 12,
- userid: 13,
- publicSubkey: 14,
- userAttribute: 17,
- symEncryptedIntegrityProtected: 18,
- modificationDetectionCode: 19,
- symEncryptedAEADProtected: 20 // see IETF draft: https://tools.ietf.org/html/draft-ford-openpgp-format-00#section-2.1
- },
- /** Data types in the literal packet
- * @enum {Integer}
- * @readonly
- */
- literal: {
- /** Binary data 'b' */
- binary: 'b'.charCodeAt(),
- /** Text data 't' */
- text: 't'.charCodeAt(),
- /** Utf8 data 'u' */
- utf8: 'u'.charCodeAt(),
- /** MIME message body part 'm' */
- mime: 'm'.charCodeAt()
- },
- /** One pass signature packet type
- * @enum {Integer}
- * @readonly
- */
- signature: {
- /** 0x00: Signature of a binary document. */
- binary: 0,
- /** 0x01: Signature of a canonical text document.
- *
- * Canonicalyzing the document by converting line endings. */
- text: 1,
- /** 0x02: Standalone signature.
- *
- * This signature is a signature of only its own subpacket contents.
- * It is calculated identically to a signature over a zero-lengh
- * binary document. Note that it doesn't make sense to have a V3
- * standalone signature. */
- standalone: 2,
- /** 0x10: Generic certification of a User ID and Public-Key packet.
- *
- * The issuer of this certification does not make any particular
- * assertion as to how well the certifier has checked that the owner
- * of the key is in fact the person described by the User ID. */
- cert_generic: 16,
- /** 0x11: Persona certification of a User ID and Public-Key packet.
- *
- * The issuer of this certification has not done any verification of
- * the claim that the owner of this key is the User ID specified. */
- cert_persona: 17,
- /** 0x12: Casual certification of a User ID and Public-Key packet.
- *
- * The issuer of this certification has done some casual
- * verification of the claim of identity. */
- cert_casual: 18,
- /** 0x13: Positive certification of a User ID and Public-Key packet.
- *
- * The issuer of this certification has done substantial
- * verification of the claim of identity.
- *
- * Most OpenPGP implementations make their "key signatures" as 0x10
- * certifications. Some implementations can issue 0x11-0x13
- * certifications, but few differentiate between the types. */
- cert_positive: 19,
- /** 0x30: Certification revocation signature
- *
- * This signature revokes an earlier User ID certification signature
- * (signature class 0x10 through 0x13) or direct-key signature
- * (0x1F). It should be issued by the same key that issued the
- * revoked signature or an authorized revocation key. The signature
- * is computed over the same data as the certificate that it
- * revokes, and should have a later creation date than that
- * certificate. */
- cert_revocation: 48,
- /** 0x18: Subkey Binding Signature
- *
- * This signature is a statement by the top-level signing key that
- * indicates that it owns the subkey. This signature is calculated
- * directly on the primary key and subkey, and not on any User ID or
- * other packets. A signature that binds a signing subkey MUST have
- * an Embedded Signature subpacket in this binding signature that
- * contains a 0x19 signature made by the signing subkey on the
- * primary key and subkey. */
- subkey_binding: 24,
- /** 0x19: Primary Key Binding Signature
- *
- * This signature is a statement by a signing subkey, indicating
- * that it is owned by the primary key and subkey. This signature
- * is calculated the same way as a 0x18 signature: directly on the
- * primary key and subkey, and not on any User ID or other packets.
- *
- * When a signature is made over a key, the hash data starts with the
- * octet 0x99, followed by a two-octet length of the key, and then body
- * of the key packet. (Note that this is an old-style packet header for
- * a key packet with two-octet length.) A subkey binding signature
- * (type 0x18) or primary key binding signature (type 0x19) then hashes
- * the subkey using the same format as the main key (also using 0x99 as
- * the first octet). */
- key_binding: 25,
- /** 0x1F: Signature directly on a key
- *
- * This signature is calculated directly on a key. It binds the
- * information in the Signature subpackets to the key, and is
- * appropriate to be used for subpackets that provide information
- * about the key, such as the Revocation Key subpacket. It is also
- * appropriate for statements that non-self certifiers want to make
- * about the key itself, rather than the binding between a key and a
- * name. */
- key: 31,
- /** 0x20: Key revocation signature
- *
- * The signature is calculated directly on the key being revoked. A
- * revoked key is not to be used. Only revocation signatures by the
- * key being revoked, or by an authorized revocation key, should be
- * considered valid revocation signatures.a */
- key_revocation: 32,
- /** 0x28: Subkey revocation signature
- *
- * The signature is calculated directly on the subkey being revoked.
- * A revoked subkey is not to be used. Only revocation signatures
- * by the top-level signature key that is bound to this subkey, or
- * by an authorized revocation key, should be considered valid
- * revocation signatures.
- *
- * Key revocation signatures (types 0x20 and 0x28)
- * hash only the key being revoked. */
- subkey_revocation: 40,
- /** 0x40: Timestamp signature.
- * This signature is only meaningful for the timestamp contained in
- * it. */
- timestamp: 64,
- /** 0x50: Third-Party Confirmation signature.
- *
- * This signature is a signature over some other OpenPGP Signature
- * packet(s). It is analogous to a notary seal on the signed data.
- * A third-party signature SHOULD include Signature Target
- * subpacket(s) to give easy identification. Note that we really do
- * mean SHOULD. There are plausible uses for this (such as a blind
- * party that only sees the signature, not the key or source
- * document) that cannot include a target subpacket. */
- third_party: 80
- },
- /** Signature subpacket type
- * @enum {Integer}
- * @readonly
- */
- signatureSubpacket: {
- signature_creation_time: 2,
- signature_expiration_time: 3,
- exportable_certification: 4,
- trust_signature: 5,
- regular_expression: 6,
- revocable: 7,
- key_expiration_time: 9,
- placeholder_backwards_compatibility: 10,
- preferred_symmetric_algorithms: 11,
- revocation_key: 12,
- issuer: 16,
- notation_data: 20,
- preferred_hash_algorithms: 21,
- preferred_compression_algorithms: 22,
- key_server_preferences: 23,
- preferred_key_server: 24,
- primary_user_id: 25,
- policy_uri: 26,
- key_flags: 27,
- signers_user_id: 28,
- reason_for_revocation: 29,
- features: 30,
- signature_target: 31,
- embedded_signature: 32,
- issuer_fingerprint: 33,
- preferred_aead_algorithms: 34
- },
- /** Key flags
- * @enum {Integer}
- * @readonly
- */
- keyFlags: {
- /** 0x01 - This key may be used to certify other keys. */
- certify_keys: 1,
- /** 0x02 - This key may be used to sign data. */
- sign_data: 2,
- /** 0x04 - This key may be used to encrypt communications. */
- encrypt_communication: 4,
- /** 0x08 - This key may be used to encrypt storage. */
- encrypt_storage: 8,
- /** 0x10 - The private component of this key may have been split
- * by a secret-sharing mechanism. */
- split_private_key: 16,
- /** 0x20 - This key may be used for authentication. */
- authentication: 32,
- /** 0x80 - The private component of this key may be in the
- * possession of more than one person. */
- shared_private_key: 128
- },
- /** Key status
- * @enum {Integer}
- * @readonly
- */
- keyStatus: {
- invalid: 0,
- expired: 1,
- revoked: 2,
- valid: 3,
- no_self_cert: 4
- },
- /** Armor type
- * @enum {Integer}
- * @readonly
- */
- armor: {
- multipart_section: 0,
- multipart_last: 1,
- signed: 2,
- message: 3,
- public_key: 4,
- private_key: 5,
- signature: 6
- },
- /** {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.23|RFC4880, section 5.2.3.23}
- * @enum {Integer}
- * @readonly
- */
- reasonForRevocation: {
- /** No reason specified (key revocations or cert revocations) */
- no_reason: 0,
- /** Key is superseded (key revocations) */
- key_superseded: 1,
- /** Key material has been compromised (key revocations) */
- key_compromised: 2,
- /** Key is retired and no longer used (key revocations) */
- key_retired: 3,
- /** User ID information is no longer valid (cert revocations) */
- userid_invalid: 32
- },
- /** {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.2.3.25|RFC4880bis-04, section 5.2.3.25}
- * @enum {Integer}
- * @readonly
- */
- features: {
- /** 0x01 - Modification Detection (packets 18 and 19) */
- modification_detection: 1,
- /** 0x02 - AEAD Encrypted Data Packet (packet 20) and version 5
- * Symmetric-Key Encrypted Session Key Packets (packet 3) */
- aead: 2,
- /** 0x04 - Version 5 Public-Key Packet format and corresponding new
- * fingerprint format */
- v5_keys: 4
- },
- /** Asserts validity and converts from string/integer to integer. */
- write: function write(type, e) {
- if (typeof e === 'number') {
- e = this.read(type, e);
- }
- if (type[e] !== undefined) {
- return type[e];
- }
- throw new Error('Invalid enum value.');
- },
- /** Converts from an integer to string. */
- read: function read(type, e) {
- if (!type[byValue]) {
- type[byValue] = [];
- Object.entries(type).forEach(([key, value]) => {
- type[byValue][value] = key;
- });
- }
- if (type[byValue][e] !== undefined) {
- return type[byValue][e];
- }
- throw new Error('Invalid enum value.');
- }
- };
- },{}],114:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _config = require('./config');
- var _config2 = _interopRequireDefault(_config);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Initialize the HKP client and configure it with the key server url and fetch function.
- * @constructor
- * @param {String} keyServerBaseUrl (optional) The HKP key server base url including
- * the protocol to use, e.g. 'https://pgp.mit.edu'; defaults to
- * openpgp.config.keyserver (https://keyserver.ubuntu.com)
- */
- function HKP(keyServerBaseUrl) {
- this._baseUrl = keyServerBaseUrl || _config2.default.keyserver;
- this._fetch = typeof window !== 'undefined' ? window.fetch : require('node-fetch');
- }
- /**
- * Search for a public key on the key server either by key ID or part of the user ID.
- * @param {String} options.keyID The long public key ID.
- * @param {String} options.query This can be any part of the key user ID such as name
- * or email address.
- * @returns {Promise<String>} The ascii armored public key.
- * @async
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015 Tankred Hase
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This class implements a client for the OpenPGP HTTP Keyserver Protocol (HKP)
- * in order to lookup and upload keys on standard public key servers.
- * @module hkp
- */
- HKP.prototype.lookup = function (options) {
- let uri = this._baseUrl + '/pks/lookup?op=get&options=mr&search=';
- const fetch = this._fetch;
- if (options.keyId) {
- uri += '0x' + encodeURIComponent(options.keyId);
- } else if (options.query) {
- uri += encodeURIComponent(options.query);
- } else {
- throw new Error('You must provide a query parameter!');
- }
- return fetch(uri).then(function (response) {
- if (response.status === 200) {
- return response.text();
- }
- }).then(function (publicKeyArmored) {
- if (!publicKeyArmored || publicKeyArmored.indexOf('-----END PGP PUBLIC KEY BLOCK-----') < 0) {
- return;
- }
- return publicKeyArmored.trim();
- });
- };
- /**
- * Upload a public key to the server.
- * @param {String} publicKeyArmored An ascii armored public key to be uploaded.
- * @returns {Promise}
- * @async
- */
- HKP.prototype.upload = function (publicKeyArmored) {
- const uri = this._baseUrl + '/pks/add';
- const fetch = this._fetch;
- return fetch(uri, {
- method: 'post',
- headers: {
- 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8'
- },
- body: 'keytext=' + encodeURIComponent(publicKeyArmored)
- });
- };
- exports.default = HKP;
- },{"./config":79,"node-fetch":"node-fetch"}],115:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.lightweight = exports.WKD = exports.HKP = exports.AsyncProxy = exports.Keyring = exports.crypto = exports.config = exports.enums = exports.armor = exports.stream = exports.OID = exports.KDFParams = exports.ECDHSymmetricKey = exports.Keyid = exports.S2K = exports.MPI = exports.packet = exports.util = exports.cleartext = exports.message = exports.signature = exports.key = exports.destroyWorker = exports.getWorker = exports.initWorker = exports.decryptSessionKeys = exports.encryptSessionKey = exports.decryptKey = exports.revokeKey = exports.reformatKey = exports.generateKey = exports.verify = exports.sign = exports.decrypt = exports.encrypt = undefined;
- var _openpgp = require('./openpgp');
- Object.defineProperty(exports, 'encrypt', {
- enumerable: true,
- get: function get() {
- return _openpgp.encrypt;
- }
- });
- Object.defineProperty(exports, 'decrypt', {
- enumerable: true,
- get: function get() {
- return _openpgp.decrypt;
- }
- });
- Object.defineProperty(exports, 'sign', {
- enumerable: true,
- get: function get() {
- return _openpgp.sign;
- }
- });
- Object.defineProperty(exports, 'verify', {
- enumerable: true,
- get: function get() {
- return _openpgp.verify;
- }
- });
- Object.defineProperty(exports, 'generateKey', {
- enumerable: true,
- get: function get() {
- return _openpgp.generateKey;
- }
- });
- Object.defineProperty(exports, 'reformatKey', {
- enumerable: true,
- get: function get() {
- return _openpgp.reformatKey;
- }
- });
- Object.defineProperty(exports, 'revokeKey', {
- enumerable: true,
- get: function get() {
- return _openpgp.revokeKey;
- }
- });
- Object.defineProperty(exports, 'decryptKey', {
- enumerable: true,
- get: function get() {
- return _openpgp.decryptKey;
- }
- });
- Object.defineProperty(exports, 'encryptSessionKey', {
- enumerable: true,
- get: function get() {
- return _openpgp.encryptSessionKey;
- }
- });
- Object.defineProperty(exports, 'decryptSessionKeys', {
- enumerable: true,
- get: function get() {
- return _openpgp.decryptSessionKeys;
- }
- });
- Object.defineProperty(exports, 'initWorker', {
- enumerable: true,
- get: function get() {
- return _openpgp.initWorker;
- }
- });
- Object.defineProperty(exports, 'getWorker', {
- enumerable: true,
- get: function get() {
- return _openpgp.getWorker;
- }
- });
- Object.defineProperty(exports, 'destroyWorker', {
- enumerable: true,
- get: function get() {
- return _openpgp.destroyWorker;
- }
- });
- var _util = require('./util');
- Object.defineProperty(exports, 'util', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_util).default;
- }
- });
- var _packet = require('./packet');
- Object.defineProperty(exports, 'packet', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_packet).default;
- }
- });
- var _mpi = require('./type/mpi');
- Object.defineProperty(exports, 'MPI', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_mpi).default;
- }
- });
- var _s2k = require('./type/s2k');
- Object.defineProperty(exports, 'S2K', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_s2k).default;
- }
- });
- var _keyid = require('./type/keyid');
- Object.defineProperty(exports, 'Keyid', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_keyid).default;
- }
- });
- var _ecdh_symkey = require('./type/ecdh_symkey');
- Object.defineProperty(exports, 'ECDHSymmetricKey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_ecdh_symkey).default;
- }
- });
- var _kdf_params = require('./type/kdf_params');
- Object.defineProperty(exports, 'KDFParams', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_kdf_params).default;
- }
- });
- var _oid = require('./type/oid');
- Object.defineProperty(exports, 'OID', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_oid).default;
- }
- });
- var _webStreamTools = require('web-stream-tools');
- Object.defineProperty(exports, 'stream', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_webStreamTools).default;
- }
- });
- var _armor = require('./encoding/armor');
- Object.defineProperty(exports, 'armor', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_armor).default;
- }
- });
- var _enums = require('./enums');
- Object.defineProperty(exports, 'enums', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_enums).default;
- }
- });
- var _config = require('./config/config');
- Object.defineProperty(exports, 'config', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_config).default;
- }
- });
- var _crypto = require('./crypto');
- Object.defineProperty(exports, 'crypto', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_crypto).default;
- }
- });
- var _keyring = require('./keyring');
- Object.defineProperty(exports, 'Keyring', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_keyring).default;
- }
- });
- var _async_proxy = require('./worker/async_proxy');
- Object.defineProperty(exports, 'AsyncProxy', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_async_proxy).default;
- }
- });
- var _hkp = require('./hkp');
- Object.defineProperty(exports, 'HKP', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_hkp).default;
- }
- });
- var _wkd = require('./wkd');
- Object.defineProperty(exports, 'WKD', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_wkd).default;
- }
- });
- var openpgp = _interopRequireWildcard(_openpgp);
- var _key = require('./key');
- var keyMod = _interopRequireWildcard(_key);
- var _signature = require('./signature');
- var signatureMod = _interopRequireWildcard(_signature);
- var _message = require('./message');
- var messageMod = _interopRequireWildcard(_message);
- var _cleartext = require('./cleartext');
- var cleartextMod = _interopRequireWildcard(_cleartext);
- var _lightweight_helper = require('./lightweight_helper');
- var lightweightMod = _interopRequireWildcard(_lightweight_helper);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = openpgp;
- /**
- * Export each high level api function separately.
- * Usage:
- *
- * import { encryptMessage } from 'openpgp.js'
- * encryptMessage(keys, text)
- */
- /* eslint-disable import/newline-after-import, import/first */
- /**
- * Export high level api as default.
- * Usage:
- *
- * import openpgp from 'openpgp.js'
- * openpgp.encryptMessage(keys, text)
- */
- /**
- * @see module:key
- * @name module:openpgp.key
- */
- const key = exports.key = keyMod;
- /**
- * @see module:signature
- * @name module:openpgp.signature
- */
- const signature = exports.signature = signatureMod;
- /**
- * @see module:message
- * @name module:openpgp.message
- */
- const message = exports.message = messageMod;
- /**
- * @see module:cleartext
- * @name module:openpgp.cleartext
- */
- const cleartext = exports.cleartext = cleartextMod;
- /**
- * @see module:util
- * @name module:openpgp.util
- */
- /**
- * @see module:lightweight
- */
- const lightweight = exports.lightweight = lightweightMod;
- },{"./cleartext":77,"./config/config":78,"./crypto":94,"./encoding/armor":111,"./enums":113,"./hkp":114,"./key":118,"./keyring":122,"./lightweight_helper":125,"./message":126,"./openpgp":127,"./packet":131,"./signature":151,"./type/ecdh_symkey":152,"./type/kdf_params":153,"./type/keyid":154,"./type/mpi":155,"./type/oid":156,"./type/s2k":157,"./util":158,"./wkd":159,"./worker/async_proxy":160,"web-stream-tools":75}],116:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.generate = generate;
- exports.reformat = reformat;
- exports.read = read;
- exports.readArmored = readArmored;
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _key = require('./key');
- var _key2 = _interopRequireDefault(_key);
- var _helper = require('./helper');
- var helper = _interopRequireWildcard(_helper);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _armor = require('../encoding/armor');
- var _armor2 = _interopRequireDefault(_armor);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Generates a new OpenPGP key. Supports RSA and ECC keys.
- * Primary and subkey will be of same type.
- * @param {module:enums.publicKey} [options.keyType=module:enums.publicKey.rsa_encrypt_sign]
- * To indicate what type of key to make.
- * RSA is 1. See {@link https://tools.ietf.org/html/rfc4880#section-9.1}
- * @param {Integer} options.numBits number of bits for the key creation.
- * @param {String|Array<String>} options.userIds
- * Assumes already in form of "User Name <username@email.com>"
- * If array is used, the first userId is set as primary user Id
- * @param {String} options.passphrase The passphrase used to encrypt the resulting private key
- * @param {Number} [options.keyExpirationTime=0]
- * The number of seconds after the key creation time that the key expires
- * @param {String} curve (optional) elliptic curve for ECC keys
- * @param {Date} date Override the creation date of the key and the key signatures
- * @param {Array<Object>} subkeys (optional) options for each subkey, default to main key options. e.g. [{sign: true, passphrase: '123'}]
- * sign parameter defaults to false, and indicates whether the subkey should sign rather than encrypt
- * @returns {Promise<module:key.Key>}
- * @async
- * @static
- */
- async function generate(options) {
- options.sign = true; // primary key is always a signing key
- options = helper.sanitizeKeyOptions(options);
- options.subkeys = options.subkeys.map(function (subkey, index) {
- return helper.sanitizeKeyOptions(options.subkeys[index], options);
- });
- let promises = [helper.generateSecretKey(options)];
- promises = promises.concat(options.subkeys.map(helper.generateSecretSubkey));
- return Promise.all(promises).then(packets => wrapKeyObject(packets[0], packets.slice(1), options));
- }
- /**
- * Reformats and signs an OpenPGP key with a given User ID. Currently only supports RSA keys.
- * @param {module:key.Key} options.privateKey The private key to reformat
- * @param {module:enums.publicKey} [options.keyType=module:enums.publicKey.rsa_encrypt_sign]
- * @param {String|Array<String>} options.userIds
- * Assumes already in form of "User Name <username@email.com>"
- * If array is used, the first userId is set as primary user Id
- * @param {String} options.passphrase The passphrase used to encrypt the resulting private key
- * @param {Number} [options.keyExpirationTime=0]
- * The number of seconds after the key creation time that the key expires
- * @param {Date} date Override the creation date of the key and the key signatures
- * @param {Array<Object>} subkeys (optional) options for each subkey, default to main key options. e.g. [{sign: true, passphrase: '123'}]
- *
- * @returns {Promise<module:key.Key>}
- * @async
- * @static
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Provides factory methods for key creation
- * @requires packet
- * @requires key/Key
- * @requires key/helper
- * @requires enums
- * @requires util
- * @requires config
- * @requires armor
- * @module key/factory
- */
- async function reformat(options) {
- options = sanitize(options);
- try {
- const isDecrypted = options.privateKey.getKeys().every(key => key.isDecrypted());
- if (!isDecrypted) {
- await options.privateKey.decrypt();
- }
- } catch (err) {
- throw new Error('Key not decrypted');
- }
- const packetlist = options.privateKey.toPacketlist();
- let secretKeyPacket;
- const secretSubkeyPackets = [];
- for (let i = 0; i < packetlist.length; i++) {
- if (packetlist[i].tag === _enums2.default.packet.secretKey) {
- secretKeyPacket = packetlist[i];
- } else if (packetlist[i].tag === _enums2.default.packet.secretSubkey) {
- secretSubkeyPackets.push(packetlist[i]);
- }
- }
- if (!secretKeyPacket) {
- throw new Error('Key does not contain a secret key packet');
- }
- if (!options.subkeys) {
- options.subkeys = await Promise.all(secretSubkeyPackets.map(async secretSubkeyPacket => ({
- sign: (await options.privateKey.getSigningKey(secretSubkeyPacket.getKeyId(), null)) && !(await options.privateKey.getEncryptionKey(secretSubkeyPacket.getKeyId(), null))
- })));
- }
- if (options.subkeys.length !== secretSubkeyPackets.length) {
- throw new Error('Number of subkey options does not match number of subkeys');
- }
- options.subkeys = options.subkeys.map(function (subkey, index) {
- return sanitize(options.subkeys[index], options);
- });
- return wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options);
- function sanitize(options, subkeyDefaults = {}) {
- options.keyExpirationTime = options.keyExpirationTime || subkeyDefaults.keyExpirationTime;
- options.passphrase = _util2.default.isString(options.passphrase) ? options.passphrase : subkeyDefaults.passphrase;
- options.date = options.date || subkeyDefaults.date;
- return options;
- }
- }
- async function wrapKeyObject(secretKeyPacket, secretSubkeyPackets, options) {
- // set passphrase protection
- if (options.passphrase) {
- await secretKeyPacket.encrypt(options.passphrase);
- }
- await Promise.all(secretSubkeyPackets.map(async function (secretSubkeyPacket, index) {
- const subkeyPassphrase = options.subkeys[index].passphrase;
- if (subkeyPassphrase) {
- await secretSubkeyPacket.encrypt(subkeyPassphrase);
- }
- }));
- const packetlist = new _packet2.default.List();
- packetlist.push(secretKeyPacket);
- await Promise.all(options.userIds.map(async function (userId, index) {
- function createdPreferredAlgos(algos, configAlgo) {
- if (configAlgo) {
- // Not `uncompressed` / `plaintext`
- const configIndex = algos.indexOf(configAlgo);
- if (configIndex >= 1) {
- // If it is included and not in first place,
- algos.splice(configIndex, 1); // remove it.
- }
- if (configIndex !== 0) {
- // If it was included and not in first place, or wasn't included,
- algos.unshift(configAlgo); // add it to the front.
- }
- }
- return algos;
- }
- const userIdPacket = new _packet2.default.Userid();
- userIdPacket.format(userId);
- const dataToSign = {};
- dataToSign.userId = userIdPacket;
- dataToSign.key = secretKeyPacket;
- const signaturePacket = new _packet2.default.Signature(options.date);
- signaturePacket.signatureType = _enums2.default.signature.cert_generic;
- signaturePacket.publicKeyAlgorithm = secretKeyPacket.algorithm;
- signaturePacket.hashAlgorithm = await helper.getPreferredHashAlgo(null, secretKeyPacket);
- signaturePacket.keyFlags = [_enums2.default.keyFlags.certify_keys | _enums2.default.keyFlags.sign_data];
- signaturePacket.preferredSymmetricAlgorithms = createdPreferredAlgos([
- // prefer aes256, aes128, then aes192 (no WebCrypto support: https://www.chromium.org/blink/webcrypto#TOC-AES-support)
- _enums2.default.symmetric.aes256, _enums2.default.symmetric.aes128, _enums2.default.symmetric.aes192, _enums2.default.symmetric.cast5, _enums2.default.symmetric.tripledes], _config2.default.encryption_cipher);
- if (_config2.default.aead_protect) {
- signaturePacket.preferredAeadAlgorithms = createdPreferredAlgos([_enums2.default.aead.eax, _enums2.default.aead.ocb], _config2.default.aead_mode);
- }
- signaturePacket.preferredHashAlgorithms = createdPreferredAlgos([
- // prefer fast asm.js implementations (SHA-256). SHA-1 will not be secure much longer...move to bottom of list
- _enums2.default.hash.sha256, _enums2.default.hash.sha512, _enums2.default.hash.sha1], _config2.default.prefer_hash_algorithm);
- signaturePacket.preferredCompressionAlgorithms = createdPreferredAlgos([_enums2.default.compression.zlib, _enums2.default.compression.zip], _config2.default.compression);
- if (index === 0) {
- signaturePacket.isPrimaryUserID = true;
- }
- if (_config2.default.integrity_protect) {
- signaturePacket.features = [0];
- signaturePacket.features[0] |= _enums2.default.features.modification_detection;
- }
- if (_config2.default.aead_protect) {
- signaturePacket.features || (signaturePacket.features = [0]);
- signaturePacket.features[0] |= _enums2.default.features.aead;
- }
- if (_config2.default.v5_keys) {
- signaturePacket.features || (signaturePacket.features = [0]);
- signaturePacket.features[0] |= _enums2.default.features.v5_keys;
- }
- if (options.keyExpirationTime > 0) {
- signaturePacket.keyExpirationTime = options.keyExpirationTime;
- signaturePacket.keyNeverExpires = false;
- }
- await signaturePacket.sign(secretKeyPacket, dataToSign);
- return { userIdPacket, signaturePacket };
- })).then(list => {
- list.forEach(({ userIdPacket, signaturePacket }) => {
- packetlist.push(userIdPacket);
- packetlist.push(signaturePacket);
- });
- });
- await Promise.all(secretSubkeyPackets.map(async function (secretSubkeyPacket, index) {
- const subkeyOptions = options.subkeys[index];
- const subkeySignaturePacket = await helper.createBindingSignature(secretSubkeyPacket, secretKeyPacket, subkeyOptions);
- return { secretSubkeyPacket, subkeySignaturePacket };
- })).then(packets => {
- packets.forEach(({ secretSubkeyPacket, subkeySignaturePacket }) => {
- packetlist.push(secretSubkeyPacket);
- packetlist.push(subkeySignaturePacket);
- });
- });
- // Add revocation signature packet for creating a revocation certificate.
- // This packet should be removed before returning the key.
- const dataToSign = { key: secretKeyPacket };
- packetlist.push((await helper.createSignaturePacket(dataToSign, null, secretKeyPacket, {
- signatureType: _enums2.default.signature.key_revocation,
- reasonForRevocationFlag: _enums2.default.reasonForRevocation.no_reason,
- reasonForRevocationString: ''
- }, options.date)));
- // set passphrase protection
- if (options.passphrase) {
- secretKeyPacket.clearPrivateParams();
- }
- await Promise.all(secretSubkeyPackets.map(async function (secretSubkeyPacket, index) {
- const subkeyPassphrase = options.subkeys[index].passphrase;
- if (subkeyPassphrase) {
- secretSubkeyPacket.clearPrivateParams();
- }
- }));
- return new _key2.default(packetlist);
- }
- /**
- * Reads an unarmored OpenPGP key list and returns one or multiple key objects
- * @param {Uint8Array} data to be parsed
- * @returns {Promise<{keys: Array<module:key.Key>,
- * err: (Array<Error>|null)}>} result object with key and error arrays
- * @async
- * @static
- */
- async function read(data) {
- const result = {};
- result.keys = [];
- const err = [];
- try {
- const packetlist = new _packet2.default.List();
- await packetlist.read(data);
- const keyIndex = packetlist.indexOfTag(_enums2.default.packet.publicKey, _enums2.default.packet.secretKey);
- if (keyIndex.length === 0) {
- throw new Error('No key packet found');
- }
- for (let i = 0; i < keyIndex.length; i++) {
- const oneKeyList = packetlist.slice(keyIndex[i], keyIndex[i + 1]);
- try {
- const newKey = new _key2.default(oneKeyList);
- result.keys.push(newKey);
- } catch (e) {
- err.push(e);
- }
- }
- } catch (e) {
- err.push(e);
- }
- if (err.length) {
- result.err = err;
- }
- return result;
- }
- /**
- * Reads an OpenPGP armored text and returns one or multiple key objects
- * @param {String | ReadableStream<String>} armoredText text to be parsed
- * @returns {Promise<{keys: Array<module:key.Key>,
- * err: (Array<Error>|null)}>} result object with key and error arrays
- * @async
- * @static
- */
- async function readArmored(armoredText) {
- try {
- const input = await _armor2.default.decode(armoredText);
- if (!(input.type === _enums2.default.armor.public_key || input.type === _enums2.default.armor.private_key)) {
- throw new Error('Armored text not of type key');
- }
- return read(input.data);
- } catch (e) {
- const result = { keys: [], err: [] };
- result.err.push(e);
- return result;
- }
- }
- },{"../config":79,"../encoding/armor":111,"../enums":113,"../packet":131,"../util":158,"./helper":117,"./key":119}],117:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _slicedToArray = function () { function sliceIterator(arr, i) { var _arr = []; var _n = true; var _d = false; var _e = undefined; try { for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"]) _i["return"](); } finally { if (_d) throw _e; } } return _arr; } return function (arr, i) { if (Array.isArray(arr)) { return arr; } else if (Symbol.iterator in Object(arr)) { return sliceIterator(arr, i); } else { throw new TypeError("Invalid attempt to destructure non-iterable instance"); } }; }(); /**
- * @fileoverview Provides helpers methods for key module
- * @requires packet
- * @requires enums
- * @requires config
- * @requires crypto
- * @module key/helper
- */
- exports.generateSecretSubkey = generateSecretSubkey;
- exports.generateSecretKey = generateSecretKey;
- exports.getLatestValidSignature = getLatestValidSignature;
- exports.isDataExpired = isDataExpired;
- exports.createBindingSignature = createBindingSignature;
- exports.getPreferredHashAlgo = getPreferredHashAlgo;
- exports.getPreferredAlgo = getPreferredAlgo;
- exports.createSignaturePacket = createSignaturePacket;
- exports.mergeSignatures = mergeSignatures;
- exports.isDataRevoked = isDataRevoked;
- exports.getExpirationTime = getExpirationTime;
- exports.checkRevocationKey = checkRevocationKey;
- exports.isAeadSupported = isAeadSupported;
- exports.sanitizeKeyOptions = sanitizeKeyOptions;
- exports.isValidSigningKeyPacket = isValidSigningKeyPacket;
- exports.isValidEncryptionKeyPacket = isValidEncryptionKeyPacket;
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- async function generateSecretSubkey(options) {
- const secretSubkeyPacket = new _packet2.default.SecretSubkey(options.date);
- secretSubkeyPacket.packets = null;
- secretSubkeyPacket.algorithm = _enums2.default.read(_enums2.default.publicKey, options.algorithm);
- await secretSubkeyPacket.generate(options.rsaBits, options.curve);
- return secretSubkeyPacket;
- }
- async function generateSecretKey(options) {
- const secretKeyPacket = new _packet2.default.SecretKey(options.date);
- secretKeyPacket.packets = null;
- secretKeyPacket.algorithm = _enums2.default.read(_enums2.default.publicKey, options.algorithm);
- await secretKeyPacket.generate(options.rsaBits, options.curve);
- return secretKeyPacket;
- }
- /**
- * Returns the valid and non-expired signature that has the latest creation date, while ignoring signatures created in the future.
- * @param {Array<module:packet.Signature>} signatures List of signatures
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<module:packet.Signature>} The latest valid signature
- * @async
- */
- async function getLatestValidSignature(signatures, primaryKey, signatureType, dataToVerify, date = new Date()) {
- let signature;
- for (let i = signatures.length - 1; i >= 0; i--) {
- if ((!signature || signatures[i].created >= signature.created) &&
- // check binding signature is not expired (ie, check for V4 expiration time)
- !signatures[i].isExpired(date) && (
- // check binding signature is verified
- signatures[i].verified || (await signatures[i].verify(primaryKey, signatureType, dataToVerify)))) {
- signature = signatures[i];
- }
- }
- return signature;
- }
- function isDataExpired(keyPacket, signature, date = new Date()) {
- const normDate = _util2.default.normalizeDate(date);
- if (normDate !== null) {
- const expirationTime = getExpirationTime(keyPacket, signature);
- return !(keyPacket.created <= normDate && normDate <= expirationTime) || signature && signature.isExpired(date);
- }
- return false;
- }
- /**
- * Create Binding signature to the key according to the {@link https://tools.ietf.org/html/rfc4880#section-5.2.1}
- * @param {module:packet.SecretSubkey|} subkey Subkey key packet
- * @param {module:packet.SecretKey} primaryKey Primary key packet
- * @param {Object} options
- */
- async function createBindingSignature(subkey, primaryKey, options) {
- const dataToSign = {};
- dataToSign.key = primaryKey;
- dataToSign.bind = subkey;
- const subkeySignaturePacket = new _packet2.default.Signature(options.date);
- subkeySignaturePacket.signatureType = _enums2.default.signature.subkey_binding;
- subkeySignaturePacket.publicKeyAlgorithm = primaryKey.algorithm;
- subkeySignaturePacket.hashAlgorithm = await getPreferredHashAlgo(null, subkey);
- if (options.sign) {
- subkeySignaturePacket.keyFlags = [_enums2.default.keyFlags.sign_data];
- subkeySignaturePacket.embeddedSignature = await createSignaturePacket(dataToSign, null, subkey, {
- signatureType: _enums2.default.signature.key_binding
- }, options.date);
- } else {
- subkeySignaturePacket.keyFlags = [_enums2.default.keyFlags.encrypt_communication | _enums2.default.keyFlags.encrypt_storage];
- }
- if (options.keyExpirationTime > 0) {
- subkeySignaturePacket.keyExpirationTime = options.keyExpirationTime;
- subkeySignaturePacket.keyNeverExpires = false;
- }
- await subkeySignaturePacket.sign(primaryKey, dataToSign);
- return subkeySignaturePacket;
- }
- /**
- * Returns the preferred signature hash algorithm of a key
- * @param {module:key.Key} key (optional) the key to get preferences from
- * @param {module:packet.SecretKey|module:packet.SecretSubkey} keyPacket key packet used for signing
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId (optional) user ID
- * @returns {Promise<String>}
- * @async
- */
- async function getPreferredHashAlgo(key, keyPacket, date = new Date(), userId = {}) {
- let hash_algo = _config2.default.prefer_hash_algorithm;
- let pref_algo = hash_algo;
- if (key) {
- const primaryUser = await key.getPrimaryUser(date, userId);
- if (primaryUser && primaryUser.selfCertification.preferredHashAlgorithms) {
- var _primaryUser$selfCert = _slicedToArray(primaryUser.selfCertification.preferredHashAlgorithms, 1);
- pref_algo = _primaryUser$selfCert[0];
- hash_algo = _crypto2.default.hash.getHashByteLength(hash_algo) <= _crypto2.default.hash.getHashByteLength(pref_algo) ? pref_algo : hash_algo;
- }
- }
- switch (Object.getPrototypeOf(keyPacket)) {
- case _packet2.default.SecretKey.prototype:
- case _packet2.default.PublicKey.prototype:
- case _packet2.default.SecretSubkey.prototype:
- case _packet2.default.PublicSubkey.prototype:
- switch (keyPacket.algorithm) {
- case 'ecdh':
- case 'ecdsa':
- case 'eddsa':
- pref_algo = _crypto2.default.publicKey.elliptic.getPreferredHashAlgo(keyPacket.params[0]);
- }
- }
- return _crypto2.default.hash.getHashByteLength(hash_algo) <= _crypto2.default.hash.getHashByteLength(pref_algo) ? pref_algo : hash_algo;
- }
- /**
- * Returns the preferred symmetric/aead algorithm for a set of keys
- * @param {symmetric|aead} type Type of preference to return
- * @param {Array<module:key.Key>} keys Set of keys
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Array} userIds (optional) user IDs
- * @returns {Promise<module:enums.symmetric>} Preferred symmetric algorithm
- * @async
- */
- async function getPreferredAlgo(type, keys, date = new Date(), userIds = []) {
- const prefProperty = type === 'symmetric' ? 'preferredSymmetricAlgorithms' : 'preferredAeadAlgorithms';
- const defaultAlgo = type === 'symmetric' ? _enums2.default.symmetric.aes128 : _enums2.default.aead.eax;
- const prioMap = {};
- await Promise.all(keys.map(async function (key, i) {
- const primaryUser = await key.getPrimaryUser(date, userIds[i]);
- if (!primaryUser || !primaryUser.selfCertification[prefProperty]) {
- return defaultAlgo;
- }
- primaryUser.selfCertification[prefProperty].forEach(function (algo, index) {
- const entry = prioMap[algo] || (prioMap[algo] = { prio: 0, count: 0, algo: algo });
- entry.prio += 64 >> index;
- entry.count++;
- });
- }));
- let prefAlgo = { prio: 0, algo: defaultAlgo };
- Object.values(prioMap).forEach(({ prio, count, algo }) => {
- try {
- if (algo !== _enums2.default[type].plaintext && algo !== _enums2.default[type].idea && // not implemented
- _enums2.default.read(_enums2.default[type], algo) && // known algorithm
- count === keys.length && // available for all keys
- prio > prefAlgo.prio) {
- prefAlgo = prioMap[algo];
- }
- } catch (e) {}
- });
- return prefAlgo.algo;
- }
- /**
- * Create signature packet
- * @param {Object} dataToSign Contains packets to be signed
- * @param {module:packet.SecretKey|
- * module:packet.SecretSubkey} signingKeyPacket secret key packet for signing
- * @param {Object} signatureProperties (optional) properties to write on the signature packet before signing
- * @param {Date} date (optional) override the creationtime of the signature
- * @param {Object} userId (optional) user ID
- * @param {Object} detached (optional) whether to create a detached signature packet
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {module:packet/signature} signature packet
- */
- async function createSignaturePacket(dataToSign, privateKey, signingKeyPacket, signatureProperties, date, userId, detached = false, streaming = false) {
- if (!signingKeyPacket.isDecrypted()) {
- throw new Error('Private key is not decrypted.');
- }
- const signaturePacket = new _packet2.default.Signature(date);
- Object.assign(signaturePacket, signatureProperties);
- signaturePacket.publicKeyAlgorithm = signingKeyPacket.algorithm;
- signaturePacket.hashAlgorithm = await getPreferredHashAlgo(privateKey, signingKeyPacket, date, userId);
- await signaturePacket.sign(signingKeyPacket, dataToSign, detached, streaming);
- return signaturePacket;
- }
- /**
- * Merges signatures from source[attr] to dest[attr]
- * @private
- * @param {Object} source
- * @param {Object} dest
- * @param {String} attr
- * @param {Function} checkFn optional, signature only merged if true
- */
- async function mergeSignatures(source, dest, attr, checkFn) {
- source = source[attr];
- if (source) {
- if (!dest[attr].length) {
- dest[attr] = source;
- } else {
- await Promise.all(source.map(async function (sourceSig) {
- if (!sourceSig.isExpired() && (!checkFn || (await checkFn(sourceSig))) && !dest[attr].some(function (destSig) {
- return _util2.default.equalsUint8Array(destSig.signature, sourceSig.signature);
- })) {
- dest[attr].push(sourceSig);
- }
- }));
- }
- }
- }
- /**
- * Checks if a given certificate or binding signature is revoked
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Object} dataToVerify The data to check
- * @param {Array<module:packet.Signature>} revocations The revocation signatures to check
- * @param {module:packet.Signature} signature The certificate or signature to check
- * @param {module:packet.PublicSubkey|
- * module:packet.SecretSubkey|
- * module:packet.PublicKey|
- * module:packet.SecretKey} key, optional The key packet to check the signature
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Boolean>} True if the signature revokes the data
- * @async
- */
- async function isDataRevoked(primaryKey, signatureType, dataToVerify, revocations, signature, key, date = new Date()) {
- key = key || primaryKey;
- const normDate = _util2.default.normalizeDate(date);
- const revocationKeyIds = [];
- await Promise.all(revocations.map(async function (revocationSignature) {
- if (
- // Note: a third-party revocation signature could legitimately revoke a
- // self-signature if the signature has an authorized revocation key.
- // However, we don't support passing authorized revocation keys, nor
- // verifying such revocation signatures. Instead, we indicate an error
- // when parsing a key with an authorized revocation key, and ignore
- // third-party revocation signatures here. (It could also be revoking a
- // third-party key certification, which should only affect
- // `verifyAllCertifications`.)
