From d6dc7fbb1010d126f0c871009796e4be06765f90 Mon Sep 17 00:00:00 2001 From: Matthew Raymer Date: Tue, 14 Nov 2023 02:56:59 -0500 Subject: [PATCH] Beefing up registration and activation of the service worker. --- package-lock.json | 55 +- package.json | 4 +- src/App.vue | 3 + src/libs/endorserServer.ts | 12 +- src/registerServiceWorker.ts | 2 +- src/views/ContactsView.vue | 4 +- sw_scripts/additional-scripts.js | 73 +- sw_scripts/nacl.js | 1766 +++++++++++++++------------- sw_scripts/safari-notifications.js | 119 +- sw_scripts/secp256k1.js | 465 ++++---- sw_scripts/sw-bn.js | 742 ++++++------ vue.config.js | 8 +- 12 files changed, 1753 insertions(+), 1500 deletions(-) diff --git a/package-lock.json b/package-lock.json index bbc2b6b..137b14c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -75,13 +75,13 @@ "@vue/cli-service": "~5.0.8", "@vue/eslint-config-typescript": "^11.0.3", "autoprefixer": "^10.4.15", - "eslint": "^8.48.0", + "eslint": "^8.53.0", "eslint-config-prettier": "^9.0.0", "eslint-plugin-prettier": "^5.0.0", "eslint-plugin-vue": "^9.17.0", "leaflet": "^1.9.4", "postcss": "^8.4.29", - "prettier": "^3.0.3", + "prettier": "^3.1.0", "tailwindcss": "^3.3.3", "typescript": "~5.2.2" } @@ -2824,9 +2824,9 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.2.tgz", - "integrity": "sha512-+wvgpDsrB1YqAMdEUCcnTlpfVBH7Vqn6A/NT3D8WVXFIaKMlErPIZT3oCIAVCOtarRpMtelZLqJeU3t7WY6X6g==", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.3.tgz", + "integrity": "sha512-yZzuIG+jnVu6hNSzFEN07e8BxF3uAzYtQb6uDkaYZLo6oYZDCq454c5kB8zxnzfCYyP4MIuyBn10L0DqwujTmA==", "dev": true, "dependencies": { "ajv": "^6.12.4", @@ -2874,9 +2874,9 @@ } }, "node_modules/@eslint/js": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.51.0.tgz", - "integrity": "sha512-HxjQ8Qn+4SI3/AFv6sOrDB+g6PpUTDwSJiQqOrnneEk8L71161srI9gjzzZvYVbzHiVg/BvcH95+cK/zfIt4pg==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.53.0.tgz", + "integrity": "sha512-Kn7K8dx/5U6+cT1yEhpX1w4PCSg0M+XyRILPgvwcEBjerFWCwQj5sbr3/VmxqV0JGHCBCzyd6LxypEuehypY1w==", "dev": true, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -5501,12 +5501,12 @@ } }, "node_modules/@humanwhocodes/config-array": { - "version": "0.11.11", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.11.tgz", - "integrity": "sha512-N2brEuAadi0CcdeMXUkhbZB84eskAc8MEX1By6qEchoVywSgXPIjou4rYsl0V3Hj0ZnuGycGCjdNgockbzeWNA==", + "version": "0.11.13", + "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.13.tgz", + "integrity": "sha512-JSBDMiDKSzQVngfRjOdFXgFfklaXI4K9nLF49Auh21lmBWRLIK3+xTErTWD4KU54pb6coM6ESE7Awz/FNU3zgQ==", "dev": true, "dependencies": { - "@humanwhocodes/object-schema": "^1.2.1", + "@humanwhocodes/object-schema": "^2.0.1", "debug": "^4.1.1", "minimatch": "^3.0.5" }, @@ -5528,9 +5528,9 @@ } }, "node_modules/@humanwhocodes/object-schema": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", - "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.1.tgz", + "integrity": "sha512-dvuCeX5fC9dXgJn9t+X5atfmgQAzUOWqS1254Gh0m6i8wKd10ebXkfNKiRK+1GWi/yTvvLDHpoxLr0xxxeslWw==", "dev": true }, "node_modules/@jest/create-cache-key-function": { @@ -9225,6 +9225,12 @@ "url": "https://opencollective.com/typescript-eslint" } }, + "node_modules/@ungap/structured-clone": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.2.0.tgz", + "integrity": "sha512-zuVdFrMJiuCDQUMCzQaD6KL28MjnqqN8XnAqiEq9PNm/hCPTSGfrXCOfwj1ow4LFb/tNymJPwsNbVePc1xFqrQ==", + "dev": true + }, "node_modules/@unimodules/core": { "version": "7.1.2", "resolved": "https://registry.npmjs.org/@unimodules/core/-/core-7.1.2.tgz", @@ -14239,18 +14245,19 @@ } }, "node_modules/eslint": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.51.0.tgz", - "integrity": "sha512-2WuxRZBrlwnXi+/vFSJyjMqrNjtJqiasMzehF0shoLaW7DzS3/9Yvrmq5JiT66+pNjiX4UBnLDiKHcWAr/OInA==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.53.0.tgz", + "integrity": "sha512-N4VuiPjXDUa4xVeV/GC/RV3hQW9Nw+Y463lkWaKKXKYMvmRiRDAtfpuPFLN+E1/6ZhyR8J2ig+eVREnYgUsiag==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.6.1", - "@eslint/eslintrc": "^2.1.2", - "@eslint/js": "8.51.0", - "@humanwhocodes/config-array": "^0.11.11", + "@eslint/eslintrc": "^2.1.3", + "@eslint/js": "8.53.0", + "@humanwhocodes/config-array": "^0.11.13", "@humanwhocodes/module-importer": "^1.0.1", "@nodelib/fs.walk": "^1.2.8", + "@ungap/structured-clone": "^1.2.0", "ajv": "^6.12.4", "chalk": "^4.0.0", "cross-spawn": "^7.0.2", @@ -23164,9 +23171,9 @@ } }, "node_modules/prettier": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.0.3.tgz", - "integrity": "sha512-L/4pUDMxcNa8R/EthV08Zt42WBO4h1rarVtK0K+QJG0X187OLo7l699jWw0GKuwzkPQ//jMFA/8Xm6Fh3J/DAg==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.1.0.tgz", + "integrity": "sha512-TQLvXjq5IAibjh8EpBIkNKxO749UEWABoiIZehEPiY4GNpVdhaFKqSTu+QrlU6D2dPAfubRmtJTi4K4YkQ5eXw==", "dev": true, "bin": { "prettier": "bin/prettier.cjs" diff --git a/package.json b/package.json index bbd78bb..11ce0c0 100644 --- a/package.json +++ b/package.json @@ -75,13 +75,13 @@ "@vue/cli-service": "~5.0.8", "@vue/eslint-config-typescript": "^11.0.3", "autoprefixer": "^10.4.15", - "eslint": "^8.48.0", + "eslint": "^8.53.0", "eslint-config-prettier": "^9.0.0", "eslint-plugin-prettier": "^5.0.0", "eslint-plugin-vue": "^9.17.0", "leaflet": "^1.9.4", "postcss": "^8.4.29", - "prettier": "^3.0.3", + "prettier": "^3.1.0", "tailwindcss": "^3.3.3", "typescript": "~5.2.2" } diff --git a/src/App.vue b/src/App.vue index 9100d99..c6d45d6 100644 --- a/src/App.vue +++ b/src/App.vue @@ -295,6 +295,9 @@ export default class App extends Vue { .then((response: VapidResponse) => { this.b64 = response.data.vapidKey; console.log(this.b64); + navigator.serviceWorker.addEventListener("controllerchange", () => { + console.log("New service worker is now controlling the page"); + }); }) .catch((error: AxiosError) => { console.error("API error", error); diff --git a/src/libs/endorserServer.ts b/src/libs/endorserServer.ts index 628d5ba..01fdeed 100644 --- a/src/libs/endorserServer.ts +++ b/src/libs/endorserServer.ts @@ -134,8 +134,8 @@ export function didInfo( return contact ? contact.name || "Contact With No Name" : isHiddenDid(did) - ? "Someone Not In Network" - : "Someone Not In Contacts"; + ? "Someone Not In Network" + : "Someone Not In Contacts"; } export interface ResultWithType { @@ -231,10 +231,10 @@ export async function createAndSubmitGive( error === null ? "Null error" : error instanceof Error - ? error.message - : typeof error === "object" && error !== null && "message" in error - ? (error as { message: string }).message - : "Unknown error"; + ? error.message + : typeof error === "object" && error !== null && "message" in error + ? (error as { message: string }).message + : "Unknown error"; return { type: "error", diff --git a/src/registerServiceWorker.ts b/src/registerServiceWorker.ts index 5b60bb7..22ca9b9 100644 --- a/src/registerServiceWorker.ts +++ b/src/registerServiceWorker.ts @@ -3,7 +3,7 @@ import { register } from "register-service-worker"; if (process.env.NODE_ENV === "production") { - register(`${process.env.BASE_URL}service-worker.js`, { + register("/additional-scripts.js", { ready() { console.log( "App is being served from cache by a service worker.\n" + diff --git a/src/views/ContactsView.vue b/src/views/ContactsView.vue index fc3d33f..15e598e 100644 --- a/src/views/ContactsView.vue +++ b/src/views/ContactsView.vue @@ -67,8 +67,8 @@ showGiveTotals ? "Total" : showGiveConfirmed - ? "Confirmed" - : "Unconfirmed" + ? "Confirmed" + : "Unconfirmed" }}
diff --git a/sw_scripts/additional-scripts.js b/sw_scripts/additional-scripts.js index 3bcaac4..c39a815 100644 --- a/sw_scripts/additional-scripts.js +++ b/sw_scripts/additional-scripts.js @@ -1,30 +1,55 @@ +/* eslint-env serviceworker */ +/* global workbox */ +importScripts( + "https://storage.googleapis.com/workbox-cdn/releases/6.4.1/workbox-sw.js", +); + +self.addEventListener("install", (event) => { + event.waitUntil( + (async () => { + importScripts("safari-notifications.js"); + })(), + ); +}); self.addEventListener("push", function (event) { - event.waitUntil((async () => { - try { - let payload; - if (event.data) { - payload = JSON.parse(event.data.text()); - } - let value = await self.getNotificationCount(); - const title = payload ? payload.title : "Custom Title"; - const options = { - body: payload ? value : "SAMPLE", - icon: payload ? payload.icon : "icon.png", - badge: payload ? payload.badge : "badge.png", - }; - await self.registration.showNotification(title, options); - } catch (error) { - console.error('Error in processing the push event:', error); - } - })()); + event.waitUntil( + (async () => { + try { + let payload; + if (event.data) { + payload = JSON.parse(event.data.text()); + } + const value = await self.getNotificationCount(); + const title = payload ? payload.title : "Custom Title"; + const options = { + body: payload ? value : "SAMPLE", + icon: payload ? payload.icon : "icon.png", + badge: payload ? payload.badge : "badge.png", + }; + await self.registration.showNotification(title, options); + } catch (error) { + console.error("Error in processing the push event:", error); + } + })(), + ); +}); + +self.addEventListener("message", (event) => { + if (event.data && event.data.type === "SEND_LOCAL_DATA") { + self.secret = event.data.data; + console.log("Data stored in service worker:", self.secret); + event.ports[0].postMessage({ success: true }); + } }); +self.addEventListener("activate", (event) => { + event.waitUntil(clients.claim()); + console.log("Service worker activated", event); +}); -self.addEventListener('message', event => { - if (event.data && event.data.type === 'SEND_LOCAL_DATA') { - self.secret = event.data.data; - console.log('Data stored in service worker:', self.secret); - event.ports[0].postMessage({ success: true }); - } +self.addEventListener("fetch", (event) => { + console.log(event.request); }); + +workbox.precaching.precacheAndRoute(self.__WB_MANIFEST); diff --git a/sw_scripts/nacl.js b/sw_scripts/nacl.js index c8d60b6..10d9dc3 100644 --- a/sw_scripts/nacl.js +++ b/sw_scripts/nacl.js @@ -1,861 +1,1051 @@ - function vn(x, xi, y, yi, n) { - var i, d = 0; - for (i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]; - return (1 & ((d - 1) >>> 8)) - 1; + var i, + d = 0; + for (i = 0; i < n; i++) d |= x[xi + i] ^ y[yi + i]; + return (1 & ((d - 1) >>> 8)) - 1; } function crypto_verify_16(x, xi, y, yi) { - return vn(x, xi, y, yi, 16); + return vn(x, xi, y, yi, 16); } var crypto_secretbox_KEYBYTES = 32, - crypto_secretbox_NONCEBYTES = 24, - crypto_secretbox_ZEROBYTES = 32, - crypto_secretbox_BOXZEROBYTES = 16, - crypto_scalarmult_BYTES = 32, - crypto_scalarmult_SCALARBYTES = 32, - crypto_box_PUBLICKEYBYTES = 32, - crypto_box_SECRETKEYBYTES = 32, - crypto_box_BEFORENMBYTES = 32, - crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES, - crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES, - crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES, - crypto_sign_BYTES = 64, - crypto_sign_PUBLICKEYBYTES = 32, - crypto_sign_SECRETKEYBYTES = 64, - crypto_sign_SEEDBYTES = 32, - crypto_hash_BYTES = 64; - + crypto_secretbox_NONCEBYTES = 24, + crypto_secretbox_ZEROBYTES = 32, + crypto_secretbox_BOXZEROBYTES = 16, + crypto_scalarmult_BYTES = 32, + crypto_scalarmult_SCALARBYTES = 32, + crypto_box_PUBLICKEYBYTES = 32, + crypto_box_SECRETKEYBYTES = 32, + crypto_box_BEFORENMBYTES = 32, + crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES, + crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES, + crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES, + crypto_sign_BYTES = 64, + crypto_sign_PUBLICKEYBYTES = 32, + crypto_sign_SECRETKEYBYTES = 64, + crypto_sign_SEEDBYTES = 32, + crypto_hash_BYTES = 64; function core_salsa20(o, p, k, c) { - var j0 = c[0] & 0xff | (c[1] & 0xff) << 8 | (c[2] & 0xff) << 16 | (c[3] & 0xff) << 24, - j1 = k[0] & 0xff | (k[1] & 0xff) << 8 | (k[2] & 0xff) << 16 | (k[3] & 0xff) << 24, - j2 = k[4] & 0xff | (k[5] & 0xff) << 8 | (k[6] & 0xff) << 16 | (k[7] & 0xff) << 24, - j3 = k[8] & 0xff | (k[9] & 0xff) << 8 | (k[10] & 0xff) << 16 | (k[11] & 0xff) << 24, - j4 = k[12] & 0xff | (k[13] & 0xff) << 8 | (k[14] & 0xff) << 16 | (k[15] & 0xff) << 24, - j5 = c[4] & 0xff | (c[5] & 0xff) << 8 | (c[6] & 0xff) << 16 | (c[7] & 0xff) << 24, - j6 = p[0] & 0xff | (p[1] & 0xff) << 8 | (p[2] & 0xff) << 16 | (p[3] & 0xff) << 24, - j7 = p[4] & 0xff | (p[5] & 0xff) << 8 | (p[6] & 0xff) << 16 | (p[7] & 0xff) << 24, - j8 = p[8] & 0xff | (p[9] & 0xff) << 8 | (p[10] & 0xff) << 16 | (p[11] & 0xff) << 24, - j9 = p[12] & 0xff | (p[13] & 0xff) << 8 | (p[14] & 0xff) << 16 | (p[15] & 0xff) << 24, - j10 = c[8] & 0xff | (c[9] & 0xff) << 8 | (c[10] & 0xff) << 16 | (c[11] & 0xff) << 24, - j11 = k[16] & 0xff | (k[17] & 0xff) << 8 | (k[18] & 0xff) << 16 | (k[19] & 0xff) << 24, - j12 = k[20] & 0xff | (k[21] & 0xff) << 8 | (k[22] & 0xff) << 16 | (k[23] & 0xff) << 24, - j13 = k[24] & 0xff | (k[25] & 0xff) << 8 | (k[26] & 0xff) << 16 | (k[27] & 0xff) << 24, - j14 = k[28] & 0xff | (k[29] & 0xff) << 8 | (k[30] & 0xff) << 16 | (k[31] & 0xff) << 24, - j15 = c[12] & 0xff | (c[13] & 0xff) << 8 | (c[14] & 0xff) << 16 | (c[15] & 0xff) << 24; - - var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7, - x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14, - x15 = j15, u; - - for (var i = 0; i < 20; i += 2) { - u = x0 + x12 | 0; - x4 ^= u << 7 | u >>> (32 - 7); - u = x4 + x0 | 0; - x8 ^= u << 9 | u >>> (32 - 9); - u = x8 + x4 | 0; - x12 ^= u << 13 | u >>> (32 - 13); - u = x12 + x8 | 0; - x0 ^= u << 18 | u >>> (32 - 18); - - u = x5 + x1 | 0; - x9 ^= u << 7 | u >>> (32 - 7); - u = x9 + x5 | 0; - x13 ^= u << 9 | u >>> (32 - 9); - u = x13 + x9 | 0; - x1 ^= u << 13 | u >>> (32 - 13); - u = x1 + x13 | 0; - x5 ^= u << 18 | u >>> (32 - 18); - - u = x10 + x6 | 0; - x14 ^= u << 7 | u >>> (32 - 7); - u = x14 + x10 | 0; - x2 ^= u << 9 | u >>> (32 - 9); - u = x2 + x14 | 0; - x6 ^= u << 13 | u >>> (32 - 13); - u = x6 + x2 | 0; - x10 ^= u << 18 | u >>> (32 - 18); - - u = x15 + x11 | 0; - x3 ^= u << 7 | u >>> (32 - 7); - u = x3 + x15 | 0; - x7 ^= u << 9 | u >>> (32 - 9); - u = x7 + x3 | 0; - x11 ^= u << 13 | u >>> (32 - 13); - u = x11 + x7 | 0; - x15 ^= u << 18 | u >>> (32 - 18); - - u = x0 + x3 | 0; - x1 ^= u << 7 | u >>> (32 - 7); - u = x1 + x0 | 0; - x2 ^= u << 9 | u >>> (32 - 9); - u = x2 + x1 | 0; - x3 ^= u << 13 | u >>> (32 - 13); - u = x3 + x2 | 0; - x0 ^= u << 18 | u >>> (32 - 18); - - u = x5 + x4 | 0; - x6 ^= u << 7 | u >>> (32 - 7); - u = x6 + x5 | 0; - x7 ^= u << 9 | u >>> (32 - 9); - u = x7 + x6 | 0; - x4 ^= u << 13 | u >>> (32 - 13); - u = x4 + x7 | 0; - x5 ^= u << 18 | u >>> (32 - 18); - - u = x10 + x9 | 0; - x11 ^= u << 7 | u >>> (32 - 7); - u = x11 + x10 | 0; - x8 ^= u << 9 | u >>> (32 - 9); - u = x8 + x11 | 0; - x9 ^= u << 13 | u >>> (32 - 13); - u = x9 + x8 | 0; - x10 ^= u << 18 | u >>> (32 - 18); - - u = x15 + x14 | 0; - x12 ^= u << 7 | u >>> (32 - 7); - u = x12 + x15 | 0; - x13 ^= u << 9 | u >>> (32 - 9); - u = x13 + x12 | 0; - x14 ^= u << 13 | u >>> (32 - 13); - u = x14 + x13 | 0; - x15 ^= u << 18 | u >>> (32 - 18); - } - x0 = x0 + j0 | 0; - x1 = x1 + j1 | 0; - x2 = x2 + j2 | 0; - x3 = x3 + j3 | 0; - x4 = x4 + j4 | 0; - x5 = x5 + j5 | 0; - x6 = x6 + j6 | 0; - x7 = x7 + j7 | 0; - x8 = x8 + j8 | 0; - x9 = x9 + j9 | 0; - x10 = x10 + j10 | 0; - x11 = x11 + j11 | 0; - x12 = x12 + j12 | 0; - x13 = x13 + j13 | 0; - x14 = x14 + j14 | 0; - x15 = x15 + j15 | 0; - - o[0] = x0 >>> 0 & 0xff; - o[1] = x0 >>> 8 & 0xff; - o[2] = x0 >>> 16 & 0xff; - o[3] = x0 >>> 24 & 0xff; - - o[4] = x1 >>> 0 & 0xff; - o[5] = x1 >>> 8 & 0xff; - o[6] = x1 >>> 16 & 0xff; - o[7] = x1 >>> 24 & 0xff; - - o[8] = x2 >>> 0 & 0xff; - o[9] = x2 >>> 8 & 0xff; - o[10] = x2 >>> 16 & 0xff; - o[11] = x2 >>> 24 & 0xff; - - o[12] = x3 >>> 0 & 0xff; - o[13] = x3 >>> 8 & 0xff; - o[14] = x3 >>> 16 & 0xff; - o[15] = x3 >>> 24 & 0xff; - - o[16] = x4 >>> 0 & 0xff; - o[17] = x4 >>> 8 & 0xff; - o[18] = x4 >>> 16 & 0xff; - o[19] = x4 >>> 24 & 0xff; - - o[20] = x5 >>> 0 & 0xff; - o[21] = x5 >>> 8 & 0xff; - o[22] = x5 >>> 16 & 0xff; - o[23] = x5 >>> 24 & 0xff; - - o[24] = x6 >>> 0 & 0xff; - o[25] = x6 >>> 8 & 0xff; - o[26] = x6 >>> 16 & 0xff; - o[27] = x6 >>> 24 & 0xff; - - o[28] = x7 >>> 0 & 0xff; - o[29] = x7 >>> 8 & 0xff; - o[30] = x7 >>> 16 & 0xff; - o[31] = x7 >>> 24 & 0xff; - - o[32] = x8 >>> 0 & 0xff; - o[33] = x8 >>> 8 & 0xff; - o[34] = x8 >>> 16 & 0xff; - o[35] = x8 >>> 24 & 0xff; - - o[36] = x9 >>> 0 & 0xff; - o[37] = x9 >>> 8 & 0xff; - o[38] = x9 >>> 16 & 0xff; - o[39] = x9 >>> 24 & 0xff; - - o[40] = x10 >>> 0 & 0xff; - o[41] = x10 >>> 8 & 0xff; - o[42] = x10 >>> 16 & 0xff; - o[43] = x10 >>> 24 & 0xff; - - o[44] = x11 >>> 0 & 0xff; - o[45] = x11 >>> 8 & 0xff; - o[46] = x11 >>> 16 & 0xff; - o[47] = x11 >>> 24 & 0xff; - - o[48] = x12 >>> 0 & 0xff; - o[49] = x12 >>> 8 & 0xff; - o[50] = x12 >>> 16 & 0xff; - o[51] = x12 >>> 24 & 0xff; - - o[52] = x13 >>> 0 & 0xff; - o[53] = x13 >>> 8 & 0xff; - o[54] = x13 >>> 16 & 0xff; - o[55] = x13 >>> 24 & 0xff; - - o[56] = x14 >>> 0 & 0xff; - o[57] = x14 >>> 8 & 0xff; - o[58] = x14 >>> 16 & 0xff; - o[59] = x14 >>> 24 & 0xff; - - o[60] = x15 >>> 0 & 0xff; - o[61] = x15 >>> 8 & 0xff; - o[62] = x15 >>> 16 & 0xff; - o[63] = x15 >>> 24 & 0xff; + var j0 = + (c[0] & 0xff) | + ((c[1] & 0xff) << 8) | + ((c[2] & 0xff) << 16) | + ((c[3] & 0xff) << 24), + j1 = + (k[0] & 0xff) | + ((k[1] & 0xff) << 8) | + ((k[2] & 0xff) << 16) | + ((k[3] & 0xff) << 24), + j2 = + (k[4] & 0xff) | + ((k[5] & 0xff) << 8) | + ((k[6] & 0xff) << 16) | + ((k[7] & 0xff) << 24), + j3 = + (k[8] & 0xff) | + ((k[9] & 0xff) << 8) | + ((k[10] & 0xff) << 16) | + ((k[11] & 0xff) << 24), + j4 = + (k[12] & 0xff) | + ((k[13] & 0xff) << 8) | + ((k[14] & 0xff) << 16) | + ((k[15] & 0xff) << 24), + j5 = + (c[4] & 0xff) | + ((c[5] & 0xff) << 8) | + ((c[6] & 0xff) << 16) | + ((c[7] & 0xff) << 24), + j6 = + (p[0] & 0xff) | + ((p[1] & 0xff) << 8) | + ((p[2] & 0xff) << 16) | + ((p[3] & 0xff) << 24), + j7 = + (p[4] & 0xff) | + ((p[5] & 0xff) << 8) | + ((p[6] & 0xff) << 16) | + ((p[7] & 0xff) << 24), + j8 = + (p[8] & 0xff) | + ((p[9] & 0xff) << 8) | + ((p[10] & 0xff) << 16) | + ((p[11] & 0xff) << 24), + j9 = + (p[12] & 0xff) | + ((p[13] & 0xff) << 8) | + ((p[14] & 0xff) << 16) | + ((p[15] & 0xff) << 24), + j10 = + (c[8] & 0xff) | + ((c[9] & 0xff) << 8) | + ((c[10] & 0xff) << 16) | + ((c[11] & 0xff) << 24), + j11 = + (k[16] & 0xff) | + ((k[17] & 0xff) << 8) | + ((k[18] & 0xff) << 16) | + ((k[19] & 0xff) << 24), + j12 = + (k[20] & 0xff) | + ((k[21] & 0xff) << 8) | + ((k[22] & 0xff) << 16) | + ((k[23] & 0xff) << 24), + j13 = + (k[24] & 0xff) | + ((k[25] & 0xff) << 8) | + ((k[26] & 0xff) << 16) | + ((k[27] & 0xff) << 24), + j14 = + (k[28] & 0xff) | + ((k[29] & 0xff) << 8) | + ((k[30] & 0xff) << 16) | + ((k[31] & 0xff) << 24), + j15 = + (c[12] & 0xff) | + ((c[13] & 0xff) << 8) | + ((c[14] & 0xff) << 16) | + ((c[15] & 0xff) << 24); + + var x0 = j0, + x1 = j1, + x2 = j2, + x3 = j3, + x4 = j4, + x5 = j5, + x6 = j6, + x7 = j7, + x8 = j8, + x9 = j9, + x10 = j10, + x11 = j11, + x12 = j12, + x13 = j13, + x14 = j14, + x15 = j15, + u; + + for (var i = 0; i < 20; i += 2) { + u = (x0 + x12) | 0; + x4 ^= (u << 7) | (u >>> (32 - 7)); + u = (x4 + x0) | 0; + x8 ^= (u << 9) | (u >>> (32 - 9)); + u = (x8 + x4) | 0; + x12 ^= (u << 13) | (u >>> (32 - 13)); + u = (x12 + x8) | 0; + x0 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x5 + x1) | 0; + x9 ^= (u << 7) | (u >>> (32 - 7)); + u = (x9 + x5) | 0; + x13 ^= (u << 9) | (u >>> (32 - 9)); + u = (x13 + x9) | 0; + x1 ^= (u << 13) | (u >>> (32 - 13)); + u = (x1 + x13) | 0; + x5 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x10 + x6) | 0; + x14 ^= (u << 7) | (u >>> (32 - 7)); + u = (x14 + x10) | 0; + x2 ^= (u << 9) | (u >>> (32 - 9)); + u = (x2 + x14) | 0; + x6 ^= (u << 13) | (u >>> (32 - 13)); + u = (x6 + x2) | 0; + x10 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x15 + x11) | 0; + x3 ^= (u << 7) | (u >>> (32 - 7)); + u = (x3 + x15) | 0; + x7 ^= (u << 9) | (u >>> (32 - 9)); + u = (x7 + x3) | 0; + x11 ^= (u << 13) | (u >>> (32 - 13)); + u = (x11 + x7) | 0; + x15 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x0 + x3) | 0; + x1 ^= (u << 7) | (u >>> (32 - 7)); + u = (x1 + x0) | 0; + x2 ^= (u << 9) | (u >>> (32 - 9)); + u = (x2 + x1) | 0; + x3 ^= (u << 13) | (u >>> (32 - 13)); + u = (x3 + x2) | 0; + x0 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x5 + x4) | 0; + x6 ^= (u << 7) | (u >>> (32 - 7)); + u = (x6 + x5) | 0; + x7 ^= (u << 9) | (u >>> (32 - 9)); + u = (x7 + x6) | 0; + x4 ^= (u << 13) | (u >>> (32 - 13)); + u = (x4 + x7) | 0; + x5 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x10 + x9) | 0; + x11 ^= (u << 7) | (u >>> (32 - 7)); + u = (x11 + x10) | 0; + x8 ^= (u << 9) | (u >>> (32 - 9)); + u = (x8 + x11) | 0; + x9 ^= (u << 13) | (u >>> (32 - 13)); + u = (x9 + x8) | 0; + x10 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x15 + x14) | 0; + x12 ^= (u << 7) | (u >>> (32 - 7)); + u = (x12 + x15) | 0; + x13 ^= (u << 9) | (u >>> (32 - 9)); + u = (x13 + x12) | 0; + x14 ^= (u << 13) | (u >>> (32 - 13)); + u = (x14 + x13) | 0; + x15 ^= (u << 18) | (u >>> (32 - 18)); + } + x0 = (x0 + j0) | 0; + x1 = (x1 + j1) | 0; + x2 = (x2 + j2) | 0; + x3 = (x3 + j3) | 0; + x4 = (x4 + j4) | 0; + x5 = (x5 + j5) | 0; + x6 = (x6 + j6) | 0; + x7 = (x7 + j7) | 0; + x8 = (x8 + j8) | 0; + x9 = (x9 + j9) | 0; + x10 = (x10 + j10) | 0; + x11 = (x11 + j11) | 0; + x12 = (x12 + j12) | 0; + x13 = (x13 + j13) | 0; + x14 = (x14 + j14) | 0; + x15 = (x15 + j15) | 0; + + o[0] = (x0 >>> 0) & 0xff; + o[1] = (x0 >>> 8) & 0xff; + o[2] = (x0 >>> 16) & 0xff; + o[3] = (x0 >>> 24) & 0xff; + + o[4] = (x1 >>> 0) & 0xff; + o[5] = (x1 >>> 8) & 0xff; + o[6] = (x1 >>> 16) & 0xff; + o[7] = (x1 >>> 24) & 0xff; + + o[8] = (x2 >>> 0) & 0xff; + o[9] = (x2 >>> 8) & 0xff; + o[10] = (x2 >>> 16) & 0xff; + o[11] = (x2 >>> 24) & 0xff; + + o[12] = (x3 >>> 0) & 0xff; + o[13] = (x3 >>> 8) & 0xff; + o[14] = (x3 >>> 16) & 0xff; + o[15] = (x3 >>> 24) & 0xff; + + o[16] = (x4 >>> 0) & 0xff; + o[17] = (x4 >>> 8) & 0xff; + o[18] = (x4 >>> 16) & 0xff; + o[19] = (x4 >>> 24) & 0xff; + + o[20] = (x5 >>> 0) & 0xff; + o[21] = (x5 >>> 8) & 0xff; + o[22] = (x5 >>> 16) & 0xff; + o[23] = (x5 >>> 24) & 0xff; + + o[24] = (x6 >>> 0) & 0xff; + o[25] = (x6 >>> 8) & 0xff; + o[26] = (x6 >>> 16) & 0xff; + o[27] = (x6 >>> 24) & 0xff; + + o[28] = (x7 >>> 0) & 0xff; + o[29] = (x7 >>> 8) & 0xff; + o[30] = (x7 >>> 16) & 0xff; + o[31] = (x7 >>> 24) & 0xff; + + o[32] = (x8 >>> 0) & 0xff; + o[33] = (x8 >>> 8) & 0xff; + o[34] = (x8 >>> 16) & 0xff; + o[35] = (x8 >>> 24) & 0xff; + + o[36] = (x9 >>> 0) & 0xff; + o[37] = (x9 >>> 8) & 0xff; + o[38] = (x9 >>> 16) & 0xff; + o[39] = (x9 >>> 24) & 0xff; + + o[40] = (x10 >>> 0) & 0xff; + o[41] = (x10 >>> 8) & 0xff; + o[42] = (x10 >>> 16) & 0xff; + o[43] = (x10 >>> 24) & 0xff; + + o[44] = (x11 >>> 0) & 0xff; + o[45] = (x11 >>> 8) & 0xff; + o[46] = (x11 >>> 16) & 0xff; + o[47] = (x11 >>> 24) & 0xff; + + o[48] = (x12 >>> 0) & 0xff; + o[49] = (x12 >>> 8) & 0xff; + o[50] = (x12 >>> 16) & 0xff; + o[51] = (x12 >>> 24) & 0xff; + + o[52] = (x13 >>> 0) & 0xff; + o[53] = (x13 >>> 8) & 0xff; + o[54] = (x13 >>> 16) & 0xff; + o[55] = (x13 >>> 24) & 0xff; + + o[56] = (x14 >>> 0) & 0xff; + o[57] = (x14 >>> 8) & 0xff; + o[58] = (x14 >>> 16) & 0xff; + o[59] = (x14 >>> 24) & 0xff; + + o[60] = (x15 >>> 0) & 0xff; + o[61] = (x15 >>> 8) & 0xff; + o[62] = (x15 >>> 16) & 0xff; + o[63] = (x15 >>> 24) & 0xff; } function core_hsalsa20(o, p, k, c) { - var j0 = c[0] & 0xff | (c[1] & 0xff) << 8 | (c[2] & 0xff) << 16 | (c[3] & 0xff) << 24, - j1 = k[0] & 0xff | (k[1] & 0xff) << 8 | (k[2] & 0xff) << 16 | (k[3] & 0xff) << 24, - j2 = k[4] & 0xff | (k[5] & 0xff) << 8 | (k[6] & 0xff) << 16 | (k[7] & 0xff) << 24, - j3 = k[8] & 0xff | (k[9] & 0xff) << 8 | (k[10] & 0xff) << 16 | (k[11] & 0xff) << 24, - j4 = k[12] & 0xff | (k[13] & 0xff) << 8 | (k[14] & 0xff) << 16 | (k[15] & 0xff) << 24, - j5 = c[4] & 0xff | (c[5] & 0xff) << 8 | (c[6] & 0xff) << 16 | (c[7] & 0xff) << 24, - j6 = p[0] & 0xff | (p[1] & 0xff) << 8 | (p[2] & 0xff) << 16 | (p[3] & 0xff) << 24, - j7 = p[4] & 0xff | (p[5] & 0xff) << 8 | (p[6] & 0xff) << 16 | (p[7] & 0xff) << 24, - j8 = p[8] & 0xff | (p[9] & 0xff) << 8 | (p[10] & 0xff) << 16 | (p[11] & 0xff) << 24, - j9 = p[12] & 0xff | (p[13] & 0xff) << 8 | (p[14] & 0xff) << 16 | (p[15] & 0xff) << 24, - j10 = c[8] & 0xff | (c[9] & 0xff) << 8 | (c[10] & 0xff) << 16 | (c[11] & 0xff) << 24, - j11 = k[16] & 0xff | (k[17] & 0xff) << 8 | (k[18] & 0xff) << 16 | (k[19] & 0xff) << 24, - j12 = k[20] & 0xff | (k[21] & 0xff) << 8 | (k[22] & 0xff) << 16 | (k[23] & 0xff) << 24, - j13 = k[24] & 0xff | (k[25] & 0xff) << 8 | (k[26] & 0xff) << 16 | (k[27] & 0xff) << 24, - j14 = k[28] & 0xff | (k[29] & 0xff) << 8 | (k[30] & 0xff) << 16 | (k[31] & 0xff) << 24, - j15 = c[12] & 0xff | (c[13] & 0xff) << 8 | (c[14] & 0xff) << 16 | (c[15] & 0xff) << 24; - - var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7, - x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14, - x15 = j15, u; - - for (var i = 0; i < 20; i += 2) { - u = x0 + x12 | 0; - x4 ^= u << 7 | u >>> (32 - 7); - u = x4 + x0 | 0; - x8 ^= u << 9 | u >>> (32 - 9); - u = x8 + x4 | 0; - x12 ^= u << 13 | u >>> (32 - 13); - u = x12 + x8 | 0; - x0 ^= u << 18 | u >>> (32 - 18); - - u = x5 + x1 | 0; - x9 ^= u << 7 | u >>> (32 - 7); - u = x9 + x5 | 0; - x13 ^= u << 9 | u >>> (32 - 9); - u = x13 + x9 | 0; - x1 ^= u << 13 | u >>> (32 - 13); - u = x1 + x13 | 0; - x5 ^= u << 18 | u >>> (32 - 18); - - u = x10 + x6 | 0; - x14 ^= u << 7 | u >>> (32 - 7); - u = x14 + x10 | 0; - x2 ^= u << 9 | u >>> (32 - 9); - u = x2 + x14 | 0; - x6 ^= u << 13 | u >>> (32 - 13); - u = x6 + x2 | 0; - x10 ^= u << 18 | u >>> (32 - 18); - - u = x15 + x11 | 0; - x3 ^= u << 7 | u >>> (32 - 7); - u = x3 + x15 | 0; - x7 ^= u << 9 | u >>> (32 - 9); - u = x7 + x3 | 0; - x11 ^= u << 13 | u >>> (32 - 13); - u = x11 + x7 | 0; - x15 ^= u << 18 | u >>> (32 - 18); - - u = x0 + x3 | 0; - x1 ^= u << 7 | u >>> (32 - 7); - u = x1 + x0 | 0; - x2 ^= u << 9 | u >>> (32 - 9); - u = x2 + x1 | 0; - x3 ^= u << 13 | u >>> (32 - 13); - u = x3 + x2 | 0; - x0 ^= u << 18 | u >>> (32 - 18); - - u = x5 + x4 | 0; - x6 ^= u << 7 | u >>> (32 - 7); - u = x6 + x5 | 0; - x7 ^= u << 9 | u >>> (32 - 9); - u = x7 + x6 | 0; - x4 ^= u << 13 | u >>> (32 - 13); - u = x4 + x7 | 0; - x5 ^= u << 18 | u >>> (32 - 18); - - u = x10 + x9 | 0; - x11 ^= u << 7 | u >>> (32 - 7); - u = x11 + x10 | 0; - x8 ^= u << 9 | u >>> (32 - 9); - u = x8 + x11 | 0; - x9 ^= u << 13 | u >>> (32 - 13); - u = x9 + x8 | 0; - x10 ^= u << 18 | u >>> (32 - 18); - - u = x15 + x14 | 0; - x12 ^= u << 7 | u >>> (32 - 7); - u = x12 + x15 | 0; - x13 ^= u << 9 | u >>> (32 - 9); - u = x13 + x12 | 0; - x14 ^= u << 13 | u >>> (32 - 13); - u = x14 + x13 | 0; - x15 ^= u << 18 | u >>> (32 - 18); - } - - o[0] = x0 >>> 0 & 0xff; - o[1] = x0 >>> 8 & 0xff; - o[2] = x0 >>> 16 & 0xff; - o[3] = x0 >>> 24 & 0xff; - - o[4] = x5 >>> 0 & 0xff; - o[5] = x5 >>> 8 & 0xff; - o[6] = x5 >>> 16 & 0xff; - o[7] = x5 >>> 24 & 0xff; - - o[8] = x10 >>> 0 & 0xff; - o[9] = x10 >>> 8 & 0xff; - o[10] = x10 >>> 16 & 0xff; - o[11] = x10 >>> 24 & 0xff; - - o[12] = x15 >>> 0 & 0xff; - o[13] = x15 >>> 8 & 0xff; - o[14] = x15 >>> 16 & 0xff; - o[15] = x15 >>> 24 & 0xff; - - o[16] = x6 >>> 0 & 0xff; - o[17] = x6 >>> 8 & 0xff; - o[18] = x6 >>> 16 & 0xff; - o[19] = x6 >>> 24 & 0xff; - - o[20] = x7 >>> 0 & 0xff; - o[21] = x7 >>> 8 & 0xff; - o[22] = x7 >>> 16 & 0xff; - o[23] = x7 >>> 24 & 0xff; - - o[24] = x8 >>> 0 & 0xff; - o[25] = x8 >>> 8 & 0xff; - o[26] = x8 >>> 16 & 0xff; - o[27] = x8 >>> 24 & 0xff; - - o[28] = x9 >>> 0 & 0xff; - o[29] = x9 >>> 8 & 0xff; - o[30] = x9 >>> 16 & 0xff; - o[31] = x9 >>> 24 & 0xff; + var j0 = + (c[0] & 0xff) | + ((c[1] & 0xff) << 8) | + ((c[2] & 0xff) << 16) | + ((c[3] & 0xff) << 24), + j1 = + (k[0] & 0xff) | + ((k[1] & 0xff) << 8) | + ((k[2] & 0xff) << 16) | + ((k[3] & 0xff) << 24), + j2 = + (k[4] & 0xff) | + ((k[5] & 0xff) << 8) | + ((k[6] & 0xff) << 16) | + ((k[7] & 0xff) << 24), + j3 = + (k[8] & 0xff) | + ((k[9] & 0xff) << 8) | + ((k[10] & 0xff) << 16) | + ((k[11] & 0xff) << 24), + j4 = + (k[12] & 0xff) | + ((k[13] & 0xff) << 8) | + ((k[14] & 0xff) << 16) | + ((k[15] & 0xff) << 24), + j5 = + (c[4] & 0xff) | + ((c[5] & 0xff) << 8) | + ((c[6] & 0xff) << 16) | + ((c[7] & 0xff) << 24), + j6 = + (p[0] & 0xff) | + ((p[1] & 0xff) << 8) | + ((p[2] & 0xff) << 16) | + ((p[3] & 0xff) << 24), + j7 = + (p[4] & 0xff) | + ((p[5] & 0xff) << 8) | + ((p[6] & 0xff) << 16) | + ((p[7] & 0xff) << 24), + j8 = + (p[8] & 0xff) | + ((p[9] & 0xff) << 8) | + ((p[10] & 0xff) << 16) | + ((p[11] & 0xff) << 24), + j9 = + (p[12] & 0xff) | + ((p[13] & 0xff) << 8) | + ((p[14] & 0xff) << 16) | + ((p[15] & 0xff) << 24), + j10 = + (c[8] & 0xff) | + ((c[9] & 0xff) << 8) | + ((c[10] & 0xff) << 16) | + ((c[11] & 0xff) << 24), + j11 = + (k[16] & 0xff) | + ((k[17] & 0xff) << 8) | + ((k[18] & 0xff) << 16) | + ((k[19] & 0xff) << 24), + j12 = + (k[20] & 0xff) | + ((k[21] & 0xff) << 8) | + ((k[22] & 0xff) << 16) | + ((k[23] & 0xff) << 24), + j13 = + (k[24] & 0xff) | + ((k[25] & 0xff) << 8) | + ((k[26] & 0xff) << 16) | + ((k[27] & 0xff) << 24), + j14 = + (k[28] & 0xff) | + ((k[29] & 0xff) << 8) | + ((k[30] & 0xff) << 16) | + ((k[31] & 0xff) << 24), + j15 = + (c[12] & 0xff) | + ((c[13] & 0xff) << 8) | + ((c[14] & 0xff) << 16) | + ((c[15] & 0xff) << 24); + + var x0 = j0, + x1 = j1, + x2 = j2, + x3 = j3, + x4 = j4, + x5 = j5, + x6 = j6, + x7 = j7, + x8 = j8, + x9 = j9, + x10 = j10, + x11 = j11, + x12 = j12, + x13 = j13, + x14 = j14, + x15 = j15, + u; + + for (var i = 0; i < 20; i += 2) { + u = (x0 + x12) | 0; + x4 ^= (u << 7) | (u >>> (32 - 7)); + u = (x4 + x0) | 0; + x8 ^= (u << 9) | (u >>> (32 - 9)); + u = (x8 + x4) | 0; + x12 ^= (u << 13) | (u >>> (32 - 13)); + u = (x12 + x8) | 0; + x0 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x5 + x1) | 0; + x9 ^= (u << 7) | (u >>> (32 - 7)); + u = (x9 + x5) | 0; + x13 ^= (u << 9) | (u >>> (32 - 9)); + u = (x13 + x9) | 0; + x1 ^= (u << 13) | (u >>> (32 - 13)); + u = (x1 + x13) | 0; + x5 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x10 + x6) | 0; + x14 ^= (u << 7) | (u >>> (32 - 7)); + u = (x14 + x10) | 0; + x2 ^= (u << 9) | (u >>> (32 - 9)); + u = (x2 + x14) | 0; + x6 ^= (u << 13) | (u >>> (32 - 13)); + u = (x6 + x2) | 0; + x10 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x15 + x11) | 0; + x3 ^= (u << 7) | (u >>> (32 - 7)); + u = (x3 + x15) | 0; + x7 ^= (u << 9) | (u >>> (32 - 9)); + u = (x7 + x3) | 0; + x11 ^= (u << 13) | (u >>> (32 - 13)); + u = (x11 + x7) | 0; + x15 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x0 + x3) | 0; + x1 ^= (u << 7) | (u >>> (32 - 7)); + u = (x1 + x0) | 0; + x2 ^= (u << 9) | (u >>> (32 - 9)); + u = (x2 + x1) | 0; + x3 ^= (u << 13) | (u >>> (32 - 13)); + u = (x3 + x2) | 0; + x0 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x5 + x4) | 0; + x6 ^= (u << 7) | (u >>> (32 - 7)); + u = (x6 + x5) | 0; + x7 ^= (u << 9) | (u >>> (32 - 9)); + u = (x7 + x6) | 0; + x4 ^= (u << 13) | (u >>> (32 - 13)); + u = (x4 + x7) | 0; + x5 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x10 + x9) | 0; + x11 ^= (u << 7) | (u >>> (32 - 7)); + u = (x11 + x10) | 0; + x8 ^= (u << 9) | (u >>> (32 - 9)); + u = (x8 + x11) | 0; + x9 ^= (u << 13) | (u >>> (32 - 13)); + u = (x9 + x8) | 0; + x10 ^= (u << 18) | (u >>> (32 - 18)); + + u = (x15 + x14) | 0; + x12 ^= (u << 7) | (u >>> (32 - 7)); + u = (x12 + x15) | 0; + x13 ^= (u << 9) | (u >>> (32 - 9)); + u = (x13 + x12) | 0; + x14 ^= (u << 13) | (u >>> (32 - 13)); + u = (x14 + x13) | 0; + x15 ^= (u << 18) | (u >>> (32 - 18)); + } + + o[0] = (x0 >>> 0) & 0xff; + o[1] = (x0 >>> 8) & 0xff; + o[2] = (x0 >>> 16) & 0xff; + o[3] = (x0 >>> 24) & 0xff; + + o[4] = (x5 >>> 0) & 0xff; + o[5] = (x5 >>> 8) & 0xff; + o[6] = (x5 >>> 16) & 0xff; + o[7] = (x5 >>> 24) & 0xff; + + o[8] = (x10 >>> 0) & 0xff; + o[9] = (x10 >>> 8) & 0xff; + o[10] = (x10 >>> 16) & 0xff; + o[11] = (x10 >>> 24) & 0xff; + + o[12] = (x15 >>> 0) & 0xff; + o[13] = (x15 >>> 8) & 0xff; + o[14] = (x15 >>> 16) & 0xff; + o[15] = (x15 >>> 24) & 0xff; + + o[16] = (x6 >>> 0) & 0xff; + o[17] = (x6 >>> 8) & 0xff; + o[18] = (x6 >>> 16) & 0xff; + o[19] = (x6 >>> 24) & 0xff; + + o[20] = (x7 >>> 0) & 0xff; + o[21] = (x7 >>> 8) & 0xff; + o[22] = (x7 >>> 16) & 0xff; + o[23] = (x7 >>> 24) & 0xff; + + o[24] = (x8 >>> 0) & 0xff; + o[25] = (x8 >>> 8) & 0xff; + o[26] = (x8 >>> 16) & 0xff; + o[27] = (x8 >>> 24) & 0xff; + + o[28] = (x9 >>> 0) & 0xff; + o[29] = (x9 >>> 8) & 0xff; + o[30] = (x9 >>> 16) & 0xff; + o[31] = (x9 >>> 24) & 0xff; } function crypto_core_salsa20(out, inp, k, c) { - core_salsa20(out, inp, k, c); + core_salsa20(out, inp, k, c); } function crypto_core_hsalsa20(out, inp, k, c) { - core_hsalsa20(out, inp, k, c); + core_hsalsa20(out, inp, k, c); } -var sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]); +var sigma = new Uint8Array([ + 101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107, +]); // "expand 32-byte k" - function crypto_stream_salsa20_xor(c, cpos, m, mpos, b, n, k) { - var z = new Uint8Array(16), x = new Uint8Array(64); - var u, i; - for (i = 0; i < 16; i++) z[i] = 0; - for (i = 0; i < 8; i++) z[i] = n[i]; - while (b >= 64) { - crypto_core_salsa20(x, z, k, sigma); - for (i = 0; i < 64; i++) c[cpos + i] = m[mpos + i] ^ x[i]; - u = 1; - for (i = 8; i < 16; i++) { - u = u + (z[i] & 0xff) | 0; - z[i] = u & 0xff; - u >>>= 8; - } - b -= 64; - cpos += 64; - mpos += 64; - } - if (b > 0) { - crypto_core_salsa20(x, z, k, sigma); - for (i = 0; i < b; i++) c[cpos + i] = m[mpos + i] ^ x[i]; + var z = new Uint8Array(16), + x = new Uint8Array(64); + var u, i; + for (i = 0; i < 16; i++) z[i] = 0; + for (i = 0; i < 8; i++) z[i] = n[i]; + while (b >= 64) { + crypto_core_salsa20(x, z, k, sigma); + for (i = 0; i < 64; i++) c[cpos + i] = m[mpos + i] ^ x[i]; + u = 1; + for (i = 8; i < 16; i++) { + u = (u + (z[i] & 0xff)) | 0; + z[i] = u & 0xff; + u >>>= 8; } - return 0; + b -= 64; + cpos += 64; + mpos += 64; + } + if (b > 0) { + crypto_core_salsa20(x, z, k, sigma); + for (i = 0; i < b; i++) c[cpos + i] = m[mpos + i] ^ x[i]; + } + return 0; } - function crypto_stream_salsa20(c, cpos, b, n, k) { - var z = new Uint8Array(16), x = new Uint8Array(64); - var u, i; - for (i = 0; i < 16; i++) z[i] = 0; - for (i = 0; i < 8; i++) z[i] = n[i]; - while (b >= 64) { - crypto_core_salsa20(x, z, k, sigma); - for (i = 0; i < 64; i++) c[cpos + i] = x[i]; - u = 1; - for (i = 8; i < 16; i++) { - u = u + (z[i] & 0xff) | 0; - z[i] = u & 0xff; - u >>>= 8; - } - b -= 64; - cpos += 64; - } - if (b > 0) { - crypto_core_salsa20(x, z, k, sigma); - for (i = 0; i < b; i++) c[cpos + i] = x[i]; + var z = new Uint8Array(16), + x = new Uint8Array(64); + var u, i; + for (i = 0; i < 16; i++) z[i] = 0; + for (i = 0; i < 8; i++) z[i] = n[i]; + while (b >= 64) { + crypto_core_salsa20(x, z, k, sigma); + for (i = 0; i < 64; i++) c[cpos + i] = x[i]; + u = 1; + for (i = 8; i < 16; i++) { + u = (u + (z[i] & 0xff)) | 0; + z[i] = u & 0xff; + u >>>= 8; } - return 0; + b -= 64; + cpos += 64; + } + if (b > 0) { + crypto_core_salsa20(x, z, k, sigma); + for (i = 0; i < b; i++) c[cpos + i] = x[i]; + } + return 0; } var poly1305 = function (key) { - this.buffer = new Uint8Array(16); - this.r = new Uint16Array(10); - this.h = new Uint16Array(10); - this.pad = new Uint16Array(8); - this.leftover = 0; - this.fin = 0; - - var t0, t1, t2, t3, t4, t5, t6, t7; - - t0 = key[0] & 0xff | (key[1] & 0xff) << 8; this.r[0] = (t0) & 0x1fff; - t1 = key[2] & 0xff | (key[3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff; - t2 = key[4] & 0xff | (key[5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03; - t3 = key[6] & 0xff | (key[7] & 0xff) << 8; this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff; - t4 = key[8] & 0xff | (key[9] & 0xff) << 8; this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff; - this.r[5] = ((t4 >>> 1)) & 0x1ffe; - t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff; - t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81; - t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff; - this.r[9] = ((t7 >>> 5)) & 0x007f; - - this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8; - this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8; - this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8; - this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8; - this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8; - this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8; - this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8; - this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8; + this.buffer = new Uint8Array(16); + this.r = new Uint16Array(10); + this.h = new Uint16Array(10); + this.pad = new Uint16Array(8); + this.leftover = 0; + this.fin = 0; + + var t0, t1, t2, t3, t4, t5, t6, t7; + + t0 = (key[0] & 0xff) | ((key[1] & 0xff) << 8); + this.r[0] = t0 & 0x1fff; + t1 = (key[2] & 0xff) | ((key[3] & 0xff) << 8); + this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff; + t2 = (key[4] & 0xff) | ((key[5] & 0xff) << 8); + this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03; + t3 = (key[6] & 0xff) | ((key[7] & 0xff) << 8); + this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff; + t4 = (key[8] & 0xff) | ((key[9] & 0xff) << 8); + this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff; + this.r[5] = (t4 >>> 1) & 0x1ffe; + t5 = (key[10] & 0xff) | ((key[11] & 0xff) << 8); + this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff; + t6 = (key[12] & 0xff) | ((key[13] & 0xff) << 8); + this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81; + t7 = (key[14] & 0xff) | ((key[15] & 0xff) << 8); + this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff; + this.r[9] = (t7 >>> 5) & 0x007f; + + this.pad[0] = (key[16] & 0xff) | ((key[17] & 0xff) << 8); + this.pad[1] = (key[18] & 0xff) | ((key[19] & 0xff) << 8); + this.pad[2] = (key[20] & 0xff) | ((key[21] & 0xff) << 8); + this.pad[3] = (key[22] & 0xff) | ((key[23] & 0xff) << 8); + this.pad[4] = (key[24] & 0xff) | ((key[25] & 0xff) << 8); + this.pad[5] = (key[26] & 0xff) | ((key[27] & 0xff) << 8); + this.pad[6] = (key[28] & 0xff) | ((key[29] & 0xff) << 8); + this.pad[7] = (key[30] & 0xff) | ((key[31] & 0xff) << 8); }; poly1305.prototype.blocks = function (m, mpos, bytes) { - var hibit = this.fin ? 0 : (1 << 11); - var t0, t1, t2, t3, t4, t5, t6, t7, c; - var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9; - - var h0 = this.h[0], - h1 = this.h[1], - h2 = this.h[2], - h3 = this.h[3], - h4 = this.h[4], - h5 = this.h[5], - h6 = this.h[6], - h7 = this.h[7], - h8 = this.h[8], - h9 = this.h[9]; - - var r0 = this.r[0], - r1 = this.r[1], - r2 = this.r[2], - r3 = this.r[3], - r4 = this.r[4], - r5 = this.r[5], - r6 = this.r[6], - r7 = this.r[7], - r8 = this.r[8], - r9 = this.r[9]; - - while (bytes >= 16) { - t0 = m[mpos + 0] & 0xff | (m[mpos + 1] & 0xff) << 8; h0 += (t0) & 0x1fff; - t1 = m[mpos + 2] & 0xff | (m[mpos + 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 << 3)) & 0x1fff; - t2 = m[mpos + 4] & 0xff | (m[mpos + 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 << 6)) & 0x1fff; - t3 = m[mpos + 6] & 0xff | (m[mpos + 7] & 0xff) << 8; h3 += ((t2 >>> 7) | (t3 << 9)) & 0x1fff; - t4 = m[mpos + 8] & 0xff | (m[mpos + 9] & 0xff) << 8; h4 += ((t3 >>> 4) | (t4 << 12)) & 0x1fff; - h5 += ((t4 >>> 1)) & 0x1fff; - t5 = m[mpos + 10] & 0xff | (m[mpos + 11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 << 2)) & 0x1fff; - t6 = m[mpos + 12] & 0xff | (m[mpos + 13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 << 5)) & 0x1fff; - t7 = m[mpos + 14] & 0xff | (m[mpos + 15] & 0xff) << 8; h8 += ((t6 >>> 8) | (t7 << 8)) & 0x1fff; - h9 += ((t7 >>> 5)) | hibit; - - c = 0; - - d0 = c; - d0 += h0 * r0; - d0 += h1 * (5 * r9); - d0 += h2 * (5 * r8); - d0 += h3 * (5 * r7); - d0 += h4 * (5 * r6); - c = (d0 >>> 13); d0 &= 0x1fff; - d0 += h5 * (5 * r5); - d0 += h6 * (5 * r4); - d0 += h7 * (5 * r3); - d0 += h8 * (5 * r2); - d0 += h9 * (5 * r1); - c += (d0 >>> 13); d0 &= 0x1fff; - - d1 = c; - d1 += h0 * r1; - d1 += h1 * r0; - d1 += h2 * (5 * r9); - d1 += h3 * (5 * r8); - d1 += h4 * (5 * r7); - c = (d1 >>> 13); d1 &= 0x1fff; - d1 += h5 * (5 * r6); - d1 += h6 * (5 * r5); - d1 += h7 * (5 * r4); - d1 += h8 * (5 * r3); - d1 += h9 * (5 * r2); - c += (d1 >>> 13); d1 &= 0x1fff; - - d2 = c; - d2 += h0 * r2; - d2 += h1 * r1; - d2 += h2 * r0; - d2 += h3 * (5 * r9); - d2 += h4 * (5 * r8); - c = (d2 >>> 13); d2 &= 0x1fff; - d2 += h5 * (5 * r7); - d2 += h6 * (5 * r6); - d2 += h7 * (5 * r5); - d2 += h8 * (5 * r4); - d2 += h9 * (5 * r3); - c += (d2 >>> 13); d2 &= 0x1fff; - - d3 = c; - d3 += h0 * r3; - d3 += h1 * r2; - d3 += h2 * r1; - d3 += h3 * r0; - d3 += h4 * (5 * r9); - c = (d3 >>> 13); d3 &= 0x1fff; - d3 += h5 * (5 * r8); - d3 += h6 * (5 * r7); - d3 += h7 * (5 * r6); - d3 += h8 * (5 * r5); - d3 += h9 * (5 * r4); - c += (d3 >>> 13); d3 &= 0x1fff; - - d4 = c; - d4 += h0 * r4; - d4 += h1 * r3; - d4 += h2 * r2; - d4 += h3 * r1; - d4 += h4 * r0; - c = (d4 >>> 13); d4 &= 0x1fff; - d4 += h5 * (5 * r9); - d4 += h6 * (5 * r8); - d4 += h7 * (5 * r7); - d4 += h8 * (5 * r6); - d4 += h9 * (5 * r5); - c += (d4 >>> 13); d4 &= 0x1fff; - - d5 = c; - d5 += h0 * r5; - d5 += h1 * r4; - d5 += h2 * r3; - d5 += h3 * r2; - d5 += h4 * r1; - c = (d5 >>> 13); d5 &= 0x1fff; - d5 += h5 * r0; - d5 += h6 * (5 * r9); - d5 += h7 * (5 * r8); - d5 += h8 * (5 * r7); - d5 += h9 * (5 * r6); - c += (d5 >>> 13); d5 &= 0x1fff; - - d6 = c; - d6 += h0 * r6; - d6 += h1 * r5; - d6 += h2 * r4; - d6 += h3 * r3; - d6 += h4 * r2; - c = (d6 >>> 13); d6 &= 0x1fff; - d6 += h5 * r1; - d6 += h6 * r0; - d6 += h7 * (5 * r9); - d6 += h8 * (5 * r8); - d6 += h9 * (5 * r7); - c += (d6 >>> 13); d6 &= 0x1fff; - - d7 = c; - d7 += h0 * r7; - d7 += h1 * r6; - d7 += h2 * r5; - d7 += h3 * r4; - d7 += h4 * r3; - c = (d7 >>> 13); d7 &= 0x1fff; - d7 += h5 * r2; - d7 += h6 * r1; - d7 += h7 * r0; - d7 += h8 * (5 * r9); - d7 += h9 * (5 * r8); - c += (d7 >>> 13); d7 &= 0x1fff; - - d8 = c; - d8 += h0 * r8; - d8 += h1 * r7; - d8 += h2 * r6; - d8 += h3 * r5; - d8 += h4 * r4; - c = (d8 >>> 13); d8 &= 0x1fff; - d8 += h5 * r3; - d8 += h6 * r2; - d8 += h7 * r1; - d8 += h8 * r0; - d8 += h9 * (5 * r9); - c += (d8 >>> 13); d8 &= 0x1fff; - - d9 = c; - d9 += h0 * r9; - d9 += h1 * r8; - d9 += h2 * r7; - d9 += h3 * r6; - d9 += h4 * r5; - c = (d9 >>> 13); d9 &= 0x1fff; - d9 += h5 * r4; - d9 += h6 * r3; - d9 += h7 * r2; - d9 += h8 * r1; - d9 += h9 * r0; - c += (d9 >>> 13); d9 &= 0x1fff; - - c = (((c << 2) + c)) | 0; - c = (c + d0) | 0; - d0 = c & 0x1fff; - c = (c >>> 13); - d1 += c; - - h0 = d0; - h1 = d1; - h2 = d2; - h3 = d3; - h4 = d4; - h5 = d5; - h6 = d6; - h7 = d7; - h8 = d8; - h9 = d9; - - mpos += 16; - bytes -= 16; - } - this.h[0] = h0; - this.h[1] = h1; - this.h[2] = h2; - this.h[3] = h3; - this.h[4] = h4; - this.h[5] = h5; - this.h[6] = h6; - this.h[7] = h7; - this.h[8] = h8; - this.h[9] = h9; + var hibit = this.fin ? 0 : 1 << 11; + var t0, t1, t2, t3, t4, t5, t6, t7, c; + var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9; + + var h0 = this.h[0], + h1 = this.h[1], + h2 = this.h[2], + h3 = this.h[3], + h4 = this.h[4], + h5 = this.h[5], + h6 = this.h[6], + h7 = this.h[7], + h8 = this.h[8], + h9 = this.h[9]; + + var r0 = this.r[0], + r1 = this.r[1], + r2 = this.r[2], + r3 = this.r[3], + r4 = this.r[4], + r5 = this.r[5], + r6 = this.r[6], + r7 = this.r[7], + r8 = this.r[8], + r9 = this.r[9]; + + while (bytes >= 16) { + t0 = (m[mpos + 0] & 0xff) | ((m[mpos + 1] & 0xff) << 8); + h0 += t0 & 0x1fff; + t1 = (m[mpos + 2] & 0xff) | ((m[mpos + 3] & 0xff) << 8); + h1 += ((t0 >>> 13) | (t1 << 3)) & 0x1fff; + t2 = (m[mpos + 4] & 0xff) | ((m[mpos + 5] & 0xff) << 8); + h2 += ((t1 >>> 10) | (t2 << 6)) & 0x1fff; + t3 = (m[mpos + 6] & 0xff) | ((m[mpos + 7] & 0xff) << 8); + h3 += ((t2 >>> 7) | (t3 << 9)) & 0x1fff; + t4 = (m[mpos + 8] & 0xff) | ((m[mpos + 9] & 0xff) << 8); + h4 += ((t3 >>> 4) | (t4 << 12)) & 0x1fff; + h5 += (t4 >>> 1) & 0x1fff; + t5 = (m[mpos + 10] & 0xff) | ((m[mpos + 11] & 0xff) << 8); + h6 += ((t4 >>> 14) | (t5 << 2)) & 0x1fff; + t6 = (m[mpos + 12] & 0xff) | ((m[mpos + 13] & 0xff) << 8); + h7 += ((t5 >>> 11) | (t6 << 5)) & 0x1fff; + t7 = (m[mpos + 14] & 0xff) | ((m[mpos + 15] & 0xff) << 8); + h8 += ((t6 >>> 8) | (t7 << 8)) & 0x1fff; + h9 += (t7 >>> 5) | hibit; + + c = 0; + + d0 = c; + d0 += h0 * r0; + d0 += h1 * (5 * r9); + d0 += h2 * (5 * r8); + d0 += h3 * (5 * r7); + d0 += h4 * (5 * r6); + c = d0 >>> 13; + d0 &= 0x1fff; + d0 += h5 * (5 * r5); + d0 += h6 * (5 * r4); + d0 += h7 * (5 * r3); + d0 += h8 * (5 * r2); + d0 += h9 * (5 * r1); + c += d0 >>> 13; + d0 &= 0x1fff; + + d1 = c; + d1 += h0 * r1; + d1 += h1 * r0; + d1 += h2 * (5 * r9); + d1 += h3 * (5 * r8); + d1 += h4 * (5 * r7); + c = d1 >>> 13; + d1 &= 0x1fff; + d1 += h5 * (5 * r6); + d1 += h6 * (5 * r5); + d1 += h7 * (5 * r4); + d1 += h8 * (5 * r3); + d1 += h9 * (5 * r2); + c += d1 >>> 13; + d1 &= 0x1fff; + + d2 = c; + d2 += h0 * r2; + d2 += h1 * r1; + d2 += h2 * r0; + d2 += h3 * (5 * r9); + d2 += h4 * (5 * r8); + c = d2 >>> 13; + d2 &= 0x1fff; + d2 += h5 * (5 * r7); + d2 += h6 * (5 * r6); + d2 += h7 * (5 * r5); + d2 += h8 * (5 * r4); + d2 += h9 * (5 * r3); + c += d2 >>> 13; + d2 &= 0x1fff; + + d3 = c; + d3 += h0 * r3; + d3 += h1 * r2; + d3 += h2 * r1; + d3 += h3 * r0; + d3 += h4 * (5 * r9); + c = d3 >>> 13; + d3 &= 0x1fff; + d3 += h5 * (5 * r8); + d3 += h6 * (5 * r7); + d3 += h7 * (5 * r6); + d3 += h8 * (5 * r5); + d3 += h9 * (5 * r4); + c += d3 >>> 13; + d3 &= 0x1fff; + + d4 = c; + d4 += h0 * r4; + d4 += h1 * r3; + d4 += h2 * r2; + d4 += h3 * r1; + d4 += h4 * r0; + c = d4 >>> 13; + d4 &= 0x1fff; + d4 += h5 * (5 * r9); + d4 += h6 * (5 * r8); + d4 += h7 * (5 * r7); + d4 += h8 * (5 * r6); + d4 += h9 * (5 * r5); + c += d4 >>> 13; + d4 &= 0x1fff; + + d5 = c; + d5 += h0 * r5; + d5 += h1 * r4; + d5 += h2 * r3; + d5 += h3 * r2; + d5 += h4 * r1; + c = d5 >>> 13; + d5 &= 0x1fff; + d5 += h5 * r0; + d5 += h6 * (5 * r9); + d5 += h7 * (5 * r8); + d5 += h8 * (5 * r7); + d5 += h9 * (5 * r6); + c += d5 >>> 13; + d5 &= 0x1fff; + + d6 = c; + d6 += h0 * r6; + d6 += h1 * r5; + d6 += h2 * r4; + d6 += h3 * r3; + d6 += h4 * r2; + c = d6 >>> 13; + d6 &= 0x1fff; + d6 += h5 * r1; + d6 += h6 * r0; + d6 += h7 * (5 * r9); + d6 += h8 * (5 * r8); + d6 += h9 * (5 * r7); + c += d6 >>> 13; + d6 &= 0x1fff; + + d7 = c; + d7 += h0 * r7; + d7 += h1 * r6; + d7 += h2 * r5; + d7 += h3 * r4; + d7 += h4 * r3; + c = d7 >>> 13; + d7 &= 0x1fff; + d7 += h5 * r2; + d7 += h6 * r1; + d7 += h7 * r0; + d7 += h8 * (5 * r9); + d7 += h9 * (5 * r8); + c += d7 >>> 13; + d7 &= 0x1fff; + + d8 = c; + d8 += h0 * r8; + d8 += h1 * r7; + d8 += h2 * r6; + d8 += h3 * r5; + d8 += h4 * r4; + c = d8 >>> 13; + d8 &= 0x1fff; + d8 += h5 * r3; + d8 += h6 * r2; + d8 += h7 * r1; + d8 += h8 * r0; + d8 += h9 * (5 * r9); + c += d8 >>> 13; + d8 &= 0x1fff; + + d9 = c; + d9 += h0 * r9; + d9 += h1 * r8; + d9 += h2 * r7; + d9 += h3 * r6; + d9 += h4 * r5; + c = d9 >>> 13; + d9 &= 0x1fff; + d9 += h5 * r4; + d9 += h6 * r3; + d9 += h7 * r2; + d9 += h8 * r1; + d9 += h9 * r0; + c += d9 >>> 13; + d9 &= 0x1fff; + + c = ((c << 2) + c) | 0; + c = (c + d0) | 0; + d0 = c & 0x1fff; + c = c >>> 13; + d1 += c; + + h0 = d0; + h1 = d1; + h2 = d2; + h3 = d3; + h4 = d4; + h5 = d5; + h6 = d6; + h7 = d7; + h8 = d8; + h9 = d9; + + mpos += 16; + bytes -= 16; + } + this.h[0] = h0; + this.h[1] = h1; + this.h[2] = h2; + this.h[3] = h3; + this.h[4] = h4; + this.h[5] = h5; + this.h[6] = h6; + this.h[7] = h7; + this.h[8] = h8; + this.h[9] = h9; }; poly1305.prototype.finish = function (mac, macpos) { - var g = new Uint16Array(10); - var c, mask, f, i; - - if (this.leftover) { - i = this.leftover; - this.buffer[i++] = 1; - for (; i < 16; i++) this.buffer[i] = 0; - this.fin = 1; - this.blocks(this.buffer, 0, 16); - } - - c = this.h[1] >>> 13; - this.h[1] &= 0x1fff; - for (i = 2; i < 10; i++) { - this.h[i] += c; - c = this.h[i] >>> 13; - this.h[i] &= 0x1fff; - } - this.h[0] += (c * 5); - c = this.h[0] >>> 13; - this.h[0] &= 0x1fff; - this.h[1] += c; - c = this.h[1] >>> 13; - this.h[1] &= 0x1fff; - this.h[2] += c; - - g[0] = this.h[0] + 5; - c = g[0] >>> 13; - g[0] &= 0x1fff; - for (i = 1; i < 10; i++) { - g[i] = this.h[i] + c; - c = g[i] >>> 13; - g[i] &= 0x1fff; - } - g[9] -= (1 << 13); - - mask = (c ^ 1) - 1; - for (i = 0; i < 10; i++) g[i] &= mask; - mask = ~mask; - for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i]; - - this.h[0] = ((this.h[0]) | (this.h[1] << 13)) & 0xffff; - this.h[1] = ((this.h[1] >>> 3) | (this.h[2] << 10)) & 0xffff; - this.h[2] = ((this.h[2] >>> 6) | (this.h[3] << 7)) & 0xffff; - this.h[3] = ((this.h[3] >>> 9) | (this.h[4] << 4)) & 0xffff; - this.h[4] = ((this.h[4] >>> 12) | (this.h[5] << 1) | (this.h[6] << 14)) & 0xffff; - this.h[5] = ((this.h[6] >>> 2) | (this.h[7] << 11)) & 0xffff; - this.h[6] = ((this.h[7] >>> 5) | (this.h[8] << 8)) & 0xffff; - this.h[7] = ((this.h[8] >>> 8) | (this.h[9] << 5)) & 0xffff; - - f = this.h[0] + this.pad[0]; - this.h[0] = f & 0xffff; - for (i = 1; i < 8; i++) { - f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0; - this.h[i] = f & 0xffff; - } - - mac[macpos + 0] = (this.h[0] >>> 0) & 0xff; - mac[macpos + 1] = (this.h[0] >>> 8) & 0xff; - mac[macpos + 2] = (this.h[1] >>> 0) & 0xff; - mac[macpos + 3] = (this.h[1] >>> 8) & 0xff; - mac[macpos + 4] = (this.h[2] >>> 0) & 0xff; - mac[macpos + 5] = (this.h[2] >>> 8) & 0xff; - mac[macpos + 6] = (this.h[3] >>> 0) & 0xff; - mac[macpos + 7] = (this.h[3] >>> 8) & 0xff; - mac[macpos + 8] = (this.h[4] >>> 0) & 0xff; - mac[macpos + 9] = (this.h[4] >>> 8) & 0xff; - mac[macpos + 10] = (this.h[5] >>> 0) & 0xff; - mac[macpos + 11] = (this.h[5] >>> 8) & 0xff; - mac[macpos + 12] = (this.h[6] >>> 0) & 0xff; - mac[macpos + 13] = (this.h[6] >>> 8) & 0xff; - mac[macpos + 14] = (this.h[7] >>> 0) & 0xff; - mac[macpos + 15] = (this.h[7] >>> 8) & 0xff; + var g = new Uint16Array(10); + var c, mask, f, i; + + if (this.leftover) { + i = this.leftover; + this.buffer[i++] = 1; + for (; i < 16; i++) this.buffer[i] = 0; + this.fin = 1; + this.blocks(this.buffer, 0, 16); + } + + c = this.h[1] >>> 13; + this.h[1] &= 0x1fff; + for (i = 2; i < 10; i++) { + this.h[i] += c; + c = this.h[i] >>> 13; + this.h[i] &= 0x1fff; + } + this.h[0] += c * 5; + c = this.h[0] >>> 13; + this.h[0] &= 0x1fff; + this.h[1] += c; + c = this.h[1] >>> 13; + this.h[1] &= 0x1fff; + this.h[2] += c; + + g[0] = this.h[0] + 5; + c = g[0] >>> 13; + g[0] &= 0x1fff; + for (i = 1; i < 10; i++) { + g[i] = this.h[i] + c; + c = g[i] >>> 13; + g[i] &= 0x1fff; + } + g[9] -= 1 << 13; + + mask = (c ^ 1) - 1; + for (i = 0; i < 10; i++) g[i] &= mask; + mask = ~mask; + for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i]; + + this.h[0] = (this.h[0] | (this.h[1] << 13)) & 0xffff; + this.h[1] = ((this.h[1] >>> 3) | (this.h[2] << 10)) & 0xffff; + this.h[2] = ((this.h[2] >>> 6) | (this.h[3] << 7)) & 0xffff; + this.h[3] = ((this.h[3] >>> 9) | (this.h[4] << 4)) & 0xffff; + this.h[4] = + ((this.h[4] >>> 12) | (this.h[5] << 1) | (this.h[6] << 14)) & 0xffff; + this.h[5] = ((this.h[6] >>> 2) | (this.h[7] << 11)) & 0xffff; + this.h[6] = ((this.h[7] >>> 5) | (this.h[8] << 8)) & 0xffff; + this.h[7] = ((this.h[8] >>> 8) | (this.h[9] << 5)) & 0xffff; + + f = this.h[0] + this.pad[0]; + this.h[0] = f & 0xffff; + for (i = 1; i < 8; i++) { + f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0; + this.h[i] = f & 0xffff; + } + + mac[macpos + 0] = (this.h[0] >>> 0) & 0xff; + mac[macpos + 1] = (this.h[0] >>> 8) & 0xff; + mac[macpos + 2] = (this.h[1] >>> 0) & 0xff; + mac[macpos + 3] = (this.h[1] >>> 8) & 0xff; + mac[macpos + 4] = (this.h[2] >>> 0) & 0xff; + mac[macpos + 5] = (this.h[2] >>> 8) & 0xff; + mac[macpos + 6] = (this.h[3] >>> 0) & 0xff; + mac[macpos + 7] = (this.h[3] >>> 8) & 0xff; + mac[macpos + 8] = (this.h[4] >>> 0) & 0xff; + mac[macpos + 9] = (this.h[4] >>> 8) & 0xff; + mac[macpos + 10] = (this.h[5] >>> 0) & 0xff; + mac[macpos + 11] = (this.h[5] >>> 8) & 0xff; + mac[macpos + 12] = (this.h[6] >>> 0) & 0xff; + mac[macpos + 13] = (this.h[6] >>> 8) & 0xff; + mac[macpos + 14] = (this.h[7] >>> 0) & 0xff; + mac[macpos + 15] = (this.h[7] >>> 8) & 0xff; }; poly1305.prototype.update = function (m, mpos, bytes) { - var i, want; - - if (this.leftover) { - want = (16 - this.leftover); - if (want > bytes) - want = bytes; - for (i = 0; i < want; i++) - this.buffer[this.leftover + i] = m[mpos + i]; - bytes -= want; - mpos += want; - this.leftover += want; - if (this.leftover < 16) - return; - this.blocks(this.buffer, 0, 16); - this.leftover = 0; - } - - if (bytes >= 16) { - want = bytes - (bytes % 16); - this.blocks(m, mpos, want); - mpos += want; - bytes -= want; - } - - if (bytes) { - for (i = 0; i < bytes; i++) - this.buffer[this.leftover + i] = m[mpos + i]; - this.leftover += bytes; - } + var i, want; + + if (this.leftover) { + want = 16 - this.leftover; + if (want > bytes) want = bytes; + for (i = 0; i < want; i++) this.buffer[this.leftover + i] = m[mpos + i]; + bytes -= want; + mpos += want; + this.leftover += want; + if (this.leftover < 16) return; + this.blocks(this.buffer, 0, 16); + this.leftover = 0; + } + + if (bytes >= 16) { + want = bytes - (bytes % 16); + this.blocks(m, mpos, want); + mpos += want; + bytes -= want; + } + + if (bytes) { + for (i = 0; i < bytes; i++) this.buffer[this.leftover + i] = m[mpos + i]; + this.leftover += bytes; + } }; function checkLengths(k, n) { - if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size'); - if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size'); + if (k.length !== crypto_secretbox_KEYBYTES) throw new Error("bad key size"); + if (n.length !== crypto_secretbox_NONCEBYTES) + throw new Error("bad nonce size"); } - function checkArrayTypes() { - for (var i = 0; i < arguments.length; i++) { - if (!(arguments[i] instanceof Uint8Array)) - throw new TypeError('unexpected type, use Uint8Array'); - } + for (var i = 0; i < arguments.length; i++) { + if (!(arguments[i] instanceof Uint8Array)) + throw new TypeError("unexpected type, use Uint8Array"); + } } function crypto_stream(c, cpos, d, n, k) { - var s = new Uint8Array(32); - crypto_core_hsalsa20(s, n, k, sigma); - var sn = new Uint8Array(8); - for (var i = 0; i < 8; i++) sn[i] = n[i + 16]; - return crypto_stream_salsa20(c, cpos, d, sn, s); + var s = new Uint8Array(32); + crypto_core_hsalsa20(s, n, k, sigma); + var sn = new Uint8Array(8); + for (var i = 0; i < 8; i++) sn[i] = n[i + 16]; + return crypto_stream_salsa20(c, cpos, d, sn, s); } - function crypto_stream_xor(c, cpos, m, mpos, d, n, k) { - var s = new Uint8Array(32); - crypto_core_hsalsa20(s, n, k, sigma); - var sn = new Uint8Array(8); - for (var i = 0; i < 8; i++) sn[i] = n[i + 16]; - return crypto_stream_salsa20_xor(c, cpos, m, mpos, d, sn, s); + var s = new Uint8Array(32); + crypto_core_hsalsa20(s, n, k, sigma); + var sn = new Uint8Array(8); + for (var i = 0; i < 8; i++) sn[i] = n[i + 16]; + return crypto_stream_salsa20_xor(c, cpos, m, mpos, d, sn, s); } function crypto_onetimeauth(out, outpos, m, mpos, n, k) { - var s = new poly1305(k); - s.update(m, mpos, n); - s.finish(out, outpos); - return 0; + var s = new poly1305(k); + s.update(m, mpos, n); + s.finish(out, outpos); + return 0; } function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) { - var x = new Uint8Array(16); - crypto_onetimeauth(x, 0, m, mpos, n, k); - return crypto_verify_16(h, hpos, x, 0); + var x = new Uint8Array(16); + crypto_onetimeauth(x, 0, m, mpos, n, k); + return crypto_verify_16(h, hpos, x, 0); } function crypto_secretbox(c, m, d, n, k) { - var i; - if (d < 32) return -1; - crypto_stream_xor(c, 0, m, 0, d, n, k); - crypto_onetimeauth(c, 16, c, 32, d - 32, c); - for (i = 0; i < 16; i++) c[i] = 0; - return 0; + var i; + if (d < 32) return -1; + crypto_stream_xor(c, 0, m, 0, d, n, k); + crypto_onetimeauth(c, 16, c, 32, d - 32, c); + for (i = 0; i < 16; i++) c[i] = 0; + return 0; } function crypto_secretbox_open(m, c, d, n, k) { - var i; - var x = new Uint8Array(32); - if (d < 32) return -1; - crypto_stream(x, 0, 32, n, k); - if (crypto_onetimeauth_verify(c, 16, c, 32, d - 32, x) !== 0) return -1; - crypto_stream_xor(m, 0, c, 0, d, n, k); - for (i = 0; i < 32; i++) m[i] = 0; - return 0; + var i; + var x = new Uint8Array(32); + if (d < 32) return -1; + crypto_stream(x, 0, 32, n, k); + if (crypto_onetimeauth_verify(c, 16, c, 32, d - 32, x) !== 0) return -1; + crypto_stream_xor(m, 0, c, 0, d, n, k); + for (i = 0; i < 32; i++) m[i] = 0; + return 0; } var nacl = {}; nacl.secretbox = function (msg, nonce, key) { - checkArrayTypes(msg, nonce, key); - checkLengths(key, nonce); - var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length); - var c = new Uint8Array(m.length); - for (var i = 0; i < msg.length; i++) m[i + crypto_secretbox_ZEROBYTES] = msg[i]; - crypto_secretbox(c, m, m.length, nonce, key); - return c.subarray(crypto_secretbox_BOXZEROBYTES); + checkArrayTypes(msg, nonce, key); + checkLengths(key, nonce); + var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length); + var c = new Uint8Array(m.length); + for (var i = 0; i < msg.length; i++) + m[i + crypto_secretbox_ZEROBYTES] = msg[i]; + crypto_secretbox(c, m, m.length, nonce, key); + return c.subarray(crypto_secretbox_BOXZEROBYTES); }; - nacl.secretbox.open = function (box, nonce, key) { - checkArrayTypes(box, nonce, key); - checkLengths(key, nonce); - var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length); - var m = new Uint8Array(c.length); - for (var i = 0; i < box.length; i++) c[i + crypto_secretbox_BOXZEROBYTES] = box[i]; - if (c.length < 32) return null; - if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return null; - return m.subarray(crypto_secretbox_ZEROBYTES); + checkArrayTypes(box, nonce, key); + checkLengths(key, nonce); + var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length); + var m = new Uint8Array(c.length); + for (var i = 0; i < box.length; i++) + c[i + crypto_secretbox_BOXZEROBYTES] = box[i]; + if (c.length < 32) return null; + if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return null; + return m.subarray(crypto_secretbox_ZEROBYTES); }; -self.secretbox = nacl.secretbox +self.secretbox = nacl.secretbox; diff --git a/sw_scripts/safari-notifications.js b/sw_scripts/safari-notifications.js index adf5f61..d1d486d 100644 --- a/sw_scripts/safari-notifications.js +++ b/sw_scripts/safari-notifications.js @@ -1,43 +1,48 @@ - async function generateSHA256Hash(data) { - const buffer = new TextEncoder().encode(data); - const hashBuffer = await crypto.subtle.digest('SHA-256', buffer); - const hashArray = Array.from(new Uint8Array(hashBuffer)); // convert buffer to byte array - const hashHex = hashArray.map(byte => byte.toString(16).padStart(2, '0')).join(''); - return hashHex; + const buffer = new TextEncoder().encode(data); + const hashBuffer = await crypto.subtle.digest("SHA-256", buffer); + const hashArray = Array.from(new Uint8Array(hashBuffer)); // convert buffer to byte array + const hashHex = hashArray + .map((byte) => byte.toString(16).padStart(2, "0")) + .join(""); + return hashHex; } function validateBase64(s) { - if (!(/^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.test(s))) { - throw new TypeError('invalid encoding'); - } + if ( + !