2 lines
31 KiB
JavaScript
Executable File
2 lines
31 KiB
JavaScript
Executable File
import{Q as Qt,U as At,V as mt,X as Jt,Y as te,Z as ye,$ as bt,a0 as xe,a1 as G,a2 as Ee,a3 as Be,a4 as ve,a5 as Se}from"./index-B6fu-u6K.js";function Ae(n,e,t,r){if(typeof n.setBigUint64=="function")return n.setBigUint64(e,t,r);const i=BigInt(32),s=BigInt(4294967295),c=Number(t>>i&s),f=Number(t&s),o=r?4:0,l=r?0:4;n.setUint32(e+o,c,r),n.setUint32(e+l,f,r)}function Ie(n,e,t){return n&e^~n&t}function Ne(n,e,t){return n&e^n&t^e&t}class Oe extends Qt{constructor(e,t,r,i){super(),this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=i,this.buffer=new Uint8Array(e),this.view=At(this.buffer)}update(e){mt(this),e=Jt(e),te(e);const{view:t,buffer:r,blockLen:i}=this,s=e.length;for(let c=0;c<s;){const f=Math.min(i-this.pos,s-c);if(f===i){const o=At(e);for(;i<=s-c;c+=i)this.process(o,c);continue}r.set(e.subarray(c,c+f),this.pos),this.pos+=f,c+=f,this.pos===i&&(this.process(t,0),this.pos=0)}return this.length+=e.length,this.roundClean(),this}digestInto(e){mt(this),ye(e,this),this.finished=!0;const{buffer:t,view:r,blockLen:i,isLE:s}=this;let{pos:c}=this;t[c++]=128,bt(this.buffer.subarray(c)),this.padOffset>i-c&&(this.process(r,0),c=0);for(let h=c;h<i;h++)t[h]=0;Ae(r,i-8,BigInt(this.length*8),s),this.process(r,0);const f=At(e),o=this.outputLen;if(o%4)throw new Error("_sha2: outputLen should be aligned to 32bit");const l=o/4,g=this.get();if(l>g.length)throw new Error("_sha2: outputLen bigger than state");for(let h=0;h<l;h++)f.setUint32(4*h,g[h],s)}digest(){const{buffer:e,outputLen:t}=this;this.digestInto(e);const r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());const{blockLen:t,buffer:r,length:i,finished:s,destroyed:c,pos:f}=this;return e.destroyed=c,e.finished=s,e.length=i,e.pos=f,i%t&&e.buffer.set(r),e}clone(){return this._cloneInto()}}const J=Uint32Array.from([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),qe=Uint32Array.from([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),tt=new Uint32Array(64);class He extends Oe{constructor(e=32){super(64,e,8,!1),this.A=J[0]|0,this.B=J[1]|0,this.C=J[2]|0,this.D=J[3]|0,this.E=J[4]|0,this.F=J[5]|0,this.G=J[6]|0,this.H=J[7]|0}get(){const{A:e,B:t,C:r,D:i,E:s,F:c,G:f,H:o}=this;return[e,t,r,i,s,c,f,o]}set(e,t,r,i,s,c,f,o){this.A=e|0,this.B=t|0,this.C=r|0,this.D=i|0,this.E=s|0,this.F=c|0,this.G=f|0,this.H=o|0}process(e,t){for(let h=0;h<16;h++,t+=4)tt[h]=e.getUint32(t,!1);for(let h=16;h<64;h++){const B=tt[h-15],q=tt[h-2],_=G(B,7)^G(B,18)^B>>>3,p=G(q,17)^G(q,19)^q>>>10;tt[h]=p+tt[h-7]+_+tt[h-16]|0}let{A:r,B:i,C:s,D:c,E:f,F:o,G:l,H:g}=this;for(let h=0;h<64;h++){const B=G(f,6)^G(f,11)^G(f,25),q=g+B+Ie(f,o,l)+qe[h]+tt[h]|0,p=(G(r,2)^G(r,13)^G(r,22))+Ne(r,i,s)|0;g=l,l=o,o=f,f=c+q|0,c=s,s=i,i=r,r=q+p|0}r=r+this.A|0,i=i+this.B|0,s=s+this.C|0,c=c+this.D|0,f=f+this.E|0,o=o+this.F|0,l=l+this.G|0,g=g+this.H|0,this.set(r,i,s,c,f,o,l,g)}roundClean(){bt(tt)}destroy(){this.set(0,0,0,0,0,0,0,0),bt(this.buffer)}}const Le=xe(()=>new He);class ee extends Qt{constructor(e,t){super(),this.finished=!1,this.destroyed=!1,Ee(e);const r=Jt(t);if(this.iHash=e.create(),typeof this.iHash.update!="function")throw new Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const i=this.blockLen,s=new Uint8Array(i);s.set(r.length>i?e.create().update(r).digest():r);for(let c=0;c<s.length;c++)s[c]^=54;this.iHash.update(s),this.oHash=e.create();for(let c=0;c<s.length;c++)s[c]^=106;this.oHash.update(s),bt(s)}update(e){return mt(this),this.iHash.update(e),this}digestInto(e){mt(this),te(e,this.outputLen),this.finished=!0,this.iHash.digestInto(e),this.oHash.update(e),this.oHash.digestInto(e),this.destroy()}digest(){const e=new Uint8Array(this.oHash.outputLen);return this.digestInto(e),e}_cloneInto(e){e||(e=Object.create(Object.getPrototypeOf(this),{}));const{oHash:t,iHash:r,finished:i,destroyed:s,blockLen:c,outputLen:f}=this;return