- (!signature || revocationSignature.issuerKeyId.equals(signature.issuerKeyId)) && !(_config2.default.revocations_expire && revocationSignature.isExpired(normDate)) && (revocationSignature.verified || (await revocationSignature.verify(key, signatureType, dataToVerify)))) {
- // TODO get an identifier of the revoked object instead
- revocationKeyIds.push(revocationSignature.issuerKeyId);
- return true;
- }
- return false;
- }));
- // TODO further verify that this is the signature that should be revoked
- if (signature) {
- signature.revoked = revocationKeyIds.some(keyId => keyId.equals(signature.issuerKeyId)) ? true : signature.revoked || false;
- return signature.revoked;
- }
- return revocationKeyIds.length > 0;
- }
- function getExpirationTime(keyPacket, signature) {
- let expirationTime;
- // check V4 expiration time
- if (signature.keyNeverExpires === false) {
- expirationTime = keyPacket.created.getTime() + signature.keyExpirationTime * 1000;
- }
- return expirationTime ? new Date(expirationTime) : Infinity;
- }
- /**
- * Check if signature has revocation key sub packet (not supported by OpenPGP.js)
- * and throw error if found
- * @param {module:packet.Signature} signature The certificate or signature to check
- * @param {type/keyid} keyId Check only certificates or signatures from a certain issuer key ID
- */
- function checkRevocationKey(signature, keyId) {
- if (signature.revocationKeyClass !== null && signature.issuerKeyId.equals(keyId)) {
- throw new Error('This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.');
- }
- }
- /**
- * Returns whether aead is supported by all keys in the set
- * @param {Array<module:key.Key>} keys Set of keys
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Array} userIds (optional) user IDs
- * @returns {Promise<Boolean>}
- * @async
- */
- async function isAeadSupported(keys, date = new Date(), userIds = []) {
- let supported = true;
- // TODO replace when Promise.some or Promise.any are implemented
- await Promise.all(keys.map(async function (key, i) {
- const primaryUser = await key.getPrimaryUser(date, userIds[i]);
- if (!primaryUser || !primaryUser.selfCertification.features || !(primaryUser.selfCertification.features[0] & _enums2.default.features.aead)) {
- supported = false;
- }
- }));
- return supported;
- }
- function sanitizeKeyOptions(options, subkeyDefaults = {}) {
- options.curve = options.curve || subkeyDefaults.curve;
- options.rsaBits = options.rsaBits || subkeyDefaults.rsaBits;
- options.keyExpirationTime = options.keyExpirationTime !== undefined ? options.keyExpirationTime : subkeyDefaults.keyExpirationTime;
- options.passphrase = _util2.default.isString(options.passphrase) ? options.passphrase : subkeyDefaults.passphrase;
- options.date = options.date || subkeyDefaults.date;
- options.sign = options.sign || false;
- if (options.curve) {
- try {
- options.curve = _enums2.default.write(_enums2.default.curve, options.curve);
- } catch (e) {
- throw new Error('Not valid curve.');
- }
- if (options.curve === _enums2.default.curve.ed25519 || options.curve === _enums2.default.curve.curve25519) {
- options.curve = options.sign ? _enums2.default.curve.ed25519 : _enums2.default.curve.curve25519;
- }
- if (options.sign) {
- options.algorithm = options.curve === _enums2.default.curve.ed25519 ? _enums2.default.publicKey.eddsa : _enums2.default.publicKey.ecdsa;
- } else {
- options.algorithm = _enums2.default.publicKey.ecdh;
- }
- } else if (options.rsaBits) {
- options.algorithm = _enums2.default.publicKey.rsa_encrypt_sign;
- } else {
- throw new Error('Unrecognized key type');
- }
- return options;
- }
- function isValidSigningKeyPacket(keyPacket, signature) {
- if (!signature.verified || signature.revoked !== false) {
- // Sanity check
- throw new Error('Signature not verified');
- }
- return keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.rsa_encrypt) && keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.elgamal) && keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.ecdh) && (!signature.keyFlags || (signature.keyFlags[0] & _enums2.default.keyFlags.sign_data) !== 0);
- }
- function isValidEncryptionKeyPacket(keyPacket, signature) {
- if (!signature.verified || signature.revoked !== false) {
- // Sanity check
- throw new Error('Signature not verified');
- }
- return keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.dsa) && keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.rsa_sign) && keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.ecdsa) && keyPacket.algorithm !== _enums2.default.read(_enums2.default.publicKey, _enums2.default.publicKey.eddsa) && (!signature.keyFlags || (signature.keyFlags[0] & _enums2.default.keyFlags.encrypt_communication) !== 0 || (signature.keyFlags[0] & _enums2.default.keyFlags.encrypt_storage) !== 0);
- }
- },{"../config":79,"../crypto":94,"../enums":113,"../packet":131,"../util":158}],118:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Key = exports.createSignaturePacket = exports.getPreferredHashAlgo = exports.isAeadSupported = exports.getPreferredAlgo = exports.reformat = exports.read = exports.generate = exports.readArmored = undefined;
- var _factory = require('./factory');
- var _helper = require('./helper');
- var _key = require('./key.js');
- var _key2 = _interopRequireDefault(_key);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.readArmored = _factory.readArmored;
- exports.generate = _factory.generate;
- exports.read = _factory.read;
- exports.reformat = _factory.reformat;
- exports.getPreferredAlgo = _helper.getPreferredAlgo;
- exports.isAeadSupported = _helper.isAeadSupported;
- exports.getPreferredHashAlgo = _helper.getPreferredHashAlgo;
- exports.createSignaturePacket = _helper.createSignaturePacket;
- exports.Key = _key2.default; /**
- * @fileoverview helper, factory methods, constructors dealing with openPGP key object
- * @module key
- */
- },{"./factory":116,"./helper":117,"./key.js":119}],119:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.default = Key;
- var _armor = require('../encoding/armor');
- var _armor2 = _interopRequireDefault(_armor);
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- var _user = require('./user');
- var _user2 = _interopRequireDefault(_user);
- var _subkey = require('./subkey');
- var _subkey2 = _interopRequireDefault(_subkey);
- var _helper = require('./helper');
- var helper = _interopRequireWildcard(_helper);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents an OpenPGP key. Must contain a primary key.
- * Can contain additional subkeys, signatures, user ids, user attributes.
- * @param {module:packet.List} packetlist The packets that form this key
- * @borrows module:packet.PublicKey#getKeyId as Key#getKeyId
- * @borrows module:packet.PublicKey#getFingerprint as Key#getFingerprint
- * @borrows module:packet.PublicKey#hasSameFingerprintAs as Key#hasSameFingerprintAs
- * @borrows module:packet.PublicKey#getAlgorithmInfo as Key#getAlgorithmInfo
- * @borrows module:packet.PublicKey#getCreationTime as Key#getCreationTime
- * @borrows module:packet.PublicKey#isDecrypted as Key#isDecrypted
- */
- function Key(packetlist) {
- if (!(this instanceof Key)) {
- return new Key(packetlist);
- }
- // same data as in packetlist but in structured form
- this.keyPacket = null;
- this.revocationSignatures = [];
- this.directSignatures = [];
- this.users = [];
- this.subKeys = [];
- this.packetlist2structure(packetlist);
- if (!this.keyPacket || !this.users.length) {
- throw new Error('Invalid key: need at least key and user ID packet');
- }
- } // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires encoding/armor
- * @requires packet
- * @requires enums
- * @requires util
- * @requires key/User
- * @requires key/Subkey
- * @module key/Key
- */
- Object.defineProperty(Key.prototype, 'primaryKey', {
- get() {
- return this.keyPacket;
- },
- configurable: true,
- enumerable: true
- });
- /**
- * Transforms packetlist to structured key data
- * @param {module:packet.List} packetlist The packets that form a key
- */
- Key.prototype.packetlist2structure = function (packetlist) {
- let user;
- let primaryKeyId;
- let subKey;
- for (let i = 0; i < packetlist.length; i++) {
- switch (packetlist[i].tag) {
- case _enums2.default.packet.publicKey:
- case _enums2.default.packet.secretKey:
- this.keyPacket = packetlist[i];
- primaryKeyId = this.getKeyId();
- break;
- case _enums2.default.packet.userid:
- case _enums2.default.packet.userAttribute:
- user = new _user2.default(packetlist[i]);
- this.users.push(user);
- break;
- case _enums2.default.packet.publicSubkey:
- case _enums2.default.packet.secretSubkey:
- user = null;
- subKey = new _subkey2.default(packetlist[i]);
- this.subKeys.push(subKey);
- break;
- case _enums2.default.packet.signature:
- switch (packetlist[i].signatureType) {
- case _enums2.default.signature.cert_generic:
- case _enums2.default.signature.cert_persona:
- case _enums2.default.signature.cert_casual:
- case _enums2.default.signature.cert_positive:
- if (!user) {
- _util2.default.print_debug('Dropping certification signatures without preceding user packet');
- continue;
- }
- if (packetlist[i].issuerKeyId.equals(primaryKeyId)) {
- helper.checkRevocationKey(packetlist[i], primaryKeyId);
- user.selfCertifications.push(packetlist[i]);
- } else {
- user.otherCertifications.push(packetlist[i]);
- }
- break;
- case _enums2.default.signature.cert_revocation:
- if (user) {
- user.revocationSignatures.push(packetlist[i]);
- } else {
- this.directSignatures.push(packetlist[i]);
- }
- break;
- case _enums2.default.signature.key:
- helper.checkRevocationKey(packetlist[i], primaryKeyId);
- this.directSignatures.push(packetlist[i]);
- break;
- case _enums2.default.signature.subkey_binding:
- if (!subKey) {
- _util2.default.print_debug('Dropping subkey binding signature without preceding subkey packet');
- continue;
- }
- helper.checkRevocationKey(packetlist[i], primaryKeyId);
- subKey.bindingSignatures.push(packetlist[i]);
- break;
- case _enums2.default.signature.key_revocation:
- this.revocationSignatures.push(packetlist[i]);
- break;
- case _enums2.default.signature.subkey_revocation:
- if (!subKey) {
- _util2.default.print_debug('Dropping subkey revocation signature without preceding subkey packet');
- continue;
- }
- subKey.revocationSignatures.push(packetlist[i]);
- break;
- }
- break;
- }
- }
- };
- /**
- * Transforms structured key data to packetlist
- * @returns {module:packet.List} The packets that form a key
- */
- Key.prototype.toPacketlist = function () {
- const packetlist = new _packet2.default.List();
- packetlist.push(this.keyPacket);
- packetlist.concat(this.revocationSignatures);
- packetlist.concat(this.directSignatures);
- this.users.map(user => packetlist.concat(user.toPacketlist()));
- this.subKeys.map(subKey => packetlist.concat(subKey.toPacketlist()));
- return packetlist;
- };
- /**
- * Returns an array containing all public or private subkeys matching keyId;
- * If keyId is not present, returns all subkeys.
- * @param {type/keyid} keyId
- * @returns {Array<module:key~SubKey>}
- */
- Key.prototype.getSubkeys = function (keyId = null) {
- const subKeys = [];
- this.subKeys.forEach(subKey => {
- if (!keyId || subKey.getKeyId().equals(keyId, true)) {
- subKeys.push(subKey);
- }
- });
- return subKeys;
- };
- /**
- * Returns an array containing all public or private keys matching keyId.
- * If keyId is not present, returns all keys starting with the primary key.
- * @param {type/keyid} keyId
- * @returns {Array<module:key.Key|module:key~SubKey>}
- */
- Key.prototype.getKeys = function (keyId = null) {
- const keys = [];
- if (!keyId || this.getKeyId().equals(keyId, true)) {
- keys.push(this);
- }
- return keys.concat(this.getSubkeys(keyId));
- };
- /**
- * Returns key IDs of all keys
- * @returns {Array<module:type/keyid>}
- */
- Key.prototype.getKeyIds = function () {
- return this.getKeys().map(key => key.getKeyId());
- };
- /**
- * Returns userids
- * @returns {Array<string>} array of userids
- */
- Key.prototype.getUserIds = function () {
- return this.users.map(user => {
- return user.userId ? user.userId.userid : null;
- }).filter(userid => userid !== null);
- };
- /**
- * Returns true if this is a public key
- * @returns {Boolean}
- */
- Key.prototype.isPublic = function () {
- return this.keyPacket.tag === _enums2.default.packet.publicKey;
- };
- /**
- * Returns true if this is a private key
- * @returns {Boolean}
- */
- Key.prototype.isPrivate = function () {
- return this.keyPacket.tag === _enums2.default.packet.secretKey;
- };
- /**
- * Returns key as public key (shallow copy)
- * @returns {module:key.Key} new public Key
- */
- Key.prototype.toPublic = function () {
- const packetlist = new _packet2.default.List();
- const keyPackets = this.toPacketlist();
- let bytes;
- let pubKeyPacket;
- let pubSubkeyPacket;
- for (let i = 0; i < keyPackets.length; i++) {
- switch (keyPackets[i].tag) {
- case _enums2.default.packet.secretKey:
- bytes = keyPackets[i].writePublicKey();
- pubKeyPacket = new _packet2.default.PublicKey();
- pubKeyPacket.read(bytes);
- packetlist.push(pubKeyPacket);
- break;
- case _enums2.default.packet.secretSubkey:
- bytes = keyPackets[i].writePublicKey();
- pubSubkeyPacket = new _packet2.default.PublicSubkey();
- pubSubkeyPacket.read(bytes);
- packetlist.push(pubSubkeyPacket);
- break;
- default:
- packetlist.push(keyPackets[i]);
- }
- }
- return new Key(packetlist);
- };
- /**
- * Returns ASCII armored text of key
- * @returns {ReadableStream<String>} ASCII armor
- */
- Key.prototype.armor = function () {
- const type = this.isPublic() ? _enums2.default.armor.public_key : _enums2.default.armor.private_key;
- return _armor2.default.encode(type, this.toPacketlist().write());
- };
- /**
- * Returns last created key or key by given keyId that is available for signing and verification
- * @param {module:type/keyid} keyId, optional
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId, optional user ID
- * @returns {Promise<module:key.Key|module:key~SubKey|null>} key or null if no signing key has been found
- * @async
- */
- Key.prototype.getSigningKey = async function (keyId = null, date = new Date(), userId = {}) {
- const primaryKey = this.keyPacket;
- if ((await this.verifyPrimaryKey(date, userId)) === _enums2.default.keyStatus.valid) {
- const subKeys = this.subKeys.slice().sort((a, b) => b.keyPacket.created - a.keyPacket.created);
- for (let i = 0; i < subKeys.length; i++) {
- if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
- if ((await subKeys[i].verify(primaryKey, date)) === _enums2.default.keyStatus.valid) {
- const dataToVerify = { key: primaryKey, bind: subKeys[i].keyPacket };
- const bindingSignature = await helper.getLatestValidSignature(subKeys[i].bindingSignatures, primaryKey, _enums2.default.signature.subkey_binding, dataToVerify, date);
- if (bindingSignature && bindingSignature.embeddedSignature && helper.isValidSigningKeyPacket(subKeys[i].keyPacket, bindingSignature) && (await helper.getLatestValidSignature([bindingSignature.embeddedSignature], subKeys[i].keyPacket, _enums2.default.signature.key_binding, dataToVerify, date))) {
- return subKeys[i];
- }
- }
- }
- }
- const primaryUser = await this.getPrimaryUser(date, userId);
- if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) && helper.isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification)) {
- return this;
- }
- }
- return null;
- };
- /**
- * Returns last created key or key by given keyId that is available for encryption or decryption
- * @param {module:type/keyid} keyId, optional
- * @param {Date} date, optional
- * @param {String} userId, optional
- * @returns {Promise<module:key.Key|module:key~SubKey|null>} key or null if no encryption key has been found
- * @async
- */
- Key.prototype.getEncryptionKey = async function (keyId, date = new Date(), userId = {}) {
- const primaryKey = this.keyPacket;
- if ((await this.verifyPrimaryKey(date, userId)) === _enums2.default.keyStatus.valid) {
- // V4: by convention subkeys are preffered for encryption service
- const subKeys = this.subKeys.slice().sort((a, b) => b.keyPacket.created - a.keyPacket.created);
- for (let i = 0; i < subKeys.length; i++) {
- if (!keyId || subKeys[i].getKeyId().equals(keyId)) {
- if ((await subKeys[i].verify(primaryKey, date)) === _enums2.default.keyStatus.valid) {
- const dataToVerify = { key: primaryKey, bind: subKeys[i].keyPacket };
- const bindingSignature = await helper.getLatestValidSignature(subKeys[i].bindingSignatures, primaryKey, _enums2.default.signature.subkey_binding, dataToVerify, date);
- if (bindingSignature && helper.isValidEncryptionKeyPacket(subKeys[i].keyPacket, bindingSignature)) {
- return subKeys[i];
- }
- }
- }
- }
- // if no valid subkey for encryption, evaluate primary key
- const primaryUser = await this.getPrimaryUser(date, userId);
- if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) && helper.isValidEncryptionKeyPacket(primaryKey, primaryUser.selfCertification)) {
- return this;
- }
- }
- return null;
- };
- /**
- * Encrypts all secret key and subkey packets matching keyId
- * @param {String|Array<String>} passphrases - if multiple passphrases, then should be in same order as packets each should encrypt
- * @param {module:type/keyid} keyId
- * @returns {Promise<Array<module:packet.SecretKey|module:packet.SecretSubkey>>}
- * @async
- */
- Key.prototype.encrypt = async function (passphrases, keyId = null) {
- if (!this.isPrivate()) {
- throw new Error("Nothing to encrypt in a public key");
- }
- const keys = this.getKeys(keyId);
- passphrases = _util2.default.isArray(passphrases) ? passphrases : new Array(keys.length).fill(passphrases);
- if (passphrases.length !== keys.length) {
- throw new Error("Invalid number of passphrases for key");
- }
- return Promise.all(keys.map(async function (key, i) {
- const keyPacket = key.keyPacket;
- await keyPacket.encrypt(passphrases[i]);
- keyPacket.clearPrivateParams();
- return keyPacket;
- }));
- };
- /**
- * Decrypts all secret key and subkey packets matching keyId
- * @param {String|Array<String>} passphrases
- * @param {module:type/keyid} keyId
- * @returns {Promise<Boolean>} true if all matching key and subkey packets decrypted successfully
- * @async
- */
- Key.prototype.decrypt = async function (passphrases, keyId = null) {
- if (!this.isPrivate()) {
- throw new Error("Nothing to decrypt in a public key");
- }
- passphrases = _util2.default.isArray(passphrases) ? passphrases : [passphrases];
- const results = await Promise.all(this.getKeys(keyId).map(async function (key) {
- let decrypted = false;
- let error = null;
- await Promise.all(passphrases.map(async function (passphrase) {
- try {
- await key.keyPacket.decrypt(passphrase);
- decrypted = true;
- } catch (e) {
- error = e;
- }
- }));
- if (!decrypted) {
- throw error;
- }
- return decrypted;
- }));
- return results.every(result => result === true);
- };
- /**
- * Checks if a signature on a key is revoked
- * @param {module:packet.SecretKey|
- * @param {module:packet.Signature} signature The signature to verify
- * @param {module:packet.PublicSubkey|
- * module:packet.SecretSubkey|
- * module:packet.PublicKey|
- * module:packet.SecretKey} key, optional The key to verify the signature
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Boolean>} True if the certificate is revoked
- * @async
- */
- Key.prototype.isRevoked = async function (signature, key, date = new Date()) {
- return helper.isDataRevoked(this.keyPacket, _enums2.default.signature.key_revocation, { key: this.keyPacket }, this.revocationSignatures, signature, key, date);
- };
- /**
- * Verify primary key. Checks for revocation signatures, expiration time
- * and valid self signature
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId (optional) user ID
- * @returns {Promise<module:enums.keyStatus>} The status of the primary key
- * @async
- */
- Key.prototype.verifyPrimaryKey = async function (date = new Date(), userId = {}) {
- const primaryKey = this.keyPacket;
- // check for key revocation signatures
- if (await this.isRevoked(null, null, date)) {
- return _enums2.default.keyStatus.revoked;
- }
- // check for at least one self signature. Self signature of user ID not mandatory
- // See {@link https://tools.ietf.org/html/rfc4880#section-11.1}
- if (!this.users.some(user => user.userId && user.selfCertifications.length)) {
- return _enums2.default.keyStatus.no_self_cert;
- }
- // check for valid, unrevoked, unexpired self signature
- var _ref = (await this.getPrimaryUser(date, userId)) || {};
- const user = _ref.user,
- selfCertification = _ref.selfCertification;
- if (!user) {
- return _enums2.default.keyStatus.invalid;
- }
- // check for expiration time
- if (helper.isDataExpired(primaryKey, selfCertification, date)) {
- return _enums2.default.keyStatus.expired;
- }
- return _enums2.default.keyStatus.valid;
- };
- /**
- * Returns the latest date when the key can be used for encrypting, signing, or both, depending on the `capabilities` paramater.
- * When `capabilities` is null, defaults to returning the expiry date of the primary key.
- * Returns null if `capabilities` is passed and the key does not have the specified capabilities or is revoked or invalid.
- * Returns Infinity if the key doesn't expire.
- * @param {encrypt|sign|encrypt_sign} capabilities, optional
- * @param {module:type/keyid} keyId, optional
- * @param {Object} userId, optional user ID
- * @returns {Promise<Date | Infinity | null>}
- * @async
- */
- Key.prototype.getExpirationTime = async function (capabilities, keyId, userId) {
- const primaryUser = await this.getPrimaryUser(null, userId);
- if (!primaryUser) {
- throw new Error('Could not find primary user');
- }
- const selfCert = primaryUser.selfCertification;
- const keyExpiry = helper.getExpirationTime(this.keyPacket, selfCert);
- const sigExpiry = selfCert.getExpirationTime();
- let expiry = keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
- if (capabilities === 'encrypt' || capabilities === 'encrypt_sign') {
- const encryptKey = (await this.getEncryptionKey(keyId, expiry, userId)) || (await this.getEncryptionKey(keyId, null, userId));
- if (!encryptKey) return null;
- const encryptExpiry = await encryptKey.getExpirationTime(this.keyPacket);
- if (encryptExpiry < expiry) expiry = encryptExpiry;
- }
- if (capabilities === 'sign' || capabilities === 'encrypt_sign') {
- const signKey = (await this.getSigningKey(keyId, expiry, userId)) || (await this.getSigningKey(keyId, null, userId));
- if (!signKey) return null;
- const signExpiry = await signKey.getExpirationTime(this.keyPacket);
- if (signExpiry < expiry) expiry = signExpiry;
- }
- return expiry;
- };
- /**
- * Returns primary user and most significant (latest valid) self signature
- * - if multiple primary users exist, returns the one with the latest self signature
- * - otherwise, returns the user with the latest self signature
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId (optional) user ID to get instead of the primary user, if it exists
- * @returns {Promise<{user: module:key.User,
- * selfCertification: module:packet.Signature}>} The primary user and the self signature
- * @async
- */
- Key.prototype.getPrimaryUser = async function (date = new Date(), userId = {}) {
- const primaryKey = this.keyPacket;
- const users = [];
- for (let i = 0; i < this.users.length; i++) {
- const user = this.users[i];
- if (!user.userId || !((userId.name === undefined || user.userId.name === userId.name) && (userId.email === undefined || user.userId.email === userId.email) && (userId.comment === undefined || user.userId.comment === userId.comment))) continue;
- const dataToVerify = { userId: user.userId, key: primaryKey };
- const selfCertification = await helper.getLatestValidSignature(user.selfCertifications, primaryKey, _enums2.default.signature.cert_generic, dataToVerify, date);
- if (!selfCertification) continue;
- users.push({ index: i, user, selfCertification });
- }
- if (!users.length) {
- if (userId.name !== undefined || userId.email !== undefined || userId.comment !== undefined) {
- throw new Error('Could not find user that matches that user ID');
- }
- return null;
- }
- await Promise.all(users.map(async function (a) {
- return a.user.revoked || a.user.isRevoked(primaryKey, a.selfCertification, null, date);
- }));
- // sort by primary user flag and signature creation time
- const primaryUser = users.sort(function (a, b) {
- const A = a.selfCertification;
- const B = b.selfCertification;
- return B.revoked - A.revoked || A.isPrimaryUserID - B.isPrimaryUserID || A.created - B.created;
- }).pop();
- const user = primaryUser.user,
- cert = primaryUser.selfCertification;
- if (cert.revoked || (await user.isRevoked(primaryKey, cert, null, date))) {
- return null;
- }
- return primaryUser;
- };
- /**
- * Update key with new components from specified key with same key ID:
- * users, subkeys, certificates are merged into the destination key,
- * duplicates and expired signatures are ignored.
- *
- * If the specified key is a private key and the destination key is public,
- * the destination key is transformed to a private key.
- * @param {module:key.Key} key Source key to merge
- * @returns {Promise<undefined>}
- * @async
- */
- Key.prototype.update = async function (key) {
- if ((await key.verifyPrimaryKey()) === _enums2.default.keyStatus.invalid) {
- return;
- }
- if (!this.hasSameFingerprintAs(key)) {
- throw new Error('Key update method: fingerprints of keys not equal');
- }
- if (this.isPublic() && key.isPrivate()) {
- // check for equal subkey packets
- const equal = this.subKeys.length === key.subKeys.length && this.subKeys.every(destSubKey => {
- return key.subKeys.some(srcSubKey => {
- return destSubKey.hasSameFingerprintAs(srcSubKey);
- });
- });
- if (!equal) {
- throw new Error('Cannot update public key with private key if subkey mismatch');
- }
- this.keyPacket = key.keyPacket;
- }
- // revocation signatures
- await helper.mergeSignatures(key, this, 'revocationSignatures', srcRevSig => {
- return helper.isDataRevoked(this.keyPacket, _enums2.default.signature.key_revocation, this, [srcRevSig], null, key.keyPacket);
- });
- // direct signatures
- await helper.mergeSignatures(key, this, 'directSignatures');
- // TODO replace when Promise.some or Promise.any are implemented
- // users
- await Promise.all(key.users.map(async srcUser => {
- let found = false;
- await Promise.all(this.users.map(async dstUser => {
- if (srcUser.userId && dstUser.userId && srcUser.userId.userid === dstUser.userId.userid || srcUser.userAttribute && srcUser.userAttribute.equals(dstUser.userAttribute)) {
- await dstUser.update(srcUser, this.keyPacket);
- found = true;
- }
- }));
- if (!found) {
- this.users.push(srcUser);
- }
- }));
- // TODO replace when Promise.some or Promise.any are implemented
- // subkeys
- await Promise.all(key.subKeys.map(async srcSubKey => {
- let found = false;
- await Promise.all(this.subKeys.map(async dstSubKey => {
- if (dstSubKey.hasSameFingerprintAs(srcSubKey)) {
- await dstSubKey.update(srcSubKey, this.keyPacket);
- found = true;
- }
- }));
- if (!found) {
- this.subKeys.push(srcSubKey);
- }
- }));
- };
- /**
- * Revokes the key
- * @param {Object} reasonForRevocation optional, object indicating the reason for revocation
- * @param {module:enums.reasonForRevocation} reasonForRevocation.flag optional, flag indicating the reason for revocation
- * @param {String} reasonForRevocation.string optional, string explaining the reason for revocation
- * @param {Date} date optional, override the creationtime of the revocation signature
- * @returns {Promise<module:key.Key>} new key with revocation signature
- * @async
- */
- Key.prototype.revoke = async function ({
- flag: reasonForRevocationFlag = _enums2.default.reasonForRevocation.no_reason,
- string: reasonForRevocationString = ''
- } = {}, date = new Date()) {
- if (this.isPublic()) {
- throw new Error('Need private key for revoking');
- }
- const dataToSign = { key: this.keyPacket };
- const key = new Key(this.toPacketlist());
- key.revocationSignatures.push((await helper.createSignaturePacket(dataToSign, null, this.keyPacket, {
- signatureType: _enums2.default.signature.key_revocation,
- reasonForRevocationFlag: _enums2.default.write(_enums2.default.reasonForRevocation, reasonForRevocationFlag),
- reasonForRevocationString
- }, date)));
- return key;
- };
- /**
- * Get revocation certificate from a revoked key.
- * (To get a revocation certificate for an unrevoked key, call revoke() first.)
- * @returns {Promise<String>} armored revocation certificate
- * @async
- */
- Key.prototype.getRevocationCertificate = async function () {
- const dataToVerify = { key: this.keyPacket };
- const revocationSignature = await helper.getLatestValidSignature(this.revocationSignatures, this.keyPacket, _enums2.default.signature.key_revocation, dataToVerify);
- if (revocationSignature) {
- const packetlist = new _packet2.default.List();
- packetlist.push(revocationSignature);
- return _armor2.default.encode(_enums2.default.armor.public_key, packetlist.write(), null, null, 'This is a revocation certificate');
- }
- };
- /**
- * Applies a revocation certificate to a key
- * This adds the first signature packet in the armored text to the key,
- * if it is a valid revocation signature.
- * @param {String} revocationCertificate armored revocation certificate
- * @returns {Promise<module:key.Key>} new revoked key
- * @async
- */
- Key.prototype.applyRevocationCertificate = async function (revocationCertificate) {
- const input = await _armor2.default.decode(revocationCertificate);
- const packetlist = new _packet2.default.List();
- await packetlist.read(input.data);
- const revocationSignature = packetlist.findPacket(_enums2.default.packet.signature);
- if (!revocationSignature || revocationSignature.signatureType !== _enums2.default.signature.key_revocation) {
- throw new Error('Could not find revocation signature packet');
- }
- if (!revocationSignature.issuerKeyId.equals(this.getKeyId())) {
- throw new Error('Revocation signature does not match key');
- }
- if (revocationSignature.isExpired()) {
- throw new Error('Revocation signature is expired');
- }
- if (!(await revocationSignature.verify(this.keyPacket, _enums2.default.signature.key_revocation, { key: this.keyPacket }))) {
- throw new Error('Could not verify revocation signature');
- }
- const key = new Key(this.toPacketlist());
- key.revocationSignatures.push(revocationSignature);
- return key;
- };
- /**
- * Signs primary user of key
- * @param {Array<module:key.Key>} privateKey decrypted private keys for signing
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId (optional) user ID to get instead of the primary user, if it exists
- * @returns {Promise<module:key.Key>} new public key with new certificate signature
- * @async
- */
- Key.prototype.signPrimaryUser = async function (privateKeys, date, userId) {
- var _ref2 = (await this.getPrimaryUser(date, userId)) || {};
- const index = _ref2.index,
- user = _ref2.user;
- if (!user) {
- throw new Error('Could not find primary user');
- }
- const userSign = await user.sign(this.keyPacket, privateKeys);
- const key = new Key(this.toPacketlist());
- key.users[index] = userSign;
- return key;
- };
- /**
- * Signs all users of key
- * @param {Array<module:key.Key>} privateKeys decrypted private keys for signing
- * @returns {Promise<module:key.Key>} new public key with new certificate signature
- * @async
- */
- Key.prototype.signAllUsers = async function (privateKeys) {
- const that = this;
- const key = new Key(this.toPacketlist());
- key.users = await Promise.all(this.users.map(function (user) {
- return user.sign(that.keyPacket, privateKeys);
- }));
- return key;
- };
- /**
- * Verifies primary user of key
- * - if no arguments are given, verifies the self certificates;
- * - otherwise, verifies all certificates signed with given keys.
- * @param {Array<module:key.Key>} keys array of keys to verify certificate signatures
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @param {Object} userId (optional) user ID to get instead of the primary user, if it exists
- * @returns {Promise<Array<{keyid: module:type/keyid,
- * valid: Boolean}>>} List of signer's keyid and validity of signature
- * @async
- */
- Key.prototype.verifyPrimaryUser = async function (keys, date, userId) {
- const primaryKey = this.keyPacket;
- var _ref3 = (await this.getPrimaryUser(date, userId)) || {};
- const user = _ref3.user;
- if (!user) {
- throw new Error('Could not find primary user');
- }
- const results = keys ? await user.verifyAllCertifications(primaryKey, keys) : [{ keyid: primaryKey.keyid, valid: (await user.verify(primaryKey)) === _enums2.default.keyStatus.valid }];
- return results;
- };
- /**
- * Verifies all users of key
- * - if no arguments are given, verifies the self certificates;
- * - otherwise, verifies all certificates signed with given keys.
- * @param {Array<module:key.Key>} keys array of keys to verify certificate signatures
- * @returns {Promise<Array<{userid: String,
- * keyid: module:type/keyid,
- * valid: Boolean}>>} list of userid, signer's keyid and validity of signature
- * @async
- */
- Key.prototype.verifyAllUsers = async function (keys) {
- const results = [];
- const primaryKey = this.keyPacket;
- await Promise.all(this.users.map(async function (user) {
- const signatures = keys ? await user.verifyAllCertifications(primaryKey, keys) : [{ keyid: primaryKey.keyid, valid: (await user.verify(primaryKey)) === _enums2.default.keyStatus.valid }];
- signatures.forEach(signature => {
- results.push({
- userid: user.userId.userid,
- keyid: signature.keyid,
- valid: signature.valid
- });
- });
- }));
- return results;
- };
- /**
- * Generates a new OpenPGP subkey, and returns a clone of the Key object with the new subkey added.
- * Supports RSA and ECC keys. Defaults to the algorithm and bit size/curve of the primary key.
- * @param {Integer} options.rsaBits number of bits for the key creation.
- * @param {Number} [options.keyExpirationTime=0]
- * The number of seconds after the key creation time that the key expires
- * @param {String} curve (optional) Elliptic curve for ECC keys
- * @param {Date} date (optional) Override the creation date of the key and the key signatures
- * @param {Boolean} subkeys (optional) Indicates whether the subkey should sign rather than encrypt. Defaults to false
- * @returns {Promise<module:key.Key>}
- * @async
- */
- Key.prototype.addSubkey = async function (options = {}) {
- if (!this.isPrivate()) {
- throw new Error("Cannot add a subkey to a public key");
- }
- if (options.passphrase) {
- throw new Error("Subkey could not be encrypted here, please encrypt whole key");
- }
- if (_util2.default.getWebCryptoAll() && options.rsaBits < 2048) {
- throw new Error('When using webCrypto rsaBits should be 2048 or 4096, found: ' + options.rsaBits);
- }
- const secretKeyPacket = this.primaryKey;
- if (!secretKeyPacket.isDecrypted()) {
- throw new Error("Key is not decrypted");
- }
- const defaultOptions = secretKeyPacket.getAlgorithmInfo();
- options = helper.sanitizeKeyOptions(options, defaultOptions);
- const keyPacket = await helper.generateSecretSubkey(options);
- const bindingSignature = await helper.createBindingSignature(keyPacket, secretKeyPacket, options);
- const packetList = this.toPacketlist();
- packetList.push(keyPacket);
- packetList.push(bindingSignature);
- return new Key(packetList);
- };
- ['getKeyId', 'getFingerprint', 'getAlgorithmInfo', 'getCreationTime', 'isDecrypted', 'hasSameFingerprintAs'].forEach(name => {
- Key.prototype[name] = _subkey2.default.prototype[name];
- });
- },{"../encoding/armor":111,"../enums":113,"../packet":131,"../util":158,"./helper":117,"./subkey":120,"./user":121}],120:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.default = SubKey;
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _helper = require('./helper');
- var helper = _interopRequireWildcard(_helper);
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents a subkey packet and the relevant signatures.
- * @borrows module:packet.PublicSubkey#getKeyId as SubKey#getKeyId
- * @borrows module:packet.PublicSubkey#getFingerprint as SubKey#getFingerprint
- * @borrows module:packet.PublicSubkey#hasSameFingerprintAs as SubKey#hasSameFingerprintAs
- * @borrows module:packet.PublicSubkey#getAlgorithmInfo as SubKey#getAlgorithmInfo
- * @borrows module:packet.PublicSubkey#getCreationTime as SubKey#getCreationTime
- * @borrows module:packet.PublicSubkey#isDecrypted as SubKey#isDecrypted
- */
- function SubKey(subKeyPacket) {
- if (!(this instanceof SubKey)) {
- return new SubKey(subKeyPacket);
- }
- this.keyPacket = subKeyPacket;
- this.bindingSignatures = [];
- this.revocationSignatures = [];
- }
- /**
- * Transforms structured subkey data to packetlist
- * @returns {module:packet.List}
- */
- /**
- * @requires enums
- * @requires key/helper
- * @requires packet
- * @module key/SubKey
- */
- SubKey.prototype.toPacketlist = function () {
- const packetlist = new _packet2.default.List();
- packetlist.push(this.keyPacket);
- packetlist.concat(this.revocationSignatures);
- packetlist.concat(this.bindingSignatures);
- return packetlist;
- };
- /**
- * Checks if a binding signature of a subkey is revoked
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {module:packet.Signature} signature The binding signature to verify
- * @param {module:packet.PublicSubkey|
- * module:packet.SecretSubkey|
- * module:packet.PublicKey|
- * module:packet.SecretKey} key, optional The key to verify the signature
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Boolean>} True if the binding signature is revoked
- * @async
- */
- SubKey.prototype.isRevoked = async function (primaryKey, signature, key, date = new Date()) {
- return helper.isDataRevoked(primaryKey, _enums2.default.signature.subkey_revocation, {
- key: primaryKey,
- bind: this.keyPacket
- }, this.revocationSignatures, signature, key, date);
- };
- /**
- * Verify subkey. Checks for revocation signatures, expiration time
- * and valid binding signature
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<module:enums.keyStatus>} The status of the subkey
- * @async
- */
- SubKey.prototype.verify = async function (primaryKey, date = new Date()) {
- const that = this;
- const dataToVerify = { key: primaryKey, bind: this.keyPacket };
- // check subkey binding signatures
- const bindingSignature = await helper.getLatestValidSignature(this.bindingSignatures, primaryKey, _enums2.default.signature.subkey_binding, dataToVerify, date);
- // check binding signature is verified
- if (!bindingSignature) {
- return _enums2.default.keyStatus.invalid;
- }
- // check binding signature is not revoked
- if (bindingSignature.revoked || (await that.isRevoked(primaryKey, bindingSignature, null, date))) {
- return _enums2.default.keyStatus.revoked;
- }
- // check for expiration time
- if (helper.isDataExpired(this.keyPacket, bindingSignature, date)) {
- return _enums2.default.keyStatus.expired;
- }
- return _enums2.default.keyStatus.valid; // binding signature passed all checks
- };
- /**
- * Returns the expiration time of the subkey or Infinity if key does not expire
- * Returns null if the subkey is invalid.
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Date | Infinity | null>}
- * @async
- */
- SubKey.prototype.getExpirationTime = async function (primaryKey, date = new Date()) {
- const dataToVerify = { key: primaryKey, bind: this.keyPacket };
- const bindingSignature = await helper.getLatestValidSignature(this.bindingSignatures, primaryKey, _enums2.default.signature.subkey_binding, dataToVerify, date);
- if (!bindingSignature) return null;
- const keyExpiry = helper.getExpirationTime(this.keyPacket, bindingSignature);
- const sigExpiry = bindingSignature.getExpirationTime();
- return keyExpiry < sigExpiry ? keyExpiry : sigExpiry;
- };
- /**
- * Update subkey with new components from specified subkey
- * @param {module:key~SubKey} subKey Source subkey to merge
- * @param {module:packet.SecretKey|
- module:packet.SecretSubkey} primaryKey primary key used for validation
- * @returns {Promise<undefined>}
- * @async
- */
- SubKey.prototype.update = async function (subKey, primaryKey) {
- if ((await subKey.verify(primaryKey)) === _enums2.default.keyStatus.invalid) {
- return;
- }
- if (!this.hasSameFingerprintAs(subKey)) {
- throw new Error('SubKey update method: fingerprints of subkeys not equal');
- }
- // key packet
- if (this.keyPacket.tag === _enums2.default.packet.publicSubkey && subKey.keyPacket.tag === _enums2.default.packet.secretSubkey) {
- this.keyPacket = subKey.keyPacket;
- }
- // update missing binding signatures
- const that = this;
- const dataToVerify = { key: primaryKey, bind: that.keyPacket };
- await helper.mergeSignatures(subKey, this, 'bindingSignatures', async function (srcBindSig) {
- if (!(srcBindSig.verified || (await srcBindSig.verify(primaryKey, _enums2.default.signature.subkey_binding, dataToVerify)))) {
- return false;
- }
- for (let i = 0; i < that.bindingSignatures.length; i++) {
- if (that.bindingSignatures[i].issuerKeyId.equals(srcBindSig.issuerKeyId)) {
- if (srcBindSig.created > that.bindingSignatures[i].created) {
- that.bindingSignatures[i] = srcBindSig;
- }
- return false;
- }
- }
- return true;
- });
- // revocation signatures
- await helper.mergeSignatures(subKey, this, 'revocationSignatures', function (srcRevSig) {
- return helper.isDataRevoked(primaryKey, _enums2.default.signature.subkey_revocation, dataToVerify, [srcRevSig]);
- });
- };
- /**
- * Revokes the subkey
- * @param {module:packet.SecretKey} primaryKey decrypted private primary key for revocation
- * @param {Object} reasonForRevocation optional, object indicating the reason for revocation
- * @param {module:enums.reasonForRevocation} reasonForRevocation.flag optional, flag indicating the reason for revocation
- * @param {String} reasonForRevocation.string optional, string explaining the reason for revocation
- * @param {Date} date optional, override the creationtime of the revocation signature
- * @returns {Promise<module:key~SubKey>} new subkey with revocation signature
- * @async
- */
- SubKey.prototype.revoke = async function (primaryKey, {
- flag: reasonForRevocationFlag = _enums2.default.reasonForRevocation.no_reason,
- string: reasonForRevocationString = ''
- } = {}, date = new Date()) {
- const dataToSign = { key: primaryKey, bind: this.keyPacket };
- const subKey = new SubKey(this.keyPacket);
- subKey.revocationSignatures.push((await helper.createSignaturePacket(dataToSign, null, primaryKey, {
- signatureType: _enums2.default.signature.subkey_revocation,
- reasonForRevocationFlag: _enums2.default.write(_enums2.default.reasonForRevocation, reasonForRevocationFlag),
- reasonForRevocationString
- }, date)));
- await subKey.update(this, primaryKey);
- return subKey;
- };
- ['getKeyId', 'getFingerprint', 'getAlgorithmInfo', 'getCreationTime', 'isDecrypted'].forEach(name => {
- SubKey.prototype[name] = function () {
- return this.keyPacket[name]();
- };
- });
- SubKey.prototype.hasSameFingerprintAs = function (other) {
- return this.keyPacket.hasSameFingerprintAs(other.keyPacket || other);
- };
- },{"../enums":113,"../packet":131,"./helper":117}],121:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.default = User;
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _helper = require('./helper');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents an user ID or attribute packet and the relevant signatures.