/^(?:[A-Za-z0-9+\/]{2}[A-Za-z0-9+\/]{2})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.test( + s, + ) + ) { + throw new TypeError("invalid encoding"); + } } - function decodeBase64(s) { - validateBase64(s); - var i, d = atob(s), b = new Uint8Array(d.length); - for (i = 0; i < d.length; i++) b[i] = d.charCodeAt(i); - return b; + validateBase64(s); + var i, + d = atob(s), + b = new Uint8Array(d.length); + for (i = 0; i < d.length; i++) b[i] = d.charCodeAt(i); + return b; } - async function getSettingById(id) { return new Promise((resolve, reject) => { - let openRequest = indexedDB.open('TimeSafari'); + let openRequest = indexedDB.open("TimeSafari"); openRequest.onupgradeneeded = (event) => { // Handle database setup if necessary let db = event.target.result; - if (!db.objectStoreNames.contains('settings')) { - db.createObjectStore('settings', { keyPath: 'id' }); + if (!db.objectStoreNames.contains("settings")) { + db.createObjectStore("settings", { keyPath: "id" }); } }; openRequest.onsuccess = (event) => { let db = event.target.result; - let transaction = db.transaction('settings', 'readonly'); - let objectStore = transaction.objectStore('settings'); + let transaction = db.transaction("settings", "readonly"); + let objectStore = transaction.objectStore("settings"); let getRequest = objectStore.get(id); getRequest.onsuccess = () => resolve(getRequest.result); @@ -48,66 +53,64 @@ async function getSettingById(id) { }); } - async function fetchAllAccounts() { return new Promise((resolve, reject) => { - let openRequest = indexedDB.open('TimeSafariAccounts'); + let openRequest = indexedDB.open("TimeSafariAccounts"); - openRequest.onupgradeneeded = function(event) { + openRequest.onupgradeneeded = function (event) { let db = event.target.result; - if (!db.objectStoreNames.contains('accounts')) { - db.createObjectStore('accounts', { keyPath: 'id' }); + if (!db.objectStoreNames.contains("accounts")) { + db.createObjectStore("accounts", { keyPath: "id" }); } }; - openRequest.onsuccess = function(event) { + openRequest.onsuccess = function (event) { let db = event.target.result; - let transaction = db.transaction('accounts', 'readonly'); - let objectStore = transaction.objectStore('accounts'); + let transaction = db.transaction("accounts", "readonly"); + let objectStore = transaction.objectStore("accounts"); let getAllRequest = objectStore.getAll(); - getAllRequest.onsuccess = function() { + getAllRequest.onsuccess = function () { resolve(getAllRequest.result); }; - getAllRequest.onerror = function() { + getAllRequest.onerror = function () { reject(getAllRequest.error); }; }; - openRequest.onerror = function() { + openRequest.onerror = function () { reject(openRequest.error); }; }); } - async function getNotificationCount() { - let secret = null; - if ('secret' in self) { - secret = self.secret; - const secretUint8Array = self.decodeBase64(secret); - const settings = await getSettingById(1); - const activeDid = settings['activeDid']; -/** - const accounts = await fetchAllAccounts(); - let did = null; - let result = null; - for (var i = 0; i < accounts.length; i++) { - let account = accounts[i]; - let did = account['did']; - if (did == activeDid) { - let publicKeyHex = account['publicKeyHex']; - let identity = account['identity']; - - const messageWithNonceAsUint8Array = decodeBase64(identity); - const nonce = messageWithNonceAsUint8Array.slice(0, 24); - const message = messageWithNonceAsUint8Array.slice(24, identity.length); - } -**/ - } - } - return secret; + let secret = null; + let accounts = []; + if ("secret" in self) { + secret = self.secret; + const secretUint8Array = self.decodeBase64(secret); + const settings = await getSettingById(1); + const activeDid = settings["activeDid"]; + accounts = await fetchAllAccounts(); + let did = null; + let result = null; + /** + for (var i = 0; i < accounts.length; i++) { + let account = accounts[i]; + let did = account['did']; + if (did == activeDid) { + let publicKeyHex = account['publicKeyHex']; + let identity = account['identity']; + + const messageWithNonceAsUint8Array = decodeBase64(identity); + const nonce = messageWithNonceAsUint8Array.slice(0, 24); + const message = messageWithNonceAsUint8Array.slice(24, identity.length); + } + **/ + } + return accounts.length; } self.getNotificationCount = getNotificationCount; -self.decodeBase64 = decodeBase64 +self.decodeBase64 = decodeBase64; diff --git a/sw_scripts/secp256k1.js b/sw_scripts/secp256k1.js index 6bbd7a7..673161e 100644 --- a/sw_scripts/secp256k1.js +++ b/sw_scripts/secp256k1.js @@ -1,256 +1,283 @@ (function () { + randomBytes = (length) => self.crypto.getRandomValues(new Uint8Array(length)); + self.Secp256k1 = exports = {}; - randomBytes = length => self.crypto.getRandomValues(new Uint8Array(length)) - self.Secp256k1 = exports = {} + function uint256(x, base) { + return new BN(x, base); + } - function uint256(x, base) { - return new BN(x, base) - } + function rnd(P) { + return uint256(randomBytes(32)).umod(P); //TODO red + } - function rnd(P) { - return uint256(randomBytes(32)).umod(P)//TODO red - } + const A = uint256(0); + const B = uint256(7); + const GX = uint256( + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", + 16, + ); + const GY = uint256( + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", + 16, + ); + const P = uint256( + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", + 16, + ); + const N = uint256( + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", + 16, + ); + //const RED = BN.red(P) + const _0 = uint256(0); + const _1 = uint256(1); - const A = uint256(0) - const B = uint256(7) - const GX = uint256("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16) - const GY = uint256("483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", 16) - const P = uint256("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16) - const N = uint256("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 16) - //const RED = BN.red(P) - const _0 = uint256(0) - const _1 = uint256(1) + // function for elliptic curve multiplication in jacobian coordinates using Double-and-add method + function ecmul(_p, _d) { + let R = [_0, _0, _0]; - // function for elliptic curve multiplication in jacobian coordinates using Double-and-add method - function ecmul(_p, _d) { - let R = [_0,_0,_0] + //return (0,0) if d=0 or (x1,y1)=(0,0) + if (_d == 0 || (_p[0] == 0 && _p[1] == 0)) { + return R; + } + let T = [ + _p[0], //x-coordinate temp + _p[1], //y-coordinate temp + _p[2], //z-coordinate temp + ]; - //return (0,0) if d=0 or (x1,y1)=(0,0) - if (_d == 0 || ((_p[0] == 0) && (_p[1] == 0)) ) { - return R - } - let T = [ - _p[0], //x-coordinate temp - _p[1], //y-coordinate temp - _p[2], //z-coordinate temp - ] + const d = _d.clone(); + while (d != 0) { + if (d.testn(0)) { + //if last bit is 1 add T to result + R = ecadd(T, R); + } + T = ecdouble(T); //double temporary coordinates + d.iushrn(1); //"cut off" last bit + } - const d = _d.clone() - while (d != 0) { - if (d.testn(0)) { //if last bit is 1 add T to result - R = ecadd(T,R) - } - T = ecdouble(T); //double temporary coordinates - d.iushrn(1); //"cut off" last bit - } + return R; + } - return R - } + function mulmod(a, b, P) { + return a.mul(b).umod(P); //TODO red + } - function mulmod(a, b, P) { - return a.mul(b).umod(P)//TODO red - } + function addmod(a, b, P) { + return a.add(b).umod(P); //TODO red + } - function addmod(a, b, P) { - return a.add(b).umod(P)//TODO red - } + function invmod(a, P) { + return a.invm(P); //TODO redq + } - function invmod(a, P) { - return a.invm(P)//TODO redq - } + function mulG(k) { + const GinJ = AtoJ(GX, GY); + const PUBinJ = ecmul(GinJ, k); + return JtoA(PUBinJ); + } - function mulG(k) { - const GinJ = AtoJ(GX, GY) - const PUBinJ = ecmul(GinJ, k) - return JtoA(PUBinJ) + function assert(cond, msg) { + if (!cond) { + throw Error("assertion failed: " + msg); } + } - function assert(cond, msg) { - if (!cond) { - throw Error("assertion failed: " + msg) - } + function ecsign(d, z) { + assert(d != 0, "d must not be 0"); + assert(z != 0, "z must not be 0"); + while (true) { + const k = rnd(P); + const R = mulG(k); + if (R[0] == 0) continue; + const s = mulmod(invmod(k, N), addmod(z, mulmod(R[0], d, N), N), N); + if (s == 0) continue; + //FIXME: why do I need this + if (s.testn(255)) continue; + return { r: toHex(R[0]), s: toHex(s), v: R[1].testn(0) ? 1 : 0 }; } + } - function ecsign(d, z) { - assert(d != 0, "d must not be 0") - assert(z != 0, "z must not be 0") - while (true) { - const k = rnd(P) - const R = mulG(k) - if (R[0] == 0) continue - const s = mulmod(invmod(k, N), addmod(z, mulmod(R[0], d, N), N), N) - if (s == 0) continue - //FIXME: why do I need this - if (s.testn(255)) continue - return {r: toHex(R[0]), s: toHex(s), v: R[1].testn(0) ? 1 : 0} - } - } + function JtoA(p) { + const zInv = invmod(p[2], P); + const zInv2 = mulmod(zInv, zInv, P); + return [mulmod(p[0], zInv2, P), mulmod(p[1], mulmod(zInv, zInv2, P), P)]; + } - function JtoA(p) { - const zInv = invmod(p[2], P) - const zInv2 = mulmod(zInv, zInv, P) - return [mulmod(p[0], zInv2, P), mulmod(p[1], mulmod(zInv, zInv2, P), P)] + //point doubling for elliptic curve in jacobian coordinates + //formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates + function ecdouble(_p) { + if (_p[1] == 0) { + //return point at infinity + return [_1, _1, _0]; } - //point doubling for elliptic curve in jacobian coordinates - //formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates - function ecdouble(_p) { - if (_p[1] == 0) { - //return point at infinity - return [_1, _1, _0] - } + const z2 = mulmod(_p[2], _p[2], P); + const m = addmod( + mulmod(A, mulmod(z2, z2, P), P), + mulmod(uint256(3), mulmod(_p[0], _p[0], P), P), + P, + ); + const y2 = mulmod(_p[1], _p[1], P); + const s = mulmod(uint256(4), mulmod(_p[0], y2, P), P); - const z2 = mulmod(_p[2], _p[2], P) - const m = addmod(mulmod(A, mulmod(z2, z2, P), P), mulmod(uint256(3), mulmod(_p[0], _p[0], P), P), P) - const y2 = mulmod(_p[1], _p[1], P) - const s = mulmod(uint256(4), mulmod(_p[0], y2, P), P) + const x = addmod(mulmod(m, m, P), negmod(mulmod(s, uint256(2), P), P), P); + return [ + x, + addmod( + mulmod(m, addmod(s, negmod(x, P), P), P), + negmod(mulmod(uint256(8), mulmod(y2, y2, P), P), P), + P, + ), + mulmod(uint256(2), mulmod(_p[1], _p[2], P), P), + ]; + } - const x = addmod(mulmod(m, m, P), negmod(mulmod(s, uint256(2), P), P), P) - return [ - x, - addmod(mulmod(m, addmod(s, negmod(x, P), P), P), negmod(mulmod(uint256(8), mulmod(y2, y2, P), P), P), P), - mulmod(uint256(2), mulmod(_p[1], _p[2], P), P) - ] - } + function negmod(a, P) { + return P.sub(a); + } - function negmod(a, P) { - return P.sub(a) + // point addition for elliptic curve in jacobian coordinates + // formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates + function ecadd(_p, _q) { + if (_q[0] == 0 && _q[1] == 0 && _q[2] == 0) { + return _p; } - // point addition for elliptic curve in jacobian coordinates - // formula from https://en.wikibooks.org/wiki/Cryptography/Prime_Curve/Jacobian_Coordinates - function ecadd(_p, _q) { - if (_q[0] == 0 && _q[1] == 0 && _q[2] == 0) { - return _p - } - - let z2 = mulmod(_q[2], _q[2], P) - const u1 = mulmod(_p[0], z2, P) - const s1 = mulmod(_p[1], mulmod(z2, _q[2], P), P) - z2 = mulmod(_p[2], _p[2], P) - let u2 = mulmod(_q[0], z2, P) - let s2 = mulmod(_q[1], mulmod(z2, _p[2], P), P) - - if (u1.eq(u2)) { - if (!s1.eq(s2)) { - //return point at infinity - return [_1, _1, _0] - } - else { - return ecdouble(_p) - } - } + let z2 = mulmod(_q[2], _q[2], P); + const u1 = mulmod(_p[0], z2, P); + const s1 = mulmod(_p[1], mulmod(z2, _q[2], P), P); + z2 = mulmod(_p[2], _p[2], P); + let u2 = mulmod(_q[0], z2, P); + let s2 = mulmod(_q[1], mulmod(z2, _p[2], P), P); - u2 = addmod(u2, negmod(u1, P), P) - z2 = mulmod(u2, u2, P) - const t2 = mulmod(u1, z2, P) - z2 = mulmod(u2, z2, P) - s2 = addmod(s2, negmod(s1, P), P) - const x = addmod(addmod(mulmod(s2, s2, P), negmod(z2, P), P), negmod(mulmod(uint256(2), t2, P), P), P) - return [ - x, - addmod(mulmod(s2, addmod(t2, negmod(x, P), P), P), negmod(mulmod(s1, z2, P), P), P), - mulmod(u2, mulmod(_p[2], _q[2], P), P) - ] + if (u1.eq(u2)) { + if (!s1.eq(s2)) { + //return point at infinity + return [_1, _1, _0]; + } else { + return ecdouble(_p); + } } - function AtoJ(x, y) { - return [ - uint256(x), - uint256(y), - _1 - ] - } + u2 = addmod(u2, negmod(u1, P), P); + z2 = mulmod(u2, u2, P); + const t2 = mulmod(u1, z2, P); + z2 = mulmod(u2, z2, P); + s2 = addmod(s2, negmod(s1, P), P); + const x = addmod( + addmod(mulmod(s2, s2, P), negmod(z2, P), P), + negmod(mulmod(uint256(2), t2, P), P), + P, + ); + return [ + x, + addmod( + mulmod(s2, addmod(t2, negmod(x, P), P), P), + negmod(mulmod(s1, z2, P), P), + P, + ), + mulmod(u2, mulmod(_p[2], _q[2], P), P), + ]; + } - function isValidPoint(x, y) { - const yy = addmod(mulmod(mulmod(x, x, P), x, P), B, P) - return yy.eq(mulmod(y, y, P)) - } + function AtoJ(x, y) { + return [uint256(x), uint256(y), _1]; + } - function toHex(bn) { - return ('00000000000000000000000000000000000000000000000000000000000000000000000000000000' + bn.toString(16)).slice(-64) - } + function isValidPoint(x, y) { + const yy = addmod(mulmod(mulmod(x, x, P), x, P), B, P); + return yy.eq(mulmod(y, y, P)); + } - function decompressKey(x, yBit) { - let redP = BN.red('k256'); - x = x.toRed(redP) - const y = x.redMul(x).redMul(x).redAdd(B.toRed(redP)).redSqrt() - const sign = y.testn(0) - return (sign != yBit ? y.redNeg() : y).fromRed() - } + function toHex(bn) { + return ( + "00000000000000000000000000000000000000000000000000000000000000000000000000000000" + + bn.toString(16) + ).slice(-64); + } - function generatePublicKeyFromPrivateKeyData(pk) { - const p = mulG(pk) - return {x: toHex(p[0]), y: toHex(p[1])} - } + function decompressKey(x, yBit) { + let redP = BN.red("k256"); + x = x.toRed(redP); + const y = x.redMul(x).redMul(x).redAdd(B.toRed(redP)).redSqrt(); + const sign = y.testn(0); + return (sign != yBit ? y.redNeg() : y).fromRed(); + } + + function generatePublicKeyFromPrivateKeyData(pk) { + const p = mulG(pk); + return { x: toHex(p[0]), y: toHex(p[1]) }; + } - function ecrecover(recId, sigr, sigs, message) { - assert(recId >= 0 && recId <= 3, "recId must be 0..3") - assert(sigr != 0, "sigr must not be 0") - assert(sigs != 0, "sigs must not be 0") - // 1.0 For j from 0 to h (h == recId here and the loop is outside this function) - // 1.1 Let x = r + jn - const x = addmod(uint256(sigr), P.muln(recId >> 1), P) - // 1.2. Convert the integer x to an octet string X of length mlen using the conversion routine - // specified in Section 2.3.7, where mlen = ⌈(log2 p)/8⌉ or mlen = ⌈m/8⌉. - // 1.3. Convert the octet string (16 set binary digits)||X to an elliptic curve point R using the - // conversion routine specified in Section 2.3.4. If this conversion routine outputs “invalid”, then - // do another iteration of Step 1. - // - // More concisely, what these points mean is to use X as a compressed public key. - if (x.gte(P)) { - // Cannot have point co-ordinates larger than this as everything takes place modulo Q. - return null - } - // Compressed keys require you to know an extra bit of data about the y-coord as there are two possibilities. - // So it's encoded in the recId. - const y = decompressKey(x, (recId & 1) == 1) - // 1.4. If nR != point at infinity, then do another iteration of Step 1 (callers responsibility). - // if (!R.mul(N).isInfinity()) - // return null - // 1.5. Compute e from M using Steps 2 and 3 of ECDSA signature verification. - const e = uint256(message) - // 1.6. For k from 1 to 2 do the following. (loop is outside this function via iterating recId) - // 1.6.1. Compute a candidate public key as: - // Q = mi(r) * (sR - eG) - // - // Where mi(x) is the modular multiplicative inverse. We transform this into the following: - // Q = (mi(r) * s ** R) + (mi(r) * -e ** G) - // Where -e is the modular additive inverse of e, that is z such that z + e = 0 (mod n). In the above equation - // ** is point multiplication and + is point addition (the EC group operator). - // - // We can find the additive inverse by subtracting e from zero then taking the mod. For example the additive - // inverse of 3 modulo 11 is 8 because 3 + 8 mod 11 = 0, and -3 mod 11 = 8. - const eNeg = negmod(e, N) - const rInv = invmod(sigr, N) - const srInv = mulmod(rInv, sigs, N) - const eNegrInv = mulmod(rInv, eNeg, N) - const R = AtoJ(x, y) - const G = AtoJ(GX, GY) - const qinJ = ecadd(ecmul(G, eNegrInv), ecmul(R, srInv)) - const p = JtoA(qinJ) - return {x: toHex(p[0]), y: toHex(p[1])} + function ecrecover(recId, sigr, sigs, message) { + assert(recId >= 0 && recId <= 3, "recId must be 0..3"); + assert(sigr != 0, "sigr must not be 0"); + assert(sigs != 0, "sigs must not be 0"); + // 1.0 For j from 0 to h (h == recId here and the loop is outside this function) + // 1.1 Let x = r + jn + const x = addmod(uint256(sigr), P.muln(recId >> 1), P); + // 1.2. Convert the integer x to an octet string X of length mlen using the conversion routine + // specified in Section 2.3.7, where mlen = ⌈(log2 p)/8⌉ or mlen = ⌈m/8⌉. + // 