e=e,e.finished=i,e.destroyed=s,e.blockLen=c,e.outputLen=f,e.oHash=t._cloneInto(e.oHash),e.iHash=r._cloneInto(e.iHash),e}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const ne=(n,e,t)=>new ee(n,e).update(t).digest();ne.create=(n,e)=>new ee(n,e);/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Ct=BigInt(0),Rt=BigInt(1);function wt(n){return n instanceof Uint8Array||ArrayBuffer.isView(n)&&n.constructor.name==="Uint8Array"}function Vt(n){if(!wt(n))throw new Error("Uint8Array expected")}function dt(n,e){if(typeof e!="boolean")throw new Error(n+" boolean expected, got "+e)}function pt(n){const e=n.toString(16);return e.length&1?"0"+e:e}function re(n){if(typeof n!="string")throw new Error("hex string expected, got "+typeof n);return n===""?Ct:BigInt("0x"+n)}const oe=typeof Uint8Array.from([]).toHex=="function"&&typeof Uint8Array.fromHex=="function",Ue=Array.from({length:256},(n,e)=>e.toString(16).padStart(2,"0"));function ht(n){if(Vt(n),oe)return n.toHex();let e="";for(let t=0;t<n.length;t++)e+=Ue[n[t]];return e}const W={_0:48,_9:57,A:65,F:70,a:97,f:102};function jt(n){if(n>=W._0&&n<=W._9)return n-W._0;if(n>=W.A&&n<=W.F)return n-(W.A-10);if(n>=W.a&&n<=W.f)return n-(W.a-10)}function yt(n){if(typeof n!="string")throw new Error("hex string expected, got "+typeof n);if(oe)return Uint8Array.fromHex(n);const e=n.length,t=e/2;if(e%2)throw new Error("hex string expected, got unpadded hex of length "+e);const r=new Uint8Array(t);for(let i=0,s=0;i<t;i++,s+=2){const c=jt(n.charCodeAt(s)),f=jt(n.charCodeAt(s+1));if(c===void 0||f===void 0){const o=n[s]+n[s+1];throw new Error('hex string expected, got non-hex character "'+o+'" at index '+s)}r[i]=c*16+f}return r}function ot(n){return re(ht(n))}function ie(n){return Vt(n),re(ht(Uint8Array.from(n).reverse()))}function gt(n,e){return yt(n.toString(16).padStart(e*2,"0"))}function se(n,e){return gt(n,e).reverse()}function K(n,e,t){let r;if(typeof e=="string")try{r=yt(e)}catch(s){throw new Error(n+" must be hex string or Uint8Array, cause: "+s)}else if(wt(e))r=Uint8Array.from(e);else throw new Error(n+" must be hex string or Uint8Array");const i=r.length;if(typeof t=="number"&&i!==t)throw new Error(n+" of length "+t+" expected, got "+i);return r}function xt(...n){let e=0;for(let r=0;r<n.length;r++){const i=n[r];Vt(i),e+=i.length}const t=new Uint8Array(e);for(let r=0,i=0;r<n.length;r++){const s=n[r];t.set(s,i),i+=s.length}return t}const It=n=>typeof n=="bigint"&&Ct<=n;function Mt(n,e,t){return It(n)&&It(e)&&It(t)&&e<=n&&n<t}function ft(n,e,t,r){if(!Mt(e,t,r))throw new Error("expected valid "+n+": "+t+" <= n < "+r+", got "+e)}function _e(n){let e;for(e=0;n>Ct;n>>=Rt,e+=1);return e}const Et=n=>(Rt<<BigInt(n))-Rt,Nt=n=>new Uint8Array(n),Kt=n=>Uint8Array.from(n);function Re(n,e,t){if(typeof n!="number"||n<2)throw new Error("hashLen must be a number");if(typeof e!="number"||e<2)throw new Error("qByteLen must be a number");if(typeof t!="function")throw new Error("hmacFn must be a function");let r=Nt(n),i=Nt(n),s=0;const c=()=>{r.fill(1),i.fill(0),s=0},f=(...h)=>t(i,r,...h),o=(h=Nt(0))=>{i=f(Kt([0]),h),r=f(),h.length!==0&&(i=f(Kt([1]),h),r=f())},l=()=>{if(s++>=1e3)throw new Error("drbg: tried 1000 values");let h=0;const B=[];for(;h<e;){r=f();const q=r.slice();B.push(q),h+=r.length}return xt(...B)};return(h,B)=>{c(),o(h);let q;for(;!(q=B(l()));)o();return c(),q}}const Ze={bigint:n=>typeof n=="bigint",function:n=>typeof n=="function",boolean:n=>typeof n=="boolean",string:n=>typeof n=="string",stringOrUint8Array:n=>typeof n=="string"||wt(n),isSafeInteger:n=>Number.isSafeInteger(n),array:n=>Array.isArray(n),field:(n,e)=>e.Fp.isValid(n),hash:n=>typeof n=="function"&&Number.isSafeInteger(n.outputLen)};function Bt(n,e,t={}){const r=(i,s,c)=>{const f=Ze[s];if(typeof f!