- */
- function User(userPacket) {
- if (!(this instanceof User)) {
- return new User(userPacket);
- }
- this.userId = userPacket.tag === _enums2.default.packet.userid ? userPacket : null;
- this.userAttribute = userPacket.tag === _enums2.default.packet.userAttribute ? userPacket : null;
- this.selfCertifications = [];
- this.otherCertifications = [];
- this.revocationSignatures = [];
- }
- /**
- * Transforms structured user data to packetlist
- * @returns {module:packet.List}
- */
- /**
- * @requires enums
- * @requires packet
- * @requires key/helper
- * @module key/User
- */
- User.prototype.toPacketlist = function () {
- const packetlist = new _packet2.default.List();
- packetlist.push(this.userId || this.userAttribute);
- packetlist.concat(this.revocationSignatures);
- packetlist.concat(this.selfCertifications);
- packetlist.concat(this.otherCertifications);
- return packetlist;
- };
- /**
- * Signs user
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Array<module:key.Key>} privateKeys Decrypted private keys for signing
- * @returns {Promise<module:key.Key>} New user with new certificate signatures
- * @async
- */
- User.prototype.sign = async function (primaryKey, privateKeys) {
- const dataToSign = {
- userId: this.userId,
- userAttribute: this.userAttribute,
- key: primaryKey
- };
- const user = new User(dataToSign.userId || dataToSign.userAttribute);
- user.otherCertifications = await Promise.all(privateKeys.map(async function (privateKey) {
- if (privateKey.isPublic()) {
- throw new Error('Need private key for signing');
- }
- if (privateKey.hasSameFingerprintAs(primaryKey)) {
- throw new Error('Not implemented for self signing');
- }
- const signingKey = await privateKey.getSigningKey();
- if (!signingKey) {
- throw new Error('Could not find valid signing key packet in key ' + privateKey.getKeyId().toHex());
- }
- return (0, _helper.createSignaturePacket)(dataToSign, privateKey, signingKey.keyPacket, {
- // Most OpenPGP implementations use generic certification (0x10)
- signatureType: _enums2.default.signature.cert_generic,
- keyFlags: [_enums2.default.keyFlags.certify_keys | _enums2.default.keyFlags.sign_data]
- });
- }));
- await user.update(this, primaryKey);
- return user;
- };
- /**
- * Checks if a given certificate of the user is revoked
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {module:packet.Signature} certificate The certificate to verify
- * @param {module:packet.PublicSubkey|
- * module:packet.SecretSubkey|
- * module:packet.PublicKey|
- * module:packet.SecretKey} key, optional The key to verify the signature
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Boolean>} True if the certificate is revoked
- * @async
- */
- User.prototype.isRevoked = async function (primaryKey, certificate, key, date = new Date()) {
- return (0, _helper.isDataRevoked)(primaryKey, _enums2.default.signature.cert_revocation, {
- key: primaryKey,
- userId: this.userId,
- userAttribute: this.userAttribute
- }, this.revocationSignatures, certificate, key, date);
- };
- /**
- * Verifies the user certificate
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {module:packet.Signature} certificate A certificate of this user
- * @param {Array<module:key.Key>} keys Array of keys to verify certificate signatures
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<module:enums.keyStatus>} status of the certificate
- * @async
- */
- User.prototype.verifyCertificate = async function (primaryKey, certificate, keys, date = new Date()) {
- const that = this;
- const keyid = certificate.issuerKeyId;
- const dataToVerify = {
- userId: this.userId,
- userAttribute: this.userAttribute,
- key: primaryKey
- };
- const results = await Promise.all(keys.map(async function (key) {
- if (!key.getKeyIds().some(id => id.equals(keyid))) {
- return;
- }
- const signingKey = await key.getSigningKey(keyid, date);
- if (certificate.revoked || (await that.isRevoked(primaryKey, certificate, signingKey.keyPacket, date))) {
- return _enums2.default.keyStatus.revoked;
- }
- if (!(certificate.verified || (await certificate.verify(signingKey.keyPacket, _enums2.default.signature.cert_generic, dataToVerify)))) {
- return _enums2.default.keyStatus.invalid;
- }
- if (certificate.isExpired(date)) {
- return _enums2.default.keyStatus.expired;
- }
- return _enums2.default.keyStatus.valid;
- }));
- return results.find(result => result !== undefined);
- };
- /**
- * Verifies all user certificates
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Array<module:key.Key>} keys Array of keys to verify certificate signatures
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<Array<{keyid: module:type/keyid,
- * valid: Boolean}>>} List of signer's keyid and validity of signature
- * @async
- */
- User.prototype.verifyAllCertifications = async function (primaryKey, keys, date = new Date()) {
- const that = this;
- const certifications = this.selfCertifications.concat(this.otherCertifications);
- return Promise.all(certifications.map(async function (certification) {
- const status = await that.verifyCertificate(primaryKey, certification, keys, date);
- return {
- keyid: certification.issuerKeyId,
- valid: status === undefined ? null : status === _enums2.default.keyStatus.valid
- };
- }));
- };
- /**
- * Verify User. Checks for existence of self signatures, revocation signatures
- * and validity of self signature
- * @param {module:packet.SecretKey|
- * module:packet.PublicKey} primaryKey The primary key packet
- * @param {Date} date Use the given date instead of the current time
- * @returns {Promise<module:enums.keyStatus>} Status of user
- * @async
- */
- User.prototype.verify = async function (primaryKey, date = new Date()) {
- if (!this.selfCertifications.length) {
- return _enums2.default.keyStatus.no_self_cert;
- }
- const that = this;
- const dataToVerify = {
- userId: this.userId,
- userAttribute: this.userAttribute,
- key: primaryKey
- };
- // TODO replace when Promise.some or Promise.any are implemented
- const results = [_enums2.default.keyStatus.invalid].concat((await Promise.all(this.selfCertifications.map(async function (selfCertification) {
- if (selfCertification.revoked || (await that.isRevoked(primaryKey, selfCertification, undefined, date))) {
- return _enums2.default.keyStatus.revoked;
- }
- if (!(selfCertification.verified || (await selfCertification.verify(primaryKey, _enums2.default.signature.cert_generic, dataToVerify)))) {
- return _enums2.default.keyStatus.invalid;
- }
- if (selfCertification.isExpired(date)) {
- return _enums2.default.keyStatus.expired;
- }
- return _enums2.default.keyStatus.valid;
- }))));
- return results.some(status => status === _enums2.default.keyStatus.valid) ? _enums2.default.keyStatus.valid : results.pop();
- };
- /**
- * Update user with new components from specified user
- * @param {module:key.User} user Source user to merge
- * @param {module:packet.SecretKey|
- * module:packet.SecretSubkey} primaryKey primary key used for validation
- * @returns {Promise<undefined>}
- * @async
- */
- User.prototype.update = async function (user, primaryKey) {
- const dataToVerify = {
- userId: this.userId,
- userAttribute: this.userAttribute,
- key: primaryKey
- };
- // self signatures
- await (0, _helper.mergeSignatures)(user, this, 'selfCertifications', async function (srcSelfSig) {
- return srcSelfSig.verified || srcSelfSig.verify(primaryKey, _enums2.default.signature.cert_generic, dataToVerify);
- });
- // other signatures
- await (0, _helper.mergeSignatures)(user, this, 'otherCertifications');
- // revocation signatures
- await (0, _helper.mergeSignatures)(user, this, 'revocationSignatures', function (srcRevSig) {
- return (0, _helper.isDataRevoked)(primaryKey, _enums2.default.signature.cert_revocation, dataToVerify, [srcRevSig]);
- });
- };
- },{"../enums":113,"../packet":131,"./helper":117}],122:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _keyring = require('./keyring.js');
- var _keyring2 = _interopRequireDefault(_keyring);
- var _localstore = require('./localstore.js');
- var _localstore2 = _interopRequireDefault(_localstore);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @fileoverview Functions dealing with storage of the keyring.
- * @see module:keyring/keyring
- * @see module:keyring/localstore
- * @module keyring
- */
- _keyring2.default.localstore = _localstore2.default;
- exports.default = _keyring2.default;
- },{"./keyring.js":123,"./localstore.js":124}],123:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _key = require('../key');
- var _localstore = require('./localstore');
- var _localstore2 = _interopRequireDefault(_localstore);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Initialization routine for the keyring.
- * @constructor
- * @param {keyring/localstore} [storeHandler] class implementing loadPublic(), loadPrivate(), storePublic(), and storePrivate() methods
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Provides the Keyring class
- * @requires key
- * @requires keyring/localstore
- * @module keyring/keyring
- */
- function Keyring(storeHandler) {
- this.storeHandler = storeHandler || new _localstore2.default();
- }
- /**
- * Calls the storeHandler to load the keys
- * @async
- */
- Keyring.prototype.load = async function () {
- this.publicKeys = new KeyArray((await this.storeHandler.loadPublic()));
- this.privateKeys = new KeyArray((await this.storeHandler.loadPrivate()));
- };
- /**
- * Calls the storeHandler to save the keys
- * @async
- */
- Keyring.prototype.store = async function () {
- await Promise.all([this.storeHandler.storePublic(this.publicKeys.keys), this.storeHandler.storePrivate(this.privateKeys.keys)]);
- };
- /**
- * Clear the keyring - erase all the keys
- */
- Keyring.prototype.clear = function () {
- this.publicKeys.keys = [];
- this.privateKeys.keys = [];
- };
- /**
- * Searches the keyring for keys having the specified key id
- * @param {String} keyId provided as string of lowercase hex number
- * withouth 0x prefix (can be 16-character key ID or fingerprint)
- * @param {Boolean} deep if true search also in subkeys
- * @returns {Array<module:key.Key>|null} keys found or null
- */
- Keyring.prototype.getKeysForId = function (keyId, deep) {
- let result = [];
- result = result.concat(this.publicKeys.getForId(keyId, deep) || []);
- result = result.concat(this.privateKeys.getForId(keyId, deep) || []);
- return result.length ? result : null;
- };
- /**
- * Removes keys having the specified key id from the keyring
- * @param {String} keyId provided as string of lowercase hex number
- * withouth 0x prefix (can be 16-character key ID or fingerprint)
- * @returns {Array<module:key.Key>|null} keys found or null
- */
- Keyring.prototype.removeKeysForId = function (keyId) {
- let result = [];
- result = result.concat(this.publicKeys.removeForId(keyId) || []);
- result = result.concat(this.privateKeys.removeForId(keyId) || []);
- return result.length ? result : null;
- };
- /**
- * Get all public and private keys
- * @returns {Array<module:key.Key>} all keys
- */
- Keyring.prototype.getAllKeys = function () {
- return this.publicKeys.keys.concat(this.privateKeys.keys);
- };
- /**
- * Array of keys
- * @param {Array<module:key.Key>} keys The keys to store in this array
- */
- function KeyArray(keys) {
- this.keys = keys;
- }
- /**
- * Searches all keys in the KeyArray matching the address or address part of the user ids
- * @param {String} email email address to search for
- * @returns {Array<module:key.Key>} The public keys associated with provided email address.
- */
- KeyArray.prototype.getForAddress = function (email) {
- const results = [];
- for (let i = 0; i < this.keys.length; i++) {
- if (emailCheck(email, this.keys[i])) {
- results.push(this.keys[i]);
- }
- }
- return results;
- };
- /**
- * Checks a key to see if it matches the specified email address
- * @private
- * @param {String} email email address to search for
- * @param {module:key.Key} key The key to be checked.
- * @returns {Boolean} True if the email address is defined in the specified key
- */
- function emailCheck(email, key) {
- email = email.toLowerCase();
- // escape email before using in regular expression
- const emailEsc = email.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
- const emailRegex = new RegExp('<' + emailEsc + '>');
- const userIds = key.getUserIds();
- for (let i = 0; i < userIds.length; i++) {
- const userId = userIds[i].toLowerCase();
- if (email === userId || emailRegex.test(userId)) {
- return true;
- }
- }
- return false;
- }
- /**
- * Checks a key to see if it matches the specified keyid
- * @private
- * @param {String} keyId provided as string of lowercase hex number
- * withouth 0x prefix (can be 16-character key ID or fingerprint)
- * @param {module:key.Key|module:key.SubKey} key The key to be checked
- * @returns {Boolean} True if key has the specified keyid
- */
- function keyIdCheck(keyId, key) {
- if (keyId.length === 16) {
- return keyId === key.getKeyId().toHex();
- }
- return keyId === key.getFingerprint();
- }
- /**
- * Searches the KeyArray for a key having the specified key id
- * @param {String} keyId provided as string of lowercase hex number
- * withouth 0x prefix (can be 16-character key ID or fingerprint)
- * @param {Boolean} deep if true search also in subkeys
- * @returns {module:key.Key|null} key found or null
- */
- KeyArray.prototype.getForId = function (keyId, deep) {
- for (let i = 0; i < this.keys.length; i++) {
- if (keyIdCheck(keyId, this.keys[i])) {
- return this.keys[i];
- }
- if (deep && this.keys[i].subKeys.length) {
- for (let j = 0; j < this.keys[i].subKeys.length; j++) {
- if (keyIdCheck(keyId, this.keys[i].subKeys[j])) {
- return this.keys[i];
- }
- }
- }
- }
- return null;
- };
- /**
- * Imports a key from an ascii armored message
- * @param {String} armored message to read the keys/key from
- * @returns {Promise<Array<Error>|null>} array of error objects or null
- * @async
- */
- KeyArray.prototype.importKey = async function (armored) {
- const imported = await (0, _key.readArmored)(armored);
- for (let i = 0; i < imported.keys.length; i++) {
- const key = imported.keys[i];
- // check if key already in key array
- const keyidHex = key.getKeyId().toHex();
- const keyFound = this.getForId(keyidHex);
- if (keyFound) {
- await keyFound.update(key);
- } else {
- this.push(key);
- }
- }
- return imported.err ? imported.err : null;
- };
- /**
- * Add key to KeyArray
- * @param {module:key.Key} key The key that will be added to the keyring
- * @returns {Number} The new length of the KeyArray
- */
- KeyArray.prototype.push = function (key) {
- return this.keys.push(key);
- };
- /**
- * Removes a key with the specified keyid from the keyring
- * @param {String} keyId provided as string of lowercase hex number
- * withouth 0x prefix (can be 16-character key ID or fingerprint)
- * @returns {module:key.Key|null} The key object which has been removed or null
- */
- KeyArray.prototype.removeForId = function (keyId) {
- for (let i = 0; i < this.keys.length; i++) {
- if (keyIdCheck(keyId, this.keys[i])) {
- return this.keys.splice(i, 1)[0];
- }
- }
- return null;
- };
- exports.default = Keyring;
- },{"../key":118,"./localstore":124}],124:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _key = require('../key');
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * The class that deals with storage of the keyring.
- * Currently the only option is to use HTML5 local storage.
- * @constructor
- * @param {String} prefix prefix for itemnames in localstore
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Provides the LocalStore class
- * @requires web-stream-tools
- * @requires config
- * @requires key
- * @requires util
- * @module keyring/localstore
- */
- function LocalStore(prefix) {
- prefix = prefix || 'openpgp-';
- this.publicKeysItem = prefix + this.publicKeysItem;
- this.privateKeysItem = prefix + this.privateKeysItem;
- if (typeof window !== 'undefined' && window.localStorage) {
- this.storage = window.localStorage;
- } else {
- this.storage = new (require('node-localstorage').LocalStorage)(_config2.default.node_store);
- }
- }
- /*
- * Declare the localstore itemnames
- */
- LocalStore.prototype.publicKeysItem = 'public-keys';
- LocalStore.prototype.privateKeysItem = 'private-keys';
- /**
- * Load the public keys from HTML5 local storage.
- * @returns {Array<module:key.Key>} array of keys retrieved from localstore
- * @async
- */
- LocalStore.prototype.loadPublic = async function () {
- return loadKeys(this.storage, this.publicKeysItem);
- };
- /**
- * Load the private keys from HTML5 local storage.
- * @returns {Array<module:key.Key>} array of keys retrieved from localstore
- * @async
- */
- LocalStore.prototype.loadPrivate = async function () {
- return loadKeys(this.storage, this.privateKeysItem);
- };
- async function loadKeys(storage, itemname) {
- const armoredKeys = JSON.parse(storage.getItem(itemname));
- const keys = [];
- if (armoredKeys !== null && armoredKeys.length !== 0) {
- let key;
- for (let i = 0; i < armoredKeys.length; i++) {
- key = await (0, _key.readArmored)(armoredKeys[i]);
- if (!key.err) {
- keys.push(key.keys[0]);
- } else {
- _util2.default.print_debug("Error reading armored key from keyring index: " + i);
- }
- }
- }
- return keys;
- }
- /**
- * Saves the current state of the public keys to HTML5 local storage.
- * The key array gets stringified using JSON
- * @param {Array<module:key.Key>} keys array of keys to save in localstore
- * @async
- */
- LocalStore.prototype.storePublic = async function (keys) {
- await storeKeys(this.storage, this.publicKeysItem, keys);
- };
- /**
- * Saves the current state of the private keys to HTML5 local storage.
- * The key array gets stringified using JSON
- * @param {Array<module:key.Key>} keys array of keys to save in localstore
- * @async
- */
- LocalStore.prototype.storePrivate = async function (keys) {
- await storeKeys(this.storage, this.privateKeysItem, keys);
- };
- async function storeKeys(storage, itemname, keys) {
- if (keys.length) {
- const armoredKeys = await Promise.all(keys.map(key => _webStreamTools2.default.readToEnd(key.armor())));
- storage.setItem(itemname, JSON.stringify(armoredKeys));
- } else {
- storage.removeItem(itemname);
- }
- }
- exports.default = LocalStore;
- },{"../config":79,"../key":118,"../util":158,"node-localstorage":"node-localstorage","web-stream-tools":75}],125:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- /**
- * Load script from path
- * @param {String} path
- */
- const loadScript = exports.loadScript = path => {
- if (typeof importScripts !== 'undefined') {
- return importScripts(path);
- }
- return new Promise((resolve, reject) => {
- const script = document.createElement('script');
- script.src = path;
- script.onload = () => resolve();
- script.onerror = e => reject(new Error(e.message));
- document.head.appendChild(script);
- });
- };
- /**
- * Download script from path
- * @param {String} path fetch path
- * @param {Object} options fetch options
- */
- const dl = exports.dl = async function dl(path, options) {
- const response = await fetch(path, options);
- return response.arrayBuffer();
- };
- },{}],126:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Message = Message;
- exports.encryptSessionKey = encryptSessionKey;
- exports.createSignaturePackets = createSignaturePackets;
- exports.createVerificationObjects = createVerificationObjects;
- exports.readArmored = readArmored;
- exports.read = read;
- exports.fromText = fromText;
- exports.fromBinary = fromBinary;
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _armor = require('./encoding/armor');
- var _armor2 = _interopRequireDefault(_armor);
- var _keyid = require('./type/keyid');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _config = require('./config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('./crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('./enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _signature = require('./signature');
- var _key = require('./key');
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents an OpenPGP message.
- * Can be an encrypted message, signed message, compressed message or literal message
- * @param {module:packet.List} packetlist The packets that form this message
- * See {@link https://tools.ietf.org/html/rfc4880#section-11.3}
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires encoding/armor
- * @requires type/keyid
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- * @requires packet
- * @requires signature
- * @requires key
- * @module message
- */
- function Message(packetlist) {
- if (!(this instanceof Message)) {
- return new Message(packetlist);
- }
- this.packets = packetlist || new _packet2.default.List();
- }
- /**
- * Returns the key IDs of the keys to which the session key is encrypted
- * @returns {Array<module:type/keyid>} array of keyid objects
- */
- Message.prototype.getEncryptionKeyIds = function () {
- const keyIds = [];
- const pkESKeyPacketlist = this.packets.filterByTag(_enums2.default.packet.publicKeyEncryptedSessionKey);
- pkESKeyPacketlist.forEach(function (packet) {
- keyIds.push(packet.publicKeyId);
- });
- return keyIds;
- };
- /**
- * Returns the key IDs of the keys that signed the message
- * @returns {Array<module:type/keyid>} array of keyid objects
- */
- Message.prototype.getSigningKeyIds = function () {
- const keyIds = [];
- const msg = this.unwrapCompressed();
- // search for one pass signatures
- const onePassSigList = msg.packets.filterByTag(_enums2.default.packet.onePassSignature);
- onePassSigList.forEach(function (packet) {
- keyIds.push(packet.issuerKeyId);
- });
- // if nothing found look for signature packets
- if (!keyIds.length) {
- const signatureList = msg.packets.filterByTag(_enums2.default.packet.signature);
- signatureList.forEach(function (packet) {
- keyIds.push(packet.issuerKeyId);
- });
- }
- return keyIds;
- };
- /**
- * Decrypt the message. Either a private key, a session key, or a password must be specified.
- * @param {Array<Key>} privateKeys (optional) private keys with decrypted secret data
- * @param {Array<String>} passwords (optional) passwords used to decrypt
- * @param {Array<Object>} sessionKeys (optional) session keys in the form: { data:Uint8Array, algorithm:String, [aeadAlgorithm:String] }
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<Message>} new message with decrypted content
- * @async
- */
- Message.prototype.decrypt = async function (privateKeys, passwords, sessionKeys, streaming) {
- const keyObjs = sessionKeys || (await this.decryptSessionKeys(privateKeys, passwords));
- const symEncryptedPacketlist = this.packets.filterByTag(_enums2.default.packet.symmetricallyEncrypted, _enums2.default.packet.symEncryptedIntegrityProtected, _enums2.default.packet.symEncryptedAEADProtected);
- if (symEncryptedPacketlist.length === 0) {
- return this;
- }
- const symEncryptedPacket = symEncryptedPacketlist[0];
- let exception = null;
- const decryptedPromise = Promise.all(keyObjs.map(async keyObj => {
- if (!keyObj || !_util2.default.isUint8Array(keyObj.data) || !_util2.default.isString(keyObj.algorithm)) {
- throw new Error('Invalid session key for decryption.');
- }
- try {
- await symEncryptedPacket.decrypt(keyObj.algorithm, keyObj.data, streaming);
- } catch (e) {
- _util2.default.print_debug_error(e);
- exception = e;
- }
- }));
- // We don't await stream.cancel here because it only returns when the other copy is canceled too.
- _webStreamTools2.default.cancel(symEncryptedPacket.encrypted); // Don't keep copy of encrypted data in memory.
- symEncryptedPacket.encrypted = null;
- await decryptedPromise;
- if (!symEncryptedPacket.packets || !symEncryptedPacket.packets.length) {
- throw exception || new Error('Decryption failed.');
- }
- const resultMsg = new Message(symEncryptedPacket.packets);
- symEncryptedPacket.packets = new _packet2.default.List(); // remove packets after decryption
- return resultMsg;
- };
- /**
- * Decrypt encrypted session keys either with private keys or passwords.
- * @param {Array<Key>} privateKeys (optional) private keys with decrypted secret data
- * @param {Array<String>} passwords (optional) passwords used to decrypt
- * @returns {Promise<Array<{ data: Uint8Array,
- algorithm: String }>>} array of object with potential sessionKey, algorithm pairs
- * @async
- */
- Message.prototype.decryptSessionKeys = async function (privateKeys, passwords) {
- let keyPackets = [];
- let exception;
- if (passwords) {
- const symESKeyPacketlist = this.packets.filterByTag(_enums2.default.packet.symEncryptedSessionKey);
- if (!symESKeyPacketlist) {
- throw new Error('No symmetrically encrypted session key packet found.');
- }
- await Promise.all(passwords.map(async function (password, i) {
- let packets;
- if (i) {
- packets = new _packet2.default.List();
- await packets.read(symESKeyPacketlist.write());
- } else {
- packets = symESKeyPacketlist;
- }
- await Promise.all(packets.map(async function (keyPacket) {
- try {
- await keyPacket.decrypt(password);
- keyPackets.push(keyPacket);
- } catch (err) {
- _util2.default.print_debug_error(err);
- }
- }));
- }));
- } else if (privateKeys) {
- const pkESKeyPacketlist = this.packets.filterByTag(_enums2.default.packet.publicKeyEncryptedSessionKey);
- if (!pkESKeyPacketlist) {
- throw new Error('No public key encrypted session key packet found.');
- }
- await Promise.all(pkESKeyPacketlist.map(async function (keyPacket) {
- await Promise.all(privateKeys.map(async function (privateKey) {
- const primaryUser = await privateKey.getPrimaryUser(); // TODO: Pass userId from somewhere.
- let algos = [_enums2.default.symmetric.aes256, // Old OpenPGP.js default fallback
- _enums2.default.symmetric.aes128, // RFC4880bis fallback
- _enums2.default.symmetric.tripledes, // RFC4880 fallback
- _enums2.default.symmetric.cast5 // Golang OpenPGP fallback
- ];
- if (primaryUser && primaryUser.selfCertification.preferredSymmetricAlgorithms) {
- algos = algos.concat(primaryUser.selfCertification.preferredSymmetricAlgorithms);
- }
- const privateKeyPackets = privateKey.getKeys(keyPacket.publicKeyId).map(key => key.keyPacket);
- await Promise.all(privateKeyPackets.map(async function (privateKeyPacket) {
- if (!privateKeyPacket) {
- return;
- }
- if (!privateKeyPacket.isDecrypted()) {
- throw new Error('Private key is not decrypted.');
- }
- try {
- await keyPacket.decrypt(privateKeyPacket);
- if (!algos.includes(_enums2.default.write(_enums2.default.symmetric, keyPacket.sessionKeyAlgorithm))) {
- throw new Error('A non-preferred symmetric algorithm was used.');
- }
- keyPackets.push(keyPacket);
- } catch (err) {
- _util2.default.print_debug_error(err);
- exception = err;
- }
- }));
- }));
- _webStreamTools2.default.cancel(keyPacket.encrypted); // Don't keep copy of encrypted data in memory.
- keyPacket.encrypted = null;
- }));
- } else {
- throw new Error('No key or password specified.');
- }
- if (keyPackets.length) {
- // Return only unique session keys
- if (keyPackets.length > 1) {
- const seen = {};
- keyPackets = keyPackets.filter(function (item) {
- const k = item.sessionKeyAlgorithm + _util2.default.Uint8Array_to_str(item.sessionKey);
- if (seen.hasOwnProperty(k)) {
- return false;
- }
- seen[k] = true;
- return true;
- });
- }
- return keyPackets.map(packet => ({ data: packet.sessionKey, algorithm: packet.sessionKeyAlgorithm }));
- }
- throw exception || new Error('Session key decryption failed.');
- };
- /**
- * Get literal data that is the body of the message
- * @returns {(Uint8Array|null)} literal body of the message as Uint8Array
- */
- Message.prototype.getLiteralData = function () {
- const msg = this.unwrapCompressed();
- const literal = msg.packets.findPacket(_enums2.default.packet.literal);
- return literal && literal.getBytes() || null;
- };
- /**
- * Get filename from literal data packet
- * @returns {(String|null)} filename of literal data packet as string
- */
- Message.prototype.getFilename = function () {
- const msg = this.unwrapCompressed();
- const literal = msg.packets.findPacket(_enums2.default.packet.literal);
- return literal && literal.getFilename() || null;
- };
- /**
- * Get literal data as text
- * @returns {(String|null)} literal body of the message interpreted as text
- */
- Message.prototype.getText = function () {
- const msg = this.unwrapCompressed();
- const literal = msg.packets.findPacket(_enums2.default.packet.literal);
- if (literal) {
- return literal.getText();
- }
- return null;
- };
- /**
- * Encrypt the message either with public keys, passwords, or both at once.
- * @param {Array<Key>} keys (optional) public key(s) for message encryption
- * @param {Array<String>} passwords (optional) password(s) for message encryption
- * @param {Object} sessionKey (optional) session key in the form: { data:Uint8Array, algorithm:String, [aeadAlgorithm:String] }
- * @param {Boolean} wildcard (optional) use a key ID of 0 instead of the public key IDs
- * @param {Date} date (optional) override the creation date of the literal package
- * @param {Array} userIds (optional) user IDs to encrypt for, e.g. [{ name:'Robert Receiver', email:'robert@openpgp.org' }]
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<Message>} new message with encrypted content
- * @async
- */
- Message.prototype.encrypt = async function (keys, passwords, sessionKey, wildcard = false, date = new Date(), userIds = [], streaming) {
- let symAlgo;
- let aeadAlgo;
- let symEncryptedPacket;
- if (sessionKey) {
- if (!_util2.default.isUint8Array(sessionKey.data) || !_util2.default.isString(sessionKey.algorithm)) {
- throw new Error('Invalid session key for encryption.');
- }
- symAlgo = sessionKey.algorithm;
- aeadAlgo = sessionKey.aeadAlgorithm;
- sessionKey = sessionKey.data;
- } else if (keys && keys.length) {
- symAlgo = _enums2.default.read(_enums2.default.symmetric, (await (0, _key.getPreferredAlgo)('symmetric', keys, date, userIds)));
- if (_config2.default.aead_protect && (await (0, _key.isAeadSupported)(keys, date, userIds))) {
- aeadAlgo = _enums2.default.read(_enums2.default.aead, (await (0, _key.getPreferredAlgo)('aead', keys, date, userIds)));
- }
- } else if (passwords && passwords.length) {
- symAlgo = _enums2.default.read(_enums2.default.symmetric, _config2.default.encryption_cipher);
- aeadAlgo = _enums2.default.read(_enums2.default.aead, _config2.default.aead_mode);
- } else {
- throw new Error('No keys, passwords, or session key provided.');
- }
- if (!sessionKey) {
- sessionKey = await _crypto2.default.generateSessionKey(symAlgo);
- }
- const msg = await encryptSessionKey(sessionKey, symAlgo, aeadAlgo, keys, passwords, wildcard, date, userIds);
- if (_config2.default.aead_protect && aeadAlgo) {
- symEncryptedPacket = new _packet2.default.SymEncryptedAEADProtected();
- symEncryptedPacket.aeadAlgorithm = aeadAlgo;
- } else if (_config2.default.integrity_protect) {
- symEncryptedPacket = new _packet2.default.SymEncryptedIntegrityProtected();
- } else {
- symEncryptedPacket = new _packet2.default.SymmetricallyEncrypted();
- }
- symEncryptedPacket.packets = this.packets;
- await symEncryptedPacket.encrypt(symAlgo, sessionKey, streaming);
- msg.packets.push(symEncryptedPacket);
- symEncryptedPacket.packets = new _packet2.default.List(); // remove packets after encryption
- return {
- message: msg,
- sessionKey: {
- data: sessionKey,
- algorithm: symAlgo,
- aeadAlgorithm: aeadAlgo
- }
- };
- };
- /**
- * Encrypt a session key either with public keys, passwords, or both at once.
- * @param {Uint8Array} sessionKey session key for encryption
- * @param {String} symAlgo session key algorithm
- * @param {String} aeadAlgo (optional) aead algorithm, e.g. 'eax' or 'ocb'
- * @param {Array<Key>} publicKeys (optional) public key(s) for message encryption
- * @param {Array<String>} passwords (optional) for message encryption
- * @param {Boolean} wildcard (optional) use a key ID of 0 instead of the public key IDs
- * @param {Date} date (optional) override the date
- * @param {Array} userIds (optional) user IDs to encrypt for, e.g. [{ name:'Robert Receiver', email:'robert@openpgp.org' }]
- * @returns {Promise<Message>} new message with encrypted content
- * @async
- */
- async function encryptSessionKey(sessionKey, symAlgo, aeadAlgo, publicKeys, passwords, wildcard = false, date = new Date(), userIds = []) {
- const packetlist = new _packet2.default.List();
- if (publicKeys) {
- const results = await Promise.all(publicKeys.map(async function (publicKey) {
- const encryptionKey = await publicKey.getEncryptionKey(undefined, date, userIds);
- if (!encryptionKey) {
- throw new Error('Could not find valid key packet for encryption in key ' + publicKey.getKeyId().toHex());
- }
- const pkESKeyPacket = new _packet2.default.PublicKeyEncryptedSessionKey();
- pkESKeyPacket.publicKeyId = wildcard ? _keyid2.default.wildcard() : encryptionKey.getKeyId();
- pkESKeyPacket.publicKeyAlgorithm = encryptionKey.keyPacket.algorithm;
- pkESKeyPacket.sessionKey = sessionKey;
- pkESKeyPacket.sessionKeyAlgorithm = symAlgo;
- await pkESKeyPacket.encrypt(encryptionKey.keyPacket);
- delete pkESKeyPacket.sessionKey; // delete plaintext session key after encryption
- return pkESKeyPacket;
- }));
- packetlist.concat(results);
- }
- if (passwords) {
- const testDecrypt = async function testDecrypt(keyPacket, password) {
- try {
- await keyPacket.decrypt(password);
- return 1;
- } catch (e) {
- return 0;
- }
- };
- const sum = (accumulator, currentValue) => accumulator + currentValue;
- const encryptPassword = async function encryptPassword(sessionKey, symAlgo, aeadAlgo, password) {
- const symEncryptedSessionKeyPacket = new _packet2.default.SymEncryptedSessionKey();
- symEncryptedSessionKeyPacket.sessionKey = sessionKey;
- symEncryptedSessionKeyPacket.sessionKeyAlgorithm = symAlgo;
- if (aeadAlgo) {
- symEncryptedSessionKeyPacket.aeadAlgorithm = aeadAlgo;
- }
- await symEncryptedSessionKeyPacket.encrypt(password);
- if (_config2.default.password_collision_check) {
- const results = await Promise.all(passwords.map(pwd => testDecrypt(symEncryptedSessionKeyPacket, pwd)));
- if (results.reduce(sum) !== 1) {
- return encryptPassword(sessionKey, symAlgo, password);
- }
- }
- delete symEncryptedSessionKeyPacket.sessionKey; // delete plaintext session key after encryption
- return symEncryptedSessionKeyPacket;
- };
- const results = await Promise.all(passwords.map(pwd => encryptPassword(sessionKey, symAlgo, aeadAlgo, pwd)));
- packetlist.concat(results);
- }
- return new Message(packetlist);
- }
- /**
- * Sign the message (the literal data packet of the message)
- * @param {Array<module:key.Key>} privateKeys private keys with decrypted secret key data for signing
- * @param {Signature} signature (optional) any existing detached signature to add to the message
- * @param {Date} date (optional) override the creation time of the signature
- * @param {Array} userIds (optional) user IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<Message>} new message with signed content
- * @async
- */
- Message.prototype.sign = async function (privateKeys = [], signature = null, date = new Date(), userIds = [], streaming = false) {
- const packetlist = new _packet2.default.List();
- const literalDataPacket = this.packets.findPacket(_enums2.default.packet.literal);
- if (!literalDataPacket) {
- throw new Error('No literal data packet to sign.');
- }
- let i;
- let existingSigPacketlist;
- // If data packet was created from Uint8Array, use binary, otherwise use text
- const signatureType = literalDataPacket.text === null ? _enums2.default.signature.binary : _enums2.default.signature.text;
- if (signature) {
- existingSigPacketlist = signature.packets.filterByTag(_enums2.default.packet.signature);
- for (i = existingSigPacketlist.length - 1; i >= 0; i--) {
- const signaturePacket = existingSigPacketlist[i];
- const onePassSig = new _packet2.default.OnePassSignature();
- onePassSig.signatureType = signaturePacket.signatureType;
- onePassSig.hashAlgorithm = signaturePacket.hashAlgorithm;
- onePassSig.publicKeyAlgorithm = signaturePacket.publicKeyAlgorithm;
- onePassSig.issuerKeyId = signaturePacket.issuerKeyId;
- if (!privateKeys.length && i === 0) {
- onePassSig.flags = 1;
- }
- packetlist.push(onePassSig);
- }
- }
- await Promise.all(Array.from(privateKeys).reverse().map(async function (privateKey, i) {
- if (privateKey.isPublic()) {
- throw new Error('Need private key for signing');
- }
- const signingKey = await privateKey.getSigningKey(undefined, date, userIds);
- if (!signingKey) {
- throw new Error('Could not find valid key packet for signing in key ' + privateKey.getKeyId().toHex());
- }
- const onePassSig = new _packet2.default.OnePassSignature();
- onePassSig.signatureType = signatureType;
- onePassSig.hashAlgorithm = await (0, _key.getPreferredHashAlgo)(privateKey, signingKey.keyPacket, date, userIds);
- onePassSig.publicKeyAlgorithm = signingKey.keyPacket.algorithm;
- onePassSig.issuerKeyId = signingKey.getKeyId();
- if (i === privateKeys.length - 1) {
- onePassSig.flags = 1;
- }
- return onePassSig;
- })).then(onePassSignatureList => {
- onePassSignatureList.forEach(onePassSig => packetlist.push(onePassSig));
- });
- packetlist.push(literalDataPacket);
- packetlist.concat((await createSignaturePackets(literalDataPacket, privateKeys, signature, date, userIds, false, streaming)));
- return new Message(packetlist);
- };
- /**
- * Compresses the message (the literal and -if signed- signature data packets of the message)
- * @param {module:enums.compression} compression compression algorithm to be used
- * @returns {module:message.Message} new message with compressed content
- */
- Message.prototype.compress = function (compression) {
- if (compression === _enums2.default.compression.uncompressed) {
- return this;
- }
- const compressed = new _packet2.default.Compressed();
- compressed.packets = this.packets;
- compressed.algorithm = _enums2.default.read(_enums2.default.compression, compression);
- const packetList = new _packet2.default.List();
- packetList.push(compressed);
- return new Message(packetList);
- };
- /**
- * Create a detached signature for the message (the literal data packet of the message)
- * @param {Array<module:key.Key>} privateKeys private keys with decrypted secret key data for signing
- * @param {Signature} signature (optional) any existing detached signature
- * @param {Date} date (optional) override the creation time of the signature
- * @param {Array} userIds (optional) user IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<module:signature.Signature>} new detached signature of message content
- * @async
- */
- Message.prototype.signDetached = async function (privateKeys = [], signature = null, date = new Date(), userIds = [], streaming = false) {
- const literalDataPacket = this.packets.findPacket(_enums2.default.packet.literal);
- if (!literalDataPacket) {
- throw new Error('No literal data packet to sign.');
- }
- return new _signature.Signature((await createSignaturePackets(literalDataPacket, privateKeys, signature, date, userIds, true, streaming)));
- };
- /**
- * Create signature packets for the message
- * @param {module:packet.Literal} literalDataPacket the literal data packet to sign
- * @param {Array<module:key.Key>} privateKeys private keys with decrypted secret key data for signing
- * @param {Signature} signature (optional) any existing detached signature to append
- * @param {Date} date (optional) override the creationtime of the signature
- * @param {Array} userIds (optional) user IDs to sign with, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @param {Boolean} detached (optional) whether to create detached signature packets
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<module:packet.List>} list of signature packets
- * @async
- */
- async function createSignaturePackets(literalDataPacket, privateKeys, signature = null, date = new Date(), userIds = [], detached = false, streaming = false) {
- const packetlist = new _packet2.default.List();
- // If data packet was created from Uint8Array, use binary, otherwise use text
- const signatureType = literalDataPacket.text === null ? _enums2.default.signature.binary : _enums2.default.signature.text;
- await Promise.all(privateKeys.map(async (privateKey, i) => {
- const userId = userIds[i];
- if (privateKey.isPublic()) {
- throw new Error('Need private key for signing');
- }
- const signingKey = await privateKey.getSigningKey(undefined, date, userId);
- if (!signingKey) {
- throw new Error(`Could not find valid signing key packet in key ${privateKey.getKeyId().toHex()}`);
- }
- return (0, _key.createSignaturePacket)(literalDataPacket, privateKey, signingKey.keyPacket, { signatureType }, date, userId, detached, streaming);
- })).then(signatureList => {
- signatureList.forEach(signaturePacket => packetlist.push(signaturePacket));
- });
- if (signature) {
- const existingSigPacketlist = signature.packets.filterByTag(_enums2.default.packet.signature);
- packetlist.concat(existingSigPacketlist);
- }
- return packetlist;
- }
- /**
- * Verify message signatures
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Date} date (optional) Verify the signature against the given date, i.e. check signature creation time < date < expiration time
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<Array<({keyid: module:type/keyid, valid: Boolean})>>} list of signer's keyid and validity of signature
- * @async
- */
- Message.prototype.verify = async function (keys, date = new Date(), streaming) {
- const msg = this.unwrapCompressed();
- const literalDataList = msg.packets.filterByTag(_enums2.default.packet.literal);
- if (literalDataList.length !== 1) {
- throw new Error('Can only verify message with one literal data packet.');
- }
- if (!streaming) {
- msg.packets.concat((await _webStreamTools2.default.readToEnd(msg.packets.stream, _ => _)));
- }
- const onePassSigList = msg.packets.filterByTag(_enums2.default.packet.onePassSignature).reverse();
- const signatureList = msg.packets.filterByTag(_enums2.default.packet.signature);
- if (streaming && onePassSigList.length && !signatureList.length && msg.packets.stream) {
- await Promise.all(onePassSigList.map(async onePassSig => {
- onePassSig.correspondingSig = new Promise((resolve, reject) => {
- onePassSig.correspondingSigResolve = resolve;
- onePassSig.correspondingSigReject = reject;
- });
- onePassSig.signatureData = _webStreamTools2.default.fromAsync(async () => (await onePassSig.correspondingSig).signatureData);
- onePassSig.hashed = await onePassSig.hash(onePassSig.signatureType, literalDataList[0], undefined, false, streaming);
- }));
- msg.packets.stream = _webStreamTools2.default.transformPair(msg.packets.stream, async (readable, writable) => {
- const reader = _webStreamTools2.default.getReader(readable);
- const writer = _webStreamTools2.default.getWriter(writable);
- try {
- for (let i = 0; i < onePassSigList.length; i++) {
- var _ref = await reader.read();
- const signature = _ref.value;
- onePassSigList[i].correspondingSigResolve(signature);
- }
- await reader.readToEnd();
- await writer.ready;
- await writer.close();
- } catch (e) {
- onePassSigList.forEach(onePassSig => {
- onePassSig.correspondingSigReject(e);
- });
- await writer.abort(e);
- }
- });
- return createVerificationObjects(onePassSigList, literalDataList, keys, date, false, streaming);
- }
- return createVerificationObjects(signatureList, literalDataList, keys, date, false, streaming);
- };
- /**
- * Verify detached message signature
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Signature} signature
- * @param {Date} date Verify the signature against the given date, i.e. check signature creation time < date < expiration time
- * @returns {Promise<Array<({keyid: module:type/keyid, valid: Boolean})>>} list of signer's keyid and validity of signature
- * @async
- */
- Message.prototype.verifyDetached = function (signature, keys, date = new Date()) {
- const msg = this.unwrapCompressed();
- const literalDataList = msg.packets.filterByTag(_enums2.default.packet.literal);
- if (literalDataList.length !== 1) {
- throw new Error('Can only verify message with one literal data packet.');
- }
- const signatureList = signature.packets;
- return createVerificationObjects(signatureList, literalDataList, keys, date, true);
- };
- /**
- * Create object containing signer's keyid and validity of signature
- * @param {module:packet.Signature} signature signature packets
- * @param {Array<module:packet.Literal>} literalDataList array of literal data packets
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Date} date Verify the signature against the given date,
- * i.e. check signature creation time < date < expiration time
- * @param {Boolean} detached (optional) whether to verify detached signature packets
- * @returns {Promise<Array<{keyid: module:type/keyid,
- * valid: Boolean}>>} list of signer's keyid and validity of signature
- * @async
- */
- async function createVerificationObject(signature, literalDataList, keys, date = new Date(), detached = false, streaming = false) {
- let primaryKey = null;
- let signingKey = null;
- await Promise.all(keys.map(async function (key) {
- // Look for the unique key that matches issuerKeyId of signature
- const result = await key.getSigningKey(signature.issuerKeyId, null);
- if (result) {
- primaryKey = key;
- signingKey = result;
- }
- }));
- const signaturePacket = signature.correspondingSig || signature;
- const verifiedSig = {
- keyid: signature.issuerKeyId,
- verified: (async () => {
- if (!signingKey) {
- return null;
- }
- const verified = await signature.verify(signingKey.keyPacket, signature.signatureType, literalDataList[0], detached, streaming);
- const sig = await signaturePacket;
- if (sig.isExpired(date) || !(sig.created >= signingKey.getCreationTime() && sig.created < (await (signingKey === primaryKey ? signingKey.getExpirationTime() : signingKey.getExpirationTime(primaryKey, date))))) {
- return null;
- }
- return verified;
- })(),
- signature: (async () => {
- const sig = await signaturePacket;
- const packetlist = new _packet2.default.List();
- packetlist.push(sig);
- return new _signature.Signature(packetlist);
- })()
- };
- // Mark potential promise rejections as "handled". This is needed because in
- // some cases, we reject them before the user has a reasonable chance to
- // handle them (e.g. `await readToEnd(result.data); await result.verified` and
- // the data stream errors).