1.3. Convert the octet string (16 set binary digits)||X to an elliptic curve point R using the + // conversion routine specified in Section 2.3.4. If this conversion routine outputs “invalid”, then + // do another iteration of Step 1. + // + // More concisely, what these points mean is to use X as a compressed public key. + if (x.gte(P)) { + // Cannot have point co-ordinates larger than this as everything takes place modulo Q. + return null; } + // Compressed keys require you to know an extra bit of data about the y-coord as there are two possibilities. + // So it's encoded in the recId. + const y = decompressKey(x, (recId & 1) == 1); + // 1.4. If nR != point at infinity, then do another iteration of Step 1 (callers responsibility). + // if (!R.mul(N).isInfinity()) + // return null + // 1.5. Compute e from M using Steps 2 and 3 of ECDSA signature verification. + const e = uint256(message); + // 1.6. For k from 1 to 2 do the following. (loop is outside this function via iterating recId) + // 1.6.1. Compute a candidate public key as: + // Q = mi(r) * (sR - eG) + // + // Where mi(x) is the modular multiplicative inverse. We transform this into the following: + // Q = (mi(r) * s ** R) + (mi(r) * -e ** G) + // Where -e is the modular additive inverse of e, that is z such that z + e = 0 (mod n). In the above equation + // ** is point multiplication and + is point addition (the EC group operator). + // + // We can find the additive inverse by subtracting e from zero then taking the mod. For example the additive + // inverse of 3 modulo 11 is 8 because 3 + 8 mod 11 = 0, and -3 mod 11 = 8. + const eNeg = negmod(e, N); + const rInv = invmod(sigr, N); + const srInv = mulmod(rInv, sigs, N); + const eNegrInv = mulmod(rInv, eNeg, N); + const R = AtoJ(x, y); + const G = AtoJ(GX, GY); + const qinJ = ecadd(ecmul(G, eNegrInv), ecmul(R, srInv)); + const p = JtoA(qinJ); + return { x: toHex(p[0]), y: toHex(p[1]) }; + } - function ecverify (Qx, Qy, sigr, sigs, z) { - if (sigs == 0 || sigr == 0) { - return false - } - const w = invmod(sigs, N) - const u1 = mulmod(z, w, N) - const u2 = mulmod(sigr, w, N) - const Q = AtoJ(Qx, Qy) - const G = AtoJ(GX, GY) - const RinJ = ecadd(ecmul(G, u1), ecmul(Q, u2)) - const r = JtoA(RinJ) - return sigr.eq(r[0]) + function ecverify(Qx, Qy, sigr, sigs, z) { + if (sigs == 0 || sigr == 0) { + return false; } + const w = invmod(sigs, N); + const u1 = mulmod(z, w, N); + const u2 = mulmod(sigr, w, N); + const Q = AtoJ(Qx, Qy); + const G = AtoJ(GX, GY); + const RinJ = ecadd(ecmul(G, u1), ecmul(Q, u2)); + const r = JtoA(RinJ); + return sigr.eq(r[0]); + } - exports.uint256 = uint256 - exports.ecsign = ecsign - exports.ecrecover = ecrecover - exports.generatePublicKeyFromPrivateKeyData = generatePublicKeyFromPrivateKeyData - exports.decompressKey = decompressKey - exports.isValidPoint = isValidPoint - exports.ecverify = ecverify -})() + exports.uint256 = uint256; + exports.ecsign = ecsign; + exports.ecrecover = ecrecover; + exports.generatePublicKeyFromPrivateKeyData = + generatePublicKeyFromPrivateKeyData; + exports.decompressKey = decompressKey; + exports.isValidPoint = isValidPoint; + exports.ecverify = ecverify; +})(); diff --git a/sw_scripts/sw-bn.js b/sw_scripts/sw-bn.js index 8b34427..54c8f9a 100644 --- a/sw_scripts/sw-bn.js +++ b/sw_scripts/sw-bn.js @@ -1,14 +1,14 @@ (function (exports) { - 'use strict'; + "use strict"; // Utils - function assert (val, msg) { - if (!val) throw new Error(msg || 'Assertion failed'); + function assert(val, msg) { + if (!val) throw new Error(msg || "Assertion failed"); } // Could use `inherits` module, but don't want to move from single file // architecture yet. - function inherits (ctor, superCtor) { + function inherits(ctor, superCtor) { ctor.super_ = superCtor; var TempCtor = function () {}; TempCtor.prototype = superCtor.prototype; @@ -18,7 +18,7 @@ // BN - function BN (number, base, endian) { + function BN(number, base, endian) { if (BN.isBN(number)) { return number; } @@ -31,12 +31,12 @@ this.red = null; if (number !== null) { - if (base === 'le' || base === 'be') { + if (base === "le" || base === "be") { endian = base; base = 10; } - this._init(number || 0, base || 10, endian || 'be'); + this._init(number || 0, base || 10, endian || "be"); } } exports.BN = BN; @@ -46,50 +46,53 @@ var Buffer; try { - if (typeof window !== 'undefined' && typeof window.Buffer !== 'undefined') { + if (typeof window !== "undefined" && typeof window.Buffer !== "undefined") { Buffer = window.Buffer; } else { - Buffer = require('buffer').Buffer; + Buffer = require("buffer").Buffer; } - } catch (e) { - } + } catch (e) {} - BN.isBN = function isBN (num) { + BN.isBN = function isBN(num) { if (num instanceof BN) { return true; } - return num !== null && typeof num === 'object' && - num.constructor.wordSize === BN.wordSize && Array.isArray(num.words); + return ( + num !== null && + typeof num === "object" && + num.constructor.wordSize === BN.wordSize && + Array.isArray(num.words) + ); }; - BN.max = function max (left, right) { + BN.max = function max(left, right) { if (left.cmp(right) > 0) return left; return right; }; - BN.min = function min (left, right) { + BN.min = function min(left, right) { if (left.cmp(right) < 0) return left; return right; }; - BN.prototype._init = function init (number, base, endian) { - if (typeof number === 'number') { + BN.prototype._init = function init(number, base, endian) { + if (typeof number === "number") { return this._initNumber(number, base, endian); } - if (typeof number === 'object') { + if (typeof number === "object") { return this._initArray(number, base, endian); } - if (base === 'hex') { + if (base === "hex") { base = 16; } assert(base === (base | 0) && base >= 2 && base <= 36); - number = number.toString().replace(/\s+/g, ''); + number = number.toString().replace(/\s+/g, ""); var start = 0; - if (number[0] === '-') { + if (number[0] === "-") { start++; this.negative = 1; } @@ -99,14 +102,14 @@ this._parseHex(number, start, endian); } else { this._parseBase(number, base, start); - if (endian === 'le') { + if (endian === "le") { this._initArray(this.toArray(), base, endian); } } } }; - BN.prototype._initNumber = function _initNumber (number, base, endian) { + BN.prototype._initNumber = function _initNumber(number, base, endian) { if (number < 0) { this.negative = 1; number = -number; @@ -115,30 +118,23 @@ this.words = [number & 0x3ffffff]; this.length = 1; } else if (number < 0x10000000000000) { - this.words = [ - number & 0x3ffffff, - (number / 0x4000000) & 0x3ffffff - ]; + this.words = [number & 0x3ffffff, (number / 0x4000000) & 0x3ffffff]; this.length = 2; } else { assert(number < 0x20000000000000); // 2 ^ 53 (unsafe) - this.words = [ - number & 0x3ffffff, - (number / 0x4000000) & 0x3ffffff, - 1 - ]; + this.words = [number & 0x3ffffff, (number / 0x4000000) & 0x3ffffff, 1]; this.length = 3; } - if (endian !== 'le') return; + if (endian !== "le") return; // Reverse the bytes this._initArray(this.toArray(), base, endian); }; - BN.prototype._initArray = function _initArray (number, base, endian) { + BN.prototype._initArray = function _initArray(number, base, endian) { // Perhaps a Uint8Array - assert(typeof number.length === 'number'); + assert(typeof number.length === "number"); if (number.length <= 0) { this.words = [0]; this.length = 1; @@ -153,7 +149,7 @@ var j, w; var off = 0; - if (endian === 'be') { + if (endian === "be") { for (i = number.length - 1, j = 0; i >= 0; i -= 3) { w = number[i] | (number[i - 1] << 8) | (number[i - 2] << 16); this.words[j] |= (w << off) & 0x3ffffff; @@ -164,7 +160,7 @@ j++; } } - } else if (endian === 'le') { + } else if (endian === "le") { for (i = 0, j = 0; i < number.length; i += 3) { w = number[i] | (number[i + 1] << 8) | (number[i + 2] << 16); this.words[j] |= (w << off) & 0x3ffffff; @@ -179,23 +175,23 @@ return this._strip(); }; - function parseHex4Bits (string, index) { + function parseHex4Bits(string, index) { var c = string.charCodeAt(index); // '0' - '9' if (c >= 48 && c <= 57) { return c - 48; - // 'A' - 'F' + // 'A' - 'F' } else if (c >= 65 && c <= 70) { return c - 55; - // 'a' - 'f' + // 'a' - 'f' } else if (c >= 97 && c <= 102) { return c - 87; } else { - assert(false, 'Invalid character in ' + string); + assert(false, "Invalid character in " + string); } } - function parseHexByte (string, lowerBound, index) { + function parseHexByte(string, lowerBound, index) { var r = parseHex4Bits(string, index); if (index - 1 >= lowerBound) { r |= parseHex4Bits(string, index - 1) << 4; @@ -203,7 +199,7 @@ return r; } - BN.prototype._parseHex = function _parseHex (number, start, endian) { + BN.prototype._parseHex = function _parseHex(number, start, endian) { // Create possibly bigger array to ensure that it fits the number this.length = Math.ceil((number.length - start) / 6); this.words = new Array(this.length); @@ -216,7 +212,7 @@ var j = 0; var w; - if (endian === 'be') { + if (endian === "be") { for (i = number.length - 1; i >= start; i -= 2) { w = parseHexByte(number, start, i) << off; this.words[j] |= w & 0x3ffffff; @@ -230,7 +226,11 @@ } } else { var parseLength = number.length - start; - for (i = parseLength % 2 === 0 ? start + 1 : start; i < number.length; i += 2) { + for ( + i = parseLength % 2 === 0 ? start + 1 : start; + i < number.length; + i += 2 + ) { w = parseHexByte(number, start, i) << off; this.words[j] |= w & 0x3ffffff; if (off >= 18) { @@ -246,7 +246,7 @@ this._strip(); }; - function parseBase (str, start, end, mul) { + function parseBase(str, start, end, mul) { var r = 0; var b = 0; var len = Math.min(str.length, end); @@ -259,21 +259,21 @@ if (c >= 49) { b = c - 49 + 0xa; - // 'A' + // 'A' } else if (c >= 17) { b = c - 17 + 0xa; - // '0' - '9' + // '0' - '9' } else { b = c; } - assert(c >= 0 && b < mul, 'Invalid character'); + assert(c >= 0 && b < mul, "Invalid character"); r += b; } return r; } - BN.prototype._parseBase = function _parseBase (number, base, start) { + BN.prototype._parseBase = function _parseBase(number, base, start) { // Initialize as zero this.words = [0]; this.length = 1; @@ -320,7 +320,7 @@ this._strip(); }; - BN.prototype.copy = function copy (dest) { + BN.prototype.copy = function copy(dest) { dest.words = new Array(this.length); for (var i = 0; i < this.length; i++) { dest.words[i] = this.words[i]; @@ -330,24 +330,24 @@ dest.red = this.red; }; - function move (dest, src) { + function move(dest, src) { dest.words = src.words; dest.length = src.length; dest.negative = src.negative; dest.red = src.red; } - BN.prototype._move = function _move (dest) { + BN.prototype._move = function _move(dest) { move(dest, this); }; - BN.prototype.clone = function clone () { + BN.prototype.clone = function clone() { var r = new BN(null); this.copy(r); return r; }; - BN.prototype._expand = function _expand (size) { + BN.prototype._expand = function _expand(size) { while (this.length < size) { this.words[this.length++] = 0; } @@ -355,14 +355,14 @@ }; // Remove leading `0` from `this` - BN.prototype._strip = function strip () { + BN.prototype._strip = function strip() { while (this.length > 1 && this.words[this.length - 1] === 0) { this.length--; } return this._normSign(); }; - BN.prototype._normSign = function _normSign () { + BN.prototype._normSign = function _normSign() { // -0 = 0 if (this.length === 1 && this.words[0] === 0) { this.negative = 0; @@ -372,9 +372,9 @@ // Check Symbol.for because not everywhere where Symbol defined // See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Symbol#Browser_compatibility - if (typeof Symbol !== 'undefined' && typeof Symbol.for === 'function') { + if (typeof Symbol !== "undefined" && typeof Symbol.for === "function") { try { - BN.prototype[Symbol.for('nodejs.util.inspect.custom')] = inspect; + BN.prototype[Symbol.for("nodejs.util.inspect.custom")] = inspect; } catch (e) { BN.prototype.inspect = inspect; } @@ -382,8 +382,8 @@ BN.prototype.inspect = inspect; } - function inspect () { - return (this.red ? ''; + function inspect() { + return (this.red ? ""; } /* @@ -417,59 +417,54 @@ */ var zeros = [ - '', - '0', - '00', - '000', - '0000', - '00000', - '000000', - '0000000', - '00000000', - '000000000', - '0000000000', - '00000000000', - '000000000000', - '0000000000000', - '00000000000000', - '000000000000000', - '0000000000000000', - '00000000000000000', - '000000000000000000', - '0000000000000000000', - '00000000000000000000', - '000000000000000000000', - '0000000000000000000000', - '00000000000000000000000', - '000000000000000000000000', - '0000000000000000000000000' + "", + "0", + "00", + "000", + "0000", + "00000", + "000000", + "0000000", + "00000000", + "000000000", + "0000000000", + "00000000000", + "000000000000", + "0000000000000", + "00000000000000", + "000000000000000", + "0000000000000000", + "00000000000000000", + "000000000000000000", + "0000000000000000000", + "00000000000000000000", + "000000000000000000000", + "0000000000000000000000", + "00000000000000000000000", + "000000000000000000000000", + "0000000000000000000000000", ]; var groupSizes = [ - 0, 0, - 25, 16, 12, 11, 10, 9, 8, - 8, 7, 7, 7, 7, 6, 6, - 6, 6, 6, 6, 6, 5, 5, - 5, 5, 5, 5, 5, 5, 5, - 5, 5, 5, 5, 5, 5, 5 + 0, 0, 25, 16, 12, 11, 10, 9, 8, 8, 7, 7, 7, 7, 6, 6, 6, 6, 6, 6, 6, 5, 5, 5, + 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, ]; var groupBases = [ - 0, 0, - 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216, + 0, 0, 33554432, 43046721, 16777216, 48828125, 60466176, 40353607, 16777216, 43046721, 10000000, 19487171, 35831808, 62748517, 7529536, 11390625, - 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632, - 6436343, 7962624, 9765625, 11881376, 14348907, 17210368, 20511149, - 24300000, 28629151, 33554432, 39135393, 45435424, 52521875, 60466176 + 16777216, 24137569, 34012224, 47045881, 64000000, 4084101, 5153632, 6436343, + 7962624, 9765625, 11881376, 14348907, 17210368, 20511149, 24300000, + 28629151, 33554432, 39135393, 45435424, 52521875, 60466176, ]; - BN.prototype.toString = function toString (base, padding) { + BN.prototype.toString = function toString(base, padding) { base = base || 10; padding = padding | 0 || 1; var out; - if (base === 16 || base === 'hex') { - out = ''; + if (base === 16 || base === "hex") { + out = ""; var off = 0; var carry = 0; for (var i = 0; i < this.length; i++) { @@ -491,10 +486,10 @@ out = carry.toString(16) + out; } while (out.length % padding !== 0) { - out = '0' + out; + out = "0" + out; } if (this.negative !== 0) { - out = '-' + out; + out = "-" + out; } return out; } @@ -504,7 +499,7 @@ var groupSize = groupSizes[base]; // var groupBase = Math.pow(base, groupSize); var groupBase = groupBases[base]; - out = ''; + out = ""; var c = this.clone(); c.negative = 0; while (!c.isZero()) { @@ -518,69 +513,69 @@ } } if (this.isZero()) { - out = '0' + out; + out = "0" + out; } while (out.length % padding !== 0) { - out = '0' + out; + out = "0" + out; } if (this.negative !