="function")throw new Error("invalid validator function");const o=n[i];if(!(c&&o===void 0)&&!f(o,n))throw new Error("param "+String(i)+" is invalid. Expected "+s+", got "+o)};for(const[i,s]of Object.entries(e))r(i,s,!1);for(const[i,s]of Object.entries(t))r(i,s,!0);return n}function Pt(n){const e=new WeakMap;return(t,...r)=>{const i=e.get(t);if(i!==void 0)return i;const s=n(t,...r);return e.set(t,s),s}}/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Y=BigInt(0),C=BigInt(1),rt=BigInt(2),Te=BigInt(3),ce=BigInt(4),fe=BigInt(5),ae=BigInt(8);function M(n,e){const t=n%e;return t>=Y?t:e+t}function j(n,e,t){let r=n;for(;e-- >Y;)r*=r,r%=t;return r}function Zt(n,e){if(n===Y)throw new Error("invert: expected non-zero number");if(e<=Y)throw new Error("invert: expected positive modulus, got "+e);let t=M(n,e),r=e,i=Y,s=C;for(;t!==Y;){const f=r/t,o=r%t,l=i-s*f;r=t,t=o,i=s,s=l}if(r!==C)throw new Error("invert: does not exist");return M(i,e)}function ue(n,e){const t=(n.ORDER+C)/ce,r=n.pow(e,t);if(!n.eql(n.sqr(r),e))throw new Error("Cannot find square root");return r}function ke(n,e){const t=(n.ORDER-fe)/ae,r=n.mul(e,rt),i=n.pow(r,t),s=n.mul(e,i),c=n.mul(n.mul(s,rt),i),f=n.mul(s,n.sub(c,n.ONE));if(!n.eql(n.sqr(f),e))throw new Error("Cannot find square root");return f}function ze(n){if(n<BigInt(3))throw new Error("sqrt is not defined for small field");let e=n-C,t=0;for(;e%rt===Y;)e/=rt,t++;let r=rt;const i=Yt(n);for(;Dt(i,r)===1;)if(r++>1e3)throw new Error("Cannot find square root: probably non-prime P");if(t===1)return ue;let s=i.pow(r,e);const c=(e+C)/rt;return function(o,l){if(o.is0(l))return l;if(Dt(o,l)!==1)throw new Error("Cannot find square root");let g=t,h=o.mul(o.ONE,s),B=o.pow(l,e),q=o.pow(l,c);for(;!o.eql(B,o.ONE);){if(o.is0(B))return o.ZERO;let _=1,p=o.sqr(B);for(;!o.eql(p,o.ONE);)if(_++,p=o.sqr(p),_===g)throw new Error("Cannot find square root");const k=C<<BigInt(g-_-1),R=o.pow(h,k);g=_,h=o.sqr(R),B=o.mul(B,h),q=o.mul(q,R)}return q}}function Ce(n){return n%ce===Te?ue:n%ae===fe?ke:ze(n)}const Ve=["create","isValid","is0","neg","inv","sqrt","sqr","eql","add","sub","mul","pow","div","addN","subN","mulN","sqrN"];function Me(n){const e={ORDER:"bigint",MASK:"bigint",BYTES:"isSafeInteger",BITS:"isSafeInteger"},t=Ve.reduce((r,i)=>(r[i]="function",r),e);return Bt(n,t)}function Ye(n,e,t){if(t<Y)throw new Error("invalid exponent, negatives unsupported");if(t===Y)return n.ONE;if(t===C)return e;let r=n.ONE,i=e;for(;t>Y;)t&C&&(r=n.mul(r,i)),i=n.sqr(i),t>>=C;return r}function le(n,e,t=!1){const r=new Array(e.length).fill(t?n.ZERO:void 0),i=e.reduce((c,f,o)=>n.is0(f)?c:(r[o]=c,n.mul(c,f)),n.ONE),s=n.inv(i);return e.reduceRight((c,f,o)=>n.is0(f)?c:(r[o]=n.mul(c,r[o]),n.mul(c,f)),s),r}function Dt(n,e){const t=(n.ORDER-C)/rt,r=n.pow(e,t),i=n.eql(r,n.ONE),s=n.eql(r,n.ZERO),c=n.eql(r,n.neg(n.ONE));if(!i&&!s&&!c)throw new Error("invalid Legendre symbol result");return i?1:s?0:-1}function de(n,e){e!==void 0&&Be(e);const t=e!==void 0?e:n.toString(2).length,r=Math.ceil(t/8);return{nBitLength:t,nByteLength:r}}function Yt(n,e,t=!1,r={}){if(n<=Y)throw new Error("invalid field: expected ORDER > 0, got "+n);const{nBitLength:i,nByteLength:s}=de(n,e);if(s>2048)throw new Error("invalid field: expected ORDER of <= 2048 bytes");let c;const f=Object.freeze({ORDER:n,isLE:t,BITS:i,BYTES:s,MASK:Et(i),ZERO:Y,ONE:C,create:o=>M(o,n),isValid:o=>{if(typeof o!="bigint")throw new Error("invalid field element: expected bigint, got "+typeof o);return Y<=o&&o<n},is0:o=>o===Y,isOdd:o=>(o&C)===C,neg:o=>M(-o,n),eql:(o,l)=>o===l,sqr:o=>M(o*o,n),add:(o,l)=>M(o+l,n),sub:(o,l)=>M(o-l,n),mul:(o,l)=>M(o*l,n),pow:(o,l)=>Ye(f,o,l),div:(o,l)=>M(o*Zt(l,n),n),sqrN:o=>o*o,addN:(o,l)=>o+l,subN:(o,l)=>o-l,mulN:(o,l)=>o*l,inv:o=>Zt(o,n),sqrt:r.sqrt||(o=>(c||(c=Ce(n)),c(f,o))),toBytes:o=>t?se(o,s):gt(o,s),fromBytes:o=>{if(o.length!