- verifiedSig.signature.catch(() => {});
- verifiedSig.verified.catch(() => {});
- return verifiedSig;
- }
- /**
- * Create list of objects containing signer's keyid and validity of signature
- * @param {Array<module:packet.Signature>} signatureList array of signature packets
- * @param {Array<module:packet.Literal>} literalDataList array of literal data packets
- * @param {Array<module:key.Key>} keys array of keys to verify signatures
- * @param {Date} date Verify the signature against the given date,
- * i.e. check signature creation time < date < expiration time
- * @param {Boolean} detached (optional) whether to verify detached signature packets
- * @returns {Promise<Array<{keyid: module:type/keyid,
- * valid: Boolean}>>} list of signer's keyid and validity of signature
- * @async
- */
- async function createVerificationObjects(signatureList, literalDataList, keys, date = new Date(), detached = false, streaming = false) {
- return Promise.all(signatureList.filter(function (signature) {
- return ['text', 'binary'].includes(_enums2.default.read(_enums2.default.signature, signature.signatureType));
- }).map(async function (signature) {
- return createVerificationObject(signature, literalDataList, keys, date, detached, streaming);
- }));
- }
- /**
- * Unwrap compressed message
- * @returns {module:message.Message} message Content of compressed message
- */
- Message.prototype.unwrapCompressed = function () {
- const compressed = this.packets.filterByTag(_enums2.default.packet.compressed);
- if (compressed.length) {
- return new Message(compressed[0].packets);
- }
- return this;
- };
- /**
- * Append signature to unencrypted message object
- * @param {String|Uint8Array} detachedSignature The detached ASCII-armored or Uint8Array PGP signature
- */
- Message.prototype.appendSignature = async function (detachedSignature) {
- await this.packets.read(_util2.default.isUint8Array(detachedSignature) ? detachedSignature : (await _armor2.default.decode(detachedSignature)).data);
- };
- /**
- * Returns ASCII armored text of message
- * @returns {ReadableStream<String>} ASCII armor
- */
- Message.prototype.armor = function () {
- return _armor2.default.encode(_enums2.default.armor.message, this.packets.write());
- };
- /**
- * reads an OpenPGP armored message and returns a message object
- * @param {String | ReadableStream<String>} armoredText text to be parsed
- * @returns {Promise<module:message.Message>} new message object
- * @async
- * @static
- */
- async function readArmored(armoredText) {
- //TODO how do we want to handle bad text? Exception throwing
- //TODO don't accept non-message armored texts
- const streamType = _util2.default.isStream(armoredText);
- if (streamType === 'node') {
- armoredText = _webStreamTools2.default.nodeToWeb(armoredText);
- }
- const input = await _armor2.default.decode(armoredText);
- return read(input.data, streamType);
- }
- /**
- * reads an OpenPGP message as byte array and returns a message object
- * @param {Uint8Array | ReadableStream<Uint8Array>} input binary message
- * @param {Boolean} fromStream whether the message was created from a Stream
- * @returns {Promise<module:message.Message>} new message object
- * @async
- * @static
- */
- async function read(input, fromStream = _util2.default.isStream(input)) {
- const streamType = _util2.default.isStream(input);
- if (streamType === 'node') {
- input = _webStreamTools2.default.nodeToWeb(input);
- }
- const packetlist = new _packet2.default.List();
- await packetlist.read(input, fromStream);
- const message = new Message(packetlist);
- message.fromStream = fromStream;
- return message;
- }
- /**
- * creates new message object from text
- * @param {String | ReadableStream<String>} text
- * @param {String} filename (optional)
- * @param {Date} date (optional)
- * @param {utf8|binary|text|mime} type (optional) data packet type
- * @returns {module:message.Message} new message object
- * @static
- */
- function fromText(text, filename, date = new Date(), type = 'utf8') {
- const streamType = _util2.default.isStream(text);
- if (streamType === 'node') {
- text = _webStreamTools2.default.nodeToWeb(text);
- }
- const literalDataPacket = new _packet2.default.Literal(date);
- // text will be converted to UTF8
- literalDataPacket.setText(text, type);
- if (filename !== undefined) {
- literalDataPacket.setFilename(filename);
- }
- const literalDataPacketlist = new _packet2.default.List();
- literalDataPacketlist.push(literalDataPacket);
- const message = new Message(literalDataPacketlist);
- message.fromStream = streamType;
- return message;
- }
- /**
- * creates new message object from binary data
- * @param {Uint8Array | ReadableStream<Uint8Array>} bytes
- * @param {String} filename (optional)
- * @param {Date} date (optional)
- * @param {utf8|binary|text|mime} type (optional) data packet type
- * @returns {module:message.Message} new message object
- * @static
- */
- function fromBinary(bytes, filename, date = new Date(), type = 'binary') {
- const streamType = _util2.default.isStream(bytes);
- if (!_util2.default.isUint8Array(bytes) && !streamType) {
- throw new Error('Data must be in the form of a Uint8Array or Stream');
- }
- if (streamType === 'node') {
- bytes = _webStreamTools2.default.nodeToWeb(bytes);
- }
- const literalDataPacket = new _packet2.default.Literal(date);
- literalDataPacket.setBytes(bytes, type);
- if (filename !== undefined) {
- literalDataPacket.setFilename(filename);
- }
- const literalDataPacketlist = new _packet2.default.List();
- literalDataPacketlist.push(literalDataPacket);
- const message = new Message(literalDataPacketlist);
- message.fromStream = streamType;
- return message;
- }
- },{"./config":79,"./crypto":94,"./encoding/armor":111,"./enums":113,"./key":118,"./packet":131,"./signature":151,"./type/keyid":154,"./util":158,"web-stream-tools":75}],127:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.initWorker = initWorker;
- exports.getWorker = getWorker;
- exports.destroyWorker = destroyWorker;
- exports.generateKey = generateKey;
- exports.reformatKey = reformatKey;
- exports.revokeKey = revokeKey;
- exports.decryptKey = decryptKey;
- exports.encryptKey = encryptKey;
- exports.encrypt = encrypt;
- exports.decrypt = decrypt;
- exports.sign = sign;
- exports.verify = verify;
- exports.encryptSessionKey = encryptSessionKey;
- exports.decryptSessionKeys = decryptSessionKeys;
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _message = require('./message');
- var messageLib = _interopRequireWildcard(_message);
- var _cleartext = require('./cleartext');
- var _key = require('./key');
- var _config = require('./config/config');
- var _config2 = _interopRequireDefault(_config);
- var _enums = require('./enums');
- var _enums2 = _interopRequireDefault(_enums);
- require('./polyfills');
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- var _async_proxy = require('./worker/async_proxy');
- var _async_proxy2 = _interopRequireDefault(_async_proxy);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- //////////////////////////
- // //
- // Web Worker setup //
- // //
- //////////////////////////
- let asyncProxy; // instance of the asyncproxy
- /**
- * Set the path for the web worker script and create an instance of the async proxy
- * @param {String} path relative path to the worker scripts, default: 'openpgp.worker.js'
- * @param {Number} n number of workers to initialize
- * @param {Array<Object>} workers alternative to path parameter: web workers initialized with 'openpgp.worker.js'
- * @returns {Promise<Boolean>} returns a promise that resolves to true if all workers have succesfully finished loading
- * @async
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2016 Tankred Hase
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview The openpgp base module should provide all of the functionality
- * to consume the openpgp.js library. All additional classes are documented
- * for extending and developing on top of the base library.
- * @requires web-stream-tools
- * @requires message
- * @requires cleartext
- * @requires key
- * @requires config
- * @requires enums
- * @requires util
- * @requires polyfills
- * @requires worker/async_proxy
- * @module openpgp
- */
- // This file intentionally has two separate file overviews so that
- // a reference to this module appears at the end of doc/index.html.
- /**
- * @fileoverview To view the full API documentation, start from
- * {@link module:openpgp}
- */
- async function initWorker({ path = 'openpgp.worker.js', n = 1, workers = [] } = {}) {
- if (workers.length || typeof window !== 'undefined' && window.Worker && window.MessageChannel) {
- const proxy = new _async_proxy2.default({ path, n, workers, config: _config2.default });
- const loaded = await proxy.loaded();
- if (loaded) {
- asyncProxy = proxy;
- return true;
- }
- }
- return false;
- }
- /**
- * Returns a reference to the async proxy if the worker was initialized with openpgp.initWorker()
- * @returns {module:worker/async_proxy.AsyncProxy|null} the async proxy or null if not initialized
- */
- function getWorker() {
- return asyncProxy;
- }
- /**
- * Cleanup the current instance of the web worker.
- */
- function destroyWorker() {
- asyncProxy = undefined;
- }
- //////////////////////
- // //
- // Key handling //
- // //
- //////////////////////
- /**
- * Generates a new OpenPGP key pair. Supports RSA and ECC keys. Primary and subkey will be of same type.
- * @param {Array<Object>} userIds array of user IDs e.g. [{ name:'Phil Zimmermann', email:'phil@openpgp.org' }]
- * @param {String} passphrase (optional) The passphrase used to encrypt the resulting private key
- * @param {Number} rsaBits (optional) number of bits for RSA keys: 2048 or 4096.
- * @param {Number} keyExpirationTime (optional) The number of seconds after the key creation time that the key expires
- * @param {String} curve (optional) elliptic curve for ECC keys:
- * curve25519, p256, p384, p521, secp256k1,
- * brainpoolP256r1, brainpoolP384r1, or brainpoolP512r1.
- * @param {Date} date (optional) override the creation date of the key and the key signatures
- * @param {Array<Object>} subkeys (optional) options for each subkey, default to main key options. e.g. [{sign: true, passphrase: '123'}]
- * sign parameter defaults to false, and indicates whether the subkey should sign rather than encrypt
- * @returns {Promise<Object>} The generated key object in the form:
- * { key:Key, privateKeyArmored:String, publicKeyArmored:String, revocationCertificate:String }
- * @async
- * @static
- */
- function generateKey({ userIds = [], passphrase = "", numBits = 2048, rsaBits = numBits, keyExpirationTime = 0, curve = "", date = new Date(), subkeys = [{}] }) {
- userIds = toArray(userIds);
- const options = { userIds, passphrase, rsaBits, keyExpirationTime, curve, date, subkeys };
- if (_util2.default.getWebCryptoAll() && rsaBits < 2048) {
- throw new Error('rsaBits should be 2048 or 4096, found: ' + rsaBits);
- }
- if (!_util2.default.getWebCryptoAll() && asyncProxy) {
- // use web worker if web crypto apis are not supported
- return asyncProxy.delegate('generateKey', options);
- }
- return (0, _key.generate)(options).then(async key => {
- const revocationCertificate = await key.getRevocationCertificate();
- key.revocationSignatures = [];
- return convertStreams({
- key: key,
- privateKeyArmored: key.armor(),
- publicKeyArmored: key.toPublic().armor(),
- revocationCertificate: revocationCertificate
- });
- }).catch(onError.bind(null, 'Error generating keypair'));
- }
- /**
- * Reformats signature packets for a key and rewraps key object.
- * @param {Key} privateKey private key to reformat
- * @param {Array<Object>} userIds array of user IDs e.g. [{ name:'Phil Zimmermann', email:'phil@openpgp.org' }]
- * @param {String} passphrase (optional) The passphrase used to encrypt the resulting private key
- * @param {Number} keyExpirationTime (optional) The number of seconds after the key creation time that the key expires
- * @param {Boolean} revocationCertificate (optional) Whether the returned object should include a revocation certificate to revoke the public key
- * @returns {Promise<Object>} The generated key object in the form:
- * { key:Key, privateKeyArmored:String, publicKeyArmored:String, revocationCertificate:String }
- * @async
- * @static
- */
- function reformatKey({ privateKey, userIds = [], passphrase = "", keyExpirationTime = 0, date, revocationCertificate = true }) {
- userIds = toArray(userIds);
- const options = { privateKey, userIds, passphrase, keyExpirationTime, date, revocationCertificate };
- if (asyncProxy) {
- return asyncProxy.delegate('reformatKey', options);
- }
- options.revoked = options.revocationCertificate;
- return (0, _key.reformat)(options).then(async key => {
- const revocationCertificate = await key.getRevocationCertificate();
- key.revocationSignatures = [];
- return convertStreams({
- key: key,
- privateKeyArmored: key.armor(),
- publicKeyArmored: key.toPublic().armor(),
- revocationCertificate: revocationCertificate
- });
- }).catch(onError.bind(null, 'Error reformatting keypair'));
- }
- /**
- * Revokes a key. Requires either a private key or a revocation certificate.
- * If a revocation certificate is passed, the reasonForRevocation parameters will be ignored.
- * @param {Key} key (optional) public or private key to revoke
- * @param {String} revocationCertificate (optional) revocation certificate to revoke the key with
- * @param {Object} reasonForRevocation (optional) object indicating the reason for revocation
- * @param {module:enums.reasonForRevocation} reasonForRevocation.flag (optional) flag indicating the reason for revocation
- * @param {String} reasonForRevocation.string (optional) string explaining the reason for revocation
- * @returns {Promise<Object>} The revoked key object in the form:
- * { privateKey:Key, privateKeyArmored:String, publicKey:Key, publicKeyArmored:String }
- * (if private key is passed) or { publicKey:Key, publicKeyArmored:String } (otherwise)
- * @static
- */
- function revokeKey({
- key, revocationCertificate, reasonForRevocation
- } = {}) {
- const options = {
- key, revocationCertificate, reasonForRevocation
- };
- if (!_util2.default.getWebCryptoAll() && asyncProxy) {
- // use web worker if web crypto apis are not supported
- return asyncProxy.delegate('revokeKey', options);
- }
- return Promise.resolve().then(() => {
- if (revocationCertificate) {
- return key.applyRevocationCertificate(revocationCertificate);
- } else {
- return key.revoke(reasonForRevocation);
- }
- }).then(async key => {
- await convertStreams(key);
- if (key.isPrivate()) {
- const publicKey = key.toPublic();
- return {
- privateKey: key,
- privateKeyArmored: key.armor(),
- publicKey: publicKey,
- publicKeyArmored: publicKey.armor()
- };
- }
- return {
- publicKey: key,
- publicKeyArmored: key.armor()
- };
- }).catch(onError.bind(null, 'Error revoking key'));
- }
- /**
- * Unlock a private key with your passphrase.
- * @param {Key} privateKey the private key that is to be decrypted
- * @param {String|Array<String>} passphrase the user's passphrase(s) chosen during key generation
- * @returns {Promise<Object>} the unlocked key object in the form: { key:Key }
- * @async
- */
- function decryptKey({ privateKey, passphrase }) {
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('decryptKey', { privateKey, passphrase });
- }
- return Promise.resolve().then(async function () {
- await privateKey.decrypt(passphrase);
- return {
- key: privateKey
- };
- }).catch(onError.bind(null, 'Error decrypting private key'));
- }
- /**
- * Lock a private key with your passphrase.
- * @param {Key} privateKey the private key that is to be decrypted
- * @param {String|Array<String>} passphrase the user's passphrase(s) chosen during key generation
- * @returns {Promise<Object>} the locked key object in the form: { key:Key }
- * @async
- */
- function encryptKey({ privateKey, passphrase }) {
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('encryptKey', { privateKey, passphrase });
- }
- return Promise.resolve().then(async function () {
- await privateKey.encrypt(passphrase);
- return {
- key: privateKey
- };
- }).catch(onError.bind(null, 'Error decrypting private key'));
- }
- ///////////////////////////////////////////
- // //
- // Message encryption and decryption //
- // //
- ///////////////////////////////////////////
- /**
- * Encrypts message text/data with public keys, passwords or both at once. At least either public keys or passwords
- * must be specified. If private keys are specified, those will be used to sign the message.
- * @param {Message} message message to be encrypted as created by openpgp.message.fromText or openpgp.message.fromBinary
- * @param {Key|Array<Key>} publicKeys (optional) array of keys or single key, used to encrypt the message
- * @param {Key|Array<Key>} privateKeys (optional) private keys for signing. If omitted message will not be signed
- * @param {String|Array<String>} passwords (optional) array of passwords or a single password to encrypt the message
- * @param {Object} sessionKey (optional) session key in the form: { data:Uint8Array, algorithm:String }
- * @param {module:enums.compression} compression (optional) which compression algorithm to compress the message with, defaults to what is specified in config
- * @param {Boolean} armor (optional) if the return values should be ascii armored or the message/signature objects
- * @param {'web'|'node'|false} streaming (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
- * @param {Boolean} detached (optional) if the signature should be detached (if true, signature will be added to returned object)
- * @param {Signature} signature (optional) a detached signature to add to the encrypted message
- * @param {Boolean} returnSessionKey (optional) if the unencrypted session key should be added to returned object
- * @param {Boolean} wildcard (optional) use a key ID of 0 instead of the public key IDs
- * @param {Date} date (optional) override the creation date of the message signature
- * @param {Array} fromUserIds (optional) array of user IDs to sign with, one per key in `privateKeys`, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @param {Array} toUserIds (optional) array of user IDs to encrypt for, one per key in `publicKeys`, e.g. [{ name:'Robert Receiver', email:'robert@openpgp.org' }]
- * @returns {Promise<Object>} Object containing encrypted (and optionally signed) message in the form:
- *
- * {
- * data: String|ReadableStream<String>|NodeStream, (if `armor` was true, the default)
- * message: Message, (if `armor` was false)
- * signature: String|ReadableStream<String>|NodeStream, (if `detached` was true and `armor` was true)
- * signature: Signature (if `detached` was true and `armor` was false)
- * sessionKey: { data, algorithm, aeadAlgorithm } (if `returnSessionKey` was true)
- * }
- * @async
- * @static
- */
- function encrypt({ message, publicKeys, privateKeys, passwords, sessionKey, compression = _config2.default.compression, armor = true, streaming = message && message.fromStream, detached = false, signature = null, returnSessionKey = false, wildcard = false, date = new Date(), fromUserIds = [], toUserIds = [] }) {
- checkMessage(message);publicKeys = toArray(publicKeys);privateKeys = toArray(privateKeys);passwords = toArray(passwords);fromUserIds = toArray(fromUserIds);toUserIds = toArray(toUserIds);
- if (!nativeAEAD() && asyncProxy) {
- // use web worker if web crypto apis are not supported
- return asyncProxy.delegate('encrypt', { message, publicKeys, privateKeys, passwords, sessionKey, compression, armor, streaming, detached, signature, returnSessionKey, wildcard, date, fromUserIds, toUserIds });
- }
- const result = {};
- return Promise.resolve().then(async function () {
- if (!privateKeys) {
- privateKeys = [];
- }
- if (privateKeys.length || signature) {
- // sign the message only if private keys or signature is specified
- if (detached) {
- const detachedSignature = await message.signDetached(privateKeys, signature, date, fromUserIds, message.fromStream);
- result.signature = armor ? detachedSignature.armor() : detachedSignature;
- } else {
- message = await message.sign(privateKeys, signature, date, fromUserIds, message.fromStream);
- }
- }
- message = message.compress(compression);
- return message.encrypt(publicKeys, passwords, sessionKey, wildcard, date, toUserIds, streaming);
- }).then(async encrypted => {
- if (armor) {
- result.data = encrypted.message.armor();
- } else {
- result.message = encrypted.message;
- }
- if (returnSessionKey) {
- result.sessionKey = encrypted.sessionKey;
- }
- return convertStreams(result, streaming, armor ? ['signature', 'data'] : []);
- }).catch(onError.bind(null, 'Error encrypting message'));
- }
- /**
- * Decrypts a message with the user's private key, a session key or a password. Either a private key,
- * a session key or a password must be specified.
- * @param {Message} message the message object with the encrypted data
- * @param {Key|Array<Key>} privateKeys (optional) private keys with decrypted secret key data or session key
- * @param {String|Array<String>} passwords (optional) passwords to decrypt the message
- * @param {Object|Array<Object>} sessionKeys (optional) session keys in the form: { data:Uint8Array, algorithm:String }
- * @param {Key|Array<Key>} publicKeys (optional) array of public keys or single key, to verify signatures
- * @param {'utf8'|'binary'} format (optional) whether to return data as a string(Stream) or Uint8Array(Stream). If 'utf8' (the default), also normalize newlines.
- * @param {'web'|'node'|false} streaming (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
- * @param {Signature} signature (optional) detached signature for verification
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @returns {Promise<Object>} Object containing decrypted and verified message in the form:
- *
- * {
- * data: String|ReadableStream<String>|NodeStream, (if format was 'utf8', the default)
- * data: Uint8Array|ReadableStream<Uint8Array>|NodeStream, (if format was 'binary')
- * filename: String,
- * signatures: [
- * {
- * keyid: module:type/keyid,
- * verified: Promise<Boolean>,
- * valid: Boolean (if streaming was false)
- * }, ...
- * ]
- * }
- * @async
- * @static
- */
- function decrypt({ message, privateKeys, passwords, sessionKeys, publicKeys, format = 'utf8', streaming = message && message.fromStream, signature = null, date = new Date() }) {
- checkMessage(message);publicKeys = toArray(publicKeys);privateKeys = toArray(privateKeys);passwords = toArray(passwords);sessionKeys = toArray(sessionKeys);
- if (!nativeAEAD() && asyncProxy) {
- // use web worker if web crypto apis are not supported
- return asyncProxy.delegate('decrypt', { message, privateKeys, passwords, sessionKeys, publicKeys, format, streaming, signature, date });
- }
- return message.decrypt(privateKeys, passwords, sessionKeys, streaming).then(async function (decrypted) {
- if (!publicKeys) {
- publicKeys = [];
- }
- const result = {};
- result.signatures = signature ? await decrypted.verifyDetached(signature, publicKeys, date, streaming) : await decrypted.verify(publicKeys, date, streaming);
- result.data = format === 'binary' ? decrypted.getLiteralData() : decrypted.getText();
- result.filename = decrypted.getFilename();
- if (streaming) linkStreams(result, message);
- result.data = await convertStream(result.data, streaming);
- if (!streaming) await prepareSignatures(result.signatures);
- return result;
- }).catch(onError.bind(null, 'Error decrypting message'));
- }
- //////////////////////////////////////////
- // //
- // Message signing and verification //
- // //
- //////////////////////////////////////////
- /**
- * Signs a cleartext message.
- * @param {CleartextMessage|Message} message (cleartext) message to be signed
- * @param {Key|Array<Key>} privateKeys array of keys or single key with decrypted secret key data to sign cleartext
- * @param {Boolean} armor (optional) if the return value should be ascii armored or the message object
- * @param {'web'|'node'|false} streaming (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
- * @param {Boolean} detached (optional) if the return value should contain a detached signature
- * @param {Date} date (optional) override the creation date of the signature
- * @param {Array} fromUserIds (optional) array of user IDs to sign with, one per key in `privateKeys`, e.g. [{ name:'Steve Sender', email:'steve@openpgp.org' }]
- * @returns {Promise<Object>} Object containing signed message in the form:
- *
- * {
- * data: String|ReadableStream<String>|NodeStream, (if `armor` was true, the default)
- * message: Message (if `armor` was false)
- * }
- *
- * Or, if `detached` was true:
- *
- * {
- * signature: String|ReadableStream<String>|NodeStream, (if `armor` was true, the default)
- * signature: Signature (if `armor` was false)
- * }
- * @async
- * @static
- */
- function sign({ message, privateKeys, armor = true, streaming = message && message.fromStream, detached = false, date = new Date(), fromUserIds = [] }) {
- checkCleartextOrMessage(message);
- privateKeys = toArray(privateKeys);fromUserIds = toArray(fromUserIds);
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('sign', {
- message, privateKeys, armor, streaming, detached, date, fromUserIds
- });
- }
- const result = {};
- return Promise.resolve().then(async function () {
- if (detached) {
- const signature = await message.signDetached(privateKeys, undefined, date, fromUserIds, message.fromStream);
- result.signature = armor ? signature.armor() : signature;
- if (message.packets) {
- result.signature = _webStreamTools2.default.transformPair(message.packets.write(), async (readable, writable) => {
- await Promise.all([_webStreamTools2.default.pipe(result.signature, writable), _webStreamTools2.default.readToEnd(readable).catch(() => {})]);
- });
- }
- } else {
- message = await message.sign(privateKeys, undefined, date, fromUserIds, message.fromStream);
- if (armor) {
- result.data = message.armor();
- } else {
- result.message = message;
- }
- }
- return convertStreams(result, streaming, armor ? ['signature', 'data'] : []);
- }).catch(onError.bind(null, 'Error signing cleartext message'));
- }
- /**
- * Verifies signatures of cleartext signed message
- * @param {Key|Array<Key>} publicKeys array of publicKeys or single key, to verify signatures
- * @param {CleartextMessage|Message} message (cleartext) message object with signatures
- * @param {'web'|'node'|false} streaming (optional) whether to return data as a stream. Defaults to the type of stream `message` was created from, if any.
- * @param {Signature} signature (optional) detached signature for verification
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @returns {Promise<Object>} Object containing verified message in the form:
- *
- * {
- * data: String|ReadableStream<String>|NodeStream, (if `message` was a CleartextMessage)
- * data: Uint8Array|ReadableStream<Uint8Array>|NodeStream, (if `message` was a Message)
- * signatures: [
- * {
- * keyid: module:type/keyid,
- * verified: Promise<Boolean>,
- * valid: Boolean (if `streaming` was false)
- * }, ...
- * ]
- * }
- * @async
- * @static
- */
- function verify({ message, publicKeys, streaming = message && message.fromStream, signature = null, date = new Date() }) {
- checkCleartextOrMessage(message);
- publicKeys = toArray(publicKeys);
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('verify', { message, publicKeys, streaming, signature, date });
- }
- return Promise.resolve().then(async function () {
- const result = {};
- result.signatures = signature ? await message.verifyDetached(signature, publicKeys, date, streaming) : await message.verify(publicKeys, date, streaming);
- result.data = message instanceof _cleartext.CleartextMessage ? message.getText() : message.getLiteralData();
- if (streaming) linkStreams(result, message);
- result.data = await convertStream(result.data, streaming);
- if (!streaming) await prepareSignatures(result.signatures);
- return result;
- }).catch(onError.bind(null, 'Error verifying cleartext signed message'));
- }
- ///////////////////////////////////////////////
- // //
- // Session key encryption and decryption //
- // //
- ///////////////////////////////////////////////
- /**
- * Encrypt a symmetric session key with public keys, passwords, or both at once. At least either public keys
- * or passwords must be specified.
- * @param {Uint8Array} data the session key to be encrypted e.g. 16 random bytes (for aes128)
- * @param {String} algorithm algorithm of the symmetric session key e.g. 'aes128' or 'aes256'
- * @param {String} aeadAlgorithm (optional) aead algorithm, e.g. 'eax' or 'ocb'
- * @param {Key|Array<Key>} publicKeys (optional) array of public keys or single key, used to encrypt the key
- * @param {String|Array<String>} passwords (optional) passwords for the message
- * @param {Boolean} wildcard (optional) use a key ID of 0 instead of the public key IDs
- * @param {Date} date (optional) override the date
- * @param {Array} toUserIds (optional) array of user IDs to encrypt for, one per key in `publicKeys`, e.g. [{ name:'Phil Zimmermann', email:'phil@openpgp.org' }]
- * @returns {Promise<Message>} the encrypted session key packets contained in a message object
- * @async
- * @static
- */
- function encryptSessionKey({ data, algorithm, aeadAlgorithm, publicKeys, passwords, wildcard = false, date = new Date(), toUserIds = [] }) {
- checkBinary(data);checkString(algorithm, 'algorithm');publicKeys = toArray(publicKeys);passwords = toArray(passwords);toUserIds = toArray(toUserIds);
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('encryptSessionKey', { data, algorithm, aeadAlgorithm, publicKeys, passwords, wildcard, date, toUserIds });
- }
- return Promise.resolve().then(async function () {
- return { message: await messageLib.encryptSessionKey(data, algorithm, aeadAlgorithm, publicKeys, passwords, wildcard, date, toUserIds) };
- }).catch(onError.bind(null, 'Error encrypting session key'));
- }
- /**
- * Decrypt symmetric session keys with a private key or password. Either a private key or
- * a password must be specified.
- * @param {Message} message a message object containing the encrypted session key packets
- * @param {Key|Array<Key>} privateKeys (optional) private keys with decrypted secret key data
- * @param {String|Array<String>} passwords (optional) passwords to decrypt the session key
- * @returns {Promise<Object|undefined>} Array of decrypted session key, algorithm pairs in form:
- * { data:Uint8Array, algorithm:String }
- * or 'undefined' if no key packets found
- * @async
- * @static
- */
- function decryptSessionKeys({ message, privateKeys, passwords }) {
- checkMessage(message);privateKeys = toArray(privateKeys);passwords = toArray(passwords);
- if (asyncProxy) {
- // use web worker if available
- return asyncProxy.delegate('decryptSessionKeys', { message, privateKeys, passwords });
- }
- return Promise.resolve().then(async function () {
- return message.decryptSessionKeys(privateKeys, passwords);
- }).catch(onError.bind(null, 'Error decrypting session keys'));
- }
- //////////////////////////
- // //
- // Helper functions //
- // //
- //////////////////////////
- /**
- * Input validation
- */
- function checkString(data, name) {
- if (!_util2.default.isString(data)) {
- throw new Error('Parameter [' + (name || 'data') + '] must be of type String');
- }
- }
- function checkBinary(data, name) {
- if (!_util2.default.isUint8Array(data)) {
- throw new Error('Parameter [' + (name || 'data') + '] must be of type Uint8Array');
- }
- }
- function checkMessage(message) {
- if (!(message instanceof messageLib.Message)) {
- throw new Error('Parameter [message] needs to be of type Message');
- }
- }
- function checkCleartextOrMessage(message) {
- if (!(message instanceof _cleartext.CleartextMessage) && !(message instanceof messageLib.Message)) {
- throw new Error('Parameter [message] needs to be of type Message or CleartextMessage');
- }
- }
- /**
- * Normalize parameter to an array if it is not undefined.
- * @param {Object} param the parameter to be normalized
- * @returns {Array<Object>|undefined} the resulting array or undefined
- */
- function toArray(param) {
- if (param && !_util2.default.isArray(param)) {
- param = [param];
- }
- return param;
- }
- /**
- * Convert data to or from Stream
- * @param {Object} data the data to convert
- * @param {'web'|'node'|false} streaming (optional) whether to return a ReadableStream
- * @returns {Object} the data in the respective format
- */
- async function convertStream(data, streaming) {
- if (!streaming && _util2.default.isStream(data)) {
- return _webStreamTools2.default.readToEnd(data);
- }
- if (streaming && !_util2.default.isStream(data)) {
- data = new ReadableStream({
- start(controller) {
- controller.enqueue(data);
- controller.close();
- }
- });
- }
- if (streaming === 'node') {
- data = _webStreamTools2.default.webToNode(data);
- }
- return data;
- }
- /**
- * Convert object properties from Stream
- * @param {Object} obj the data to convert
- * @param {'web'|'node'|false} streaming (optional) whether to return ReadableStreams
- * @param {Array<String>} keys (optional) which keys to return as streams, if possible
- * @returns {Object} the data in the respective format
- */
- async function convertStreams(obj, streaming, keys = []) {
- if (Object.prototype.isPrototypeOf(obj) && !Uint8Array.prototype.isPrototypeOf(obj)) {
- await Promise.all(Object.entries(obj).map(async ([key, value]) => {
- // recursively search all children
- if (_util2.default.isStream(value) || keys.includes(key)) {
- obj[key] = await convertStream(value, streaming);
- } else {
- await convertStreams(obj[key], streaming);
- }
- }));
- }
- return obj;
- }
- /**
- * Link result.data to the message stream for cancellation.
- * @param {Object} result the data to convert
- * @param {Message} message message object
- * @returns {Object}
- */
- function linkStreams(result, message) {
- result.data = _webStreamTools2.default.transformPair(message.packets.stream, async (readable, writable) => {
- await _webStreamTools2.default.pipe(result.data, writable);
- });
- }
- /**
- * Wait until signature objects have been verified
- * @param {Object} signatures list of signatures
- */
- async function prepareSignatures(signatures) {
- await Promise.all(signatures.map(async signature => {
- signature.signature = await signature.signature;
- try {
- signature.valid = await signature.verified;
- } catch (e) {
- signature.valid = null;
- signature.error = e;
- _util2.default.print_debug_error(e);
- }
- }));
- }
- /**
- * Global error handler that logs the stack trace and rethrows a high lvl error message.
- * @param {String} message A human readable high level error Message
- * @param {Error} error The internal error that caused the failure
- */
- function onError(message, error) {
- // log the stack trace
- _util2.default.print_debug_error(error);
- // update error message
- try {
- error.message = message + ': ' + error.message;
- } catch (e) {}
- throw error;
- }
- /**
- * Check for native AEAD support and configuration by the user. Only
- * browsers that implement the current WebCrypto specification support
- * native GCM. Native EAX is built on CTR and CBC, which current
- * browsers support. OCB and CFB are not natively supported.
- * @returns {Boolean} If authenticated encryption should be used
- */
- function nativeAEAD() {
- return _config2.default.aead_protect && (_config2.default.aead_mode === _enums2.default.aead.eax || _config2.default.aead_mode === _enums2.default.aead.experimental_gcm) && _util2.default.getWebCrypto();
- }
- },{"./cleartext":77,"./config/config":78,"./enums":113,"./key":118,"./message":126,"./polyfills":150,"./util":158,"./worker/async_proxy":160,"web-stream-tools":75}],128:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Trust = exports.Signature = exports.SecretSubkey = exports.Userid = exports.SecretKey = exports.OnePassSignature = exports.UserAttribute = exports.PublicSubkey = exports.Marker = exports.SymmetricallyEncrypted = exports.PublicKey = exports.Literal = exports.SymEncryptedSessionKey = exports.PublicKeyEncryptedSessionKey = exports.SymEncryptedAEADProtected = exports.SymEncryptedIntegrityProtected = exports.Compressed = undefined;
- var _compressed = require('./compressed.js');
- Object.defineProperty(exports, 'Compressed', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_compressed).default;
- }
- });
- var _sym_encrypted_integrity_protected = require('./sym_encrypted_integrity_protected.js');
- Object.defineProperty(exports, 'SymEncryptedIntegrityProtected', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_sym_encrypted_integrity_protected).default;
- }
- });
- var _sym_encrypted_aead_protected = require('./sym_encrypted_aead_protected.js');
- Object.defineProperty(exports, 'SymEncryptedAEADProtected', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_sym_encrypted_aead_protected).default;
- }
- });
- var _public_key_encrypted_session_key = require('./public_key_encrypted_session_key.js');
- Object.defineProperty(exports, 'PublicKeyEncryptedSessionKey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_public_key_encrypted_session_key).default;
- }
- });
- var _sym_encrypted_session_key = require('./sym_encrypted_session_key.js');
- Object.defineProperty(exports, 'SymEncryptedSessionKey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_sym_encrypted_session_key).default;
- }
- });
- var _literal = require('./literal.js');
- Object.defineProperty(exports, 'Literal', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_literal).default;
- }
- });
- var _public_key = require('./public_key.js');
- Object.defineProperty(exports, 'PublicKey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_public_key).default;
- }
- });
- var _symmetrically_encrypted = require('./symmetrically_encrypted.js');
- Object.defineProperty(exports, 'SymmetricallyEncrypted', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_symmetrically_encrypted).default;
- }
- });
- var _marker = require('./marker.js');
- Object.defineProperty(exports, 'Marker', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_marker).default;
- }
- });
- var _public_subkey = require('./public_subkey.js');
- Object.defineProperty(exports, 'PublicSubkey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_public_subkey).default;
- }
- });
- var _user_attribute = require('./user_attribute.js');
- Object.defineProperty(exports, 'UserAttribute', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_user_attribute).default;
- }
- });
- var _one_pass_signature = require('./one_pass_signature.js');
- Object.defineProperty(exports, 'OnePassSignature', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_one_pass_signature).default;
- }
- });
- var _secret_key = require('./secret_key.js');
- Object.defineProperty(exports, 'SecretKey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_secret_key).default;
- }
- });
- var _userid = require('./userid.js');
- Object.defineProperty(exports, 'Userid', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_userid).default;
- }
- });
- var _secret_subkey = require('./secret_subkey.js');
- Object.defineProperty(exports, 'SecretSubkey', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_secret_subkey).default;
- }
- });
- var _signature = require('./signature.js');
- Object.defineProperty(exports, 'Signature', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_signature).default;
- }
- });
- var _trust = require('./trust.js');
- Object.defineProperty(exports, 'Trust', {
- enumerable: true,
- get: function get() {
- return _interopRequireDefault(_trust).default;
- }
- });
- exports.newPacketFromTag = newPacketFromTag;
- exports.fromStructuredClone = fromStructuredClone;
- var _enums = require('../enums.js');
- var _enums2 = _interopRequireDefault(_enums);
- var _all_packets = require('./all_packets.js');
- var packets = _interopRequireWildcard(_all_packets);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Allocate a new packet
- * @function newPacketFromTag
- * @memberof module:packet
- * @param {String} tag property name from {@link module:enums.packet}
- * @returns {Object} new packet object with type based on tag
- */
- function newPacketFromTag(tag) {
- return new packets[packetClassFromTagName(tag)]();
- }
- /**
- * Allocate a new packet from structured packet clone
- * @see {@link https://w3c.github.io/html/infrastructure.html#safe-passing-of-structured-data}
- * @function fromStructuredClone
- * @memberof module:packet
- * @param {Object} packetClone packet clone
- * @returns {Object} new packet object with data from packet clone
- */
- function fromStructuredClone(packetClone) {
- const tagName = _enums2.default.read(_enums2.default.packet, packetClone.tag);
- const packet = newPacketFromTag(tagName);
- Object.assign(packet, packetClone);
- if (packet.postCloneTypeFix) {
- packet.postCloneTypeFix();
- }
- return packet;
- }
- /**
- * Convert tag name to class name
- * @param {String} tag property name from {@link module:enums.packet}
- * @returns {String}
- * @private
- */
- function packetClassFromTagName(tag) {
- return tag.substr(0, 1).toUpperCase() + tag.substr(1);
- }
- },{"../enums.js":113,"./all_packets.js":128,"./compressed.js":130,"./literal.js":132,"./marker.js":133,"./one_pass_signature.js":134,"./public_key.js":137,"./public_key_encrypted_session_key.js":138,"./public_subkey.js":139,"./secret_key.js":140,"./secret_subkey.js":141,"./signature.js":142,"./sym_encrypted_aead_protected.js":143,"./sym_encrypted_integrity_protected.js":144,"./sym_encrypted_session_key.js":145,"./symmetrically_encrypted.js":146,"./trust.js":147,"./user_attribute.js":148,"./userid.js":149}],129:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.clonePackets = clonePackets;
- exports.parseClonedPackets = parseClonedPackets;
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _key = require('../key');
- var _message = require('../message');
- var _cleartext = require('../cleartext');
- var _signature = require('../signature');
- var _packetlist = require('./packetlist');
- var _packetlist2 = _interopRequireDefault(_packetlist);
- var _keyid = require('../type/keyid');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- //////////////////////////////
- // //
- // List --> Clone //
- // //
- //////////////////////////////
- /**
- * Create a packetlist from the correspoding object types.
- * @param {Object} options the object passed to and from the web worker
- * @returns {Object} a mutated version of the options optject
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015 Tankred Hase
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This module implements packet list cloning required to
- * pass certain object types between the web worker and main thread using
- * the structured cloning algorithm.
- * @module packet/clone
- */
- function clonePackets(options) {
- if (options.publicKeys) {
- options.publicKeys = options.publicKeys.map(key => key.toPacketlist());
- }
- if (options.privateKeys) {
- options.privateKeys = options.privateKeys.map(key => key.toPacketlist());
- }
- if (options.publicKey) {
- options.publicKey = options.publicKey.toPacketlist();
- }
- if (options.privateKey) {
- options.privateKey = options.privateKey.toPacketlist();
- }
- if (options.key) {
- options.key = options.key.toPacketlist();
- }
- if (options.message) {
- //could be either a Message or CleartextMessage object
- if (options.message instanceof _message.Message) {
- options.message = options.message.packets;
- } else if (options.message instanceof _cleartext.CleartextMessage) {
- options.message = { text: options.message.text, signature: options.message.signature.packets };
- }
- }
- if (options.signature && options.signature instanceof _signature.Signature) {
- options.signature = options.signature.packets;
- }
- if (options.signatures) {
- options.signatures.forEach(verificationObjectToClone);
- }
- return options;
- }
- function verificationObjectToClone(verObject) {
- const verified = verObject.verified;
- verObject.verified = _webStreamTools2.default.fromAsync(() => verified);
- if (verObject.signature instanceof Promise) {
- const signature = verObject.signature;
- verObject.signature = _webStreamTools2.default.fromAsync(async () => {
- const packets = (await signature).packets;
- try {
- await verified;
- delete packets[0].signature;
- } catch (e) {}
- return packets;
- });
- } else {
- verObject.signature = verObject.signature.packets;
- }
- if (verObject.error) {
- verObject.error = verObject.error.message;
- }
- return verObject;
- }
- //////////////////////////////
- // //
- // Clone --> List //
- // //
- //////////////////////////////
- /**
- * Creates an object with the correct prototype from a corresponding packetlist.