== 0) { - out = '-' + out; + out = "-" + out; } return out; } - assert(false, 'Base should be between 2 and 36'); + assert(false, "Base should be between 2 and 36"); }; - BN.prototype.toNumber = function toNumber () { + BN.prototype.toNumber = function toNumber() { var ret = this.words[0]; if (this.length === 2) { ret += this.words[1] * 0x4000000; } else if (this.length === 3 && this.words[2] === 0x01) { // NOTE: at this stage it is known that the top bit is set - ret += 0x10000000000000 + (this.words[1] * 0x4000000); + ret += 0x10000000000000 + this.words[1] * 0x4000000; } else if (this.length > 2) { - assert(false, 'Number can only safely store up to 53 bits'); + assert(false, "Number can only safely store up to 53 bits"); } - return (this.negative !== 0) ? -ret : ret; + return this.negative !== 0 ? -ret : ret; }; - BN.prototype.toJSON = function toJSON () { + BN.prototype.toJSON = function toJSON() { return this.toString(16, 2); }; if (Buffer) { - BN.prototype.toBuffer = function toBuffer (endian, length) { + BN.prototype.toBuffer = function toBuffer(endian, length) { return this.toArrayLike(Buffer, endian, length); }; } - BN.prototype.toArray = function toArray (endian, length) { + BN.prototype.toArray = function toArray(endian, length) { return this.toArrayLike(Array, endian, length); }; - var allocate = function allocate (ArrayType, size) { + var allocate = function allocate(ArrayType, size) { if (ArrayType.allocUnsafe) { return ArrayType.allocUnsafe(size); } return new ArrayType(size); }; - BN.prototype.toArrayLike = function toArrayLike (ArrayType, endian, length) { + BN.prototype.toArrayLike = function toArrayLike(ArrayType, endian, length) { this._strip(); var byteLength = this.byteLength(); var reqLength = length || Math.max(1, byteLength); - assert(byteLength <= reqLength, 'byte array longer than desired length'); - assert(reqLength > 0, 'Requested array length <= 0'); + assert(byteLength <= reqLength, "byte array longer than desired length"); + assert(reqLength > 0, "Requested array length <= 0"); var res = allocate(ArrayType, reqLength); - var postfix = endian === 'le' ? 'LE' : 'BE'; - this['_toArrayLike' + postfix](res, byteLength); + var postfix = endian === "le" ? "LE" : "BE"; + this["_toArrayLike" + postfix](res, byteLength); return res; }; - BN.prototype._toArrayLikeLE = function _toArrayLikeLE (res, byteLength) { + BN.prototype._toArrayLikeLE = function _toArrayLikeLE(res, byteLength) { var position = 0; var carry = 0; @@ -616,7 +611,7 @@ } }; - BN.prototype._toArrayLikeBE = function _toArrayLikeBE (res, byteLength) { + BN.prototype._toArrayLikeBE = function _toArrayLikeBE(res, byteLength) { var position = res.length - 1; var carry = 0; @@ -653,11 +648,11 @@ }; if (Math.clz32) { - BN.prototype._countBits = function _countBits (w) { + BN.prototype._countBits = function _countBits(w) { return 32 - Math.clz32(w); }; } else { - BN.prototype._countBits = function _countBits (w) { + BN.prototype._countBits = function _countBits(w) { var t = w; var r = 0; if (t >= 0x1000) { @@ -680,7 +675,7 @@ }; } - BN.prototype._zeroBits = function _zeroBits (w) { + BN.prototype._zeroBits = function _zeroBits(w) { // Short-cut if (w === 0) return 26; @@ -709,13 +704,13 @@ }; // Return number of used bits in a BN - BN.prototype.bitLength = function bitLength () { + BN.prototype.bitLength = function bitLength() { var w = this.words[this.length - 1]; var hi = this._countBits(w); return (this.length - 1) * 26 + hi; }; - function toBitArray (num) { + function toBitArray(num) { var w = new Array(num.bitLength()); for (var bit = 0; bit < w.length; bit++) { @@ -729,7 +724,7 @@ } // Number of trailing zero bits - BN.prototype.zeroBits = function zeroBits () { + BN.prototype.zeroBits = function zeroBits() { if (this.isZero()) return 0; var r = 0; @@ -741,34 +736,34 @@ return r; }; - BN.prototype.byteLength = function byteLength () { + BN.prototype.byteLength = function byteLength() { return Math.ceil(this.bitLength() / 8); }; - BN.prototype.toTwos = function toTwos (width) { + BN.prototype.toTwos = function toTwos(width) { if (this.negative !== 0) { return this.abs().inotn(width).iaddn(1); } return this.clone(); }; - BN.prototype.fromTwos = function fromTwos (width) { + BN.prototype.fromTwos = function fromTwos(width) { if (this.testn(width - 1)) { return this.notn(width).iaddn(1).ineg(); } return this.clone(); }; - BN.prototype.isNeg = function isNeg () { + BN.prototype.isNeg = function isNeg() { return this.negative !== 0; }; // Return negative clone of `this` - BN.prototype.neg = function neg () { + BN.prototype.neg = function neg() { return this.clone().ineg(); }; - BN.prototype.ineg = function ineg () { + BN.prototype.ineg = function ineg() { if (!this.isZero()) { this.negative ^= 1; } @@ -777,7 +772,7 @@ }; // Or `num` with `this` in-place - BN.prototype.iuor = function iuor (num) { + BN.prototype.iuor = function iuor(num) { while (this.length < num.length) { this.words[this.length++] = 0; } @@ -789,24 +784,24 @@ return this._strip(); }; - BN.prototype.ior = function ior (num) { + BN.prototype.ior = function ior(num) { assert((this.negative | num.negative) === 0); return this.iuor(num); }; // Or `num` with `this` - BN.prototype.or = function or (num) { + BN.prototype.or = function or(num) { if (this.length > num.length) return this.clone().ior(num); return num.clone().ior(this); }; - BN.prototype.uor = function uor (num) { + BN.prototype.uor = function uor(num) { if (this.length > num.length) return this.clone().iuor(num); return num.clone().iuor(this); }; // And `num` with `this` in-place - BN.prototype.iuand = function iuand (num) { + BN.prototype.iuand = function iuand(num) { // b = min-length(num, this) var b; if (this.length > num.length) { @@ -824,24 +819,24 @@ return this._strip(); }; - BN.prototype.iand = function iand (num) { + BN.prototype.iand = function iand(num) { assert((this.negative | num.negative) === 0); return this.iuand(num); }; // And `num` with `this` - BN.prototype.and = function and (num) { + BN.prototype.and = function and(num) { if (this.length > num.length) return this.clone().iand(num); return num.clone().iand(this); }; - BN.prototype.uand = function uand (num) { + BN.prototype.uand = function uand(num) { if (this.length > num.length) return this.clone().iuand(num); return num.clone().iuand(this); }; // Xor `num` with `this` in-place - BN.prototype.iuxor = function iuxor (num) { + BN.prototype.iuxor = function iuxor(num) { // a.length > b.length var a; var b; @@ -868,25 +863,25 @@ return this._strip(); }; - BN.prototype.ixor = function ixor (num) { + BN.prototype.ixor = function ixor(num) { assert((this.negative | num.negative) === 0); return this.iuxor(num); }; // Xor `num` with `this` - BN.prototype.xor = function xor (num) { + BN.prototype.xor = function xor(num) { if (this.length > num.length) return this.clone().ixor(num); return num.clone().ixor(this); }; - BN.prototype.uxor = function uxor (num) { + BN.prototype.uxor = function uxor(num) { if (this.length > num.length) return this.clone().iuxor(num); return num.clone().iuxor(this); }; // Not ``this`` with ``width`` bitwidth - BN.prototype.inotn = function inotn (width) { - assert(typeof width === 'number' && width >= 0); + BN.prototype.inotn = function inotn(width) { + assert(typeof width === "number" && width >= 0); var bytesNeeded = Math.ceil(width / 26) | 0; var bitsLeft = width % 26; @@ -912,13 +907,13 @@ return this._strip(); }; - BN.prototype.notn = function notn (width) { + BN.prototype.notn = function notn(width) { return this.clone().inotn(width); }; // Set `bit` of `this` - BN.prototype.setn = function setn (bit, val) { - assert(typeof bit === 'number' && bit >= 0); + BN.prototype.setn = function setn(bit, val) { + assert(typeof bit === "number" && bit >= 0); var off = (bit / 26) | 0; var wbit = bit % 26; @@ -935,7 +930,7 @@ }; // Add `num` to `this` in-place - BN.prototype.iadd = function iadd (num) { + BN.prototype.iadd = function iadd(num) { var r; // negative + positive @@ -945,7 +940,7 @@ this.negative ^= 1; return this._normSign(); - // positive + negative + // positive + negative } else if (this.negative === 0 && num.negative !== 0) { num.negative = 0; r = this.isub(num); @@ -979,7 +974,7 @@ if (carry !== 0) { this.words[this.length] = carry; this.length++; - // Copy the rest of the words + // Copy the rest of the words } else if (a !== this) { for (; i < a.length; i++) { this.words[i] = a.words[i]; @@ -990,7 +985,7 @@ }; // Add `num` to `this` - BN.prototype.add = function add (num) { + BN.prototype.add = function add(num) { var res; if (num.negative !== 0 && this.negative === 0) { num.negative = 0; @@ -1010,7 +1005,7 @@ }; // Subtract `num` from `this` in-place - BN.prototype.isub = function isub (num) { + BN.prototype.isub = function isub(num) { // this - (-num) = this + num if (num.negative !== 0) { num.negative = 0; @@ -1018,7 +1013,7 @@ num.negative = 1; return r._normSign(); - // -this - num = -(this + num) + // -this - num = -(this + num) } else if (this.negative !== 0) { this.negative = 0; this.iadd(num); @@ -1076,11 +1071,11 @@ }; // Subtract `num` from `this` - BN.prototype.sub = function sub (num) { + BN.prototype.sub = function sub(num) { return this.clone().isub(num); }; - function smallMulTo (self, num, out) { + function smallMulTo(self, num, out) { out.negative = num.negative ^ self.negative; var len = (self.length + num.length) | 0; out.length = len; @@ -1124,7 +1119,7 @@ // TODO(indutny): it may be reasonable to omit it for users who don't need // to work with 256-bit numbers, otherwise it gives 20% improvement for 256-bit // multiplication (like elliptic secp256k1). - var comb10MulTo = function comb10MulTo (self, num, out) { + var comb10MulTo = function comb10MulTo(self, num, out) { var a = self.words; var b = num.words; var o = out.words; @@ -1702,7 +1697,7 @@ comb10MulTo = smallMulTo; } - function bigMulTo (self, num, out) { + function bigMulTo(self, num, out) { out.negative = num.negative ^ self.negative; out.length = self.length + num.length; @@ -1743,14 +1738,14 @@ return out._strip(); } - function jumboMulTo (self, num, out) { + function jumboMulTo(self, num, out) { // Temporary disable, see https://github.com/indutny/bn.js/issues/211 // var fftm = new FFTM(); // return fftm.mulp(self, num, out); return bigMulTo(self, num, out); } - BN.prototype.mulTo = function mulTo (num, out) { + BN.prototype.mulTo = function mulTo(num, out) { var res; var len = this.length + num.length; if (this.length === 10 && num.length === 10) { @@ -1769,12 +1764,12 @@ // Cooley-Tukey algorithm for FFT // slightly revisited to rely on looping instead of recursion - function FFTM (x, y) { + function FFTM(x, y) { this.x = x; this.y = y; } - FFTM.prototype.makeRBT = function makeRBT (N) { + FFTM.prototype.makeRBT = function makeRBT(N) { var t = new Array(N); var l = BN.prototype._countBits(N) - 1; for (var i = 0; i < N; i++) { @@ -1785,7 +1780,7 @@ }; // Returns binary-reversed representation of `x` - FFTM.prototype.revBin = function revBin (x, l, N) { + FFTM.prototype.revBin = function revBin(x, l, N) { if (x === 0 || x === N - 1) return x; var rb = 0; @@ -1799,21 +1794,21 @@ // Performs "tweedling" phase, therefore 'emulating' // behaviour of the recursive algorithm - FFTM.prototype.permute = function permute (rbt, rws, iws, rtws, itws, N) { + FFTM.prototype.permute = function permute(rbt, rws, iws, rtws, itws, N) { for (var i = 0; i < N; i++) { rtws[i] = rws[rbt[i]]; itws[i] = iws[rbt[i]]; } }; - FFTM.prototype.transform = function transform (rws, iws, rtws, itws, N, rbt) { + FFTM.prototype.transform = function transform(rws, iws, rtws, itws, N, rbt) { this.permute(rbt, rws, iws, rtws, itws, N); for (var s = 1; s < N; s <<= 1) { var l = s << 1; - var rtwdf = Math.cos(2 * Math.PI / l); - var itwdf = Math.sin(2 * Math.PI / l); + var rtwdf = Math.cos((2 * Math.PI) / l); + var itwdf = Math.sin((2 * Math.PI) / l); for (var p = 0; p < N; p += l) { var rtwdf_ = rtwdf; @@ -1849,18 +1844,18 @@ } }; - FFTM.prototype.guessLen13b = function guessLen13b (n, m) { + FFTM.prototype.guessLen13b = function guessLen13b(n, m) { var N = Math.max(m, n) | 1; var odd = N & 1; var i = 0; - for (N = N / 2 | 0; N; N = N >>> 1) { + for (N = (N / 2) | 0; N; N = N >>> 1) { i++; } - return 1 << i + 1 + odd; + return 1 << (i + 1 + odd); }; - FFTM.prototype.conjugate = function conjugate (rws, iws, N) { + FFTM.prototype.conjugate = function conjugate(rws, iws, N) { if (N <= 1) return; for (var i = 0; i < N / 2; i++) { @@ -1876,10 +1871,11 @@ } }; - FFTM.prototype.normalize13b = function normalize13b (ws, N) { + FFTM.prototype.normalize13b = function normalize13b(ws, N) { var carry = 0; for (var i = 0; i < N / 2; i++) { - var w = Math.round(ws[2 * i + 1] / N) * 0x2000 + + var w = + Math.round(ws[2 * i + 1] / N) * 0x2000 + Math.round(ws[2 * i] / N) + carry; @@ -1888,20 +1884,22 @@ if (w < 0x4000000) { carry = 0; } else { - carry = w / 0x4000000 | 0; + carry = (w / 0x4000000) | 0; } } return ws; }; - FFTM.prototype.convert13b = function convert13b (ws, len, rws, N) { + FFTM.prototype.convert13b = function convert13b(ws, len, rws, N) { var carry = 0; for (var i = 0; i < len; i++) { carry = carry + (ws[i] | 0); - rws[2 * i] = carry & 0x1fff; carry = carry >>> 13; - rws[2 * i + 1] = carry & 0x1fff; carry = carry >>> 13; + rws[2 * i] = carry & 0x1fff; + carry = carry >>> 13; + rws[2 * i + 1] = carry & 0x1fff; + carry = carry >>> 13; } // Pad with zeroes @@ -1913,7 +1911,7 @@ assert((carry & ~0x1fff) === 0); }; - FFTM.prototype.stub = function stub (N) { + FFTM.prototype.stub = function stub(N) { var ph = new Array(N); for (var i = 0; i < N; i++) { ph[i] = 0; @@ -1922,7 +1920,7 @@ return ph; }; - FFTM.prototype.mulp = function mulp (x, y, out) { + FFTM.prototype.mulp = function mulp(x, y, out) { var N = 2 * this.guessLen13b(x.length, y.length); var rbt = this.makeRBT(N); @@ -1963,29 +1961,29 @@ }; // Multiply `this` by `num` - BN.prototype.mul = function mul (num) { + BN.prototype.mul = function mul(num) { var out = new BN(null); out.words = new Array(this.length + num.length); return this.mulTo(num, out); }; // Multiply employing FFT - BN.prototype.mulf = function mulf (num) { + BN.prototype.mulf = function mulf(num) { var out = new BN(null); out.words = new Array(this.length + num.length); return jumboMulTo(this, num, out); }; // In-place Multiplication - BN.prototype.imul = function imul (num) { + BN.prototype.imul = function imul(num) { return this.clone().mulTo(num, this); }; - BN.prototype.imuln = function imuln (num) { + BN.prototype.imuln = function imuln(num) { var isNegNum = num < 0; if (isNegNum) num = -num; - assert(typeof num === 'number'); + assert(typeof num === "number"); assert(num < 0x4000000); // Carry @@ -2008,22 +2006,22 @@ return isNegNum ? this.ineg() : this; }; - BN.prototype.muln = function muln (num) { + BN.prototype.muln = function muln(num) { return this.clone().imuln(num); }; // `this` * `this` - BN.prototype.sqr = function sqr () { + BN.prototype.sqr = function sqr() { return this.mul(this); }; // `this` * `this` in-place - BN.prototype.isqr = function isqr () { + BN.prototype.isqr = function isqr() { return this.imul(this.clone()); }; // Math.pow(`this`, `num`) - BN.prototype.pow = function pow (num) { + BN.prototype.pow = function pow(num) { var w = toBitArray(num); if (w.length === 0) return new BN(1); @@ -2045,8 +2043,8 @@ }; // Shift-left in-place - BN.prototype.iushln = function iushln (bits) { - assert(typeof bits === 'number' && bits >= 0); + BN.prototype.iushln = function iushln(bits) { + assert(typeof