==s)throw new Error("Field.fromBytes: expected "+s+" bytes, got "+o.length);return t?ie(o):ot(o)},invertBatch:o=>le(f,o),cmov:(o,l,g)=>g?l:o});return Object.freeze(f)}function he(n){if(typeof n!="bigint")throw new Error("field order must be bigint");const e=n.toString(2).length;return Math.ceil(e/8)}function we(n){const e=he(n);return e+Math.ceil(e/2)}function je(n,e,t=!1){const r=n.length,i=he(e),s=we(e);if(r<16||r<s||r>1024)throw new Error("expected "+s+"-1024 bytes of input, got "+r);const c=t?ie(n):ot(n),f=M(c,e-C)+C;return t?se(f,i):gt(f,i)}/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Gt=BigInt(0),Tt=BigInt(1);function Ot(n,e){const t=e.negate();return n?t:e}function ge(n,e){if(!Number.isSafeInteger(n)||n<=0||n>e)throw new Error("invalid window size, expected [1.."+e+"], got W="+n)}function qt(n,e){ge(n,e);const t=Math.ceil(e/n)+1,r=2**(n-1),i=2**n,s=Et(n),c=BigInt(n);return{windows:t,windowSize:r,mask:s,maxNumber:i,shiftBy:c}}function $t(n,e,t){const{windowSize:r,mask:i,maxNumber:s,shiftBy:c}=t;let f=Number(n&i),o=n>>c;f>r&&(f-=s,o+=Tt);const l=e*r,g=l+Math.abs(f)-1,h=f===0,B=f<0,q=e%2!==0;return{nextN:o,offset:g,isZero:h,isNeg:B,isNegF:q,offsetF:l}}function Ke(n,e){if(!Array.isArray(n))throw new Error("array expected");n.forEach((t,r)=>{if(!(t instanceof e))throw new Error("invalid point at index "+r)})}function Pe(n,e){if(!Array.isArray(n))throw new Error("array of scalars expected");n.forEach((t,r)=>{if(!e.isValid(t))throw new Error("invalid scalar at index "+r)})}const Ht=new WeakMap,pe=new WeakMap;function Lt(n){return pe.get(n)||1}function De(n,e){return{constTimeNegate:Ot,hasPrecomputes(t){return Lt(t)!==1},unsafeLadder(t,r,i=n.ZERO){let s=t;for(;r>Gt;)r&Tt&&(i=i.add(s)),s=s.double(),r>>=Tt;return i},precomputeWindow(t,r){const{windows:i,windowSize:s}=qt(r,e),c=[];let f=t,o=f;for(let l=0;l<i;l++){o=f,c.push(o);for(let g=1;g<s;g++)o=o.add(f),c.push(o);f=o.double()}return c},wNAF(t,r,i){let s=n.ZERO,c=n.BASE;const f=qt(t,e);for(let o=0;o<f.windows;o++){const{nextN:l,offset:g,isZero:h,isNeg:B,isNegF:q,offsetF:_}=$t(i,o,f);i=l,h?c=c.add(Ot(q,r[_])):s=s.add(Ot(B,r[g]))}return{p:s,f:c}},wNAFUnsafe(t,r,i,s=n.ZERO){const c=qt(t,e);for(let f=0;f<c.windows&&i!==Gt;f++){const{nextN:o,offset:l,isZero:g,isNeg:h}=$t(i,f,c);if(i=o,!g){const B=r[l];s=s.add(h?B.negate():B)}}return s},getPrecomputes(t,r,i){let s=Ht.get(r);return s||(s=this.precomputeWindow(r,t),t!==1&&Ht.set(r,i(s))),s},wNAFCached(t,r,i){const s=Lt(t);return this.wNAF(s,this.getPrecomputes(s,t,i),r)},wNAFCachedUnsafe(t,r,i,s){const c=Lt(t);return c===1?this.unsafeLadder(t,r,s):this.wNAFUnsafe(c,this.getPrecomputes(c,t,i),r,s)},setWindowSize(t,r){ge(r,e),pe.set(t,r),Ht.delete(t)}}}function Ge(n,e,t,r){Ke(t,n),Pe(r,e);const i=t.length,s=r.length;if(i!==s)throw new Error("arrays of points and scalars must have equal length");const c=n.ZERO,f=_e(BigInt(i));let o=1;f>12?o=f-3:f>4?o=f-2:f>0&&(o=2);const l=Et(o),g=new Array(Number(l)+1).fill(c),h=Math.floor((e.BITS-1)/o)*o;let B=c;for(let q=h;q>=0;q-=o){g.fill(c);for(let p=0;p<s;p++){const k=r[p],R=Number(k>>BigInt(q)&l);g[R]=g[R].add(t[p])}let _=c;for(let p=g.length-1,k=c;p>0;p--)k=k.add(g[p]),_=_.add(k);if(B=B.add(_),q!==0)for(let p=0;p<o;p++)B=B.double()}return B}function me(n){return Me(n.Fp),Bt(n,{n:"bigint",h:"bigint",Gx:"field",Gy:"field"},{nBitLength:"isSafeInteger",nByteLength:"isSafeInteger"}),Object.freeze({...de(n.n,n.nBitLength),...n,p:n.Fp.ORDER})}/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function Wt(n){n.lowS!==void 0&&dt("lowS",n.lowS),n.prehash!