- * @param {Object} options the object passed to and from the web worker
- * @param {String} method the public api function name to be delegated to the worker
- * @returns {Object} a mutated version of the options optject
- */
- function parseClonedPackets(options) {
- if (options.publicKeys) {
- options.publicKeys = options.publicKeys.map(packetlistCloneToKey);
- }
- if (options.privateKeys) {
- options.privateKeys = options.privateKeys.map(packetlistCloneToKey);
- }
- if (options.publicKey) {
- options.publicKey = packetlistCloneToKey(options.publicKey);
- }
- if (options.privateKey) {
- options.privateKey = packetlistCloneToKey(options.privateKey);
- }
- if (options.key) {
- options.key = packetlistCloneToKey(options.key);
- }
- if (options.message && options.message.signature) {
- options.message = packetlistCloneToCleartextMessage(options.message);
- } else if (options.message) {
- options.message = packetlistCloneToMessage(options.message);
- }
- if (options.signatures) {
- options.signatures = options.signatures.map(packetlistCloneToSignatures);
- }
- if (options.signature) {
- options.signature = packetlistCloneToSignature(options.signature);
- }
- return options;
- }
- function packetlistCloneToKey(clone) {
- const packetlist = _packetlist2.default.fromStructuredClone(clone);
- return new _key.Key(packetlist);
- }
- function packetlistCloneToMessage(clone) {
- const packetlist = _packetlist2.default.fromStructuredClone(clone);
- return new _message.Message(packetlist);
- }
- function packetlistCloneToCleartextMessage(clone) {
- const packetlist = _packetlist2.default.fromStructuredClone(clone.signature);
- return new _cleartext.CleartextMessage(clone.text, new _signature.Signature(packetlist));
- }
- //verification objects
- function packetlistCloneToSignatures(clone) {
- clone.keyid = _keyid2.default.fromClone(clone.keyid);
- if (_util2.default.isStream(clone.signature)) {
- clone.signature = _webStreamTools2.default.readToEnd(clone.signature, ([signature]) => new _signature.Signature(_packetlist2.default.fromStructuredClone(signature)));
- clone.signature.catch(() => {});
- } else {
- clone.signature = new _signature.Signature(_packetlist2.default.fromStructuredClone(clone.signature));
- }
- clone.verified = _webStreamTools2.default.readToEnd(clone.verified, ([verified]) => verified);
- clone.verified.catch(() => {});
- if (clone.error) {
- clone.error = new Error(clone.error);
- }
- return clone;
- }
- function packetlistCloneToSignature(clone) {
- if (_util2.default.isString(clone) || _util2.default.isStream(clone)) {
- //signature is armored
- return clone;
- }
- const packetlist = _packetlist2.default.fromStructuredClone(clone);
- return new _signature.Signature(packetlist);
- }
- },{"../cleartext":77,"../key":118,"../message":126,"../signature":151,"../type/keyid":154,"../util":158,"./packetlist":136,"web-stream-tools":75}],130:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _pako = require('pako');
- var _pako2 = _interopRequireDefault(_pako);
- var _seekBzip = require('seek-bzip');
- var _seekBzip2 = _interopRequireDefault(_seekBzip);
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Compressed Data Packet (Tag 8)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.6|RFC4880 5.6}:
- * The Compressed Data packet contains compressed data. Typically,
- * this packet is found as the contents of an encrypted packet, or following
- * a Signature or One-Pass Signature packet, and contains a literal data packet.
- * @memberof module:packet
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires pako
- * @requires config
- * @requires enums
- * @requires util
- * @requires compression/bzip2
- */
- function Compressed() {
- /**
- * Packet type
- * @type {module:enums.packet}
- */
- this.tag = _enums2.default.packet.compressed;
- /**
- * List of packets
- * @type {module:packet.List}
- */
- this.packets = null;
- /**
- * Compression algorithm
- * @type {compression}
- */
- this.algorithm = 'zip';
- /**
- * Compressed packet data
- * @type {Uint8Array | ReadableStream<Uint8Array>}
- */
- this.compressed = null;
- }
- /**
- * Parsing function for the packet.
- * @param {Uint8Array | ReadableStream<Uint8Array>} bytes Payload of a tag 8 packet
- */
- Compressed.prototype.read = async function (bytes, streaming) {
- await _webStreamTools2.default.parse(bytes, async reader => {
- // One octet that gives the algorithm used to compress the packet.
- this.algorithm = _enums2.default.read(_enums2.default.compression, (await reader.readByte()));
- // Compressed data, which makes up the remainder of the packet.
- this.compressed = reader.remainder();
- await this.decompress(streaming);
- });
- };
- /**
- * Return the compressed packet.
- * @returns {Uint8Array | ReadableStream<Uint8Array>} binary compressed packet
- */
- Compressed.prototype.write = function () {
- if (this.compressed === null) {
- this.compress();
- }
- return _util2.default.concat([new Uint8Array([_enums2.default.write(_enums2.default.compression, this.algorithm)]), this.compressed]);
- };
- /**
- * Decompression method for decompressing the compressed data
- * read by read_packet
- */
- Compressed.prototype.decompress = async function (streaming) {
- if (!decompress_fns[this.algorithm]) {
- throw new Error(this.algorithm + ' decompression not supported');
- }
- await this.packets.read(decompress_fns[this.algorithm](this.compressed), streaming);
- };
- /**
- * Compress the packet data (member decompressedData)
- */
- Compressed.prototype.compress = function () {
- if (!compress_fns[this.algorithm]) {
- throw new Error(this.algorithm + ' compression not supported');
- }
- this.compressed = compress_fns[this.algorithm](this.packets.write());
- };
- exports.default = Compressed;
- //////////////////////////
- // //
- // Helper functions //
- // //
- //////////////////////////
- const nodeZlib = _util2.default.getNodeZlib();
- function node_zlib(func, options = {}) {
- return function (data) {
- return _webStreamTools2.default.nodeToWeb(_webStreamTools2.default.webToNode(data).pipe(func(options)));
- };
- }
- function pako_zlib(constructor, options = {}) {
- return function (data) {
- const obj = new constructor(options);
- return _webStreamTools2.default.transform(data, value => {
- if (value.length) {
- obj.push(value, _pako2.default.Z_SYNC_FLUSH);
- return obj.result;
- }
- }, () => {
- if (constructor === _pako2.default.Deflate) {
- obj.push([], _pako2.default.Z_FINISH);
- return obj.result;
- }
- });
- };
- }
- function bzip2(func) {
- return function (data) {
- return _webStreamTools2.default.fromAsync(async () => func((await _webStreamTools2.default.readToEnd(data))));
- };
- }
- let compress_fns;
- let decompress_fns;
- if (nodeZlib) {
- // Use Node native zlib for DEFLATE compression/decompression
- compress_fns = {
- zip: node_zlib(nodeZlib.createDeflateRaw, { level: _config2.default.deflate_level }),
- zlib: node_zlib(nodeZlib.createDeflate, { level: _config2.default.deflate_level })
- };
- decompress_fns = {
- zip: node_zlib(nodeZlib.createInflateRaw),
- zlib: node_zlib(nodeZlib.createInflate),
- bzip2: bzip2(_seekBzip2.default.decode)
- };
- } else {
- // Use JS fallbacks
- compress_fns = {
- zip: pako_zlib(_pako2.default.Deflate, { raw: true, level: _config2.default.deflate_level }),
- zlib: pako_zlib(_pako2.default.Deflate, { level: _config2.default.deflate_level })
- };
- decompress_fns = {
- zip: pako_zlib(_pako2.default.Inflate, { raw: true }),
- zlib: pako_zlib(_pako2.default.Inflate),
- bzip2: bzip2(_seekBzip2.default.decode)
- };
- }
- },{"../config":79,"../enums":113,"../util":158,"pako":50,"seek-bzip":69,"web-stream-tools":75}],131:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _all_packets = require('./all_packets');
- var packets = _interopRequireWildcard(_all_packets);
- var _clone = require('./clone');
- var clone = _interopRequireWildcard(_clone);
- var _packetlist = require('./packetlist');
- var _packetlist2 = _interopRequireDefault(_packetlist);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- const mod = {
- List: _packetlist2.default,
- clone
- }; /**
- * @fileoverview OpenPGP packet types
- * @see module:packet/all_packets
- * @see module:packet/clone
- * @see module:packet.List
- * @module packet
- */
- Object.assign(mod, packets);
- exports.default = mod;
- },{"./all_packets":128,"./clone":129,"./packetlist":136}],132:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Literal Data Packet (Tag 11)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.9|RFC4880 5.9}:
- * A Literal Data packet contains the body of a message; data that is not to be
- * further interpreted.
- * @param {Date} date the creation date of the literal package
- * @memberof module:packet
- * @constructor
- */
- function Literal(date = new Date()) {
- this.tag = _enums2.default.packet.literal;
- this.format = 'utf8'; // default format for literal data packets
- this.date = _util2.default.normalizeDate(date);
- this.text = null; // textual data representation
- this.data = null; // literal data representation
- this.filename = 'msg.txt';
- }
- /**
- * Set the packet data to a javascript native string, end of line
- * will be normalized to \r\n and by default text is converted to UTF8
- * @param {String | ReadableStream<String>} text Any native javascript string
- * @param {utf8|binary|text|mime} format (optional) The format of the string of bytes
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires enums
- * @requires util
- */
- Literal.prototype.setText = function (text, format = 'utf8') {
- this.format = format;
- this.text = text;
- this.data = null;
- };
- /**
- * Returns literal data packets as native JavaScript string
- * with normalized end of line to \n
- * @param {Boolean} clone (optional) Whether to return a clone so that getBytes/getText can be called again
- * @returns {String | ReadableStream<String>} literal data as text
- */
- Literal.prototype.getText = function (clone = false) {
- if (this.text === null || _util2.default.isStream(this.text)) {
- // Assume that this.text has been read
- this.text = _util2.default.nativeEOL(_util2.default.decode_utf8(this.getBytes(clone)));
- }
- return this.text;
- };
- /**
- * Set the packet data to value represented by the provided string of bytes.
- * @param {Uint8Array | ReadableStream<Uint8Array>} bytes The string of bytes
- * @param {utf8|binary|text|mime} format The format of the string of bytes
- */
- Literal.prototype.setBytes = function (bytes, format) {
- this.format = format;
- this.data = bytes;
- this.text = null;
- };
- /**
- * Get the byte sequence representing the literal packet data
- * @param {Boolean} clone (optional) Whether to return a clone so that getBytes/getText can be called again
- * @returns {Uint8Array | ReadableStream<Uint8Array>} A sequence of bytes
- */
- Literal.prototype.getBytes = function (clone = false) {
- if (this.data === null) {
- // normalize EOL to \r\n and encode UTF8
- this.data = _util2.default.encode_utf8(_util2.default.canonicalizeEOL(this.text));
- }
- if (clone) {
- return _webStreamTools2.default.passiveClone(this.data);
- }
- return this.data;
- };
- /**
- * Sets the filename of the literal packet data
- * @param {String} filename Any native javascript string
- */
- Literal.prototype.setFilename = function (filename) {
- this.filename = filename;
- };
- /**
- * Get the filename of the literal packet data
- * @returns {String} filename
- */
- Literal.prototype.getFilename = function () {
- return this.filename;
- };
- /**
- * Parsing function for a literal data packet (tag 11).
- *
- * @param {Uint8Array | ReadableStream<Uint8Array>} input Payload of a tag 11 packet
- * @returns {module:packet.Literal} object representation
- */
- Literal.prototype.read = async function (bytes) {
- await _webStreamTools2.default.parse(bytes, async reader => {
- // - A one-octet field that describes how the data is formatted.
- const format = _enums2.default.read(_enums2.default.literal, (await reader.readByte()));
- const filename_len = await reader.readByte();
- this.filename = _util2.default.decode_utf8((await reader.readBytes(filename_len)));
- this.date = _util2.default.readDate((await reader.readBytes(4)));
- const data = reader.remainder();
- this.setBytes(data, format);
- });
- };
- /**
- * Creates a Uint8Array representation of the packet, excluding the data
- *
- * @returns {Uint8Array} Uint8Array representation of the packet
- */
- Literal.prototype.writeHeader = function () {
- const filename = _util2.default.encode_utf8(this.filename);
- const filename_length = new Uint8Array([filename.length]);
- const format = new Uint8Array([_enums2.default.write(_enums2.default.literal, this.format)]);
- const date = _util2.default.writeDate(this.date);
- return _util2.default.concatUint8Array([format, filename_length, filename, date]);
- };
- /**
- * Creates a Uint8Array representation of the packet
- *
- * @returns {Uint8Array | ReadableStream<Uint8Array>} Uint8Array representation of the packet
- */
- Literal.prototype.write = function () {
- const header = this.writeHeader();
- const data = this.getBytes();
- return _util2.default.concat([header, data]);
- };
- exports.default = Literal;
- },{"../enums":113,"../util":158,"web-stream-tools":75}],133:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the strange "Marker packet" (Tag 10)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.8|RFC4880 5.8}:
- * An experimental version of PGP used this packet as the Literal
- * packet, but no released version of PGP generated Literal packets with this
- * tag. With PGP 5.x, this packet has been reassigned and is reserved for use as
- * the Marker packet.
- *
- * Such a packet MUST be ignored when received.
- * @memberof module:packet
- * @constructor
- */
- function Marker() {
- this.tag = _enums2.default.packet.marker;
- }
- /**
- * Parsing function for a literal data packet (tag 10).
- *
- * @param {String} input Payload of a tag 10 packet
- * @param {Integer} position
- * Position to start reading from the input string
- * @param {Integer} len
- * Length of the packet or the remaining length of
- * input at position
- * @returns {module:packet.Marker} Object representation
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires enums
- */
- Marker.prototype.read = function (bytes) {
- if (bytes[0] === 0x50 && // P
- bytes[1] === 0x47 && // G
- bytes[2] === 0x50) {
- // P
- return true;
- }
- // marker packet does not contain "PGP"
- return false;
- };
- exports.default = Marker;
- },{"../enums":113}],134:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _signature = require('./signature');
- var _signature2 = _interopRequireDefault(_signature);
- var _keyid = require('../type/keyid');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the One-Pass Signature Packets (Tag 4)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.4|RFC4880 5.4}:
- * The One-Pass Signature packet precedes the signed data and contains
- * enough information to allow the receiver to begin calculating any
- * hashes needed to verify the signature. It allows the Signature
- * packet to be placed at the end of the message, so that the signer
- * can compute the entire signed message in one pass.
- * @memberof module:packet
- * @constructor
- */
- function OnePassSignature() {
- /**
- * Packet type
- * @type {module:enums.packet}
- */
- this.tag = _enums2.default.packet.onePassSignature;
- /** A one-octet version number. The current version is 3. */
- this.version = null;
- /**
- * A one-octet signature type.
- * Signature types are described in
- * {@link https://tools.ietf.org/html/rfc4880#section-5.2.1|RFC4880 Section 5.2.1}.
- */
- this.signatureType = null;
- /**
- * A one-octet number describing the hash algorithm used.
- * @see {@link https://tools.ietf.org/html/rfc4880#section-9.4|RFC4880 9.4}
- */
- this.hashAlgorithm = null;
- /**
- * A one-octet number describing the public-key algorithm used.
- * @see {@link https://tools.ietf.org/html/rfc4880#section-9.1|RFC4880 9.1}
- */
- this.publicKeyAlgorithm = null;
- /** An eight-octet number holding the Key ID of the signing key. */
- this.issuerKeyId = null;
- /**
- * A one-octet number holding a flag showing whether the signature is nested.
- * A zero value indicates that the next packet is another One-Pass Signature packet
- * that describes another signature to be applied to the same message data.
- */
- this.flags = null;
- }
- /**
- * parsing function for a one-pass signature packet (tag 4).
- * @param {Uint8Array} bytes payload of a tag 4 packet
- * @returns {module:packet.OnePassSignature} object representation
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires packet/signature
- * @requires type/keyid
- * @requires enums
- * @requires util
- */
- OnePassSignature.prototype.read = function (bytes) {
- let mypos = 0;
- // A one-octet version number. The current version is 3.
- this.version = bytes[mypos++];
- // A one-octet signature type. Signature types are described in
- // Section 5.2.1.
- this.signatureType = bytes[mypos++];
- // A one-octet number describing the hash algorithm used.
- this.hashAlgorithm = bytes[mypos++];
- // A one-octet number describing the public-key algorithm used.
- this.publicKeyAlgorithm = bytes[mypos++];
- // An eight-octet number holding the Key ID of the signing key.
- this.issuerKeyId = new _keyid2.default();
- this.issuerKeyId.read(bytes.subarray(mypos, mypos + 8));
- mypos += 8;
- // A one-octet number holding a flag showing whether the signature
- // is nested. A zero value indicates that the next packet is
- // another One-Pass Signature packet that describes another
- // signature to be applied to the same message data.
- this.flags = bytes[mypos++];
- return this;
- };
- /**
- * creates a string representation of a one-pass signature packet
- * @returns {Uint8Array} a Uint8Array representation of a one-pass signature packet
- */
- OnePassSignature.prototype.write = function () {
- const start = new Uint8Array([3, _enums2.default.write(_enums2.default.signature, this.signatureType), _enums2.default.write(_enums2.default.hash, this.hashAlgorithm), _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm)]);
- const end = new Uint8Array([this.flags]);
- return _util2.default.concatUint8Array([start, this.issuerKeyId.write(), end]);
- };
- /**
- * Fix custom types after cloning
- */
- OnePassSignature.prototype.postCloneTypeFix = function () {
- this.issuerKeyId = _keyid2.default.fromClone(this.issuerKeyId);
- };
- OnePassSignature.prototype.hash = _signature2.default.prototype.hash;
- OnePassSignature.prototype.toHash = _signature2.default.prototype.toHash;
- OnePassSignature.prototype.toSign = _signature2.default.prototype.toSign;
- OnePassSignature.prototype.calculateTrailer = function (...args) {
- return _webStreamTools2.default.fromAsync(async () => _signature2.default.prototype.calculateTrailer.apply((await this.correspondingSig), args));
- };
- OnePassSignature.prototype.verify = async function () {
- const correspondingSig = await this.correspondingSig;
- if (!correspondingSig || correspondingSig.tag !== _enums2.default.packet.signature) {
- throw new Error('Corresponding signature packet missing');
- }
- if (correspondingSig.signatureType !== this.signatureType || correspondingSig.hashAlgorithm !== this.hashAlgorithm || correspondingSig.publicKeyAlgorithm !== this.publicKeyAlgorithm || !correspondingSig.issuerKeyId.equals(this.issuerKeyId)) {
- throw new Error('Corresponding signature packet does not match one-pass signature packet');
- }
- correspondingSig.hashed = this.hashed;
- return correspondingSig.verify.apply(correspondingSig, arguments);
- };
- exports.default = OnePassSignature;
- },{"../enums":113,"../type/keyid":154,"../util":158,"./signature":142,"web-stream-tools":75}],135:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _slicedToArray = function () { function sliceIterator(arr, i) { var _arr = []; var _n = true; var _d = false; var _e = undefined; try { for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"]) _i["return"](); } finally { if (_d) throw _e; } } return _arr; } return function (arr, i) { if (Array.isArray(arr)) { return arr; } else if (Symbol.iterator in Object(arr)) { return sliceIterator(arr, i); } else { throw new TypeError("Invalid attempt to destructure non-iterable instance"); } }; }(); // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /* eslint-disable callback-return */
- /**
- * @fileoverview Functions for reading and writing packets
- * @requires web-stream-tools
- * @requires enums
- * @requires util
- * @module packet/packet
- */
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = {
- readSimpleLength: function readSimpleLength(bytes) {
- let len = 0;
- let offset;
- const type = bytes[0];
- if (type < 192) {
- var _bytes = _slicedToArray(bytes, 1);
- len = _bytes[0];
- offset = 1;
- } else if (type < 255) {
- len = (bytes[0] - 192 << 8) + bytes[1] + 192;
- offset = 2;
- } else if (type === 255) {
- len = _util2.default.readNumber(bytes.subarray(1, 1 + 4));
- offset = 5;
- }
- return {
- len: len,
- offset: offset
- };
- },
- /**
- * Encodes a given integer of length to the openpgp length specifier to a
- * string
- *
- * @param {Integer} length The length to encode
- * @returns {Uint8Array} String with openpgp length representation
- */
- writeSimpleLength: function writeSimpleLength(length) {
- if (length < 192) {
- return new Uint8Array([length]);
- } else if (length > 191 && length < 8384) {
- /*
- * let a = (total data packet length) - 192 let bc = two octet
- * representation of a let d = b + 192
- */
- return new Uint8Array([(length - 192 >> 8) + 192, length - 192 & 0xFF]);
- }
- return _util2.default.concatUint8Array([new Uint8Array([255]), _util2.default.writeNumber(length, 4)]);
- },
- writePartialLength: function writePartialLength(power) {
- if (power < 0 || power > 30) {
- throw new Error('Partial Length power must be between 1 and 30');
- }
- return new Uint8Array([224 + power]);
- },
- writeTag: function writeTag(tag_type) {
- /* we're only generating v4 packet headers here */
- return new Uint8Array([0xC0 | tag_type]);
- },
- /**
- * Writes a packet header version 4 with the given tag_type and length to a
- * string
- *
- * @param {Integer} tag_type Tag type
- * @param {Integer} length Length of the payload
- * @returns {String} String of the header
- */
- writeHeader: function writeHeader(tag_type, length) {
- /* we're only generating v4 packet headers here */
- return _util2.default.concatUint8Array([this.writeTag(tag_type), this.writeSimpleLength(length)]);
- },
- /**
- * Whether the packet type supports partial lengths per RFC4880
- * @param {Integer} tag_type Tag type
- * @returns {Boolean} String of the header
- */
- supportsStreaming: function supportsStreaming(tag_type) {
- return [_enums2.default.packet.literal, _enums2.default.packet.compressed, _enums2.default.packet.symmetricallyEncrypted, _enums2.default.packet.symEncryptedIntegrityProtected, _enums2.default.packet.symEncryptedAEADProtected].includes(tag_type);
- },
- /**
- * Generic static Packet Parser function
- *
- * @param {Uint8Array | ReadableStream<Uint8Array>} input Input stream as string
- * @param {Function} callback Function to call with the parsed packet
- * @returns {Boolean} Returns false if the stream was empty and parsing is done, and true otherwise.
- */
- read: async function read(input, streaming, callback) {
- const reader = _webStreamTools2.default.getReader(input);
- let writer;
- let callbackReturned;
- try {
- const peekedBytes = await reader.peekBytes(2);
- // some sanity checks
- if (!peekedBytes || peekedBytes.length < 2 || (peekedBytes[0] & 0x80) === 0) {
- throw new Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");
- }
- const headerByte = await reader.readByte();
- let tag = -1;
- let format = -1;
- let packet_length;
- format = 0; // 0 = old format; 1 = new format
- if ((headerByte & 0x40) !== 0) {
- format = 1;
- }
- let packet_length_type;
- if (format) {
- // new format header
- tag = headerByte & 0x3F; // bit 5-0
- } else {
- // old format header
- tag = (headerByte & 0x3F) >> 2; // bit 5-2
- packet_length_type = headerByte & 0x03; // bit 1-0
- }
- const supportsStreaming = this.supportsStreaming(tag);
- let packet = null;
- if (streaming && supportsStreaming) {
- const transform = new TransformStream();
- writer = _webStreamTools2.default.getWriter(transform.writable);
- packet = transform.readable;
- callbackReturned = callback({ tag, packet });
- } else {
- packet = [];
- }
- let wasPartialLength;
- do {
- if (!format) {
- // 4.2.1. Old Format Packet Lengths
- switch (packet_length_type) {
- case 0:
- // The packet has a one-octet length. The header is 2 octets
- // long.
- packet_length = await reader.readByte();
- break;
- case 1:
- // The packet has a two-octet length. The header is 3 octets
- // long.
- packet_length = (await reader.readByte()) << 8 | (await reader.readByte());
- break;
- case 2:
- // The packet has a four-octet length. The header is 5
- // octets long.
- packet_length = (await reader.readByte()) << 24 | (await reader.readByte()) << 16 | (await reader.readByte()) << 8 | (await reader.readByte());
- break;
- default:
- // 3 - The packet is of indeterminate length. The header is 1
- // octet long, and the implementation must determine how long
- // the packet is. If the packet is in a file, this means that
- // the packet extends until the end of the file. In general,
- // an implementation SHOULD NOT use indeterminate-length
- // packets except where the end of the data will be clear
- // from the context, and even then it is better to use a
- // definite length, or a new format header. The new format
- // headers described below have a mechanism for precisely
- // encoding data of indeterminate length.
- packet_length = Infinity;
- break;
- }
- } else {
- // 4.2.2. New Format Packet Lengths
- // 4.2.2.1. One-Octet Lengths
- const lengthByte = await reader.readByte();
- wasPartialLength = false;
- if (lengthByte < 192) {
- packet_length = lengthByte;
- // 4.2.2.2. Two-Octet Lengths
- } else if (lengthByte >= 192 && lengthByte < 224) {
- packet_length = (lengthByte - 192 << 8) + (await reader.readByte()) + 192;
- // 4.2.2.4. Partial Body Lengths
- } else if (lengthByte > 223 && lengthByte < 255) {
- packet_length = 1 << (lengthByte & 0x1F);
- wasPartialLength = true;
- if (!supportsStreaming) {
- throw new TypeError('This packet type does not support partial lengths.');
- }
- // 4.2.2.3. Five-Octet Lengths
- } else {
- packet_length = (await reader.readByte()) << 24 | (await reader.readByte()) << 16 | (await reader.readByte()) << 8 | (await reader.readByte());
- }
- }
- if (packet_length > 0) {
- let bytesRead = 0;
- while (true) {
- if (writer) await writer.ready;
- var _ref = await reader.read();
- const done = _ref.done,
- value = _ref.value;
- if (done) {
- if (packet_length === Infinity) break;
- throw new Error('Unexpected end of packet');
- }
- const chunk = packet_length === Infinity ? value : value.subarray(0, packet_length - bytesRead);
- if (writer) await writer.write(chunk);else packet.push(chunk);
- bytesRead += value.length;
- if (bytesRead >= packet_length) {
- reader.unshift(value.subarray(packet_length - bytesRead + value.length));
- break;
- }
- }
- }
- } while (wasPartialLength);
- // If this was not a packet that "supports streaming", we peek to check
- // whether it is the last packet in the message. We peek 2 bytes instead
- // of 1 because the beginning of this function also peeks 2 bytes, and we
- // want to cut a `subarray` of the correct length into `web-stream-tools`'
- // `externalBuffer` as a tiny optimization here.
- //
- // If it *was* a streaming packet (i.e. the data packets), we peek at the
- // entire remainder of the stream, in order to forward errors in the
- // remainder of the stream to the packet data. (Note that this means we
- // read/peek at all signature packets before closing the literal data
- // packet, for example.) This forwards armor checksum errors to the
- // encrypted data stream, for example, so that they don't get lost /
- // forgotten on encryptedMessage.packets.stream, which we never look at.
- //
- // Note that subsequent packet parsing errors could still end up there if
- // `config.tolerant` is set to false, or on malformed messages with
- // multiple data packets, but usually it shouldn't happen.
- //
- // An example of what we do when stream-parsing a message containing
- // [ one-pass signature packet, literal data packet, signature packet ]:
- // 1. Read the one-pass signature packet
- // 2. Peek 2 bytes of the literal data packet
- // 3. Parse the one-pass signature packet
- //
- // 4. Read the literal data packet, simultaneously stream-parsing it
- // 5. Peek until the end of the message
- // 6. Finish parsing the literal data packet
- //
- // 7. Read the signature packet again (we already peeked at it in step 5)
- // 8. Peek at the end of the stream again (`peekBytes` returns undefined)
- // 9. Parse the signature packet
- //
- // Note that this means that if there's an error in the very end of the
- // stream, such as an MDC error, we throw in step 5 instead of in step 8
- // (or never), which is the point of this exercise.
- const nextPacket = await reader.peekBytes(supportsStreaming ? Infinity : 2);
- if (writer) {
- await writer.ready;
- await writer.close();
- } else {
- packet = _util2.default.concatUint8Array(packet);
- await callback({ tag, packet });
- }
- return !nextPacket || !nextPacket.length;
- } catch (e) {
- if (writer) {
- await writer.abort(e);
- return true;
- } else {
- throw e;
- }
- } finally {
- if (writer) {
- await callbackReturned;
- }
- reader.releaseLock();
- }
- }
- };
- },{"../enums":113,"../util":158,"web-stream-tools":75}],136:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _all_packets = require('./all_packets');
- var packets = _interopRequireWildcard(_all_packets);
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * This class represents a list of openpgp packets.
- * Take care when iterating over it - the packets themselves
- * are stored as numerical indices.
- * @memberof module:packet
- * @constructor
- * @extends Array
- */
- /* eslint-disable callback-return */
- /**
- * @requires web-stream-tools
- * @requires packet/all_packets
- * @requires packet/packet
- * @requires config
- * @requires enums
- * @requires util
- */
- function List() {
- /**
- * The number of packets contained within the list.
- * @readonly
- * @type {Integer}
- */
- this.length = 0;
- }
- List.prototype = [];
- /**
- * Reads a stream of binary data and interprents it as a list of packets.
- * @param {Uint8Array | ReadableStream<Uint8Array>} A Uint8Array of bytes.
- */
- List.prototype.read = async function (bytes, streaming) {
- this.stream = _webStreamTools2.default.transformPair(bytes, async (readable, writable) => {
- const writer = _webStreamTools2.default.getWriter(writable);
- try {
- while (true) {
- await writer.ready;
- const done = await _packet2.default.read(readable, streaming, async parsed => {
- try {
- const tag = _enums2.default.read(_enums2.default.packet, parsed.tag);
- const packet = packets.newPacketFromTag(tag);
- packet.packets = new List();
- packet.fromStream = _util2.default.isStream(parsed.packet);
- await packet.read(parsed.packet, streaming);
- await writer.write(packet);
- } catch (e) {
- if (!_config2.default.tolerant || _packet2.default.supportsStreaming(parsed.tag)) {
- // The packets that support streaming are the ones that contain
- // message data. Those are also the ones we want to be more strict
- // about and throw on parse errors for.
- await writer.abort(e);
- }
- _util2.default.print_debug_error(e);
- }
- });
- if (done) {
- await writer.ready;
- await writer.close();
- return;
- }
- }
- } catch (e) {
- await writer.abort(e);
- }
- });
- // Wait until first few packets have been read
- const reader = _webStreamTools2.default.getReader(this.stream);
- while (true) {
- var _ref = await reader.read();
- const done = _ref.done,
- value = _ref.value;
- if (!done) {
- this.push(value);
- } else {
- this.stream = null;
- }
- if (done || _packet2.default.supportsStreaming(value.tag)) {
- break;
- }
- }
- reader.releaseLock();
- };
- /**
- * Creates a binary representation of openpgp objects contained within the
- * class instance.
- * @returns {Uint8Array} A Uint8Array containing valid openpgp packets.
- */
- List.prototype.write = function () {
- const arr = [];
- for (let i = 0; i < this.length; i++) {
- const packetbytes = this[i].write();
- if (_util2.default.isStream(packetbytes) && _packet2.default.supportsStreaming(this[i].tag)) {
- let buffer = [];
- let bufferLength = 0;
- const minLength = 512;
- arr.push(_packet2.default.writeTag(this[i].tag));
- arr.push(_webStreamTools2.default.transform(packetbytes, value => {
- buffer.push(value);
- bufferLength += value.length;
- if (bufferLength >= minLength) {
- const powerOf2 = Math.min(Math.log(bufferLength) / Math.LN2 | 0, 30);
- const chunkSize = 2 ** powerOf2;
- const bufferConcat = _util2.default.concat([_packet2.default.writePartialLength(powerOf2)].concat(buffer));
- buffer = [bufferConcat.subarray(1 + chunkSize)];
- bufferLength = buffer[0].length;
- return bufferConcat.subarray(0, 1 + chunkSize);
- }
- }, () => _util2.default.concat([_packet2.default.writeSimpleLength(bufferLength)].concat(buffer))));
- } else {
- if (_util2.default.isStream(packetbytes)) {
- let length = 0;
- arr.push(_webStreamTools2.default.transform(_webStreamTools2.default.clone(packetbytes), value => {
- length += value.length;
- }, () => _packet2.default.writeHeader(this[i].tag, length)));
- } else {
- arr.push(_packet2.default.writeHeader(this[i].tag, packetbytes.length));
- }
- arr.push(packetbytes);
- }
- }
- return _util2.default.concat(arr);
- };
- /**
- * Adds a packet to the list. This is the only supported method of doing so;
- * writing to packetlist[i] directly will result in an error.
- * @param {Object} packet Packet to push
- */
- List.prototype.push = function (packet) {
- if (!packet) {
- return;
- }
- packet.packets = packet.packets || new List();
- this[this.length] = packet;
- this.length++;
- };
- /**
- * Creates a new PacketList with all packets from the given types
- */
- List.prototype.filterByTag = function (...args) {
- const filtered = new List();
- const handle = tag => packetType => tag === packetType;
- for (let i = 0; i < this.length; i++) {
- if (args.some(handle(this[i].tag))) {
- filtered.push(this[i]);
- }
- }
- return filtered;
- };
- /**
- * Traverses packet tree and returns first matching packet
- * @param {module:enums.packet} type The packet type
- * @returns {module:packet/packet|undefined}
- */
- List.prototype.findPacket = function (type) {
- return this.find(packet => packet.tag === type);
- };
- /**
- * Returns array of found indices by tag
- */
- List.prototype.indexOfTag = function (...args) {
- const tagIndex = [];
- const that = this;
- const handle = tag => packetType => tag === packetType;
- for (let i = 0; i < this.length; i++) {
- if (args.some(handle(that[i].tag))) {
- tagIndex.push(i);
- }
- }
- return tagIndex;
- };
- /**
- * Concatenates packetlist or array of packets
- */
- List.prototype.concat = function (packetlist) {
- if (packetlist) {
- for (let i = 0; i < packetlist.length; i++) {
- this.push(packetlist[i]);
- }
- }
- return this;
- };
- /**
- * Allocate a new packetlist from structured packetlist clone
- * See {@link https://w3c.github.io/html/infrastructure.html#safe-passing-of-structured-data}
- * @param {Object} packetClone packetlist clone
- * @returns {Object} new packetlist object with data from packetlist clone
- */
- List.fromStructuredClone = function (packetlistClone) {
- const packetlist = new List();
- for (let i = 0; i < packetlistClone.length; i++) {
- const packet = packets.fromStructuredClone(packetlistClone[i]);
- packetlist.push(packet);
- if (packet.embeddedSignature) {
- packet.embeddedSignature = packets.fromStructuredClone(packet.embeddedSignature);
- }
- if (packet.packets.length !== 0) {
- packet.packets = this.fromStructuredClone(packet.packets);
- } else {
- packet.packets = new List();
- }
- }
- if (packetlistClone.stream) {
- packetlist.stream = _webStreamTools2.default.transform(packetlistClone.stream, packet => packets.fromStructuredClone(packet));
- }
- return packetlist;
- };
- exports.default = List;
- },{"../config":79,"../enums":113,"../util":158,"./all_packets":128,"./packet":135,"web-stream-tools":75}],137:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _sha = require('asmcrypto.js/dist_es5/hash/sha1/sha1');
- var _sha2 = require('asmcrypto.js/dist_es5/hash/sha256/sha256');
- var _keyid = require('../type/keyid');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _mpi = require('../type/mpi');
- var _mpi2 = _interopRequireDefault(_mpi);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Key Material Packet (Tag 5,6,7,14)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.5|RFC4480 5.5}:
- * A key material packet contains all the information about a public or
- * private key. There are four variants of this packet type, and two
- * major versions.
- *
- * A Public-Key packet starts a series of packets that forms an OpenPGP
- * key (sometimes called an OpenPGP certificate).
- * @memberof module:packet
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires type/keyid
- * @requires type/mpi
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function PublicKey(date = new Date()) {
- /**
- * Packet type
- * @type {module:enums.packet}
- */
- this.tag = _enums2.default.packet.publicKey;
- /**
- * Packet version
- * @type {Integer}
- */
- this.version = _config2.default.v5_keys ? 5 : 4;
- /**
- * Key creation date.
- * @type {Date}
- */
- this.created = _util2.default.normalizeDate(date);
- /**
- * Public key algorithm.
- * @type {String}
- */
- this.algorithm = null;
- /**
- * Algorithm specific params
- * @type {Array<Object>}
- */
- this.params = [];
- /**
- * Time until expiration in days (V3 only)
- * @type {Integer}
- */
- this.expirationTimeV3 = 0;
- /**
- * Fingerprint in lowercase hex
- * @type {String}
- */
- this.fingerprint = null;
- /**
- * Keyid
- * @type {module:type/keyid}
- */
- this.keyid = null;
- }
- /**
- * Internal Parser for public keys as specified in {@link https://tools.ietf.org/html/rfc4880#section-5.5.2|RFC 4880 section 5.5.2 Public-Key Packet Formats}
- * called by read_tag<num>
- * @param {Uint8Array} bytes Input array to read the packet from
- * @returns {Object} This object with attributes set by the parser
- */
- PublicKey.prototype.read = function (bytes) {
- let pos = 0;
- // A one-octet version number (3, 4 or 5).
- this.version = bytes[pos++];
- if (this.version === 4 || this.version === 5) {
- // - A four-octet number denoting the time that the key was created.
- this.created = _util2.default.readDate(bytes.subarray(pos, pos + 4));
- pos += 4;
- // - A one-octet number denoting the public-key algorithm of this key.
- this.algorithm = _enums2.default.read(_enums2.default.publicKey, bytes[pos++]);
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- if (this.version === 5) {
- // - A four-octet scalar octet count for the following key material.
- pos += 4;
- }
- // - A series of values comprising the key material. This is
- // algorithm-specific and described in section XXXX.
- const types = _crypto2.default.getPubKeyParamTypes(algo);
- this.params = _crypto2.default.constructParams(types);
- for (let i = 0; i < types.length && pos < bytes.length; i++) {
- pos += this.params[i].read(bytes.subarray(pos, bytes.length));
- if (pos > bytes.length) {
- throw new Error('Error reading MPI @:' + pos);
- }
- }
- return pos;
- }
- throw new Error('Version ' + this.version + ' of the key packet is unsupported.');
- };
- /**
- * Alias of read()
- * @see module:packet.PublicKey#read
- */
- PublicKey.prototype.readPublicKey = PublicKey.prototype.read;
- /**
- * Same as write_private_key, but has less information because of
- * public key.
- * @returns {Uint8Array} OpenPGP packet body contents,
- */
- PublicKey.prototype.write = function () {
- const arr = [];
- // Version
- arr.push(new Uint8Array([this.version]));
- arr.push(_util2.default.writeDate(this.created));
- // A one-octet number denoting the public-key algorithm of this key
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- arr.push(new Uint8Array([algo]));
- const paramCount = _crypto2.default.getPubKeyParamTypes(algo).length;
- const params = _util2.default.concatUint8Array(this.params.slice(0, paramCount).map(param => param.write()));
- if (this.version === 5) {
- // A four-octet scalar octet count for the following key material
- arr.push(_util2.default.writeNumber(params.length, 4));
- }
- // Algorithm-specific params
- arr.push(params);
- return _util2.default.concatUint8Array(arr);
- };
- /**
- * Alias of write()
- * @see module:packet.PublicKey#write
- */
- PublicKey.prototype.writePublicKey = PublicKey.prototype.write;
- /**
- * Write packet in order to be hashed; either for a signature or a fingerprint.
- */
- PublicKey.prototype.writeForHash = function (version) {
- const bytes = this.writePublicKey();
- if (version === 5) {
- return _util2.default.concatUint8Array([new Uint8Array([0x9A]), _util2.default.writeNumber(bytes.length, 4), bytes]);
- }
- return _util2.default.concatUint8Array([new Uint8Array([0x99]), _util2.default.writeNumber(bytes.length, 2), bytes]);
- };
- /**
- * Check whether secret-key data is available in decrypted form. Returns null for public keys.
- * @returns {Boolean|null}
- */
- PublicKey.prototype.isDecrypted = function () {
- return null;
- };
- /**
- * Returns the creation time of the key
- * @returns {Date}
- */
- PublicKey.prototype.getCreationTime = function () {
- return this.created;
- };
- /**
- * Calculates the key id of the key
- * @returns {String} A 8 byte key id
- */
- PublicKey.prototype.getKeyId = function () {
- if (this.keyid) {
- return this.keyid;
- }
- this.keyid = new _keyid2.default();
- if (this.version === 5) {
- this.keyid.read(_util2.default.hex_to_Uint8Array(this.getFingerprint()).subarray(0, 8));
- } else if (this.version === 4) {
- this.keyid.read(_util2.default.hex_to_Uint8Array(this.getFingerprint()).subarray(12, 20));
- }
- return this.keyid;
- };
- /**
- * Calculates the fingerprint of the key
- * @returns {Uint8Array} A Uint8Array containing the fingerprint
- */
- PublicKey.prototype.getFingerprintBytes = function () {
- if (this.fingerprint) {
- return this.fingerprint;
- }
- const toHash = this.writeForHash(this.version);
- if (this.version === 5) {
- this.fingerprint = _sha2.Sha256.bytes(toHash);
- } else if (this.version === 4) {
- this.fingerprint = _sha.Sha1.bytes(toHash);
- }
- return this.fingerprint;
- };
- /**
- * Calculates the fingerprint of the key
- * @returns {String} A string containing the fingerprint in lowercase hex
- */
- PublicKey.prototype.getFingerprint = function () {
- return _util2.default.Uint8Array_to_hex(this.getFingerprintBytes());
- };
- /**
- * Calculates whether two keys have the same fingerprint without actually calculating the fingerprint
- * @returns {Boolean} Whether the two keys have the same version and public key data
- */
- PublicKey.prototype.hasSameFingerprintAs = function (other) {
- return this.version === other.version && _util2.default.equalsUint8Array(this.writePublicKey(), other.writePublicKey());
- };
- /**
- * Returns algorithm information
- * @returns {Object} An object of the form {algorithm: String, rsaBits:int, curve:String}
- */
- PublicKey.prototype.getAlgorithmInfo = function () {
- const result = {};
- result.algorithm = this.algorithm;
- if (this.params[0] instanceof _mpi2.default) {
- result.rsaBits = this.params[0].byteLength() * 8;
- result.bits = result.rsaBits; // Deprecated.
- } else {
- result.curve = this.params[0].getName();
- }
- return result;
- };
- /**
- * Fix custom types after cloning
- */
- PublicKey.prototype.postCloneTypeFix = function () {
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- const types = _crypto2.default.getPubKeyParamTypes(algo);
- for (let i = 0; i < types.length; i++) {
- const param = this.params[i];
- this.params[i] = types[i].fromClone(param);
- }
- if (this.keyid) {
- this.keyid = _keyid2.default.fromClone(this.keyid);
- }
- };
- exports.default = PublicKey;
- },{"../config":79,"../crypto":94,"../enums":113,"../type/keyid":154,"../type/mpi":155,"../util":158,"asmcrypto.js/dist_es5/hash/sha1/sha1":11,"asmcrypto.js/dist_es5/hash/sha256/sha256":13}],138:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _keyid = require('../type/keyid');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Public-Key Encrypted Session Key Packets (Tag 1)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}:
- * A Public-Key Encrypted Session Key packet holds the session key
- * used to encrypt a message. Zero or more Public-Key Encrypted Session Key
- * packets and/or Symmetric-Key Encrypted Session Key packets may precede a
- * Symmetrically Encrypted Data Packet, which holds an encrypted message. The
- * message is encrypted with the session key, and the session key is itself
- * encrypted and stored in the Encrypted Session Key packet(s). The
- * Symmetrically Encrypted Data Packet is preceded by one Public-Key Encrypted
- * Session Key packet for each OpenPGP key to which the message is encrypted.
- * The recipient of the message finds a session key that is encrypted to their
- * public key, decrypts the session key, and then uses the session key to
- * decrypt the message.
- * @memberof module:packet
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires type/keyid
- * @requires type/mpi
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function PublicKeyEncryptedSessionKey() {
- this.tag = _enums2.default.packet.publicKeyEncryptedSessionKey;
- this.version = 3;
- this.publicKeyId = new _keyid2.default();
- this.publicKeyAlgorithm = null;
- this.sessionKey = null;
- this.sessionKeyAlgorithm = null;
- /** @type {Array<module:type/mpi>} */
- this.encrypted = [];
- }
- /**
- * Parsing function for a publickey encrypted session key packet (tag 1).
- *
- * @param {Uint8Array} input Payload of a tag 1 packet
- * @param {Integer} position Position to start reading from the input string
- * @param {Integer} len Length of the packet or the remaining length of
- * input at position
- * @returns {module:packet.PublicKeyEncryptedSessionKey} Object representation
- */
- PublicKeyEncryptedSessionKey.prototype.read = function (bytes) {
- this.version = bytes[0];
- this.publicKeyId.read(bytes.subarray(1, bytes.length));
- this.publicKeyAlgorithm = _enums2.default.read(_enums2.default.publicKey, bytes[9]);
- let i = 10;
- const algo = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- const types = _crypto2.default.getEncSessionKeyParamTypes(algo);
- this.encrypted = _crypto2.default.constructParams(types);
- for (let j = 0; j < types.length; j++) {
- i += this.encrypted[j].read(bytes.subarray(i, bytes.length));
- }
- };
- /**
- * Create a string representation of a tag 1 packet
- *
- * @returns {Uint8Array} The Uint8Array representation
- */
- PublicKeyEncryptedSessionKey.prototype.write = function () {
- const arr = [new Uint8Array([this.version]), this.publicKeyId.write(), new Uint8Array([_enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm)])];
- for (let i = 0; i < this.encrypted.length; i++) {
- arr.push(this.encrypted[i].write());
- }
- return _util2.default.concatUint8Array(arr);
- };
- /**
- * Encrypt session key packet
- * @param {module:packet.PublicKey} key Public key
- * @returns {Promise<Boolean>}
- * @async
- */
- PublicKeyEncryptedSessionKey.prototype.encrypt = async function (key) {
- let data = String.fromCharCode(_enums2.default.write(_enums2.default.symmetric, this.sessionKeyAlgorithm));
- data += _util2.default.Uint8Array_to_str(this.sessionKey);
- data += _util2.default.Uint8Array_to_str(_util2.default.write_checksum(this.sessionKey));
- const algo = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- this.encrypted = await _crypto2.default.publicKeyEncrypt(algo, key.params, data, key.getFingerprintBytes());
- return true;
- };
- /**
- * Decrypts the session key (only for public key encrypted session key
- * packets (tag 1)
- *
- * @param {module:packet.SecretKey} key
- * Private key with secret params unlocked
- * @returns {Promise<Boolean>}
- * @async
- */
- PublicKeyEncryptedSessionKey.prototype.decrypt = async function (key) {
- const algo = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- const decoded = await _crypto2.default.publicKeyDecrypt(algo, key.params, this.encrypted, key.getFingerprintBytes());
- const checksum = _util2.default.str_to_Uint8Array(decoded.substr(decoded.length - 2));
- key = _util2.default.str_to_Uint8Array(decoded.substring(1, decoded.length - 2));
- if (!_util2.default.equalsUint8Array(checksum, _util2.default.write_checksum(key))) {
- throw new Error('Decryption error');
- } else {
- this.sessionKey = key;
- this.sessionKeyAlgorithm = _enums2.default.read(_enums2.default.symmetric, decoded.charCodeAt(0));
- }
- return true;
- };
- /**
- * Fix custom types after cloning
- */
- PublicKeyEncryptedSessionKey.prototype.postCloneTypeFix = function () {
- this.publicKeyId = _keyid2.default.fromClone(this.publicKeyId);
- const algo = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- const types = _crypto2.default.getEncSessionKeyParamTypes(algo);
- for (let i = 0; i < this.encrypted.length; i++) {
- this.encrypted[i] = types[i].fromClone(this.encrypted[i]);
- }
- };
- exports.default = PublicKeyEncryptedSessionKey;
- },{"../crypto":94,"../enums":113,"../type/keyid":154,"../util":158}],139:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _public_key = require('./public_key');
- var _public_key2 = _interopRequireDefault(_public_key);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * A Public-Subkey packet (tag 14) has exactly the same format as a
- * Public-Key packet, but denotes a subkey. One or more subkeys may be
- * associated with a top-level key. By convention, the top-level key
- * provides signature services, and the subkeys provide encryption
- * services.
- * @memberof module:packet
- * @constructor
- * @extends module:packet.PublicKey
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires packet/public_key
- * @requires enums
- */
- function PublicSubkey() {
- _public_key2.default.call(this);
- this.tag = _enums2.default.packet.publicSubkey;
- }
- PublicSubkey.prototype = new _public_key2.default();
- PublicSubkey.prototype.constructor = PublicSubkey;
- exports.default = PublicSubkey;
- },{"../enums":113,"./public_key":137}],140:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _public_key = require('./public_key');
- var _public_key2 = _interopRequireDefault(_public_key);
- var _keyid = require('../type/keyid.js');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _s2k = require('../type/s2k');
- var _s2k2 = _interopRequireDefault(_s2k);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * A Secret-Key packet contains all the information that is found in a
- * Public-Key packet, including the public-key material, but also
- * includes the secret-key material after all the public-key fields.
- * @memberof module:packet
- * @constructor
- * @extends module:packet.PublicKey
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires packet/public_key
- * @requires type/keyid
- * @requires type/s2k
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function SecretKey(date = new Date()) {
- _public_key2.default.call(this, date);
- /**
- * Packet type
- * @type {module:enums.packet}
- */
- this.tag = _enums2.default.packet.secretKey;
- /**
- * Secret-key data
- */
- this.keyMaterial = null;
- /**
- * Indicates whether secret-key data is encrypted. `this.isEncrypted === false` means data is available in decrypted form.
- */
- this.isEncrypted = null;
- /**
- * S2K usage
- * @type {Integer}
- */
- this.s2k_usage = 0;
- /**
- * S2K object
- * @type {type/s2k}
- */
- this.s2k = null;
- /**
- * Symmetric algorithm
- * @type {String}
- */
- this.symmetric = null;
- /**
- * AEAD algorithm
- * @type {String}
- */
- this.aead = null;
- }
- SecretKey.prototype = new _public_key2.default();
- SecretKey.prototype.constructor = SecretKey;
- // Helper function
- function parse_cleartext_params(cleartext, algorithm) {
- const algo = _enums2.default.write(_enums2.default.publicKey, algorithm);
- const types = _crypto2.default.getPrivKeyParamTypes(algo);
- const params = _crypto2.default.constructParams(types);
- let p = 0;
- for (let i = 0; i < types.length && p < cleartext.length; i++) {
- p += params[i].read(cleartext.subarray(p, cleartext.length));
- if (p > cleartext.length) {
- throw new Error('Error reading param @:' + p);
- }
- }
- return params;
- }
- function write_cleartext_params(params, algorithm) {
- const arr = [];
- const algo = _enums2.default.write(_enums2.default.publicKey, algorithm);
- const numPublicParams = _crypto2.default.getPubKeyParamTypes(algo).length;
- for (let i = numPublicParams; i < params.length; i++) {
- arr.push(params[i].write());
- }
- return _util2.default.concatUint8Array(arr);
- }
- // 5.5.3. Secret-Key Packet Formats
- /**
- * Internal parser for private keys as specified in
- * {@link https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-04#section-5.5.3|RFC4880bis-04 section 5.5.3}
- * @param {String} bytes Input string to read the packet from
- */
- SecretKey.prototype.read = function (bytes) {
- // - A Public-Key or Public-Subkey packet, as described above.
- let i = this.readPublicKey(bytes);
- // - One octet indicating string-to-key usage conventions. Zero
- // indicates that the secret-key data is not encrypted. 255 or 254
- // indicates that a string-to-key specifier is being given. Any
- // other value is a symmetric-key encryption algorithm identifier.
- this.s2k_usage = bytes[i++];
- // - Only for a version 5 packet, a one-octet scalar octet count of
- // the next 4 optional fields.
- if (this.version === 5) {
- i++;
- }
- // - [Optional] If string-to-key usage octet was 255, 254, or 253, a
- // one-octet symmetric encryption algorithm.
- if (this.s2k_usage === 255 || this.s2k_usage === 254 || this.s2k_usage === 253) {
- this.symmetric = bytes[i++];
- this.symmetric = _enums2.default.read(_enums2.default.symmetric, this.symmetric);
- // - [Optional] If string-to-key usage octet was 253, a one-octet
- // AEAD algorithm.
- if (this.s2k_usage === 253) {
- this.aead = bytes[i++];
- this.aead = _enums2.default.read(_enums2.default.aead, this.aead);
- }
- // - [Optional] If string-to-key usage octet was 255, 254, or 253, a
- // string-to-key specifier. The length of the string-to-key
- // specifier is implied by its type, as described above.
- this.s2k = new _s2k2.default();
- i += this.s2k.read(bytes.subarray(i, bytes.length));
- if (this.s2k.type === 'gnu-dummy') {
- return;
- }
- } else if (this.s2k_usage) {
- this.symmetric = this.s2k_usage;
- this.symmetric = _enums2.default.read(_enums2.default.symmetric, this.symmetric);
- }
- // - [Optional] If secret data is encrypted (string-to-key usage octet
- // not zero), an Initial Vector (IV) of the same length as the
- // cipher's block size.
- if (this.s2k_usage) {
- this.iv = bytes.subarray(i, i + _crypto2.default.cipher[this.symmetric].blockSize);
- i += this.iv.length;
- }
- // - Only for a version 5 packet, a four-octet scalar octet count for
- // the following key material.
- if (this.version === 5) {
- i += 4;
- }
- // - Plain or encrypted multiprecision integers comprising the secret
- // key data. These algorithm-specific fields are as described
- // below.
- this.keyMaterial = bytes.subarray(i);
- this.isEncrypted = !!this.s2k_usage;
- if (!this.isEncrypted) {
- const cleartext = this.keyMaterial.subarray(0, -2);
- if (!_util2.default.equalsUint8Array(_util2.default.write_checksum(cleartext), this.keyMaterial.subarray(-2))) {
- throw new Error('Key checksum mismatch');
- }
- const privParams = parse_cleartext_params(cleartext, this.algorithm);
- this.params = this.params.concat(privParams);
- }
- };
- /**
- * Creates an OpenPGP key packet for the given key.
- * @returns {String} A string of bytes containing the secret key OpenPGP packet
- */
- SecretKey.prototype.write = function () {
- const arr = [this.writePublicKey()];
- arr.push(new Uint8Array([this.s2k_usage]));
- const optionalFieldsArr = [];
- // - [Optional] If string-to-key usage octet was 255, 254, or 253, a
- // one- octet symmetric encryption algorithm.
- if (this.s2k_usage === 255 || this.s2k_usage === 254 || this.s2k_usage === 253) {
- optionalFieldsArr.push(_enums2.default.write(_enums2.default.symmetric, this.symmetric));
- // - [Optional] If string-to-key usage octet was 253, a one-octet
- // AEAD algorithm.
- if (this.s2k_usage === 253) {
- optionalFieldsArr.push(_enums2.default.write(_enums2.default.aead, this.aead));
- }
- // - [Optional] If string-to-key usage octet was 255, 254, or 253, a
- // string-to-key specifier. The length of the string-to-key
- // specifier is implied by its type, as described above.
- optionalFieldsArr.push(...this.s2k.write());
- }
- // - [Optional] If secret data is encrypted (string-to-key usage octet
- // not zero), an Initial Vector (IV) of the same length as the
- // cipher's block size.
- if (this.s2k_usage && this.s2k.type !== 'gnu-dummy') {
- optionalFieldsArr.push(...this.iv);
- }
- if (this.version === 5) {
- arr.push(new Uint8Array([optionalFieldsArr.length]));
- }
- arr.push(new Uint8Array(optionalFieldsArr));
- if (!this.s2k || this.s2k.type !== 'gnu-dummy') {
- if (!this.s2k_usage) {
- const cleartextParams = write_cleartext_params(this.params, this.algorithm);
- this.keyMaterial = _util2.default.concatUint8Array([cleartextParams, _util2.default.write_checksum(cleartextParams)]);
- }
- if (this.version === 5) {
- arr.push(_util2.default.writeNumber(this.keyMaterial.length, 4));
- }
- arr.push(this.keyMaterial);
- }
- return _util2.default.concatUint8Array(arr);
- };
- /**
- * Check whether secret-key data is available in decrypted form. Returns null for public keys.
- * @returns {Boolean|null}
- */
- SecretKey.prototype.isDecrypted = function () {
- return this.isEncrypted === false;
- };
- /**
- * Encrypt the payload. By default, we use aes256 and iterated, salted string
- * to key specifier. If the key is in a decrypted state (isEncrypted === false)
- * and the passphrase is empty or undefined, the key will be set as not encrypted.
- * This can be used to remove passphrase protection after calling decrypt().
- * @param {String} passphrase
- * @returns {Promise<Boolean>}
- * @async
- */
- SecretKey.prototype.encrypt = async function (passphrase) {
- if (this.s2k && this.s2k.type === 'gnu-dummy') {
- return false;
- }
- if (!this.isDecrypted()) {
- throw new Error('Key packet is already encrypted');
- }
- if (this.isDecrypted() && !passphrase) {
- this.s2k_usage = 0;
- return false;
- } else if (!passphrase) {
- throw new Error('The key must be decrypted before removing passphrase protection.');
- }
- this.s2k = new _s2k2.default();
- this.s2k.salt = await _crypto2.default.random.getRandomBytes(8);
- const cleartext = write_cleartext_params(this.params, this.algorithm);
- this.symmetric = 'aes256';
- const key = await produceEncryptionKey(this.s2k, passphrase, this.symmetric);
- const blockLen = _crypto2.default.cipher[this.symmetric].blockSize;
- this.iv = await _crypto2.default.random.getRandomBytes(blockLen);
- if (this.version === 5) {
- this.s2k_usage = 253;
- this.aead = 'eax';
- const mode = _crypto2.default[this.aead];
- const modeInstance = await mode(this.symmetric, key);
- this.keyMaterial = await modeInstance.encrypt(cleartext, this.iv.subarray(0, mode.ivLength), new Uint8Array());
- } else {
- this.s2k_usage = 254;
- this.keyMaterial = _crypto2.default.cfb.encrypt(this.symmetric, key, _util2.default.concatUint8Array([cleartext, await _crypto2.default.hash.sha1(cleartext)]), this.iv);
- }
- return true;
- };
- async function produceEncryptionKey(s2k, passphrase, algorithm) {
- return s2k.produce_key(passphrase, _crypto2.default.cipher[algorithm].keySize);
- }
- /**
- * Decrypts the private key params which are needed to use the key.
- * {@link module:packet.SecretKey.isDecrypted} should be false, as
- * otherwise calls to this function will throw an error.
- * @param {String} passphrase The passphrase for this private key as string
- * @returns {Promise<Boolean>}
- * @async
- */
- SecretKey.prototype.decrypt = async function (passphrase) {
- if (this.s2k.type === 'gnu-dummy') {
- this.isEncrypted = false;
- return false;
- }
- if (this.isDecrypted()) {
- throw new Error('Key packet is already decrypted.');
- }
- let key;
- if (this.s2k_usage === 255 || this.s2k_usage === 254 || this.s2k_usage === 253) {
- key = await produceEncryptionKey(this.s2k, passphrase, this.symmetric);
- } else {
- key = await _crypto2.default.hash.md5(passphrase);
- }
- let cleartext;
- if (this.s2k_usage === 253) {
- const mode = _crypto2.default[this.aead];
- try {
- const modeInstance = await mode(this.symmetric, key);
- cleartext = await modeInstance.decrypt(this.keyMaterial, this.iv.subarray(0, mode.ivLength), new Uint8Array());
- } catch (err) {
- if (err.message === 'Authentication tag mismatch') {
- throw new Error('Incorrect key passphrase: ' + err.message);
- }
- throw err;
- }
- } else {
- const cleartextWithHash = await _crypto2.default.cfb.decrypt(this.symmetric, key, this.keyMaterial, this.iv);
- let hash;
- let hashlen;
- if (this.s2k_usage === 255) {
- hashlen = 2;
- cleartext = cleartextWithHash.subarray(0, -hashlen);
- hash = _util2.default.write_checksum(cleartext);
- } else {
- hashlen = 20;
- cleartext = cleartextWithHash.subarray(0, -hashlen);
- hash = await _crypto2.default.hash.sha1(cleartext);
- }
- if (!_util2.default.equalsUint8Array(hash, cleartextWithHash.subarray(-hashlen))) {
- throw new Error('Incorrect key passphrase');
- }
- }
- const privParams = parse_cleartext_params(cleartext, this.algorithm);
- this.params = this.params.concat(privParams);
- this.isEncrypted = false;
- this.keyMaterial = null;
- this.s2k_usage = 0;
- return true;
- };
- SecretKey.prototype.generate = async function (bits, curve) {
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- this.params = await _crypto2.default.generateParams(algo, bits, curve);
- this.isEncrypted = false;
- };
- /**
- * Clear private params, return to initial state
- */
- SecretKey.prototype.clearPrivateParams = function () {
- if (this.s2k && this.s2k.type === 'gnu-dummy') {
- this.isEncrypted = true;
- return;
- }
- if (!this.keyMaterial) {
- throw new Error('If secret key is not encrypted, clearing private params is irreversible.');
- }
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- this.params = this.params.slice(0, _crypto2.default.getPubKeyParamTypes(algo).length);
- this.isEncrypted = true;
- };
- /**
- * Fix custom types after cloning
- */
- SecretKey.prototype.postCloneTypeFix = function () {
- const algo = _enums2.default.write(_enums2.default.publicKey, this.algorithm);
- const types = [].concat(_crypto2.default.getPubKeyParamTypes(algo), _crypto2.default.getPrivKeyParamTypes(algo));
- for (let i = 0; i < this.params.length; i++) {
- const param = this.params[i];
- this.params[i] = types[i].fromClone(param);
- }
- if (this.keyid) {
- this.keyid = _keyid2.default.fromClone(this.keyid);
- }
- if (this.s2k) {
- this.s2k = _s2k2.default.fromClone(this.s2k);
- }
- };
- exports.default = SecretKey;
- },{"../crypto":94,"../enums":113,"../type/keyid.js":154,"../type/s2k":157,"../util":158,"./public_key":137}],141:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _secret_key = require('./secret_key');
- var _secret_key2 = _interopRequireDefault(_secret_key);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * A Secret-Subkey packet (tag 7) is the subkey analog of the Secret
- * Key packet and has exactly the same format.
- * @memberof module:packet
- * @constructor
- * @extends module:packet.SecretKey
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires packet/secret_key
- * @requires enums
- */
- function SecretSubkey(date = new Date()) {
- _secret_key2.default.call(this, date);
- this.tag = _enums2.default.packet.secretSubkey;
- }
- SecretSubkey.prototype = new _secret_key2.default();
- SecretSubkey.prototype.constructor = SecretSubkey;
- exports.default = SecretSubkey;
- },{"../enums":113,"./secret_key":140}],142:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _keyid = require('../type/keyid.js');
- var _keyid2 = _interopRequireDefault(_keyid);
- var _mpi = require('../type/mpi.js');
- var _mpi2 = _interopRequireDefault(_mpi);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Signature Packet (Tag 2)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.2|RFC4480 5.2}:
- * A Signature packet describes a binding between some public key and
- * some data. The most common signatures are a signature of a file or a
- * block of text, and a signature that is a certification of a User ID.
- * @memberof module:packet
- * @constructor
- * @param {Date} date the creation date of the signature
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires packet/packet
- * @requires type/keyid
- * @requires type/mpi
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function Signature(date = new Date()) {
- this.tag = _enums2.default.packet.signature;
- this.version = 4; // This is set to 5 below if we sign with a V5 key.
- this.signatureType = null;
- this.hashAlgorithm = null;
- this.publicKeyAlgorithm = null;
- this.signatureData = null;
- this.unhashedSubpackets = [];
- this.signedHashValue = null;
- this.created = _util2.default.normalizeDate(date);
- this.signatureExpirationTime = null;
- this.signatureNeverExpires = true;
- this.exportable = null;
- this.trustLevel = null;
- this.trustAmount = null;
- this.regularExpression = null;
- this.revocable = null;
- this.keyExpirationTime = null;
- this.keyNeverExpires = null;
- this.preferredSymmetricAlgorithms = null;
- this.revocationKeyClass = null;
- this.revocationKeyAlgorithm = null;
- this.revocationKeyFingerprint = null;
- this.issuerKeyId = new _keyid2.default();
- this.notations = [];
- this.preferredHashAlgorithms = null;
- this.preferredCompressionAlgorithms = null;
- this.keyServerPreferences = null;
- this.preferredKeyServer = null;
- this.isPrimaryUserID = null;
- this.policyURI = null;
- this.keyFlags = null;
- this.signersUserId = null;
- this.reasonForRevocationFlag = null;
- this.reasonForRevocationString = null;
- this.features = null;
- this.signatureTargetPublicKeyAlgorithm = null;
- this.signatureTargetHashAlgorithm = null;
- this.signatureTargetHash = null;
- this.embeddedSignature = null;
- this.issuerKeyVersion = null;
- this.issuerFingerprint = null;
- this.preferredAeadAlgorithms = null;
- this.verified = null;
- this.revoked = null;
- }
- /**
- * parsing function for a signature packet (tag 2).
- * @param {String} bytes payload of a tag 2 packet
- * @param {Integer} position position to start reading from the bytes string
- * @param {Integer} len length of the packet or the remaining length of bytes at position
- * @returns {module:packet.Signature} object representation
- */
- Signature.prototype.read = function (bytes) {
- let i = 0;
- this.version = bytes[i++];
- if (this.version !== 4 && this.version !== 5) {
- throw new Error('Version ' + this.version + ' of the signature is unsupported.');
- }
- this.signatureType = bytes[i++];
- this.publicKeyAlgorithm = bytes[i++];
- this.hashAlgorithm = bytes[i++];
- // hashed subpackets
- i += this.read_sub_packets(bytes.subarray(i, bytes.length), true);
- // A V4 signature hashes the packet body
- // starting from its first field, the version number, through the end
- // of the hashed subpacket data. Thus, the fields hashed are the
- // signature version, the signature type, the public-key algorithm, the
- // hash algorithm, the hashed subpacket length, and the hashed
- // subpacket body.
- this.signatureData = bytes.subarray(0, i);
- // unhashed subpackets
- i += this.read_sub_packets(bytes.subarray(i, bytes.length), false);
- // Two-octet field holding left 16 bits of signed hash value.
- this.signedHashValue = bytes.subarray(i, i + 2);
- i += 2;
- this.signature = bytes.subarray(i, bytes.length);
- };
- Signature.prototype.write = function () {
- const arr = [];
- arr.push(this.signatureData);
- arr.push(this.write_unhashed_sub_packets());
- arr.push(this.signedHashValue);
- arr.push(_webStreamTools2.default.clone(this.signature));
- return _util2.default.concat(arr);
- };
- /**
- * Signs provided data. This needs to be done prior to serialization.
- * @param {module:packet.SecretKey} key private key used to sign the message.
- * @param {Object} data Contains packets to be signed.
- * @param {Boolean} detached (optional) whether to create a detached signature
- * @param {Boolean} streaming (optional) whether to process data as a stream
- * @returns {Promise<Boolean>}
- * @async
- */
- Signature.prototype.sign = async function (key, data, detached = false, streaming = false) {
- const signatureType = _enums2.default.write(_enums2.default.signature, this.signatureType);
- const publicKeyAlgorithm = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- const hashAlgorithm = _enums2.default.write(_enums2.default.hash, this.hashAlgorithm);
- if (key.version === 5) {
- this.version = 5;
- }
- const arr = [new Uint8Array([this.version, signatureType, publicKeyAlgorithm, hashAlgorithm])];
- if (key.version === 5) {
- // We could also generate this subpacket for version 4 keys, but for
- // now we don't.
- this.issuerKeyVersion = key.version;
- this.issuerFingerprint = key.getFingerprintBytes();
- }
- this.issuerKeyId = key.getKeyId();
- // Add hashed subpackets
- arr.push(this.write_hashed_sub_packets());
- this.signatureData = _util2.default.concat(arr);
- const toHash = this.toHash(signatureType, data, detached);
- const hash = await this.hash(signatureType, data, toHash, detached);
- this.signedHashValue = _webStreamTools2.default.slice(_webStreamTools2.default.clone(hash), 0, 2);
- const params = key.params;
- const signed = async () => _crypto2.default.signature.sign(publicKeyAlgorithm, hashAlgorithm, params, toHash, (await _webStreamTools2.default.readToEnd(hash)));
- if (streaming) {
- this.signature = _webStreamTools2.default.fromAsync(signed);
- } else {
- this.signature = await signed();
- // Store the fact that this signature is valid, e.g. for when we call `await
- // getLatestValidSignature(this.revocationSignatures, key, data)` later.
- // Note that this only holds up if the key and data passed to verify are the
- // same as the ones passed to sign.
- this.verified = true;
- }
- return true;
- };
- /**
- * Creates Uint8Array of bytes of all subpacket data except Issuer and Embedded Signature subpackets
- * @returns {Uint8Array} subpacket data
- */
- Signature.prototype.write_hashed_sub_packets = function () {
- const sub = _enums2.default.signatureSubpacket;
- const arr = [];
- let bytes;
- if (this.created !== null) {
- arr.push(write_sub_packet(sub.signature_creation_time, _util2.default.writeDate(this.created)));
- }
- if (this.signatureExpirationTime !== null) {
- arr.push(write_sub_packet(sub.signature_expiration_time, _util2.default.writeNumber(this.signatureExpirationTime, 4)));
- }
- if (this.exportable !== null) {
- arr.push(write_sub_packet(sub.exportable_certification, new Uint8Array([this.exportable ? 1 : 0])));
- }
- if (this.trustLevel !== null) {
- bytes = new Uint8Array([this.trustLevel, this.trustAmount]);
- arr.push(write_sub_packet(sub.trust_signature, bytes));
- }
- if (this.regularExpression !== null) {
- arr.push(write_sub_packet(sub.regular_expression, this.regularExpression));
- }
- if (this.revocable !== null) {
- arr.push(write_sub_packet(sub.revocable, new Uint8Array([this.revocable ? 1 : 0])));
- }
- if (this.keyExpirationTime !== null) {
- arr.push(write_sub_packet(sub.key_expiration_time, _util2.default.writeNumber(this.keyExpirationTime, 4)));
- }
- if (this.preferredSymmetricAlgorithms !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.preferredSymmetricAlgorithms));
- arr.push(write_sub_packet(sub.preferred_symmetric_algorithms, bytes));
- }
- if (this.revocationKeyClass !== null) {
- bytes = new Uint8Array([this.revocationKeyClass, this.revocationKeyAlgorithm]);
- bytes = _util2.default.concat([bytes, this.revocationKeyFingerprint]);
- arr.push(write_sub_packet(sub.revocation_key, bytes));
- }
- this.notations.forEach(([name, value]) => {
- bytes = [new Uint8Array([0x80, 0, 0, 0])];
- // 2 octets of name length
- bytes.push(_util2.default.writeNumber(name.length, 2));
- // 2 octets of value length
- bytes.push(_util2.default.writeNumber(value.length, 2));
- bytes.push(_util2.default.str_to_Uint8Array(name + value));
- bytes = _util2.default.concat(bytes);
- arr.push(write_sub_packet(sub.notation_data, bytes));
- });
- if (this.preferredHashAlgorithms !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.preferredHashAlgorithms));
- arr.push(write_sub_packet(sub.preferred_hash_algorithms, bytes));
- }
- if (this.preferredCompressionAlgorithms !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.preferredCompressionAlgorithms));
- arr.push(write_sub_packet(sub.preferred_compression_algorithms, bytes));
- }
- if (this.keyServerPreferences !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.keyServerPreferences));
- arr.push(write_sub_packet(sub.key_server_preferences, bytes));
- }
- if (this.preferredKeyServer !== null) {
- arr.push(write_sub_packet(sub.preferred_key_server, _util2.default.str_to_Uint8Array(this.preferredKeyServer)));
- }
- if (this.isPrimaryUserID !== null) {
- arr.push(write_sub_packet(sub.primary_user_id, new Uint8Array([this.isPrimaryUserID ? 1 : 0])));
- }
- if (this.policyURI !== null) {
- arr.push(write_sub_packet(sub.policy_uri, _util2.default.str_to_Uint8Array(this.policyURI)));
- }
- if (this.keyFlags !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.keyFlags));
- arr.push(write_sub_packet(sub.key_flags, bytes));
- }
- if (this.signersUserId !== null) {
- arr.push(write_sub_packet(sub.signers_user_id, _util2.default.str_to_Uint8Array(this.signersUserId)));
- }
- if (this.reasonForRevocationFlag !== null) {
- bytes = _util2.default.str_to_Uint8Array(String.fromCharCode(this.reasonForRevocationFlag) + this.reasonForRevocationString);
- arr.push(write_sub_packet(sub.reason_for_revocation, bytes));
- }
- if (this.features !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.features));
- arr.push(write_sub_packet(sub.features, bytes));
- }
- if (this.signatureTargetPublicKeyAlgorithm !== null) {
- bytes = [new Uint8Array([this.signatureTargetPublicKeyAlgorithm, this.signatureTargetHashAlgorithm])];
- bytes.push(_util2.default.str_to_Uint8Array(this.signatureTargetHash));
- bytes = _util2.default.concat(bytes);
- arr.push(write_sub_packet(sub.signature_target, bytes));
- }
- if (this.preferredAeadAlgorithms !== null) {
- bytes = _util2.default.str_to_Uint8Array(_util2.default.Uint8Array_to_str(this.preferredAeadAlgorithms));
- arr.push(write_sub_packet(sub.preferred_aead_algorithms, bytes));
- }
- const result = _util2.default.concat(arr);
- const length = _util2.default.writeNumber(result.length, 2);
- return _util2.default.concat([length, result]);
- };
- /**
- * Creates Uint8Array of bytes of Issuer and Embedded Signature subpackets
- * @returns {Uint8Array} subpacket data
- */
- Signature.prototype.write_unhashed_sub_packets = function () {
- const sub = _enums2.default.signatureSubpacket;
- const arr = [];
- let bytes;
- if (!this.issuerKeyId.isNull() && this.issuerKeyVersion !== 5) {
- // If the version of [the] key is greater than 4, this subpacket
- // MUST NOT be included in the signature.
- arr.push(write_sub_packet(sub.issuer, this.issuerKeyId.write()));
- }
- if (this.embeddedSignature !== null) {
- arr.push(write_sub_packet(sub.embedded_signature, this.embeddedSignature.write()));
- }
- if (this.issuerFingerprint !== null) {
- bytes = [new Uint8Array([this.issuerKeyVersion]), this.issuerFingerprint];
- bytes = _util2.default.concat(bytes);
- arr.push(write_sub_packet(sub.issuer_fingerprint, bytes));
- }
- this.unhashedSubpackets.forEach(data => {
- arr.push(_packet2.default.writeSimpleLength(data.length));
- arr.push(data);
- });
- const result = _util2.default.concat(arr);
- const length = _util2.default.writeNumber(result.length, 2);
- return _util2.default.concat([length, result]);
- };
- /**
- * Creates a string representation of a sub signature packet
- * @see {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.1|RFC4880 5.2.3.1}
- * @see {@link https://tools.ietf.org/html/rfc4880#section-5.2.3.2|RFC4880 5.2.3.2}
- * @param {Integer} type subpacket signature type.
- * @param {String} data data to be included
- * @returns {String} a string-representation of a sub signature packet
- * @private
- */
- function write_sub_packet(type, data) {
- const arr = [];
- arr.push(_packet2.default.writeSimpleLength(data.length + 1));
- arr.push(new Uint8Array([type]));
- arr.push(data);
- return _util2.default.concat(arr);
- }
- // V4 signature sub packets
- Signature.prototype.read_sub_packet = function (bytes, trusted = true) {
- let mypos = 0;
- const read_array = (prop, bytes) => {
- this[prop] = [];
- for (let i = 0; i < bytes.length; i++) {
- this[prop].push(bytes[i]);
- }
- };
- // The leftmost bit denotes a "critical" packet
- const critical = bytes[mypos] & 0x80;
- const type = bytes[mypos] & 0x7F;
- // GPG puts the Issuer and Signature subpackets in the unhashed area.
- // Tampering with those invalidates the signature, so we can trust them.
- // Ignore all other unhashed subpackets.
- if (!trusted && ![_enums2.default.signatureSubpacket.issuer, _enums2.default.signatureSubpacket.issuer_fingerprint, _enums2.default.signatureSubpacket.embedded_signature].includes(type)) {
- this.unhashedSubpackets.push(bytes.subarray(mypos, bytes.length));
- return;
- }
- mypos++;
- // subpacket type
- switch (type) {
- case 2:
- // Signature Creation Time
- this.created = _util2.default.readDate(bytes.subarray(mypos, bytes.length));
- break;
- case 3:
- {
- // Signature Expiration Time in seconds
- const seconds = _util2.default.readNumber(bytes.subarray(mypos, bytes.length));
- this.signatureNeverExpires = seconds === 0;
- this.signatureExpirationTime = seconds;
- break;
- }
- case 4:
- // Exportable Certification
- this.exportable = bytes[mypos++] === 1;
- break;
- case 5:
- // Trust Signature
- this.trustLevel = bytes[mypos++];
- this.trustAmount = bytes[mypos++];
- break;
- case 6:
- // Regular Expression
- this.regularExpression = bytes[mypos];
- break;
- case 7:
- // Revocable
- this.revocable = bytes[mypos++] === 1;
- break;
- case 9:
- {
- // Key Expiration Time in seconds
- const seconds = _util2.default.readNumber(bytes.subarray(mypos, bytes.length));
- this.keyExpirationTime = seconds;
- this.keyNeverExpires = seconds === 0;
- break;
- }
- case 11:
- // Preferred Symmetric Algorithms
- read_array('preferredSymmetricAlgorithms', bytes.subarray(mypos, bytes.length));
- break;
- case 12:
- // Revocation Key
- // (1 octet of class, 1 octet of public-key algorithm ID, 20
- // octets of
- // fingerprint)
- this.revocationKeyClass = bytes[mypos++];
- this.revocationKeyAlgorithm = bytes[mypos++];
- this.revocationKeyFingerprint = bytes.subarray(mypos, mypos + 20);
- break;
- case 16:
- // Issuer
- this.issuerKeyId.read(bytes.subarray(mypos, bytes.length));
- break;
- case 20:
- // Notation Data
- // We don't know how to handle anything but a text flagged data.
- if (bytes[mypos] === 0x80) {
- // We extract key/value tuple from the byte stream.
- mypos += 4;
- const m = _util2.default.readNumber(bytes.subarray(mypos, mypos + 2));
- mypos += 2;
- const n = _util2.default.readNumber(bytes.subarray(mypos, mypos + 2));
- mypos += 2;
- const name = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, mypos + m));
- const value = _util2.default.Uint8Array_to_str(bytes.subarray(mypos + m, mypos + m + n));
- this.notations.push([name, value]);
- if (critical && _config2.default.known_notations.indexOf(name) === -1) {
- throw new Error("Unknown critical notation: " + name);
- }
- } else {
- _util2.default.print_debug("Unsupported notation flag " + bytes[mypos]);
- }
- break;
- case 21:
- // Preferred Hash Algorithms
- read_array('preferredHashAlgorithms', bytes.subarray(mypos, bytes.length));
- break;
- case 22:
- // Preferred Compression Algorithms
- read_array('preferredCompressionAlgorithms', bytes.subarray(mypos, bytes.length));
- break;
- case 23:
- // Key Server Preferences
- read_array('keyServerPreferences', bytes.subarray(mypos, bytes.length));
- break;
- case 24:
- // Preferred Key Server
- this.preferredKeyServer = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, bytes.length));
- break;
- case 25:
- // Primary User ID
- this.isPrimaryUserID = bytes[mypos++] !== 0;
- break;
- case 26:
- // Policy URI
- this.policyURI = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, bytes.length));
- break;
- case 27:
- // Key Flags
- read_array('keyFlags', bytes.subarray(mypos, bytes.length));
- break;
- case 28:
- // Signer's User ID
- this.signersUserId = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, bytes.length));
- break;
- case 29:
- // Reason for Revocation
- this.reasonForRevocationFlag = bytes[mypos++];
- this.reasonForRevocationString = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, bytes.length));
- break;
- case 30:
- // Features
- read_array('features', bytes.subarray(mypos, bytes.length));
- break;
- case 31:
- {
- // Signature Target
- // (1 octet public-key algorithm, 1 octet hash algorithm, N octets hash)
- this.signatureTargetPublicKeyAlgorithm = bytes[mypos++];
- this.signatureTargetHashAlgorithm = bytes[mypos++];
- const len = _crypto2.default.getHashByteLength(this.signatureTargetHashAlgorithm);
- this.signatureTargetHash = _util2.default.Uint8Array_to_str(bytes.subarray(mypos, mypos + len));
- break;
- }
- case 32:
- // Embedded Signature
- this.embeddedSignature = new Signature();
- this.embeddedSignature.read(bytes.subarray(mypos, bytes.length));
- break;
- case 33:
- // Issuer Fingerprint
- this.issuerKeyVersion = bytes[mypos++];
- this.issuerFingerprint = bytes.subarray(mypos, bytes.length);
- if (this.issuerKeyVersion === 5) {
- this.issuerKeyId.read(this.issuerFingerprint);
- } else {
- this.issuerKeyId.read(this.issuerFingerprint.subarray(-8));
- }
- break;
- case 34:
- // Preferred AEAD Algorithms
- read_array.call(this, 'preferredAeadAlgorithms', bytes.subarray(mypos, bytes.length));
- break;
- default:
- {
- const err = new Error("Unknown signature subpacket type " + type + " @:" + mypos);
- if (critical) {
- throw err;
- } else {
- _util2.default.print_debug(err);
- }
- }
- }
- };
- Signature.prototype.read_sub_packets = function (bytes, trusted = true) {
- // Two-octet scalar octet count for following subpacket data.
- const subpacket_length = _util2.default.readNumber(bytes.subarray(0, 2));
- let i = 2;
- // subpacket data set (zero or more subpackets)
- while (i < 2 + subpacket_length) {
- const len = _packet2.default.readSimpleLength(bytes.subarray(i, bytes.length));
- i += len.offset;
- this.read_sub_packet(bytes.subarray(i, i + len.len), trusted);
- i += len.len;
- }
- return i;
- };
- // Produces data to produce signature on
- Signature.prototype.toSign = function (type, data) {
- const t = _enums2.default.signature;
- switch (type) {
- case t.binary:
- if (data.text !== null) {
- return _util2.default.str_to_Uint8Array(data.getText(true));
- }
- return data.getBytes(true);
- case t.text:
- {
- let text = data.getText(true);
- // normalize EOL to \r\n
- text = _util2.default.canonicalizeEOL(text);
- // encode UTF8
- return _util2.default.encode_utf8(text);
- }
- case t.standalone:
- return new Uint8Array(0);
- case t.cert_generic:
- case t.cert_persona:
- case t.cert_casual:
- case t.cert_positive:
- case t.cert_revocation:
- {
- let packet;
- let tag;
- if (data.userId) {
- tag = 0xB4;
- packet = data.userId;
- } else if (data.userAttribute) {
- tag = 0xD1;
- packet = data.userAttribute;
- } else {
- throw new Error('Either a userId or userAttribute packet needs to be ' + 'supplied for certification.');
- }
- const bytes = packet.write();
- return _util2.default.concat([this.toSign(t.key, data), new Uint8Array([tag]), _util2.default.writeNumber(bytes.length, 4), bytes]);
- }
- case t.subkey_binding:
- case t.subkey_revocation:
- case t.key_binding:
- return _util2.default.concat([this.toSign(t.key, data), this.toSign(t.key, {
- key: data.bind
- })]);
- case t.key:
- if (data.key === undefined) {
- throw new Error('Key packet is required for this signature.');
- }
- return data.key.writeForHash(this.version);
- case t.key_revocation:
- return this.toSign(t.key, data);
- case t.timestamp:
- return new Uint8Array(0);
- case t.third_party:
- throw new Error('Not implemented');
- default:
- throw new Error('Unknown signature type.');
- }
- };
- Signature.prototype.calculateTrailer = function (data, detached) {
- let length = 0;
- return _webStreamTools2.default.transform(_webStreamTools2.default.clone(this.signatureData), value => {
- length += value.length;
- }, () => {
- const arr = [];
- if (this.version === 5 && (this.signatureType === _enums2.default.signature.binary || this.signatureType === _enums2.default.signature.text)) {
- if (detached) {
- arr.push(new Uint8Array(6));
- } else {
- arr.push(data.writeHeader());
- }
- }
- arr.push(new Uint8Array([this.version, 0xFF]));
- if (this.version === 5) {
- arr.push(new Uint8Array(4));
- }
- arr.push(_util2.default.writeNumber(length, 4));
- // For v5, this should really be writeNumber(length, 8) rather than the
- // hardcoded 4 zero bytes above
- return _util2.default.concat(arr);
- });
- };
- Signature.prototype.toHash = function (signatureType, data, detached = false) {
- const bytes = this.toSign(signatureType, data);
- return _util2.default.concat([bytes, this.signatureData, this.calculateTrailer(data, detached)]);
- };
- Signature.prototype.hash = async function (signatureType, data, toHash, detached = false, streaming = true) {
- const hashAlgorithm = _enums2.default.write(_enums2.default.hash, this.hashAlgorithm);
- if (!toHash) toHash = this.toHash(signatureType, data, detached);
- if (!streaming && _util2.default.isStream(toHash)) {
- return _webStreamTools2.default.fromAsync(async () => this.hash(signatureType, data, (await _webStreamTools2.default.readToEnd(toHash)), detached));
- }
- return _crypto2.default.hash.digest(hashAlgorithm, toHash);
- };
- /**
- * verifies the signature packet. Note: not all signature types are implemented
- * @param {module:packet.PublicSubkey|module:packet.PublicKey|
- * module:packet.SecretSubkey|module:packet.SecretKey} key the public key to verify the signature
- * @param {module:enums.signature} signatureType expected signature type
- * @param {String|Object} data data which on the signature applies
- * @param {Boolean} detached (optional) whether to verify a detached signature
- * @returns {Promise<Boolean>} True if message is verified, else false.