==void 0&&dt("prehash",n.prehash)}function $e(n){const e=me(n);Bt(e,{a:"field",b:"field"},{allowInfinityPoint:"boolean",allowedPrivateKeyLengths:"array",clearCofactor:"function",fromBytes:"function",isTorsionFree:"function",toBytes:"function",wrapPrivateKey:"boolean"});const{endo:t,Fp:r,a:i}=e;if(t){if(!r.eql(i,r.ZERO))throw new Error("invalid endo: CURVE.a must be 0");if(typeof t!="object"||typeof t.beta!="bigint"||typeof t.splitScalar!="function")throw new Error('invalid endo: expected "beta": bigint and "splitScalar": function')}return Object.freeze({...e})}class We extends Error{constructor(e=""){super(e)}}const F={Err:We,_tlv:{encode:(n,e)=>{const{Err:t}=F;if(n<0||n>256)throw new t("tlv.encode: wrong tag");if(e.length&1)throw new t("tlv.encode: unpadded data");const r=e.length/2,i=pt(r);if(i.length/2&128)throw new t("tlv.encode: long form length too big");const s=r>127?pt(i.length/2|128):"";return pt(n)+s+i+e},decode(n,e){const{Err:t}=F;let r=0;if(n<0||n>256)throw new t("tlv.encode: wrong tag");if(e.length<2||e[r++]!==n)throw new t("tlv.decode: wrong tlv");const i=e[r++],s=!!(i&128);let c=0;if(!s)c=i;else{const o=i&127;if(!o)throw new t("tlv.decode(long): indefinite length not supported");if(o>4)throw new t("tlv.decode(long): byte length is too big");const l=e.subarray(r,r+o);if(l.length!==o)throw new t("tlv.decode: length bytes not complete");if(l[0]===0)throw new t("tlv.decode(long): zero leftmost byte");for(const g of l)c=c<<8|g;if(r+=o,c<128)throw new t("tlv.decode(long): not minimal encoding")}const f=e.subarray(r,r+c);if(f.length!==c)throw new t("tlv.decode: wrong value length");return{v:f,l:e.subarray(r+c)}}},_int:{encode(n){const{Err:e}=F;if(n<X)throw new e("integer: negative integers are not allowed");let t=pt(n);if(Number.parseInt(t[0],16)&8&&(t="00"+t),t.length&1)throw new e("unexpected DER parsing assertion: unpadded hex");return t},decode(n){const{Err:e}=F;if(n[0]&128)throw new e("invalid signature integer: negative");if(n[0]===0&&!(n[1]&128))throw new e("invalid signature integer: unnecessary leading zero");return ot(n)}},toSig(n){const{Err:e,_int:t,_tlv:r}=F,i=K("signature",n),{v:s,l:c}=r.decode(48,i);if(c.length)throw new e("invalid signature: left bytes after parsing");const{v:f,l:o}=r.decode(2,s),{v:l,l:g}=r.decode(2,o);if(g.length)throw new e("invalid signature: left bytes after parsing");return{r:t.decode(f),s:t.decode(l)}},hexFromSig(n){const{_tlv:e,_int:t}=F,r=e.encode(2,t.encode(n.r)),i=e.encode(2,t.encode(n.s)),s=r+i;return e.encode(48,s)}};function Ut(n,e){return ht(gt(n,e))}const X=BigInt(0),Z=BigInt(1);BigInt(2);const _t=BigInt(3),Fe=BigInt(4);function Xe(n){const e=$e(n),{Fp:t}=e,r=Yt(e.n,e.nBitLength),i=e.toBytes||((A,a,w)=>{const b=a.toAffine();return xt(Uint8Array.from([4]),t.toBytes(b.x),t.toBytes(b.y))}),s=e.fromBytes||(A=>{const a=A.subarray(1),w=t.fromBytes(a.subarray(0,t.BYTES)),b=t.fromBytes(a.subarray(t.BYTES,2*t.BYTES));return{x:w,y:b}});function c(A){const{a,b:w}=e,b=t.sqr(A),v=t.mul(b,A);return t.add(t.add(v,t.mul(A,a)),w)}function f(A,a){const w=t.sqr(a),b=c(A);return t.eql(w,b)}if(!f(e.Gx,e.Gy))throw new Error("bad curve params: generator point");const o=t.mul(t.pow(e.a,_t),Fe),l=t.mul(t.sqr(e.b),BigInt(27));if(t.is0(t.add(o,l)))throw new Error("bad curve params: a or b");function g(A){return Mt(A,Z,e.n)}function h(A){const{allowedPrivateKeyLengths:a,nByteLength:w,wrapPrivateKey:b,n:v}=e;if(a&&typeof A!="bigint"){if(wt(A)&&(A=ht(A)),typeof A!="string"||!a.includes(A.length))throw new Error("invalid private key");A=A.padStart(w*2,"0")}let O;try{O=typeof A=="bigint"?A:ot(K("private key",A,w))}catch{throw new Error("invalid private key, expected hex or "+w+" bytes, got "+typeof A)}return b&&(O=M(O,v)),ft("private key",O,Z,v),O}function B(A){if(!