- * @async
- */
- Signature.prototype.verify = async function (key, signatureType, data, detached = false, streaming = false) {
- const publicKeyAlgorithm = _enums2.default.write(_enums2.default.publicKey, this.publicKeyAlgorithm);
- const hashAlgorithm = _enums2.default.write(_enums2.default.hash, this.hashAlgorithm);
- if (publicKeyAlgorithm !== _enums2.default.write(_enums2.default.publicKey, key.algorithm)) {
- throw new Error('Public key algorithm used to sign signature does not match issuer key algorithm.');
- }
- let toHash;
- let hash;
- if (this.hashed) {
- hash = this.hashed;
- } else {
- toHash = this.toHash(signatureType, data, detached);
- if (!streaming) toHash = await _webStreamTools2.default.readToEnd(toHash);
- hash = await this.hash(signatureType, data, toHash);
- }
- hash = await _webStreamTools2.default.readToEnd(hash);
- if (this.signedHashValue[0] !== hash[0] || this.signedHashValue[1] !== hash[1]) {
- this.verified = false;
- } else {
- let mpicount = 0;
- // Algorithm-Specific Fields for RSA signatures:
- // - multiprecision number (MPI) of RSA signature value m**d mod n.
- if (publicKeyAlgorithm > 0 && publicKeyAlgorithm < 4) {
- mpicount = 1;
- // Algorithm-Specific Fields for DSA, ECDSA, and EdDSA signatures:
- // - MPI of DSA value r.
- // - MPI of DSA value s.
- } else if (publicKeyAlgorithm === _enums2.default.publicKey.dsa || publicKeyAlgorithm === _enums2.default.publicKey.ecdsa || publicKeyAlgorithm === _enums2.default.publicKey.eddsa) {
- mpicount = 2;
- }
- // EdDSA signature parameters are encoded in little-endian format
- // https://tools.ietf.org/html/rfc8032#section-5.1.2
- const endian = publicKeyAlgorithm === _enums2.default.publicKey.eddsa ? 'le' : 'be';
- const mpi = [];
- let i = 0;
- this.signature = await _webStreamTools2.default.readToEnd(this.signature);
- for (let j = 0; j < mpicount; j++) {
- mpi[j] = new _mpi2.default();
- i += mpi[j].read(this.signature.subarray(i, this.signature.length), endian);
- }
- this.verified = await _crypto2.default.signature.verify(publicKeyAlgorithm, hashAlgorithm, mpi, key.params, toHash, hash);
- }
- return this.verified;
- };
- /**
- * Verifies signature expiration date
- * @param {Date} date (optional) use the given date for verification instead of the current time
- * @returns {Boolean} true if expired
- */
- Signature.prototype.isExpired = function (date = new Date()) {
- const normDate = _util2.default.normalizeDate(date);
- if (normDate !== null) {
- const expirationTime = this.getExpirationTime();
- return !(this.created <= normDate && normDate <= expirationTime);
- }
- return false;
- };
- /**
- * Returns the expiration time of the signature or Infinity if signature does not expire
- * @returns {Date} expiration time
- */
- Signature.prototype.getExpirationTime = function () {
- return !this.signatureNeverExpires ? new Date(this.created.getTime() + this.signatureExpirationTime * 1000) : Infinity;
- };
- /**
- * Fix custom types after cloning
- */
- Signature.prototype.postCloneTypeFix = function () {
- this.issuerKeyId = _keyid2.default.fromClone(this.issuerKeyId);
- };
- exports.default = Signature;
- },{"../config":79,"../crypto":94,"../enums":113,"../type/keyid.js":154,"../type/mpi.js":155,"../util":158,"./packet":135,"web-stream-tools":75}],143:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const VERSION = 1; // A one-octet version number of the data packet.
- /**
- * Implementation of the Symmetrically Encrypted Authenticated Encryption with
- * Additional Data (AEAD) Protected Data Packet
- *
- * {@link https://tools.ietf.org/html/draft-ford-openpgp-format-00#section-2.1}:
- * AEAD Protected Data Packet
- * @memberof module:packet
- * @constructor
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2016 Tankred Hase
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function SymEncryptedAEADProtected() {
- this.tag = _enums2.default.packet.symEncryptedAEADProtected;
- this.version = VERSION;
- this.cipherAlgo = null;
- this.aeadAlgorithm = 'eax';
- this.aeadAlgo = null;
- this.chunkSizeByte = null;
- this.iv = null;
- this.encrypted = null;
- this.packets = null;
- }
- exports.default = SymEncryptedAEADProtected;
- /**
- * Parse an encrypted payload of bytes in the order: version, IV, ciphertext (see specification)
- * @param {Uint8Array | ReadableStream<Uint8Array>} bytes
- */
- SymEncryptedAEADProtected.prototype.read = async function (bytes) {
- await _webStreamTools2.default.parse(bytes, async reader => {
- if ((await reader.readByte()) !== VERSION) {
- // The only currently defined value is 1.
- throw new Error('Invalid packet version.');
- }
- this.cipherAlgo = await reader.readByte();
- this.aeadAlgo = await reader.readByte();
- this.chunkSizeByte = await reader.readByte();
- const mode = _crypto2.default[_enums2.default.read(_enums2.default.aead, this.aeadAlgo)];
- this.iv = await reader.readBytes(mode.ivLength);
- this.encrypted = reader.remainder();
- });
- };
- /**
- * Write the encrypted payload of bytes in the order: version, IV, ciphertext (see specification)
- * @returns {Uint8Array | ReadableStream<Uint8Array>} The encrypted payload
- */
- SymEncryptedAEADProtected.prototype.write = function () {
- return _util2.default.concat([new Uint8Array([this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte]), this.iv, this.encrypted]);
- };
- /**
- * Decrypt the encrypted payload.
- * @param {String} sessionKeyAlgorithm The session key's cipher algorithm e.g. 'aes128'
- * @param {Uint8Array} key The session key used to encrypt the payload
- * @param {Boolean} streaming Whether the top-level function will return a stream
- * @returns {Boolean}
- * @async
- */
- SymEncryptedAEADProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
- await this.packets.read((await this.crypt('decrypt', key, _webStreamTools2.default.clone(this.encrypted), streaming)), streaming);
- return true;
- };
- /**
- * Encrypt the packet list payload.
- * @param {String} sessionKeyAlgorithm The session key's cipher algorithm e.g. 'aes128'
- * @param {Uint8Array} key The session key used to encrypt the payload
- * @param {Boolean} streaming Whether the top-level function will return a stream
- * @async
- */
- SymEncryptedAEADProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) {
- this.cipherAlgo = _enums2.default.write(_enums2.default.symmetric, sessionKeyAlgorithm);
- this.aeadAlgo = _enums2.default.write(_enums2.default.aead, this.aeadAlgorithm);
- const mode = _crypto2.default[_enums2.default.read(_enums2.default.aead, this.aeadAlgo)];
- this.iv = await _crypto2.default.random.getRandomBytes(mode.ivLength); // generate new random IV
- this.chunkSizeByte = _config2.default.aead_chunk_size_byte;
- const data = this.packets.write();
- this.encrypted = await this.crypt('encrypt', key, data, streaming);
- };
- /**
- * En/decrypt the payload.
- * @param {encrypt|decrypt} fn Whether to encrypt or decrypt
- * @param {Uint8Array} key The session key used to en/decrypt the payload
- * @param {Uint8Array | ReadableStream<Uint8Array>} data The data to en/decrypt
- * @param {Boolean} streaming Whether the top-level function will return a stream
- * @returns {Uint8Array | ReadableStream<Uint8Array>}
- * @async
- */
- SymEncryptedAEADProtected.prototype.crypt = async function (fn, key, data, streaming) {
- const cipher = _enums2.default.read(_enums2.default.symmetric, this.cipherAlgo);
- const mode = _crypto2.default[_enums2.default.read(_enums2.default.aead, this.aeadAlgo)];
- const modeInstance = await mode(cipher, key);
- const tagLengthIfDecrypting = fn === 'decrypt' ? mode.tagLength : 0;
- const tagLengthIfEncrypting = fn === 'encrypt' ? mode.tagLength : 0;
- const chunkSize = 2 ** (this.chunkSizeByte + 6) + tagLengthIfDecrypting; // ((uint64_t)1 << (c + 6))
- const adataBuffer = new ArrayBuffer(21);
- const adataArray = new Uint8Array(adataBuffer, 0, 13);
- const adataTagArray = new Uint8Array(adataBuffer);
- const adataView = new DataView(adataBuffer);
- const chunkIndexArray = new Uint8Array(adataBuffer, 5, 8);
- adataArray.set([0xC0 | this.tag, this.version, this.cipherAlgo, this.aeadAlgo, this.chunkSizeByte], 0);
- let chunkIndex = 0;
- let latestPromise = Promise.resolve();
- let cryptedBytes = 0;
- let queuedBytes = 0;
- const iv = this.iv;
- return _webStreamTools2.default.transformPair(data, async (readable, writable) => {
- const reader = _webStreamTools2.default.getReader(readable);
- const buffer = new TransformStream({}, {
- highWaterMark: streaming ? _util2.default.getHardwareConcurrency() * 2 ** (this.chunkSizeByte + 6) : Infinity,
- size: array => array.length
- });
- _webStreamTools2.default.pipe(buffer.readable, writable);
- const writer = _webStreamTools2.default.getWriter(buffer.writable);
- try {
- while (true) {
- let chunk = (await reader.readBytes(chunkSize + tagLengthIfDecrypting)) || new Uint8Array();
- const finalChunk = chunk.subarray(chunk.length - tagLengthIfDecrypting);
- chunk = chunk.subarray(0, chunk.length - tagLengthIfDecrypting);
- let cryptedPromise;
- let done;
- if (!chunkIndex || chunk.length) {
- reader.unshift(finalChunk);
- cryptedPromise = modeInstance[fn](chunk, mode.getNonce(iv, chunkIndexArray), adataArray);
- queuedBytes += chunk.length - tagLengthIfDecrypting + tagLengthIfEncrypting;
- } else {
- // After the last chunk, we either encrypt a final, empty
- // data chunk to get the final authentication tag or
- // validate that final authentication tag.
- adataView.setInt32(13 + 4, cryptedBytes); // Should be setInt64(13, ...)
- cryptedPromise = modeInstance[fn](finalChunk, mode.getNonce(iv, chunkIndexArray), adataTagArray);
- queuedBytes += tagLengthIfEncrypting;
- done = true;
- }
- cryptedBytes += chunk.length - tagLengthIfDecrypting;
- // eslint-disable-next-line no-loop-func
- latestPromise = latestPromise.then(() => cryptedPromise).then(async crypted => {
- await writer.ready;
- await writer.write(crypted);
- queuedBytes -= crypted.length;
- }).catch(err => writer.abort(err));
- if (done || queuedBytes > writer.desiredSize) {
- await latestPromise; // Respect backpressure
- }
- if (!done) {
- adataView.setInt32(5 + 4, ++chunkIndex); // Should be setInt64(5, ...)
- } else {
- await writer.close();
- break;
- }
- }
- } catch (e) {
- await writer.abort(e);
- }
- });
- };
- },{"../config":79,"../crypto":94,"../enums":113,"../util":158,"web-stream-tools":75}],144:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- const VERSION = 1; // A one-octet version number of the data packet.
- /**
- * Implementation of the Sym. Encrypted Integrity Protected Data Packet (Tag 18)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.13|RFC4880 5.13}:
- * The Symmetrically Encrypted Integrity Protected Data packet is
- * a variant of the Symmetrically Encrypted Data packet. It is a new feature
- * created for OpenPGP that addresses the problem of detecting a modification to
- * encrypted data. It is used in combination with a Modification Detection Code
- * packet.
- * @memberof module:packet
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires asmcrypto.js
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
- function SymEncryptedIntegrityProtected() {
- this.tag = _enums2.default.packet.symEncryptedIntegrityProtected;
- this.version = VERSION;
- /** The encrypted payload. */
- this.encrypted = null; // string
- /**
- * If after decrypting the packet this is set to true,
- * a modification has been detected and thus the contents
- * should be discarded.
- * @type {Boolean}
- */
- this.modification = false;
- this.packets = null;
- }
- SymEncryptedIntegrityProtected.prototype.read = async function (bytes) {
- await _webStreamTools2.default.parse(bytes, async reader => {
- // - A one-octet version number. The only currently defined value is 1.
- if ((await reader.readByte()) !== VERSION) {
- throw new Error('Invalid packet version.');
- }
- // - Encrypted data, the output of the selected symmetric-key cipher
- // operating in Cipher Feedback mode with shift amount equal to the
- // block size of the cipher (CFB-n where n is the block size).
- this.encrypted = reader.remainder();
- });
- };
- SymEncryptedIntegrityProtected.prototype.write = function () {
- return _util2.default.concat([new Uint8Array([VERSION]), this.encrypted]);
- };
- /**
- * Encrypt the payload in the packet.
- * @param {String} sessionKeyAlgorithm The selected symmetric encryption algorithm to be used e.g. 'aes128'
- * @param {Uint8Array} key The key of cipher blocksize length to be used
- * @param {Boolean} streaming Whether to set this.encrypted to a stream
- * @returns {Promise<Boolean>}
- * @async
- */
- SymEncryptedIntegrityProtected.prototype.encrypt = async function (sessionKeyAlgorithm, key, streaming) {
- let bytes = this.packets.write();
- if (!streaming) bytes = await _webStreamTools2.default.readToEnd(bytes);
- const prefix = await _crypto2.default.getPrefixRandom(sessionKeyAlgorithm);
- const mdc = new Uint8Array([0xD3, 0x14]); // modification detection code packet
- const tohash = _util2.default.concat([prefix, bytes, mdc]);
- const hash = await _crypto2.default.hash.sha1(_webStreamTools2.default.passiveClone(tohash));
- const plaintext = _util2.default.concat([tohash, hash]);
- this.encrypted = await _crypto2.default.cfb.encrypt(sessionKeyAlgorithm, key, plaintext, new Uint8Array(_crypto2.default.cipher[sessionKeyAlgorithm].blockSize));
- return true;
- };
- /**
- * Decrypts the encrypted data contained in the packet.
- * @param {String} sessionKeyAlgorithm The selected symmetric encryption algorithm to be used e.g. 'aes128'
- * @param {Uint8Array} key The key of cipher blocksize length to be used
- * @param {Boolean} streaming Whether to read this.encrypted as a stream
- * @returns {Promise<Boolean>}
- * @async
- */
- SymEncryptedIntegrityProtected.prototype.decrypt = async function (sessionKeyAlgorithm, key, streaming) {
- let encrypted = _webStreamTools2.default.clone(this.encrypted);
- if (!streaming) encrypted = await _webStreamTools2.default.readToEnd(encrypted);
- const decrypted = await _crypto2.default.cfb.decrypt(sessionKeyAlgorithm, key, encrypted, new Uint8Array(_crypto2.default.cipher[sessionKeyAlgorithm].blockSize));
- // there must be a modification detection code packet as the
- // last packet and everything gets hashed except the hash itself
- const realHash = _webStreamTools2.default.slice(_webStreamTools2.default.passiveClone(decrypted), -20);
- const tohash = _webStreamTools2.default.slice(decrypted, 0, -20);
- const verifyHash = Promise.all([_webStreamTools2.default.readToEnd((await _crypto2.default.hash.sha1(_webStreamTools2.default.passiveClone(tohash)))), _webStreamTools2.default.readToEnd(realHash)]).then(([hash, mdc]) => {
- if (!_util2.default.equalsUint8Array(hash, mdc)) {
- throw new Error('Modification detected.');
- }
- return new Uint8Array();
- });
- const bytes = _webStreamTools2.default.slice(tohash, _crypto2.default.cipher[sessionKeyAlgorithm].blockSize + 2); // Remove random prefix
- let packetbytes = _webStreamTools2.default.slice(bytes, 0, -2); // Remove MDC packet
- packetbytes = _webStreamTools2.default.concat([packetbytes, _webStreamTools2.default.fromAsync(() => verifyHash)]);
- if (!_util2.default.isStream(encrypted) || !_config2.default.allow_unauthenticated_stream) {
- packetbytes = await _webStreamTools2.default.readToEnd(packetbytes);
- }
- await this.packets.read(packetbytes, streaming);
- return true;
- };
- exports.default = SymEncryptedIntegrityProtected;
- },{"../config":79,"../crypto":94,"../enums":113,"../util":158,"web-stream-tools":75}],145:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _s2k = require('../type/s2k');
- var _s2k2 = _interopRequireDefault(_s2k);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Public-Key Encrypted Session Key Packets (Tag 1)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.1|RFC4880 5.1}:
- * A Public-Key Encrypted Session Key packet holds the session key
- * used to encrypt a message. Zero or more Public-Key Encrypted Session Key
- * packets and/or Symmetric-Key Encrypted Session Key packets may precede a
- * Symmetrically Encrypted Data Packet, which holds an encrypted message. The
- * message is encrypted with the session key, and the session key is itself
- * encrypted and stored in the Encrypted Session Key packet(s). The
- * Symmetrically Encrypted Data Packet is preceded by one Public-Key Encrypted
- * Session Key packet for each OpenPGP key to which the message is encrypted.
- * The recipient of the message finds a session key that is encrypted to their
- * public key, decrypts the session key, and then uses the session key to
- * decrypt the message.
- * @memberof module:packet
- * @constructor
- */
- function SymEncryptedSessionKey() {
- this.tag = _enums2.default.packet.symEncryptedSessionKey;
- this.version = _config2.default.aead_protect ? 5 : 4;
- this.sessionKey = null;
- this.sessionKeyEncryptionAlgorithm = null;
- this.sessionKeyAlgorithm = 'aes256';
- this.aeadAlgorithm = _enums2.default.read(_enums2.default.aead, _config2.default.aead_mode);
- this.encrypted = null;
- this.s2k = null;
- this.iv = null;
- }
- /**
- * Parsing function for a symmetric encrypted session key packet (tag 3).
- *
- * @param {Uint8Array} input Payload of a tag 1 packet
- * @param {Integer} position Position to start reading from the input string
- * @param {Integer} len
- * Length of the packet or the remaining length of
- * input at position
- * @returns {module:packet.SymEncryptedSessionKey} Object representation
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires type/s2k
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
- SymEncryptedSessionKey.prototype.read = function (bytes) {
- let offset = 0;
- // A one-octet version number. The only currently defined version is 4.
- this.version = bytes[offset++];
- // A one-octet number describing the symmetric algorithm used.
- const algo = _enums2.default.read(_enums2.default.symmetric, bytes[offset++]);
- if (this.version === 5) {
- // A one-octet AEAD algorithm.
- this.aeadAlgorithm = _enums2.default.read(_enums2.default.aead, bytes[offset++]);
- }
- // A string-to-key (S2K) specifier, length as defined above.
- this.s2k = new _s2k2.default();
- offset += this.s2k.read(bytes.subarray(offset, bytes.length));
- if (this.version === 5) {
- const mode = _crypto2.default[this.aeadAlgorithm];
- // A starting initialization vector of size specified by the AEAD
- // algorithm.
- this.iv = bytes.subarray(offset, offset += mode.ivLength);
- }
- // The encrypted session key itself, which is decrypted with the
- // string-to-key object. This is optional in version 4.
- if (this.version === 5 || offset < bytes.length) {
- this.encrypted = bytes.subarray(offset, bytes.length);
- this.sessionKeyEncryptionAlgorithm = algo;
- } else {
- this.sessionKeyAlgorithm = algo;
- }
- };
- SymEncryptedSessionKey.prototype.write = function () {
- const algo = this.encrypted === null ? this.sessionKeyAlgorithm : this.sessionKeyEncryptionAlgorithm;
- let bytes;
- if (this.version === 5) {
- bytes = _util2.default.concatUint8Array([new Uint8Array([this.version, _enums2.default.write(_enums2.default.symmetric, algo), _enums2.default.write(_enums2.default.aead, this.aeadAlgorithm)]), this.s2k.write(), this.iv, this.encrypted]);
- } else {
- bytes = _util2.default.concatUint8Array([new Uint8Array([this.version, _enums2.default.write(_enums2.default.symmetric, algo)]), this.s2k.write()]);
- if (this.encrypted !== null) {
- bytes = _util2.default.concatUint8Array([bytes, this.encrypted]);
- }
- }
- return bytes;
- };
- /**
- * Decrypts the session key
- * @param {String} passphrase The passphrase in string form
- * @returns {Promise<Boolean>}
- * @async
- */
- SymEncryptedSessionKey.prototype.decrypt = async function (passphrase) {
- const algo = this.sessionKeyEncryptionAlgorithm !== null ? this.sessionKeyEncryptionAlgorithm : this.sessionKeyAlgorithm;
- const length = _crypto2.default.cipher[algo].keySize;
- const key = await this.s2k.produce_key(passphrase, length);
- if (this.version === 5) {
- const mode = _crypto2.default[this.aeadAlgorithm];
- const adata = new Uint8Array([0xC0 | this.tag, this.version, _enums2.default.write(_enums2.default.symmetric, this.sessionKeyEncryptionAlgorithm), _enums2.default.write(_enums2.default.aead, this.aeadAlgorithm)]);
- const modeInstance = await mode(algo, key);
- this.sessionKey = await modeInstance.decrypt(this.encrypted, this.iv, adata);
- } else if (this.encrypted !== null) {
- const decrypted = await _crypto2.default.cfb.decrypt(algo, key, this.encrypted, new Uint8Array(_crypto2.default.cipher[algo].blockSize));
- this.sessionKeyAlgorithm = _enums2.default.read(_enums2.default.symmetric, decrypted[0]);
- this.sessionKey = decrypted.subarray(1, decrypted.length);
- } else {
- this.sessionKey = key;
- }
- return true;
- };
- /**
- * Encrypts the session key
- * @param {String} passphrase The passphrase in string form
- * @returns {Promise<Boolean>}
- * @async
- */
- SymEncryptedSessionKey.prototype.encrypt = async function (passphrase) {
- const algo = this.sessionKeyEncryptionAlgorithm !== null ? this.sessionKeyEncryptionAlgorithm : this.sessionKeyAlgorithm;
- this.sessionKeyEncryptionAlgorithm = algo;
- this.s2k = new _s2k2.default();
- this.s2k.salt = await _crypto2.default.random.getRandomBytes(8);
- const length = _crypto2.default.cipher[algo].keySize;
- const key = await this.s2k.produce_key(passphrase, length);
- if (this.sessionKey === null) {
- this.sessionKey = await _crypto2.default.generateSessionKey(this.sessionKeyAlgorithm);
- }
- if (this.version === 5) {
- const mode = _crypto2.default[this.aeadAlgorithm];
- this.iv = await _crypto2.default.random.getRandomBytes(mode.ivLength); // generate new random IV
- const adata = new Uint8Array([0xC0 | this.tag, this.version, _enums2.default.write(_enums2.default.symmetric, this.sessionKeyEncryptionAlgorithm), _enums2.default.write(_enums2.default.aead, this.aeadAlgorithm)]);
- const modeInstance = await mode(algo, key);
- this.encrypted = await modeInstance.encrypt(this.sessionKey, this.iv, adata);
- } else {
- const algo_enum = new Uint8Array([_enums2.default.write(_enums2.default.symmetric, this.sessionKeyAlgorithm)]);
- const private_key = _util2.default.concatUint8Array([algo_enum, this.sessionKey]);
- this.encrypted = await _crypto2.default.cfb.encrypt(algo, key, private_key, new Uint8Array(_crypto2.default.cipher[algo].blockSize));
- }
- return true;
- };
- /**
- * Fix custom types after cloning
- */
- SymEncryptedSessionKey.prototype.postCloneTypeFix = function () {
- this.s2k = _s2k2.default.fromClone(this.s2k);
- };
- exports.default = SymEncryptedSessionKey;
- },{"../config":79,"../crypto":94,"../enums":113,"../type/s2k":157,"../util":158}],146:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Symmetrically Encrypted Data Packet (Tag 9)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.7|RFC4880 5.7}:
- * The Symmetrically Encrypted Data packet contains data encrypted with a
- * symmetric-key algorithm. When it has been decrypted, it contains other
- * packets (usually a literal data packet or compressed data packet, but in
- * theory other Symmetrically Encrypted Data packets or sequences of packets
- * that form whole OpenPGP messages).
- * @memberof module:packet
- * @constructor
- */
- function SymmetricallyEncrypted() {
- /**
- * Packet type
- * @type {module:enums.packet}
- */
- this.tag = _enums2.default.packet.symmetricallyEncrypted;
- /**
- * Encrypted secret-key data
- */
- this.encrypted = null;
- /**
- * Decrypted packets contained within.
- * @type {module:packet.List}
- */
- this.packets = null;
- /**
- * When true, decrypt fails if message is not integrity protected
- * @see module:config.ignore_mdc_error
- */
- this.ignore_mdc_error = _config2.default.ignore_mdc_error;
- } // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires web-stream-tools
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- */
- SymmetricallyEncrypted.prototype.read = function (bytes) {
- this.encrypted = bytes;
- };
- SymmetricallyEncrypted.prototype.write = function () {
- return this.encrypted;
- };
- /**
- * Decrypt the symmetrically-encrypted packet data
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} sessionKeyAlgorithm Symmetric key algorithm to use
- * @param {Uint8Array} key The key of cipher blocksize length to be used
- * @returns {Promise<Boolean>}
- * @async
- */
- SymmetricallyEncrypted.prototype.decrypt = async function (sessionKeyAlgorithm, key) {
- // If MDC errors are not being ignored, all missing MDC packets in symmetrically encrypted data should throw an error
- if (!this.ignore_mdc_error) {
- throw new Error('Decryption failed due to missing MDC.');
- }
- this.encrypted = await _webStreamTools2.default.readToEnd(this.encrypted);
- const decrypted = await _crypto2.default.cfb.decrypt(sessionKeyAlgorithm, key, this.encrypted.subarray(_crypto2.default.cipher[sessionKeyAlgorithm].blockSize + 2), this.encrypted.subarray(2, _crypto2.default.cipher[sessionKeyAlgorithm].blockSize + 2));
- await this.packets.read(decrypted);
- return true;
- };
- /**
- * Encrypt the symmetrically-encrypted packet data
- * See {@link https://tools.ietf.org/html/rfc4880#section-9.2|RFC 4880 9.2} for algorithms.
- * @param {module:enums.symmetric} sessionKeyAlgorithm Symmetric key algorithm to use
- * @param {Uint8Array} key The key of cipher blocksize length to be used
- * @returns {Promise<Boolean>}
- * @async
- */
- SymmetricallyEncrypted.prototype.encrypt = async function (algo, key) {
- const data = this.packets.write();
- const prefix = await _crypto2.default.getPrefixRandom(algo);
- const FRE = await _crypto2.default.cfb.encrypt(algo, key, prefix, new Uint8Array(_crypto2.default.cipher[algo].blockSize));
- const ciphertext = await _crypto2.default.cfb.encrypt(algo, key, data, FRE.subarray(2));
- this.encrypted = _util2.default.concat([FRE, ciphertext]);
- return true;
- };
- exports.default = SymmetricallyEncrypted;
- },{"../config":79,"../crypto":94,"../enums":113,"../util":158,"web-stream-tools":75}],147:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the Trust Packet (Tag 12)
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-5.10|RFC4880 5.10}:
- * The Trust packet is used only within keyrings and is not normally
- * exported. Trust packets contain data that record the user's
- * specifications of which key holders are trustworthy introducers,
- * along with other information that implementing software uses for
- * trust information. The format of Trust packets is defined by a given
- * implementation.
- *
- * Trust packets SHOULD NOT be emitted to output streams that are
- * transferred to other users, and they SHOULD be ignored on any input
- * other than local keyring files.
- * @memberof module:packet
- * @constructor
- */
- function Trust() {
- this.tag = _enums2.default.packet.trust;
- }
- /**
- * Parsing function for a trust packet (tag 12).
- * Currently not implemented as we ignore trust packets
- * @param {String} byptes payload of a tag 12 packet
- */
- /**
- * @requires enums
- */
- Trust.prototype.read = function () {}; // TODO
- exports.default = Trust;
- },{"../enums":113}],148:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the User Attribute Packet (Tag 17)
- *
- * The User Attribute packet is a variation of the User ID packet. It
- * is capable of storing more types of data than the User ID packet,
- * which is limited to text. Like the User ID packet, a User Attribute
- * packet may be certified by the key owner ("self-signed") or any other
- * key owner who cares to certify it. Except as noted, a User Attribute
- * packet may be used anywhere that a User ID packet may be used.
- *
- * While User Attribute packets are not a required part of the OpenPGP
- * standard, implementations SHOULD provide at least enough
- * compatibility to properly handle a certification signature on the
- * User Attribute packet. A simple way to do this is by treating the
- * User Attribute packet as a User ID packet with opaque contents, but
- * an implementation may use any method desired.
- * @memberof module:packet
- * @constructor
- */
- function UserAttribute() {
- this.tag = _enums2.default.packet.userAttribute;
- this.attributes = [];
- }
- /**
- * parsing function for a user attribute packet (tag 17).
- * @param {Uint8Array} input payload of a tag 17 packet
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires packet
- * @requires enums
- * @requires util
- */
- UserAttribute.prototype.read = function (bytes) {
- let i = 0;
- while (i < bytes.length) {
- const len = _packet2.default.readSimpleLength(bytes.subarray(i, bytes.length));
- i += len.offset;
- this.attributes.push(_util2.default.Uint8Array_to_str(bytes.subarray(i, i + len.len)));
- i += len.len;
- }
- };
- /**
- * Creates a binary representation of the user attribute packet
- * @returns {Uint8Array} string representation
- */
- UserAttribute.prototype.write = function () {
- const arr = [];
- for (let i = 0; i < this.attributes.length; i++) {
- arr.push(_packet2.default.writeSimpleLength(this.attributes[i].length));
- arr.push(_util2.default.str_to_Uint8Array(this.attributes[i]));
- }
- return _util2.default.concatUint8Array(arr);
- };
- /**
- * Compare for equality
- * @param {module:packet.UserAttribute} usrAttr
- * @returns {Boolean} true if equal
- */
- UserAttribute.prototype.equals = function (usrAttr) {
- if (!usrAttr || !(usrAttr instanceof UserAttribute)) {
- return false;
- }
- return this.attributes.every(function (attr, index) {
- return attr === usrAttr.attributes[index];
- });
- };
- exports.default = UserAttribute;
- },{"../enums":113,"../util":158,"./packet":135}],149:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Implementation of the User ID Packet (Tag 13)
- *
- * A User ID packet consists of UTF-8 text that is intended to represent
- * the name and email address of the key holder. By convention, it
- * includes an RFC 2822 [RFC2822] mail name-addr, but there are no
- * restrictions on its content. The packet length in the header
- * specifies the length of the User ID.
- * @memberof module:packet
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires enums
- * @requires util
- */
- function Userid() {
- this.tag = _enums2.default.packet.userid;
- /** A string containing the user id. Usually in the form
- * John Doe <john@example.com>
- * @type {String}
- */
- this.userid = '';
- this.name = '';
- this.email = '';
- this.comment = '';
- }
- /**
- * Parsing function for a user id packet (tag 13).
- * @param {Uint8Array} input payload of a tag 13 packet
- */
- Userid.prototype.read = function (bytes) {
- this.parse(_util2.default.decode_utf8(bytes));
- };
- /**
- * Parse userid string, e.g. 'John Doe <john@example.com>'
- */
- Userid.prototype.parse = function (userid) {
- try {
- Object.assign(this, _util2.default.parseUserId(userid));
- } catch (e) {}
- this.userid = userid;
- };
- /**
- * Creates a binary representation of the user id packet
- * @returns {Uint8Array} binary representation
- */
- Userid.prototype.write = function () {
- return _util2.default.encode_utf8(this.userid);
- };
- /**
- * Set userid string from object, e.g. { name:'Phil Zimmermann', email:'phil@openpgp.org' }
- */
- Userid.prototype.format = function (userid) {
- if (_util2.default.isString(userid)) {
- userid = _util2.default.parseUserId(userid);
- }
- Object.assign(this, userid);
- this.userid = _util2.default.formatUserId(userid);
- };
- exports.default = Userid;
- },{"../enums":113,"../util":158}],150:[function(require,module,exports){
- (function (global){
- 'use strict';
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- if (typeof window !== 'undefined') {
- /********************************************************************
- * NOTE: This list is duplicated in Gruntfile.js, *
- * so that these polyfills are only included in the compat bundle. *
- ********************************************************************/
- try {
- if (typeof window.fetch === 'undefined') {
- require('whatwg-fetch');
- }
- if (typeof Array.prototype.fill === 'undefined') {
- require('core-js/fn/array/fill');
- }
- if (typeof Array.prototype.find === 'undefined') {
- require('core-js/fn/array/find');
- }
- if (typeof Array.prototype.includes === 'undefined') {
- require('core-js/fn/array/includes');
- }
- if (typeof Array.from === 'undefined') {
- require('core-js/fn/array/from');
- }
- // No if-statement on Promise because of IE11. Otherwise Promise is undefined in the service worker.
- require('core-js/fn/promise');
- if (typeof Uint8Array.from === 'undefined') {
- require('core-js/fn/typed/uint8-array');
- }
- if (typeof String.prototype.repeat === 'undefined') {
- require('core-js/fn/string/repeat');
- }
- if (typeof Symbol === 'undefined') {
- require('core-js/fn/symbol');
- }
- if (typeof Object.assign === 'undefined') {
- require('core-js/fn/object/assign');
- }
- } catch (e) {}
- } /**
- * @fileoverview Old browser polyfills
- * All are listed as dev dependencies because Node does not need them
- * and for browser babel will take care of it
- * @requires util
- * @module polyfills
- */
- if (typeof TransformStream === 'undefined') {
- require('@mattiasbuelens/web-streams-polyfill/es6');
- }
- if (typeof TextEncoder === 'undefined') {
- const nodeUtil = _util2.default.nodeRequire('util') || {};
- global.TextEncoder = nodeUtil.TextEncoder;
- global.TextDecoder = nodeUtil.TextDecoder;
- }
- if (typeof TextEncoder === 'undefined') {
- const textEncoding = require('text-encoding-utf-8');
- global.TextEncoder = textEncoding.TextEncoder;
- global.TextDecoder = textEncoding.TextDecoder;
- }
- }).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
- },{"./util":158,"@mattiasbuelens/web-streams-polyfill/es6":1,"core-js/fn/array/fill":"core-js/fn/array/fill","core-js/fn/array/find":"core-js/fn/array/find","core-js/fn/array/from":"core-js/fn/array/from","core-js/fn/array/includes":"core-js/fn/array/includes","core-js/fn/object/assign":"core-js/fn/object/assign","core-js/fn/promise":"core-js/fn/promise","core-js/fn/string/repeat":"core-js/fn/string/repeat","core-js/fn/symbol":"core-js/fn/symbol","core-js/fn/typed/uint8-array":"core-js/fn/typed/uint8-array","text-encoding-utf-8":71,"whatwg-fetch":"whatwg-fetch"}],151:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- exports.Signature = Signature;
- exports.readArmored = readArmored;
- exports.read = read;
- var _armor = require('./encoding/armor');
- var _armor2 = _interopRequireDefault(_armor);
- var _packet = require('./packet');
- var _packet2 = _interopRequireDefault(_packet);
- var _enums = require('./enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @class
- * @classdesc Class that represents an OpenPGP signature.
- * @param {module:packet.List} packetlist The signature packets
- */
- function Signature(packetlist) {
- if (!(this instanceof Signature)) {
- return new Signature(packetlist);
- }
- this.packets = packetlist || new _packet2.default.List();
- }
- /**
- * Returns ASCII armored text of signature
- * @returns {ReadableStream<String>} ASCII armor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @requires encoding/armor
- * @requires packet
- * @requires enums
- * @module signature
- */
- Signature.prototype.armor = function () {
- return _armor2.default.encode(_enums2.default.armor.signature, this.packets.write());
- };
- /**
- * reads an OpenPGP armored signature and returns a signature object
- * @param {String | ReadableStream<String>} armoredText text to be parsed
- * @returns {Signature} new signature object
- * @async
- * @static
- */
- async function readArmored(armoredText) {
- const input = await _armor2.default.decode(armoredText);
- return read(input.data);
- }
- /**
- * reads an OpenPGP signature as byte array and returns a signature object
- * @param {Uint8Array | ReadableStream<Uint8Array>} input binary signature
- * @returns {Signature} new signature object
- * @async
- * @static
- */
- async function read(input) {
- const packetlist = new _packet2.default.List();
- await packetlist.read(input);
- return new Signature(packetlist);
- }
- },{"./encoding/armor":111,"./enums":113,"./packet":131}],152:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- */
- function ECDHSymmetricKey(data) {
- if (typeof data === 'undefined') {
- data = new Uint8Array([]);
- } else if (_util2.default.isString(data)) {
- data = _util2.default.str_to_Uint8Array(data);
- } else {
- data = new Uint8Array(data);
- }
- this.data = data;
- }
- /**
- * Read an ECDHSymmetricKey from an Uint8Array
- * @param {Uint8Array} input Where to read the encoded symmetric key from
- * @returns {Number} Number of read bytes
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Encoded symmetric key for ECDH
- *
- * @requires util
- * @module type/ecdh_symkey
- */
- ECDHSymmetricKey.prototype.read = function (input) {
- if (input.length >= 1) {
- const length = input[0];
- if (input.length >= 1 + length) {
- this.data = input.subarray(1, 1 + length);
- return 1 + this.data.length;
- }
- }
- throw new Error('Invalid symmetric key');
- };
- /**
- * Write an ECDHSymmetricKey as an Uint8Array
- * @returns {Uint8Array} An array containing the value
- */
- ECDHSymmetricKey.prototype.write = function () {
- return _util2.default.concatUint8Array([new Uint8Array([this.data.length]), this.data]);
- };
- ECDHSymmetricKey.fromClone = function (clone) {
- return new ECDHSymmetricKey(clone.data);
- };
- exports.default = ECDHSymmetricKey;
- },{"../util":158}],153:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _enums = require('../enums.js');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- * @param {enums.hash} hash Hash algorithm
- * @param {enums.symmetric} cipher Symmetric algorithm
- */
- function KDFParams(data) {
- if (data && data.length === 2) {
- this.hash = data[0];
- this.cipher = data[1];
- } else {
- this.hash = _enums2.default.hash.sha1;
- this.cipher = _enums2.default.symmetric.aes128;
- }
- }
- /**
- * Read KDFParams from an Uint8Array
- * @param {Uint8Array} input Where to read the KDFParams from
- * @returns {Number} Number of read bytes
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Implementation of type KDF parameters
- *
- * {@link https://tools.ietf.org/html/rfc6637#section-7|RFC 6637 7}:
- * A key derivation function (KDF) is necessary to implement the EC
- * encryption. The Concatenation Key Derivation Function (Approved
- * Alternative 1) [NIST-SP800-56A] with the KDF hash function that is
- * SHA2-256 [FIPS-180-3] or stronger is REQUIRED.
- * @requires enums
- * @module type/kdf_params
- */
- KDFParams.prototype.read = function (input) {
- if (input.length < 4 || input[0] !== 3 || input[1] !== 1) {
- throw new Error('Cannot read KDFParams');
- }
- this.hash = input[2];
- this.cipher = input[3];
- return 4;
- };
- /**
- * Write KDFParams to an Uint8Array
- * @returns {Uint8Array} Array with the KDFParams value
- */
- KDFParams.prototype.write = function () {
- return new Uint8Array([3, 1, this.hash, this.cipher]);
- };
- KDFParams.fromClone = function (clone) {
- return new KDFParams([clone.hash, clone.cipher]);
- };
- exports.default = KDFParams;
- },{"../enums.js":113}],154:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('../util.js');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- */
- function Keyid() {
- this.bytes = '';
- }
- /**
- * Parsing method for a key id
- * @param {Uint8Array} input Input to read the key id from
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Implementation of type key id
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-3.3|RFC4880 3.3}:
- * A Key ID is an eight-octet scalar that identifies a key.
- * Implementations SHOULD NOT assume that Key IDs are unique. The
- * section "Enhanced Key Formats" below describes how Key IDs are
- * formed.
- * @requires util
- * @module type/keyid
- */
- Keyid.prototype.read = function (bytes) {
- this.bytes = _util2.default.Uint8Array_to_str(bytes.subarray(0, 8));
- };
- Keyid.prototype.write = function () {
- return _util2.default.str_to_Uint8Array(this.bytes);
- };
- Keyid.prototype.toHex = function () {
- return _util2.default.str_to_hex(this.bytes);
- };
- /**
- * Checks equality of Key ID's
- * @param {Keyid} keyid
- * @param {Boolean} matchWildcard Indicates whether to check if either keyid is a wildcard
- */
- Keyid.prototype.equals = function (keyid, matchWildcard = false) {
- return matchWildcard && (keyid.isWildcard() || this.isWildcard()) || this.bytes === keyid.bytes;
- };
- Keyid.prototype.isNull = function () {
- return this.bytes === '';
- };
- Keyid.prototype.isWildcard = function () {
- return (/^0+$/.test(this.toHex())
- );
- };
- Keyid.mapToHex = function (keyId) {
- return keyId.toHex();
- };
- Keyid.fromClone = function (clone) {
- const keyid = new Keyid();
- keyid.bytes = clone.bytes;
- return keyid;
- };
- Keyid.fromId = function (hex) {
- const keyid = new Keyid();
- keyid.read(_util2.default.hex_to_Uint8Array(hex));
- return keyid;
- };
- Keyid.wildcard = function () {
- const keyid = new Keyid();
- keyid.read(new Uint8Array(8));
- return keyid;
- };
- exports.default = Keyid;
- },{"../util.js":158}],155:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _bn = require('bn.js');
- var _bn2 = _interopRequireDefault(_bn);
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- // Hint: We hold our MPIs as an array of octets in big endian format preceding a two
- // octet scalar: MPI: [a,b,c,d,e,f]
- // - MPI size: (a << 8) | b
- // - MPI = c | d << 8 | e << ((MPI.length -2)*8) | f ((MPI.length -2)*8)
- /**
- * Implementation of type MPI ({@link https://tools.ietf.org/html/rfc4880#section-3.2|RFC4880 3.2})
- * Multiprecision integers (also called MPIs) are unsigned integers used
- * to hold large integers such as the ones used in cryptographic
- * calculations.
- * An MPI consists of two pieces: a two-octet scalar that is the length
- * of the MPI in bits followed by a string of octets that contain the
- * actual integer.
- * @requires bn.js
- * @requires util
- * @module type/mpi
- */
- function MPI(data) {
- /** An implementation dependent integer */
- if (data instanceof MPI) {
- this.data = data.data;
- } else if (_bn2.default.isBN(data)) {
- this.fromBN(data);
- } else if (_util2.default.isUint8Array(data)) {
- this.fromUint8Array(data);
- } else if (_util2.default.isString(data)) {
- this.fromString(data);
- } else {
- this.data = null;
- }
- }
- /**
- * Parsing function for a MPI ({@link https://tools.ietf.org/html/rfc4880#section-3.2|RFC 4880 3.2}).
- * @param {Uint8Array} input Payload of MPI data
- * @param {String} endian Endianness of the data; 'be' for big-endian or 'le' for little-endian
- * @returns {Integer} Length of data read
- */
- MPI.prototype.read = function (bytes, endian = 'be') {
- if (_util2.default.isString(bytes)) {
- bytes = _util2.default.str_to_Uint8Array(bytes);
- }
- const bits = bytes[0] << 8 | bytes[1];
- const bytelen = bits + 7 >>> 3;
- const payload = bytes.subarray(2, 2 + bytelen);
- this.fromUint8Array(payload, endian);
- return 2 + bytelen;
- };
- /**
- * Converts the mpi object to a bytes as specified in
- * {@link https://tools.ietf.org/html/rfc4880#section-3.2|RFC4880 3.2}
- * @param {String} endian Endianness of the payload; 'be' for big-endian or 'le' for little-endian
- * @param {Integer} length Length of the data part of the MPI
- * @returns {Uint8Aray} mpi Byte representation
- */
- MPI.prototype.write = function (endian, length) {
- return _util2.default.Uint8Array_to_MPI(this.toUint8Array(endian, length));
- };
- MPI.prototype.bitLength = function () {
- return (this.data.length - 1) * 8 + _util2.default.nbits(this.data[0]);
- };
- MPI.prototype.byteLength = function () {
- return this.data.length;
- };
- MPI.prototype.toUint8Array = function (endian, length) {
- endian = endian || 'be';
- length = length || this.data.length;
- const payload = new Uint8Array(length);
- const start = length - this.data.length;
- if (start < 0) {
- throw new Error('Payload is too large.');
- }
- payload.set(this.data, start);
- if (endian === 'le') {
- payload.reverse();
- }
- return payload;
- };
- MPI.prototype.fromUint8Array = function (bytes, endian = 'be') {
- this.data = new Uint8Array(bytes.length);
- this.data.set(bytes);
- if (endian === 'le') {
- this.data.reverse();
- }
- };
- MPI.prototype.toString = function () {
- return _util2.default.Uint8Array_to_str(this.toUint8Array());
- };
- MPI.prototype.fromString = function (str, endian = 'be') {
- this.fromUint8Array(_util2.default.str_to_Uint8Array(str), endian);
- };
- MPI.prototype.toBN = function () {
- return new _bn2.default(this.toUint8Array());
- };
- MPI.prototype.fromBN = function (bn) {
- this.data = bn.toArrayLike(Uint8Array);
- };
- MPI.fromClone = function (clone) {
- return new MPI(clone.data);
- };
- exports.default = MPI;
- },{"../util":158,"bn.js":16}],156:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('../util');
- var _util2 = _interopRequireDefault(_util);
- var _enums = require('../enums');
- var _enums2 = _interopRequireDefault(_enums);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- */
- // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2015-2016 Decentral
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Wrapper to an OID value
- *
- * {@link https://tools.ietf.org/html/rfc6637#section-11|RFC6637, section 11}:
- * The sequence of octets in the third column is the result of applying
- * the Distinguished Encoding Rules (DER) to the ASN.1 Object Identifier
- * with subsequent truncation. The truncation removes the two fields of
- * encoded Object Identifier. The first omitted field is one octet
- * representing the Object Identifier tag, and the second omitted field
- * is the length of the Object Identifier body. For example, the
- * complete ASN.1 DER encoding for the NIST P-256 curve OID is "06 08 2A
- * 86 48 CE 3D 03 01 07", from which the first entry in the table above
- * is constructed by omitting the first two octets. Only the truncated
- * sequence of octets is the valid representation of a curve OID.
- * @requires util
- * @requires enums
- * @module type/oid
- */
- function OID(oid) {
- if (oid instanceof OID) {
- this.oid = oid.oid;
- } else if (_util2.default.isArray(oid) || _util2.default.isUint8Array(oid)) {
- oid = new Uint8Array(oid);
- if (oid[0] === 0x06) {
- // DER encoded oid byte array
- if (oid[1] !== oid.length - 2) {
- throw new Error('Length mismatch in DER encoded oid');
- }
- oid = oid.subarray(2);
- }
- this.oid = oid;
- } else {
- this.oid = '';
- }
- }
- /**
- * Method to read an OID object
- * @param {Uint8Array} input Where to read the OID from
- * @returns {Number} Number of read bytes
- */
- OID.prototype.read = function (input) {
- if (input.length >= 1) {
- const length = input[0];
- if (input.length >= 1 + length) {
- this.oid = input.subarray(1, 1 + length);
- return 1 + this.oid.length;
- }
- }
- throw new Error('Invalid oid');
- };
- /**
- * Serialize an OID object
- * @returns {Uint8Array} Array with the serialized value the OID
- */
- OID.prototype.write = function () {
- return _util2.default.concatUint8Array([new Uint8Array([this.oid.length]), this.oid]);
- };
- /**
- * Serialize an OID object as a hex string
- * @returns {string} String with the hex value of the OID
- */
- OID.prototype.toHex = function () {
- return _util2.default.Uint8Array_to_hex(this.oid);
- };
- /**
- * If a known curve object identifier, return the canonical name of the curve
- * @returns {string} String with the canonical name of the curve
- */
- OID.prototype.getName = function () {
- const hex = this.toHex();
- if (_enums2.default.curve[hex]) {
- return _enums2.default.write(_enums2.default.curve, hex);
- } else {
- throw new Error('Unknown curve object identifier.');
- }
- };
- OID.fromClone = function (clone) {
- return new OID(clone.oid);
- };
- exports.default = OID;
- },{"../enums":113,"../util":158}],157:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _enums = require('../enums.js');
- var _enums2 = _interopRequireDefault(_enums);
- var _util = require('../util.js');
- var _util2 = _interopRequireDefault(_util);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * Implementation of the String-to-key specifier
- *
- * {@link https://tools.ietf.org/html/rfc4880#section-3.7|RFC4880 3.7}:
- * String-to-key (S2K) specifiers are used to convert passphrase strings
- * into symmetric-key encryption/decryption keys. They are used in two
- * places, currently: to encrypt the secret part of private keys in the
- * private keyring, and to convert passphrases to encryption keys for
- * symmetrically encrypted messages.
- * @requires config
- * @requires crypto
- * @requires enums
- * @requires util
- * @module type/s2k
- */
- function S2K() {
- /** @type {module:enums.hash} */
- this.algorithm = 'sha256';
- /** @type {module:enums.s2k} */
- this.type = 'iterated';
- /** @type {Integer} */
- this.c = _config2.default.s2k_iteration_count_byte;
- /** Eight bytes of salt in a binary string.
- * @type {String}
- */
- this.salt = null;
- }
- S2K.prototype.get_count = function () {
- // Exponent bias, defined in RFC4880
- const expbias = 6;
- return 16 + (this.c & 15) << (this.c >> 4) + expbias;
- };
- /**
- * Parsing function for a string-to-key specifier ({@link https://tools.ietf.org/html/rfc4880#section-3.7|RFC 4880 3.7}).
- * @param {String} input Payload of string-to-key specifier
- * @returns {Integer} Actual length of the object
- */
- S2K.prototype.read = function (bytes) {
- let i = 0;
- this.type = _enums2.default.read(_enums2.default.s2k, bytes[i++]);
- this.algorithm = bytes[i++];
- if (this.type !== 'gnu') {
- this.algorithm = _enums2.default.read(_enums2.default.hash, this.algorithm);
- }
- switch (this.type) {
- case 'simple':
- break;
- case 'salted':
- this.salt = bytes.subarray(i, i + 8);
- i += 8;
- break;
- case 'iterated':
- this.salt = bytes.subarray(i, i + 8);
- i += 8;
- // Octet 10: count, a one-octet, coded value
- this.c = bytes[i++];
- break;
- case 'gnu':
- if (_util2.default.Uint8Array_to_str(bytes.subarray(i, i + 3)) === "GNU") {
- i += 3; // GNU
- const gnuExtType = 1000 + bytes[i++];
- if (gnuExtType === 1001) {
- this.type = 'gnu-dummy';
- // GnuPG extension mode 1001 -- don't write secret key at all
- } else {
- throw new Error("Unknown s2k gnu protection mode.");
- }
- } else {
- throw new Error("Unknown s2k type.");
- }
- break;
- default:
- throw new Error("Unknown s2k type.");
- }
- return i;
- };
- /**
- * Serializes s2k information
- * @returns {Uint8Array} binary representation of s2k
- */
- S2K.prototype.write = function () {
- if (this.type === 'gnu-dummy') {
- return new Uint8Array([101, 0, ..._util2.default.str_to_Uint8Array('GNU'), 1]);
- }
- const arr = [new Uint8Array([_enums2.default.write(_enums2.default.s2k, this.type), _enums2.default.write(_enums2.default.hash, this.algorithm)])];
- switch (this.type) {
- case 'simple':
- break;
- case 'salted':
- arr.push(this.salt);
- break;
- case 'iterated':
- arr.push(this.salt);
- arr.push(new Uint8Array([this.c]));
- break;
- case 'gnu':
- throw new Error("GNU s2k type not supported.");
- default:
- throw new Error("Unknown s2k type.");
- }
- return _util2.default.concatUint8Array(arr);
- };
- /**
- * Produces a key using the specified passphrase and the defined
- * hashAlgorithm
- * @param {String} passphrase Passphrase containing user input
- * @returns {Uint8Array} Produced key with a length corresponding to
- * hashAlgorithm hash length
- */
- S2K.prototype.produce_key = async function (passphrase, numBytes) {
- passphrase = _util2.default.encode_utf8(passphrase);
- const algorithm = _enums2.default.write(_enums2.default.hash, this.algorithm);
- const arr = [];
- let rlength = 0;
- let prefixlen = 0;
- while (rlength < numBytes) {
- let toHash;
- switch (this.type) {
- case 'simple':
- toHash = _util2.default.concatUint8Array([new Uint8Array(prefixlen), passphrase]);
- break;
- case 'salted':
- toHash = _util2.default.concatUint8Array([new Uint8Array(prefixlen), this.salt, passphrase]);
- break;
- case 'iterated':
- {
- const data = _util2.default.concatUint8Array([this.salt, passphrase]);
- let datalen = data.length;
- const count = Math.max(this.get_count(), datalen);
- toHash = new Uint8Array(prefixlen + count);
- toHash.set(data, prefixlen);
- for (let pos = prefixlen + datalen; pos < count; pos += datalen, datalen *= 2) {
- toHash.copyWithin(pos, prefixlen, pos);
- }
- break;
- }
- case 'gnu':
- throw new Error("GNU s2k type not supported.");
- default:
- throw new Error("Unknown s2k type.");
- }
- const result = await _crypto2.default.hash.digest(algorithm, toHash);
- arr.push(result);
- rlength += result.length;
- prefixlen++;
- }
- return _util2.default.concatUint8Array(arr).subarray(0, numBytes);
- };
- S2K.fromClone = function (clone) {
- const s2k = new S2K();
- s2k.algorithm = clone.algorithm;
- s2k.type = clone.type;
- s2k.c = clone.c;
- s2k.salt = clone.salt;
- return s2k;
- };
- exports.default = S2K;
- },{"../config":79,"../crypto":94,"../enums.js":113,"../util.js":158}],158:[function(require,module,exports){
- (function (global){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _emailAddresses = require('email-addresses');
- var _emailAddresses2 = _interopRequireDefault(_emailAddresses);
- var _webStreamTools = require('web-stream-tools');
- var _webStreamTools2 = _interopRequireDefault(_webStreamTools);
- var _config = require('./config');
- var _config2 = _interopRequireDefault(_config);
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- var _base = require('./encoding/base64');
- var _base2 = _interopRequireDefault(_base);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- exports.default = {
- isString: function isString(data) {
- return typeof data === 'string' || String.prototype.isPrototypeOf(data);
- },
- isArray: function isArray(data) {
- return Array.prototype.isPrototypeOf(data);
- },
- isUint8Array: _webStreamTools2.default.isUint8Array,
- isStream: _webStreamTools2.default.isStream,
- /**
- * Get transferable objects to pass buffers with zero copy (similar to "pass by reference" in C++)
- * See: https://developer.mozilla.org/en-US/docs/Web/API/Worker/postMessage
- * Also, convert ReadableStreams to MessagePorts
- * @param {Object} obj the options object to be passed to the web worker
- * @returns {Array<ArrayBuffer>} an array of binary data to be passed
- */
- getTransferables: function getTransferables(obj, zero_copy) {
- const transferables = [];
- _util2.default.collectTransferables(obj, transferables, zero_copy);
- return transferables.length ? transferables : undefined;
- },
- collectTransferables: function collectTransferables(obj, collection, zero_copy) {
- if (!obj) {
- return;
- }
- if (_util2.default.isUint8Array(obj)) {
- if (zero_copy && collection.indexOf(obj.buffer) === -1 && !(navigator.userAgent.indexOf('Version/11.1') !== -1 || // Safari 11.1
- (navigator.userAgent.match(/Chrome\/(\d+)/) || [])[1] < 56 && navigator.userAgent.indexOf('Edge') === -1 // Chrome < 56
- )) {
- collection.push(obj.buffer);
- }
- return;
- }
- if (Object.prototype.isPrototypeOf(obj)) {
- Object.entries(obj).forEach(([key, value]) => {
- // recursively search all children
- if (_util2.default.isStream(value)) {
- if (value.locked) {
- obj[key] = null;
- } else {
- const transformed = _webStreamTools2.default.transformPair(value, async readable => {
- const reader = _webStreamTools2.default.getReader(readable);
- var _ref = new MessageChannel();
- const port1 = _ref.port1,
- port2 = _ref.port2;
- port1.onmessage = async function ({ data: { action } }) {
- if (action === 'read') {
- try {
- const result = await reader.read();
- port1.postMessage(result, _util2.default.getTransferables(result));
- } catch (e) {
- port1.postMessage({ error: e.message });
- }
- } else if (action === 'cancel') {
- await transformed.cancel();
- port1.postMessage();
- }
- };
- obj[key] = port2;
- collection.push(port2);
- });
- }
- return;
- }
- if (Object.prototype.toString.call(value) === '[object MessagePort]') {
- throw new Error("Can't transfer the same stream twice.");
- }
- _util2.default.collectTransferables(value, collection, zero_copy);
- });
- }
- },
- /**
- * Convert MessagePorts back to ReadableStreams
- * @param {Object} obj
- * @returns {Object}
- */
- restoreStreams: function restoreStreams(obj) {
- if (Object.prototype.isPrototypeOf(obj) && !Uint8Array.prototype.isPrototypeOf(obj)) {
- Object.entries(obj).forEach(([key, value]) => {
- // recursively search all children
- if (Object.prototype.toString.call(value) === '[object MessagePort]') {
- obj[key] = new ReadableStream({
- pull(controller) {
- return new Promise(resolve => {
- value.onmessage = evt => {
- var _evt$data = evt.data;
- const done = _evt$data.done,
- value = _evt$data.value,
- error = _evt$data.error;
- if (error) {
- controller.error(new Error(error));
- } else if (!done) {
- controller.enqueue(value);
- } else {
- controller.close();
- }
- resolve();
- };
- value.postMessage({ action: 'read' });
- });
- },
- cancel() {
- return new Promise(resolve => {
- value.onmessage = resolve;
- value.postMessage({ action: 'cancel' });
- });
- }
- }, { highWaterMark: 0 });
- return;
- }
- _util2.default.restoreStreams(value);
- });
- }
- return obj;
- },
- readNumber: function readNumber(bytes) {
- let n = 0;
- for (let i = 0; i < bytes.length; i++) {
- n += 256 ** i * bytes[bytes.length - 1 - i];
- }
- return n;
- },
- writeNumber: function writeNumber(n, bytes) {
- const b = new Uint8Array(bytes);
- for (let i = 0; i < bytes; i++) {
- b[i] = n >> 8 * (bytes - i - 1) & 0xFF;
- }
- return b;
- },
- readDate: function readDate(bytes) {
- const n = _util2.default.readNumber(bytes);
- const d = new Date(n * 1000);
- return d;
- },
- writeDate: function writeDate(time) {
- const numeric = Math.floor(time.getTime() / 1000);
- return _util2.default.writeNumber(numeric, 4);
- },
- normalizeDate: function normalizeDate(time = Date.now()) {
- return time === null || time === Infinity ? time : new Date(Math.floor(+time / 1000) * 1000);
- },
- /**
- * Create hex string from a binary
- * @param {String} str String to convert
- * @returns {String} String containing the hexadecimal values
- */
- str_to_hex: function str_to_hex(str) {
- if (str === null) {
- return "";
- }
- const r = [];
- const e = str.length;
- let c = 0;
- let h;
- while (c < e) {
- h = str.charCodeAt(c++).toString(16);
- while (h.length < 2) {
- h = "0" + h;
- }
- r.push("" + h);
- }
- return r.join('');
- },
- /**
- * Create binary string from a hex encoded string
- * @param {String} str Hex string to convert
- * @returns {String}
- */
- hex_to_str: function hex_to_str(hex) {
- let str = '';
- for (let i = 0; i < hex.length; i += 2) {
- str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
- }
- return str;
- },
- /**
- * Convert a Uint8Array to an MPI-formatted Uint8Array.
- * Note: the output is **not** an MPI object.
- * @see {@link module:type/mpi/MPI.fromUint8Array}
- * @see {@link module:type/mpi/MPI.toUint8Array}
- * @param {Uint8Array} bin An array of 8-bit integers to convert
- * @returns {Uint8Array} MPI-formatted Uint8Array
- */
- Uint8Array_to_MPI: function Uint8Array_to_MPI(bin) {
- const size = (bin.length - 1) * 8 + _util2.default.nbits(bin[0]);
- const prefix = Uint8Array.from([(size & 0xFF00) >> 8, size & 0xFF]);
- return _util2.default.concatUint8Array([prefix, bin]);
- },
- /**
- * Convert a Base-64 encoded string an array of 8-bit integer
- *
- * Note: accepts both Radix-64 and URL-safe strings
- * @param {String} base64 Base-64 encoded string to convert
- * @returns {Uint8Array} An array of 8-bit integers
- */
- b64_to_Uint8Array: function b64_to_Uint8Array(base64) {
- return _base2.default.decode(base64.replace(/-/g, '+').replace(/_/g, '/'));
- },
- /**
- * Convert an array of 8-bit integer to a Base-64 encoded string
- * @param {Uint8Array} bytes An array of 8-bit integers to convert
- * @param {bool} url If true, output is URL-safe
- * @returns {String} Base-64 encoded string
- */
- Uint8Array_to_b64: function Uint8Array_to_b64(bytes, url) {
- return _base2.default.encode(bytes, url).replace(/[\r\n]/g, '');
- },
- /**
- * Convert a hex string to an array of 8-bit integers
- * @param {String} hex A hex string to convert
- * @returns {Uint8Array} An array of 8-bit integers
- */
- hex_to_Uint8Array: function hex_to_Uint8Array(hex) {
- const result = new Uint8Array(hex.length >> 1);
- for (let k = 0; k < hex.length >> 1; k++) {
- result[k] = parseInt(hex.substr(k << 1, 2), 16);
- }
- return result;
- },
- /**
- * Convert an array of 8-bit integers to a hex string
- * @param {Uint8Array} bytes Array of 8-bit integers to convert
- * @returns {String} Hexadecimal representation of the array
- */
- Uint8Array_to_hex: function Uint8Array_to_hex(bytes) {
- const r = [];
- const e = bytes.length;
- let c = 0;
- let h;
- while (c < e) {
- h = bytes[c++].toString(16);
- while (h.length < 2) {
- h = "0" + h;
- }
- r.push("" + h);
- }
- return r.join('');
- },
- /**
- * Convert a string to an array of 8-bit integers
- * @param {String} str String to convert
- * @returns {Uint8Array} An array of 8-bit integers
- */
- str_to_Uint8Array: function str_to_Uint8Array(str) {
- return _webStreamTools2.default.transform(str, str => {
- if (!_util2.default.isString(str)) {
- throw new Error('str_to_Uint8Array: Data must be in the form of a string');
- }
- const result = new Uint8Array(str.length);
- for (let i = 0; i < str.length; i++) {
- result[i] = str.charCodeAt(i);
- }
- return result;
- });
- },
- /**
- * Convert an array of 8-bit integers to a string
- * @param {Uint8Array} bytes An array of 8-bit integers to convert
- * @returns {String} String representation of the array
- */
- Uint8Array_to_str: function Uint8Array_to_str(bytes) {
- bytes = new Uint8Array(bytes);
- const result = [];
- const bs = 1 << 14;
- const j = bytes.length;
- for (let i = 0; i < j; i += bs) {
- result.push(String.fromCharCode.apply(String, bytes.subarray(i, i + bs < j ? i + bs : j)));
- }
- return result.join('');
- },
- /**
- * Convert a native javascript string to a Uint8Array of utf8 bytes
- * @param {String|ReadableStream} str The string to convert
- * @returns {Uint8Array|ReadableStream} A valid squence of utf8 bytes
- */
- encode_utf8: function encode_utf8(str) {
- const encoder = new TextEncoder('utf-8');
- // eslint-disable-next-line no-inner-declarations
- function process(value, lastChunk = false) {
- return encoder.encode(value, { stream: !lastChunk });
- }
- return _webStreamTools2.default.transform(str, process, () => process('', true));
- },
- /**
- * Convert a Uint8Array of utf8 bytes to a native javascript string
- * @param {Uint8Array|ReadableStream} utf8 A valid squence of utf8 bytes
- * @returns {String|ReadableStream} A native javascript string
- */
- decode_utf8: function decode_utf8(utf8) {
- const decoder = new TextDecoder('utf-8');
- // eslint-disable-next-line no-inner-declarations
- function process(value, lastChunk = false) {
- return decoder.decode(value, { stream: !lastChunk });
- }
- return _webStreamTools2.default.transform(utf8, process, () => process(new Uint8Array(), true));
- },
- /**
- * Concat a list of Uint8Arrays, Strings or Streams
- * The caller must not mix Uint8Arrays with Strings, but may mix Streams with non-Streams.
- * @param {Array<Uint8Array|String|ReadableStream>} Array of Uint8Arrays/Strings/Streams to concatenate
- * @returns {Uint8Array|String|ReadableStream} Concatenated array
- */
- concat: _webStreamTools2.default.concat,
- /**
- * Concat Uint8Arrays
- * @param {Array<Uint8Array>} Array of Uint8Arrays to concatenate
- * @returns {Uint8Array} Concatenated array
- */
- concatUint8Array: _webStreamTools2.default.concatUint8Array,
- /**
- * Check Uint8Array equality
- * @param {Uint8Array} first array
- * @param {Uint8Array} second array
- * @returns {Boolean} equality
- */
- equalsUint8Array: function equalsUint8Array(array1, array2) {
- if (!_util2.default.isUint8Array(array1) || !_util2.default.isUint8Array(array2)) {
- throw new Error('Data must be in the form of a Uint8Array');
- }
- if (array1.length !== array2.length) {
- return false;
- }
- for (let i = 0; i < array1.length; i++) {
- if (array1[i] !== array2[i]) {
- return false;
- }
- }
- return true;
- },
- /**
- * Calculates a 16bit sum of a Uint8Array by adding each character
- * codes modulus 65535
- * @param {Uint8Array} Uint8Array to create a sum of
- * @returns {Uint8Array} 2 bytes containing the sum of all charcodes % 65535
- */
- write_checksum: function write_checksum(text) {
- let s = 0;
- for (let i = 0; i < text.length; i++) {
- s = s + text[i] & 0xFFFF;
- }
- return _util2.default.writeNumber(s, 2);
- },
- /**
- * Helper function to print a debug message. Debug
- * messages are only printed if
- * @link module:config/config.debug is set to true.
- * @param {String} str String of the debug message
- */
- print_debug: function print_debug(str) {
- if (_config2.default.debug) {
- console.log(str);
- }
- },
- /**
- * Helper function to print a debug message. Debug
- * messages are only printed if
- * @link module:config/config.debug is set to true.
- * Different than print_debug because will call Uint8Array_to_hex iff necessary.
- * @param {String} str String of the debug message
- */
- print_debug_hexarray_dump: function print_debug_hexarray_dump(str, arrToHex) {
- if (_config2.default.debug) {
- str += ': ' + _util2.default.Uint8Array_to_hex(arrToHex);
- console.log(str);
- }
- },
- /**
- * Helper function to print a debug message. Debug
- * messages are only printed if
- * @link module:config/config.debug is set to true.
- * Different than print_debug because will call str_to_hex iff necessary.
- * @param {String} str String of the debug message
- */
- print_debug_hexstr_dump: function print_debug_hexstr_dump(str, strToHex) {
- if (_config2.default.debug) {
- str += _util2.default.str_to_hex(strToHex);
- console.log(str);
- }
- },
- /**
- * Helper function to print a debug error. Debug
- * messages are only printed if
- * @link module:config/config.debug is set to true.
- * @param {String} str String of the debug message
- */
- print_debug_error: function print_debug_error(error) {
- if (_config2.default.debug) {
- console.error(error);
- }
- },
- /**
- * Read a stream to the end and print it to the console when it's closed.
- * @param {String} str String of the debug message
- * @param {ReadableStream|Uint8array|String} input Stream to print
- * @param {Function} concat Function to concatenate chunks of the stream (defaults to util.concat).
- */
- print_entire_stream: function print_entire_stream(str, input, concat) {
- _webStreamTools2.default.readToEnd(_webStreamTools2.default.clone(input), concat).then(result => {
- console.log(str + ': ', result);
- });
- },
- // returns bit length of the integer x
- nbits: function nbits(x) {
- let r = 1;
- let t = x >>> 16;
- if (t !== 0) {
- x = t;
- r += 16;
- }
- t = x >> 8;
- if (t !== 0) {
- x = t;
- r += 8;
- }
- t = x >> 4;
- if (t !== 0) {
- x = t;
- r += 4;
- }
- t = x >> 2;
- if (t !== 0) {
- x = t;
- r += 2;
- }
- t = x >> 1;
- if (t !== 0) {
- x = t;
- r += 1;
- }
- return r;
- },
- /**
- * If S[1] == 0, then double(S) == (S[2..128] || 0);
- * otherwise, double(S) == (S[2..128] || 0) xor
- * (zeros(120) || 10000111).
- *
- * Both OCB and EAX (through CMAC) require this function to be constant-time.
- *
- * @param {Uint8Array} data
- */
- double: function double(data) {
- const double_var = new Uint8Array(data.length);
- const last = data.length - 1;
- for (let i = 0; i < last; i++) {
- double_var[i] = data[i] << 1 ^ data[i + 1] >> 7;
- }
- double_var[last] = data[last] << 1 ^ (data[0] >> 7) * 0x87;
- return double_var;
- },
- /**
- * Shift a Uint8Array to the right by n bits
- * @param {Uint8Array} array The array to shift
- * @param {Integer} bits Amount of bits to shift (MUST be smaller
- * than 8)
- * @returns {String} Resulting array.
- */
- shiftRight: function shiftRight(array, bits) {
- if (bits) {
- for (let i = array.length - 1; i >= 0; i--) {
- array[i] >>= bits;
- if (i > 0) {
- array[i] |= array[i - 1] << 8 - bits;
- }
- }
- }
- return array;
- },
- /**
- * Get native Web Cryptography api, only the current version of the spec.
- * The default configuration is to use the api when available. But it can
- * be deactivated with config.use_native
- * @returns {Object} The SubtleCrypto api or 'undefined'
- */
- getWebCrypto: function getWebCrypto() {
- if (!_config2.default.use_native) {
- return;
- }
- return typeof window !== 'undefined' && window.crypto && window.crypto.subtle;
- },
- /**
- * Get native Web Cryptography api for all browsers, including legacy
- * implementations of the spec e.g IE11 and Safari 8/9. The default
- * configuration is to use the api when available. But it can be deactivated
- * with config.use_native
- * @returns {Object} The SubtleCrypto api or 'undefined'
- */
- getWebCryptoAll: function getWebCryptoAll() {
- if (!_config2.default.use_native) {
- return;
- }
- if (typeof window !== 'undefined') {
- if (window.crypto) {
- return window.crypto.subtle || window.crypto.webkitSubtle;
- }
- if (window.msCrypto) {
- return window.msCrypto.subtle;
- }
- }
- },
- /**
- * Detect Node.js runtime.
- */
- detectNode: function detectNode() {
- return typeof global.process === 'object' && typeof global.process.versions === 'object';
- },
- /**
- * Get native Node.js module
- * @param {String} The module to require
- * @returns {Object} The required module or 'undefined'
- */
- nodeRequire: function nodeRequire(module) {
- if (!_util2.default.detectNode()) {
- return;
- }
- // Requiring the module dynamically allows us to access the native node module.
- // otherwise, it gets replaced with the browserified version
- // eslint-disable-next-line import/no-dynamic-require
- return require(module);
- },
- /**
- * Get native Node.js crypto api. The default configuration is to use
- * the api when available. But it can also be deactivated with config.use_native
- * @returns {Object} The crypto module or 'undefined'
- */
- getNodeCrypto: function getNodeCrypto() {
- if (!_config2.default.use_native) {
- return;
- }
- return _util2.default.nodeRequire('crypto');
- },
- getNodeZlib: function getNodeZlib() {
- if (!_config2.default.use_native) {
- return;
- }
- return _util2.default.nodeRequire('zlib');
- },
- /**
- * Get native Node.js Buffer constructor. This should be used since
- * Buffer is not available under browserify.
- * @returns {Function} The Buffer constructor or 'undefined'
- */
- getNodeBuffer: function getNodeBuffer() {
- return (_util2.default.nodeRequire('buffer') || {}).Buffer;
- },
- getNodeStream: function getNodeStream() {
- return (_util2.default.nodeRequire('stream') || {}).Readable;
- },
- getHardwareConcurrency: function getHardwareConcurrency() {
- if (_util2.default.detectNode()) {
- const os = _util2.default.nodeRequire('os');
- return os.cpus().length;
- }
- return navigator.hardwareConcurrency || 1;
- },
- isEmailAddress: function isEmailAddress(data) {
- if (!_util2.default.isString(data)) {
- return false;
- }
- const re = /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+([a-zA-Z]{2,}|xn--[a-zA-Z\-0-9]+)))$/;
- return re.test(data);
- },
- /**
- * Format user id for internal use.
- */
- formatUserId: function formatUserId(id) {
- // name, email address and comment can be empty but must be of the correct type
- if (id.name && !_util2.default.isString(id.name) || id.email && !_util2.default.isEmailAddress(id.email) || id.comment && !_util2.default.isString(id.comment)) {
- throw new Error('Invalid user id format');
- }
- const components = [];
- if (id.name) {
- components.push(id.name);
- }
- if (id.comment) {
- components.push(`(${id.comment})`);
- }
- if (id.email) {
- components.push(`<${id.email}>`);
- }
- return components.join(' ');
- },
- /**
- * Parse user id.
- */
- parseUserId: function parseUserId(userid) {
- if (userid.length > _config2.default.max_userid_length) {
- throw new Error('User id string is too long');
- }
- try {
- var _emailAddresses$parse = _emailAddresses2.default.parseOneAddress({ input: userid, atInDisplayName: true });
- const name = _emailAddresses$parse.name,
- email = _emailAddresses$parse.address,
- comments = _emailAddresses$parse.comments;
- return { name, email, comment: comments.replace(/^\(|\)$/g, '') };
- } catch (e) {
- throw new Error('Invalid user id format');
- }
- },
- /**
- * Normalize line endings to \r\n
- */
- canonicalizeEOL: function canonicalizeEOL(text) {
- return _webStreamTools2.default.transform(_util2.default.nativeEOL(text), value => value.replace(/\r/g, "\n").replace(/\n/g, "\r\n"));
- },
- /**
- * Convert line endings from canonicalized \r\n to native \n
- */
- nativeEOL: function nativeEOL(text) {
- let lastChar = '';
- return _webStreamTools2.default.transform(text, value => {
- value = lastChar + value;
- if (value[value.length - 1] === '\r') {
- lastChar = '\r';
- value = value.slice(0, -1);
- } else {
- lastChar = '';
- }
- return value.replace(/\r\n/g, '\n');
- }, () => lastChar);
- },
- /**
- * Remove trailing spaces and tabs from each line
- */
- removeTrailingSpaces: function removeTrailingSpaces(text) {
- return text.split('\n').map(line => {
- let i = line.length - 1;
- for (; i >= 0 && (line[i] === ' ' || line[i] === '\t'); i--);
- return line.substr(0, i + 1);
- }).join('\n');
- },
- /**
- * Encode input buffer using Z-Base32 encoding.
- * See: https://tools.ietf.org/html/rfc6189#section-5.1.6
- *
- * @param {Uint8Array} data The binary data to encode
- * @returns {String} Binary data encoded using Z-Base32
- */
- encodeZBase32: function encodeZBase32(data) {
- if (data.length === 0) {
- return "";
- }
- const ALPHABET = "ybndrfg8ejkmcpqxot1uwisza345h769";
- const SHIFT = 5;
- const MASK = 31;
- let buffer = data[0];
- let index = 1;
- let bitsLeft = 8;
- let result = '';
- while (bitsLeft > 0 || index < data.length) {
- if (bitsLeft < SHIFT) {
- if (index < data.length) {
- buffer <<= 8;
- buffer |= data[index++] & 0xff;
- bitsLeft += 8;
- } else {
- const pad = SHIFT - bitsLeft;
- buffer <<= pad;
- bitsLeft += pad;
- }
- }
- bitsLeft -= SHIFT;
- result += ALPHABET[MASK & buffer >> bitsLeft];
- }
- return result;
- }
- }; // re-import module to access util functions
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /* eslint-disable no-console */
- /**
- * This object contains utility functions
- * @requires email-addresses
- * @requires web-stream-tools
- * @requires config
- * @requires encoding/base64
- * @module util
- */
- }).call(this,typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : typeof window !== "undefined" ? window : {})
- },{"./config":79,"./encoding/base64":112,"./util":158,"email-addresses":33,"web-stream-tools":75}],159:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _slicedToArray = function () { function sliceIterator(arr, i) { var _arr = []; var _n = true; var _d = false; var _e = undefined; try { for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"]) _i["return"](); } finally { if (_d) throw _e; } } return _arr; } return function (arr, i) { if (Array.isArray(arr)) { return arr; } else if (Symbol.iterator in Object(arr)) { return sliceIterator(arr, i); } else { throw new TypeError("Invalid attempt to destructure non-iterable instance"); } }; }(); // OpenPGP.js - An OpenPGP implementation in javascript
- // Copyright (C) 2018 Wiktor Kwapisiewicz
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview This class implements a client for the Web Key Directory (wkd) protocol
- * in order to lookup keys on designated servers.
- * See: https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/
- * @module wkd
- */
- var _util = require('./util');
- var _util2 = _interopRequireDefault(_util);
- var _crypto = require('./crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _key = require('./key');
- var keyMod = _interopRequireWildcard(_key);
- function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Initialize the WKD client
- * @constructor
- */
- function WKD() {
- this._fetch = typeof window !== 'undefined' ? window.fetch : require('node-fetch');
- }
- /**
- * Search for a public key using Web Key Directory protocol.
- * @param {String} options.email User's email.
- * @param {Boolean} options.rawBytes Returns Uint8Array instead of parsed key.
- * @returns {Promise<Uint8Array|
- * {keys: Array<module:key.Key>,
- * err: (Array<Error>|null)}>} The public key.
- * @async
- */
- WKD.prototype.lookup = async function (options) {
- const fetch = this._fetch;
- if (!options.email) {
- throw new Error('You must provide an email parameter!');
- }
- if (!_util2.default.isEmailAddress(options.email)) {
- throw new Error('Invalid e-mail address.');
- }
- var _$exec = /(.*)@(.*)/.exec(options.email),
- _$exec2 = _slicedToArray(_$exec, 3);
- const localPart = _$exec2[1],
- domain = _$exec2[2];
- const localEncoded = _util2.default.encodeZBase32((await _crypto2.default.hash.sha1(_util2.default.str_to_Uint8Array(localPart.toLowerCase()))));
- const url = `https://${domain}/.well-known/openpgpkey/hu/${localEncoded}`;
- return fetch(url).then(function (response) {
- if (response.status === 200) {
- return response.arrayBuffer();
- }
- }).then(function (publicKey) {
- if (publicKey) {
- const rawBytes = new Uint8Array(publicKey);
- if (options.rawBytes) {
- return rawBytes;
- }
- return keyMod.read(rawBytes);
- }
- });
- };
- exports.default = WKD;
- },{"./crypto":94,"./key":118,"./util":158,"node-fetch":"node-fetch"}],160:[function(require,module,exports){
- 'use strict';
- Object.defineProperty(exports, "__esModule", {
- value: true
- });
- var _util = require('../util.js');
- var _util2 = _interopRequireDefault(_util);
- var _config = require('../config');
- var _config2 = _interopRequireDefault(_config);
- var _crypto = require('../crypto');
- var _crypto2 = _interopRequireDefault(_crypto);
- var _packet = require('../packet');
- var _packet2 = _interopRequireDefault(_packet);
- function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
- /**
- * Initializes a new proxy and loads the web worker
- * @param {String} path The path to the worker or 'openpgp.worker.js' by default
- * @param {Number} n number of workers to initialize if path given
- * @param {Object} config config The worker configuration
- * @param {Array<Object>} worker alternative to path parameter: web worker initialized with 'openpgp.worker.js'
- * @constructor
- */
- // GPG4Browsers - An OpenPGP implementation in javascript
- // Copyright (C) 2011 Recurity Labs GmbH
- //
- // This library is free software; you can redistribute it and/or
- // modify it under the terms of the GNU Lesser General Public
- // License as published by the Free Software Foundation; either
- // version 3.0 of the License, or (at your option) any later version.
- //
- // This library is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- // Lesser General Public License for more details.
- //
- // You should have received a copy of the GNU Lesser General Public
- // License along with this library; if not, write to the Free Software
- // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- /**
- * @fileoverview Provides functions for maintaining browser workers
- * @see module:openpgp.initWorker
- * @see module:openpgp.getWorker
- * @see module:openpgp.destroyWorker
- * @see module:worker/worker
- * @requires util
- * @requires config
- * @requires crypto
- * @requires packet
- * @module worker/async_proxy
- */
- function AsyncProxy({ path = 'openpgp.worker.js', n = 1, workers = [], config } = {}) {
- /**
- * Message handling
- */
- const handleMessage = workerId => event => {
- const msg = event.data;
- switch (msg.event) {
- case 'loaded':
- this.workers[workerId].loadedResolve(true);
- break;
- case 'method-return':
- if (msg.err) {
- // fail
- const err = new Error(msg.err);
- // add worker stack
- err.workerStack = msg.stack;
- this.tasks[msg.id].reject(err);
- } else {
- // success
- this.tasks[msg.id].resolve(msg.data);
- }
- delete this.tasks[msg.id];
- this.workers[workerId].requests--;
- break;
- case 'request-seed':
- this.seedRandom(workerId, msg.amount);
- break;
- default:
- throw new Error('Unknown Worker Event.');
- }
- };
- if (workers.length) {
- this.workers = workers;
- } else {
- this.workers = [];
- while (this.workers.length < n) {
- this.workers.push(new Worker(path));
- }
- }
- let workerId = 0;
- this.workers.forEach(worker => {
- worker.loadedPromise = new Promise(resolve => {
- worker.loadedResolve = resolve;
- });
- worker.requests = 0;
- worker.onmessage = handleMessage(workerId++);
- worker.onerror = e => {
- worker.loadedResolve(false);
- console.error('Unhandled error in openpgp worker: ' + e.message + ' (' + e.filename + ':' + e.lineno + ')');
- return false;
- };
- if (config) {
- worker.postMessage({ event: 'configure', config });
- }
- });
- // Cannot rely on task order being maintained, use object keyed by request ID to track tasks
- this.tasks = {};
- this.currentID = 0;
- }
- /**
- * Returns a promise that resolves when all workers have finished loading
- * @returns {Promise<Boolean>} Resolves to true if all workers have loaded succesfully; false otherwise
- */
- AsyncProxy.prototype.loaded = async function () {
- const loaded = await Promise.all(this.workers.map(worker => worker.loadedPromise));
- return loaded.every(Boolean);
- };
- /**
- * Get new request ID
- * @returns {integer} New unique request ID
- */
- AsyncProxy.prototype.getID = function () {
- return this.currentID++;
- };
- /**
- * Send message to worker with random data
- * @param {Integer} size Number of bytes to send
- * @async
- */
- AsyncProxy.prototype.seedRandom = async function (workerId, size) {
- const buf = await _crypto2.default.random.getRandomBytes(size);
- this.workers[workerId].postMessage({ event: 'seed-random', buf }, _util2.default.getTransferables(buf, true));
- };
- /**
- * Terminates the workers
- */
- AsyncProxy.prototype.terminate = function () {
- this.workers.forEach(worker => {
- worker.terminate();
- });
- };
- /**
- * Generic proxy function that handles all commands from the public api.
- * @param {String} method the public api function to be delegated to the worker thread
- * @param {Object} options the api function's options
- * @returns {Promise} see the corresponding public api functions for their return types
- * @async
- */
- AsyncProxy.prototype.delegate = function (method, options) {
- const id = this.getID();
- const requests = this.workers.map(worker => worker.requests);
- const minRequests = Math.min(...requests);
- let workerId = 0;
- for (; workerId < this.workers.length; workerId++) {
- if (this.workers[workerId].requests === minRequests) {
- break;
- }
- }
- return new Promise((_resolve, reject) => {
- // clone packets (for web worker structured cloning algorithm)
- this.workers[workerId].postMessage({ id: id, event: method, options: _packet2.default.clone.clonePackets(options) }, _util2.default.getTransferables(options, _config2.default.zero_copy));
- this.workers[workerId].requests++;
- // remember to handle parsing cloned packets from worker
- this.tasks[id] = { resolve: data => _resolve(_packet2.default.clone.parseClonedPackets(_util2.default.restoreStreams(data), method)), reject };
- });
- };
- exports.default = AsyncProxy;
- },{"../config":79,"../crypto":94,"../packet":131,"../util.js":158}]},{},[115])(115)
- });
|