(A instanceof p))throw new Error("ProjectivePoint expected")}const q=Pt((A,a)=>{const{px:w,py:b,pz:v}=A;if(t.eql(v,t.ONE))return{x:w,y:b};const O=A.is0();a==null&&(a=O?t.ONE:t.inv(v));const L=t.mul(w,a),H=t.mul(b,a),y=t.mul(v,a);if(O)return{x:t.ZERO,y:t.ZERO};if(!t.eql(y,t.ONE))throw new Error("invZ was invalid");return{x:L,y:H}}),_=Pt(A=>{if(A.is0()){if(e.allowInfinityPoint&&!t.is0(A.py))return;throw new Error("bad point: ZERO")}const{x:a,y:w}=A.toAffine();if(!t.isValid(a)||!t.isValid(w))throw new Error("bad point: x or y not FE");if(!f(a,w))throw new Error("bad point: equation left != right");if(!A.isTorsionFree())throw new Error("bad point: not in prime-order subgroup");return!0});class p{constructor(a,w,b){if(a==null||!t.isValid(a))throw new Error("x required");if(w==null||!t.isValid(w)||t.is0(w))throw new Error("y required");if(b==null||!t.isValid(b))throw new Error("z required");this.px=a,this.py=w,this.pz=b,Object.freeze(this)}static fromAffine(a){const{x:w,y:b}=a||{};if(!a||!t.isValid(w)||!t.isValid(b))throw new Error("invalid affine point");if(a instanceof p)throw new Error("projective point not allowed");const v=O=>t.eql(O,t.ZERO);return v(w)&&v(b)?p.ZERO:new p(w,b,t.ONE)}get x(){return this.toAffine().x}get y(){return this.toAffine().y}static normalizeZ(a){const w=le(t,a.map(b=>b.pz));return a.map((b,v)=>b.toAffine(w[v])).map(p.fromAffine)}static fromHex(a){const w=p.fromAffine(s(K("pointHex",a)));return w.assertValidity(),w}static fromPrivateKey(a){return p.BASE.multiply(h(a))}static msm(a,w){return Ge(p,r,a,w)}_setWindowSize(a){D.setWindowSize(this,a)}assertValidity(){_(this)}hasEvenY(){const{y:a}=this.toAffine();if(t.isOdd)return!t.isOdd(a);throw new Error("Field doesn't support isOdd")}equals(a){B(a);const{px:w,py:b,pz:v}=this,{px:O,py:L,pz:H}=a,y=t.eql(t.mul(w,H),t.mul(O,v)),N=t.eql(t.mul(b,H),t.mul(L,v));return y&&N}negate(){return new p(this.px,t.neg(this.py),this.pz)}double(){const{a,b:w}=e,b=t.mul(w,_t),{px:v,py:O,pz:L}=this;let H=t.ZERO,y=t.ZERO,N=t.ZERO,x=t.mul(v,v),T=t.mul(O,O),d=t.mul(L,L),u=t.mul(v,O);return u=t.add(u,u),N=t.mul(v,L),N=t.add(N,N),H=t.mul(a,N),y=t.mul(b,d),y=t.add(H,y),H=t.sub(T,y),y=t.add(T,y),y=t.mul(H,y),H=t.mul(u,H),N=t.mul(b,N),d=t.mul(a,d),u=t.sub(x,d),u=t.mul(a,u),u=t.add(u,N),N=t.add(x,x),x=t.add(N,x),x=t.add(x,d),x=t.mul(x,u),y=t.add(y,x),d=t.mul(O,L),d=t.add(d,d),x=t.mul(d,u),H=t.sub(H,x),N=t.mul(d,T),N=t.add(N,N),N=t.add(N,N),new p(H,y,N)}add(a){B(a);const{px:w,py:b,pz:v}=this,{px:O,py:L,pz:H}=a;let y=t.ZERO,N=t.ZERO,x=t.ZERO;const T=e.a,d=t.mul(e.b,_t);let u=t.mul(w,O),m=t.mul(b,L),I=t.mul(v,H),E=t.add(w,b),S=t.add(O,L);E=t.mul(E,S),S=t.add(u,m),E=t.sub(E,S),S=t.add(w,v);let U=t.add(O,H);return S=t.mul(S,U),U=t.add(u,I),S=t.sub(S,U),U=t.add(b,v),y=t.add(L,H),U=t.mul(U,y),y=t.add(m,I),U=t.sub(U,y),x=t.mul(T,S),y=t.mul(d,I),x=t.add(y,x),y=t.sub(m,x),x=t.add(m,x),N=t.mul(y,x),m=t.add(u,u),m=t.add(m,u),I=t.mul(T,I),S=t.mul(d,S),m=t.add(m,I),I=t.sub(u,I),I=t.mul(T,I),S=t.add(S,I),u=t.mul(m,S),N=t.add(N,u),u=t.mul(U,S),y=t.mul(E,y),y=t.sub(y,u),u=t.mul(E,m),x=t.mul(U,x),x=t.add(x,u),new p(y,N,x)}subtract(a){return this.add(a.negate())}is0(){return this.equals(p.ZERO)}wNAF(a){return D.wNAFCached(this,a,p.normalizeZ)}multiplyUnsafe(a){const{endo:w,n:b}=e;ft("scalar",a,X,b);const v=p.ZERO;if(a===X)return v;if(this.is0()||a===Z)return this;if(!w||D.hasPrecomputes(this))return D.wNAFCachedUnsafe(this,a,p.normalizeZ);let{k1neg:O,k1:L,k2neg:H,k2:y}=w.splitScalar(a),N=v,x=v,T=this;for(;L>X||y>X;)L&Z&&(N=N.add(T)),y&Z&&(x=x.add(T)),T=T.double(),L>>=Z,y>>=Z;return O&&(N=N.negate()),H&&(x=x.negate()),x=new p(t.mul(x.px,w.beta),x.py,x.pz),N.add(x)}multiply(a){const{endo:w,n:b}=e;ft("scalar",a,Z,b);let v,O;if(w){const{k1neg:L,k1:H,k2neg:y,k2:N}=w.splitScalar(a);let{p:x,f:T}=this.wNAF(H),{p:d,f:u}=this.wNAF(N);x=D.constTimeNegate(L,x),d=D.constTimeNegate(y,d),d=new p(t.mul(d.px,w.beta),d.py,d.pz),v=x.add(d),O=T.add(u)}else{const{p:L,f:H}=this.wNAF(a);v=L,O=H}return p.normalizeZ([v,O])[0]}multiplyAndAddUnsafe(a,w,b){const v=p.BASE,O=(H,y)=>y===X||y===Z||!H.equals(v)?H.multiplyUnsafe(y):H.multiply(y),L=O(this,w).add(O(a,b));return L.is0()?void 0:L}toAffine(a){return q(this,a)}isTorsionFree(){const{h:a,isTorsionFree:w}=e;if(a===Z)return!0;if(w)return w(p,this);throw new Error("isTorsionFree() has not been declared for the elliptic curve")}clearCofactor(){const{h:a,clearCofactor:w}=e;return a===Z?this:w?w(p,this):this.multiplyUnsafe(e.h)}toRawBytes(a=!0){return dt("isCompressed",a),this.assertValidity(),i(p,this,a)}toHex(a=!0){return dt("isCompressed",a),ht(this.toRawBytes(a))}}p.BASE=new p(e.Gx,e.Gy,t.ONE),p.ZERO=new p(t.ZERO,t.ONE,t.ZERO);const{endo:k,nBitLength:R}=e,D=De(p,k?Math.ceil(R/2):R);return{CURVE:e,ProjectivePoint:p,normPrivateKeyToScalar:h,weierstrassEquation:c,isWithinCurveOrder:g}}function Qe(n){const e=me(n);return Bt(e,{hash:"hash",hmac:"function",randomBytes:"function"},{bits2int:"function",bits2int_modN:"function",lowS:"boolean"}),Object.freeze({lowS:!0,...e})}function Je(n){const e=Qe(n),{Fp:t,n:r,nByteLength:i,nBitLength:s}=e,c=t.BYTES+1,f=2*t.BYTES+1;function o(d){return M(d,r)}function l(d){return Zt(d,r)}const{ProjectivePoint:g,normPrivateKeyToScalar:h,weierstrassEquation:B,isWithinCurveOrder:q}=Xe({...e,toBytes(d,u,m){const I=u.toAffine(),E=t.toBytes(I.x),S=xt;return dt("isCompressed",m),m?S(Uint8Array.from([u.hasEvenY()?2:3]),E):S(Uint8Array.from([4]),E,t.toBytes(I.y))},fromBytes(d){const u=d.length,m=d[0],I=d.subarray(1);if(u===c&&(m===2||m===3)){const E=ot(I);if(!Mt(E,Z,t.ORDER))throw new Error("Point is not on curve");const S=B(E);let U;try{U=t.sqrt(S)}catch(P){const V=P instanceof Error?": "+P.message:"";throw new Error("Point is not on curve"+V)}const z=(U&Z)===Z;return(m&1)===1!==z&&(U=t.neg(U)),{x:E,y:U}}else if(u===f&&m===4){const E=t.fromBytes(I.subarray(0,t.BYTES)),S=t.fromBytes(I.subarray(t.BYTES,2*t.BYTES));return{x:E,y:S}}else{const E=c,S=f;throw new Error("invalid Point, expected length of "+E+", or uncompressed "+S+", got "+u)}}});function _(d){const u=r>>Z;return d>u}function p(d){return _(d)?o(-d):d}const k=(d,u,m)=>ot(d.slice(u,m));class R{constructor(u,m,I){ft("r",u,Z,r),ft("s",m,Z,r),this.r=u,this.s=m,I!=null&&(this.recovery=I),Object.freeze(this)}static fromCompact(u){const m=i;return u=K("compactSignature",u,m*2),new R(k(u,0,m),k(u,m,2*m))}static fromDER(u){const{r:m,s:I}=F.toSig(K("DER",u));return new R(m,I)}assertValidity(){}addRecoveryBit(u){return new R(this.r,this.s,u)}recoverPublicKey(u){const{r:m,s:I,recovery:E}=this,S=v(K("msgHash",u));if(E==null||![0,1,2,3].includes(E))throw new Error("recovery id invalid");const U=E===2||E===3?m+e.n:m;if(U>=t.ORDER)throw new Error("recovery id 2 or 3 invalid");const z=E&1?"03":"02",$=g.fromHex(z+Ut(U,t.BYTES)),P=l(U),V=o(-S*P),it=o(I*P),Q=g.BASE.multiplyAndAddUnsafe($,V,it);if(!Q)throw new Error("point at infinify");return Q.assertValidity(),Q}hasHighS(){return _(this.s)}normalizeS(){return this.hasHighS()?new R(this.r,o(-this.s),this.recovery):this}toDERRawBytes(){return yt(this.toDERHex())}toDERHex(){return F.hexFromSig(this)}toCompactRawBytes(){return yt(this.toCompactHex())}toCompactHex(){const u=i;return Ut(this.r,u)+Ut(this.s,u)}}const D={isValidPrivateKey(d){try{return h(d),!0}catch{return!1}},normPrivateKeyToScalar:h,randomPrivateKey:()=>{const d=we(e.n);return je(e.randomBytes(d),e.n)},precompute(d=8,u=g.BASE){return u._setWindowSize(d),u.multiply(BigInt(3)),u}};function A(d,u=!0){return g.fromPrivateKey(d).toRawBytes(u)}function a(d){if(typeof d=="bigint")return!1;if(d instanceof g)return!0;const m=K("key",d).length,I=t.BYTES,E=I+1,S=2*I+1;if(!(e.allowedPrivateKeyLengths||i===E))return m===E||m===S}function w(d,u,m=!0){if(a(d)===!0)throw new Error("first arg must be private key");if(a(u)===!1)throw new Error("second arg must be public key");return g.fromHex(u).multiply(h(d)).toRawBytes(m)}const b=e.bits2int||function(d){if(d.length>8192)throw new Error("input is too large");const u=ot(d),m=d.length*8-s;return m>0?u>>BigInt(m):u},v=e.bits2int_modN||function(d){return o(b(d))},O=Et(s);function L(d){return ft("num < 2^"+s,d,X,O),gt(d,i)}function H(d,u,m=y){if(["recovered","canonical"].some(et=>et in m))throw new Error("sign() legacy options not supported");const{hash:I,randomBytes:E}=e;let{lowS:S,prehash:U,extraEntropy:z}=m;S==null&&(S=!0),d=K("msgHash",d),Wt(m),U&&(d=K("prehashed msgHash",I(d)));const $=v(d),P=h(u),V=[L(P),L($)];if(z!=null&&z!==!1){const et=z===!0?E(t.BYTES):z;V.push(K("extraEntropy",et))}const it=xt(...V),Q=$;function vt(et){const st=b(et);if(!q(st))return;const St=l(st),at=g.BASE.multiply(st).toAffine(),nt=o(at.x);if(nt===X)return;const ut=o(St*o(Q+nt*P));if(ut===X)return;let lt=(at.x===nt?0:2)|Number(at.y&Z),ct=ut;return S&&_(ut)&&(ct=p(ut),lt^=1),new R(nt,ct,lt)}return{seed:it,k2sig:vt}}const y={lowS:e.lowS,prehash:!1},N={lowS:e.lowS,prehash:!1};function x(d,u,m=y){const{seed:I,k2sig:E}=H(d,u,m),S=e;return Re(S.hash.outputLen,S.nByteLength,S.hmac)(I,E)}g.BASE._setWindowSize(8);function T(d,u,m,I=N){var lt;const E=d;u=K("msgHash",u),m=K("publicKey",m);const{lowS:S,prehash:U,format:z}=I;if(Wt(I),"strict"in I)throw new Error("options.strict was renamed to lowS");if(z!==void 0&&z!=="compact"&&z!=="der")throw new Error("format must be compact or der");const $=typeof E=="string"||wt(E),P=!$&&!z&&typeof E=="object"&&E!==null&&typeof E.r=="bigint"&&typeof E.s=="bigint";if(!$&&!P)throw new Error("invalid signature, expected Uint8Array, hex string or Signature instance");let V,it;try{if(P&&(V=new R(E.r,E.s)),$){try{z!=="compact"&&(V=R.fromDER(E))}catch(ct){if(!(ct instanceof F.Err))throw ct}!V&&z!=="der"&&(V=R.fromCompact(E))}it=g.fromHex(m)}catch{return!1}if(!V||S&&V.hasHighS())return!1;U&&(u=e.hash(u));const{r:Q,s:vt}=V,et=v(u),st=l(vt),St=o(et*st),at=o(Q*st),nt=(lt=g.BASE.multiplyAndAddUnsafe(it,St,at))==null?void 0:lt.toAffine();return nt?o(nt.x)===Q:!1}return{CURVE:e,getPublicKey:A,getSharedSecret:w,sign:x,verify:T,ProjectivePoint:g,Signature:R,utils:D}}/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */function tn(n){return{hash:n,hmac:(e,...t)=>ne(n,e,Se(...t)),randomBytes:ve}}function en(n,e){const t=r=>Je({...n,...tn(r)});return{...t(e),create:t}}/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const be=BigInt("0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"),Ft=BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141"),nn=BigInt(0),rn=BigInt(1),kt=BigInt(2),Xt=(n,e)=>(n+e/kt)/e;function on(n){const e=be,t=BigInt(3),r=BigInt(6),i=BigInt(11),s=BigInt(22),c=BigInt(23),f=BigInt(44),o=BigInt(88),l=n*n*n%e,g=l*l*n%e,h=j(g,t,e)*g%e,B=j(h,t,e)*g%e,q=j(B,kt,e)*l%e,_=j(q,i,e)*q%e,p=j(_,s,e)*_%e,k=j(p,f,e)*p%e,R=j(k,o,e)*k%e,D=j(R,f,e)*p%e,A=j(D,t,e)*g%e,a=j(A,c,e)*_%e,w=j(a,r,e)*l%e,b=j(w,kt,e);if(!zt.eql(zt.sqr(b),n))throw new Error("Cannot find square root");return b}const zt=Yt(be,void 0,void 0,{sqrt:on}),cn=en({a:nn,b:BigInt(7),Fp:zt,n:Ft,Gx:BigInt("55066263022277343669578718895168534326250603453777594175500187360389116729240"),Gy:BigInt("32670510020758816978083085130507043184471273380659243275938904335757337482424"),h:BigInt(1),lowS:!0,endo:{beta:BigInt("0x7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee"),splitScalar:n=>{const e=Ft,t=BigInt("0x3086d221a7d46bcde86c90e49284eb15"),r=-rn*BigInt("0xe4437ed6010e88286f547fa90abfe4c3"),i=BigInt("0x114ca50f7a8e2f3f657c1108d9d44cfd8"),s=t,c=BigInt("0x100000000000000000000000000000000"),f=Xt(s*n,e),o=Xt(-r*n,e);let l=M(n-f*t-o*i,e),g=M(-f*r-o*s,e);const h=l>c,B=g>c;if(h&&(l=e-l),B&&(g=e-g),l>c||g>c)throw new Error("splitScalar: Endomorphism failed, k="+n);return{k1neg:h,k1:l,k2neg:B,k2:g}}}},Le);export{cn as secp256k1};
|