bits === "number" && bits >= 0); var r = bits % 26; var s = (bits - r) / 26; var carryMask = (0x3ffffff >>> (26 - r)) << (26 - r); @@ -2083,7 +2081,7 @@ return this._strip(); }; - BN.prototype.ishln = function ishln (bits) { + BN.prototype.ishln = function ishln(bits) { // TODO(indutny): implement me assert(this.negative === 0); return this.iushln(bits); @@ -2092,8 +2090,8 @@ // Shift-right in-place // NOTE: `hint` is a lowest bit before trailing zeroes // NOTE: if `extended` is present - it will be filled with destroyed bits - BN.prototype.iushrn = function iushrn (bits, hint, extended) { - assert(typeof bits === 'number' && bits >= 0); + BN.prototype.iushrn = function iushrn(bits, hint, extended) { + assert(typeof bits === "number" && bits >= 0); var h; if (hint) { h = (hint - (hint % 26)) / 26; @@ -2149,33 +2147,33 @@ return this._strip(); }; - BN.prototype.ishrn = function ishrn (bits, hint, extended) { + BN.prototype.ishrn = function ishrn(bits, hint, extended) { // TODO(indutny): implement me assert(this.negative === 0); return this.iushrn(bits, hint, extended); }; // Shift-left - BN.prototype.shln = function shln (bits) { + BN.prototype.shln = function shln(bits) { return this.clone().ishln(bits); }; - BN.prototype.ushln = function ushln (bits) { + BN.prototype.ushln = function ushln(bits) { return this.clone().iushln(bits); }; // Shift-right - BN.prototype.shrn = function shrn (bits) { + BN.prototype.shrn = function shrn(bits) { return this.clone().ishrn(bits); }; - BN.prototype.ushrn = function ushrn (bits) { + BN.prototype.ushrn = function ushrn(bits) { return this.clone().iushrn(bits); }; // Test if n bit is set - BN.prototype.testn = function testn (bit) { - assert(typeof bit === 'number' && bit >= 0); + BN.prototype.testn = function testn(bit) { + assert(typeof bit === "number" && bit >= 0); var r = bit % 26; var s = (bit - r) / 26; var q = 1 << r; @@ -2190,12 +2188,12 @@ }; // Return only lowers bits of number (in-place) - BN.prototype.imaskn = function imaskn (bits) { - assert(typeof bits === 'number' && bits >= 0); + BN.prototype.imaskn = function imaskn(bits) { + assert(typeof bits === "number" && bits >= 0); var r = bits % 26; var s = (bits - r) / 26; - assert(this.negative === 0, 'imaskn works only with positive numbers'); + assert(this.negative === 0, "imaskn works only with positive numbers"); if (this.length <= s) { return this; @@ -2215,13 +2213,13 @@ }; // Return only lowers bits of number - BN.prototype.maskn = function maskn (bits) { + BN.prototype.maskn = function maskn(bits) { return this.clone().imaskn(bits); }; // Add plain number `num` to `this` - BN.prototype.iaddn = function iaddn (num) { - assert(typeof num === 'number'); + BN.prototype.iaddn = function iaddn(num) { + assert(typeof num === "number"); assert(num < 0x4000000); if (num < 0) return this.isubn(-num); @@ -2243,7 +2241,7 @@ return this._iaddn(num); }; - BN.prototype._iaddn = function _iaddn (num) { + BN.prototype._iaddn = function _iaddn(num) { this.words[0] += num; // Carry @@ -2261,8 +2259,8 @@ }; // Subtract plain number `num` from `this` - BN.prototype.isubn = function isubn (num) { - assert(typeof num === 'number'); + BN.prototype.isubn = function isubn(num) { + assert(typeof num === "number"); assert(num < 0x4000000); if (num < 0) return this.iaddn(-num); @@ -2289,25 +2287,25 @@ return this._strip(); }; - BN.prototype.addn = function addn (num) { + BN.prototype.addn = function addn(num) { return this.clone().iaddn(num); }; - BN.prototype.subn = function subn (num) { + BN.prototype.subn = function subn(num) { return this.clone().isubn(num); }; - BN.prototype.iabs = function iabs () { + BN.prototype.iabs = function iabs() { this.negative = 0; return this; }; - BN.prototype.abs = function abs () { + BN.prototype.abs = function abs() { return this.clone().iabs(); }; - BN.prototype._ishlnsubmul = function _ishlnsubmul (num, mul, shift) { + BN.prototype._ishlnsubmul = function _ishlnsubmul(num, mul, shift) { var len = num.length + shift; var i; @@ -2343,7 +2341,7 @@ return this._strip(); }; - BN.prototype._wordDiv = function _wordDiv (num, mode) { + BN.prototype._wordDiv = function _wordDiv(num, mode) { var shift = this.length - num.length; var a = this.clone(); @@ -2363,7 +2361,7 @@ var m = a.length - b.length; var q; - if (mode !== 'mod') { + if (mode !== "mod") { q = new BN(null); q.length = m + 1; q.words = new Array(q.length); @@ -2381,7 +2379,8 @@ } for (var j = m - 1; j >= 0; j--) { - var qj = (a.words[b.length + j] | 0) * 0x4000000 + + var qj = + (a.words[b.length + j] | 0) * 0x4000000 + (a.words[b.length + j - 1] | 0); // NOTE: (qj / bhi) is (0x3ffffff * 0x4000000 + 0x3ffffff) / 0x2000000 max @@ -2407,13 +2406,13 @@ a._strip(); // Denormalize - if (mode !== 'div' && shift !== 0) { + if (mode !== "div" && shift !== 0) { a.iushrn(shift); } return { div: q || null, - mod: a + mod: a, }; }; @@ -2421,13 +2420,13 @@ // to `div` to request div only, or be absent to // request both div & mod // 2) `positive` is true if unsigned mod is requested - BN.prototype.divmod = function divmod (num, mode, positive) { + BN.prototype.divmod = function divmod(num, mode, positive) { assert(!num.isZero()); if (this.isZero()) { return { div: new BN(0), - mod: new BN(0) + mod: new BN(0), }; } @@ -2435,11 +2434,11 @@ if (this.negative !== 0 && num.negative === 0) { res = this.neg().divmod(num, mode); - if (mode !== 'mod') { + if (mode !== "mod") { div = res.div.neg(); } - if (mode !== 'div') { + if (mode !== "div") { mod = res.mod.neg(); if (positive && mod.negative !== 0) { mod.iadd(num); @@ -2448,27 +2447,27 @@ return { div: div, - mod: mod + mod: mod, }; } if (this.negative === 0 && num.negative !== 0) { res = this.divmod(num.neg(), mode); - if (mode !== 'mod') { + if (mode !== "mod") { div = res.div.neg(); } return { div: div, - mod: res.mod + mod: res.mod, }; } if ((this.negative & num.negative) !== 0) { res = this.neg().divmod(num.neg(), mode); - if (mode !== 'div') { + if (mode !== "div") { mod = res.mod.neg(); if (positive && mod.negative !== 0) { mod.isub(num); @@ -2477,7 +2476,7 @@ return { div: res.div, - mod: mod + mod: mod, }; } @@ -2487,29 +2486,29 @@ if (num.length > this.length || this.cmp(num) < 0) { return { div: new BN(0), - mod: this + mod: this, }; } // Very short reduction if (num.length === 1) { - if (mode === 'div') { + if (mode === "div") { return { div: this.divn(num.words[0]), - mod: null + mod: null, }; } - if (mode === 'mod') { + if (mode === "mod") { return { div: null, - mod: new BN(this.modrn(num.words[0])) + mod: new BN(this.modrn(num.words[0])), }; } return { div: this.divn(num.words[0]), - mod: new BN(this.modrn(num.words[0])) + mod: new BN(this.modrn(num.words[0])), }; } @@ -2517,21 +2516,21 @@ }; // Find `this` / `num` - BN.prototype.div = function div (num) { - return this.divmod(num, 'div', false).div; + BN.prototype.div = function div(num) { + return this.divmod(num, "div", false).div; }; // Find `this` % `num` - BN.prototype.mod = function mod (num) { - return this.divmod(num, 'mod', false).mod; + BN.prototype.mod = function mod(num) { + return this.divmod(num, "mod", false).mod; }; - BN.prototype.umod = function umod (num) { - return this.divmod(num, 'mod', true).mod; + BN.prototype.umod = function umod(num) { + return this.divmod(num, "mod", true).mod; }; // Find Round(`this` / `num`) - BN.prototype.divRound = function divRound (num) { + BN.prototype.divRound = function divRound(num) { var dm = this.divmod(num); // Fast case - exact division @@ -2550,7 +2549,7 @@ return dm.div.negative !== 0 ? dm.div.isubn(1) : dm.div.iaddn(1); }; - BN.prototype.modrn = function modrn (num) { + BN.prototype.modrn = function modrn(num) { var isNegNum = num < 0; if (isNegNum) num = -num; @@ -2566,12 +2565,12 @@ }; // WARNING: DEPRECATED - BN.prototype.modn = function modn (num) { + BN.prototype.modn = function modn(num) { return this.modrn(num); }; // In-place division by number - BN.prototype.idivn = function idivn (num) { + BN.prototype.idivn = function idivn(num) { var isNegNum = num < 0; if (isNegNum) num = -num; @@ -2588,11 +2587,11 @@ return isNegNum ? this.ineg() : this; }; - BN.prototype.divn = function divn (num) { + BN.prototype.divn = function divn(num) { return this.clone().idivn(num); }; - BN.prototype.egcd = function egcd (p) { + BN.prototype.egcd = function egcd(p) { assert(p.negative === 0); assert(!p.isZero()); @@ -2667,14 +2666,14 @@ return { a: C, b: D, - gcd: y.iushln(g) + gcd: y.iushln(g), }; }; // This is reduced incarnation of the binary EEA // above, designated to invert members of the // _prime_ fields F(p) at a maximal speed - BN.prototype._invmp = function _invmp (p) { + BN.prototype._invmp = function _invmp(p) { assert(p.negative === 0); assert(!p.isZero()); @@ -2740,7 +2739,7 @@ return res; }; - BN.prototype.gcd = function gcd (num) { + BN.prototype.gcd = function gcd(num) { if (this.isZero()) return num.abs(); if (num.isZero()) return this.abs(); @@ -2780,26 +2779,26 @@ }; // Invert number in the field F(num) - BN.prototype.invm = function invm (num) { + BN.prototype.invm = function invm(num) { return this.egcd(num).a.umod(num); }; - BN.prototype.isEven = function isEven () { + BN.prototype.isEven = function isEven() { return (this.words[0] & 1) === 0; }; - BN.prototype.isOdd = function isOdd () { + BN.prototype.isOdd = function isOdd() { return (this.words[0] & 1) === 1; }; // And first word and num - BN.prototype.andln = function andln (num) { + BN.prototype.andln = function andln(num) { return this.words[0] & num; }; // Increment at the bit position in-line - BN.prototype.bincn = function bincn (bit) { - assert(typeof bit === 'number'); + BN.prototype.bincn = function bincn(bit) { + assert(typeof bit === "number"); var r = bit % 26; var s = (bit - r) / 26; var q = 1 << r; @@ -2827,11 +2826,11 @@ return this; }; - BN.prototype.isZero = function isZero () { + BN.prototype.isZero = function isZero() { return this.length === 1 && this.words[0] === 0; }; - BN.prototype.cmpn = function cmpn (num) { + BN.prototype.cmpn = function cmpn(num) { var negative = num < 0; if (this.negative !== 0 && !negative) return -1; @@ -2847,7 +2846,7 @@ num = -num; } - assert(num <= 0x3ffffff, 'Number is too big'); + assert(num <= 0x3ffffff, "Number is too big"); var w = this.words[0] | 0; res = w === num ? 0 : w < num ? -1 : 1; @@ -2860,7 +2859,7 @@ // 1 - if `this` > `num` // 0 - if `this` == `num` // -1 - if `this` < `num` - BN.prototype.cmp = function cmp (num) { + BN.prototype.cmp = function cmp(num) { if (this.negative !== 0 && num.negative === 0) return -1; if (this.negative === 0 && num.negative !== 0) return 1; @@ -2870,7 +2869,7 @@ }; // Unsigned comparison - BN.prototype.ucmp = function ucmp (num) { + BN.prototype.ucmp = function ucmp(num) { // At this point both numbers have the same sign if (this.length > num.length) return 1; if (this.length < num.length) return -1; @@ -2891,43 +2890,43 @@ return res; }; - BN.prototype.gtn = function gtn (num) { + BN.prototype.gtn = function gtn(num) { return this.cmpn(num) === 1; }; - BN.prototype.gt = function gt (num) { + BN.prototype.gt = function gt(num) { return this.cmp(num) === 1; }; - BN.prototype.gten = function gten (num) { + BN.prototype.gten = function gten(num) { return this.cmpn(num) >= 0; }; - BN.prototype.gte = function gte (num) { + BN.prototype.gte = function gte(num) { return this.cmp(num) >= 0; }; - BN.prototype.ltn = function ltn (num) { + BN.prototype.ltn = function ltn(num) { return this.cmpn(num) === -1; }; - BN.prototype.lt = function lt (num) { + BN.prototype.lt = function lt(num) { return this.cmp(num) === -1; }; - BN.prototype.lten = function lten (num) { + BN.prototype.lten = function lten(num) { return this.cmpn(num) <= 0; }; - BN.prototype.lte = function lte (num) { + BN.prototype.lte = function lte(num) { return this.cmp(num) <= 0; }; - BN.prototype.eqn = function eqn (num) { + BN.prototype.eqn = function eqn(num) { return this.cmpn(num) === 0; }; - BN.prototype.eq = function eq (num) { + BN.prototype.eq = function eq(num) { return this.cmp(num) === 0; }; @@ -2935,102 +2934,102 @@ // A reduce context, could be using montgomery or something better, depending // on the `m` itself. // - BN.red = function red (num) { + BN.red = function red(num) { return new Red(num); }; - BN.prototype.toRed = function toRed (ctx) { - assert(!this.red, 'Already a number in reduction context'); - assert(this.negative === 0, 'red works only with positives'); + BN.prototype.toRed = function toRed(ctx) { + assert(!this.red, "Already a number in reduction context"); + assert(this.negative === 0, "red works only with positives"); return ctx.convertTo(this)._forceRed(ctx); }; - BN.prototype.fromRed = function fromRed () { - assert(this.red, 'fromRed works only with numbers in reduction context'); + BN.prototype.fromRed = function fromRed() { + assert(this.red, "fromRed works only with numbers in reduction context"); return this.red.convertFrom(this); }; - BN.prototype._forceRed = function _forceRed (ctx) { + BN.prototype._forceRed = function _forceRed(ctx) { this.red = ctx; return this; }; - BN.prototype.forceRed = function forceRed (ctx) { - assert(!this.red, 'Already a number in reduction context'); + BN.prototype.forceRed = function forceRed(ctx) { + assert(!this.red, "Already a number in reduction context"); return this._forceRed(ctx); }; - BN.prototype.redAdd = function redAdd (num) { - assert(this.red, 'redAdd works only with red numbers'); + BN.prototype.redAdd = function redAdd(num) { + assert(this.red, "redAdd works only with red numbers"); return this.red.add(this, num); }; - BN.prototype.redIAdd = function redIAdd (num) { - assert(this.red, 'redIAdd works only with red numbers'); + BN.prototype.redIAdd = function redIAdd(num) { + assert(this.red, "redIAdd works only with red numbers"); return this.red.iadd(this, num); }; - BN.prototype.redSub = function redSub (num) { - assert(this.red, 'redSub works only with red numbers'); + BN.prototype.redSub = function redSub(num) { + assert(this.red, "redSub works only with red numbers"); return this.red.sub(this, num); }; - BN.prototype.redISub = function redISub (num) { - assert(this.red, 'redISub works only with red numbers'); + BN.prototype.redISub = function redISub(num) { + assert(this.red, "redISub works only with red numbers"); return this.red.isub(this, num); }; - BN.prototype.redShl = function redShl (num) { - assert(this.red, 'redShl works only with red numbers'); + BN.prototype.redShl = function redShl(num) { + assert(this.red, "redShl works only with red numbers"); return this.red.shl(this, num); }; - BN.prototype.redMul = function redMul (num) { - assert(this.red, 'redMul works only with red numbers'); + BN.prototype.redMul = function redMul(num) { + assert(this.red, "redMul works only with red numbers"); this.red._verify2(this, num); return this.red.mul(this, num); }; - BN.prototype.redIMul = function redIMul (num) { - assert(this.red, 'redMul works only with red numbers'); + BN.prototype.redIMul = function redIMul(num) { + assert(this.red, "redMul works only with red numbers"); this.red._verify2(this, num); return this.red.imul(this, num); }; - BN.prototype.redSqr = function redSqr () { - assert(this.red, 'redSqr works only with red numbers'); + BN.prototype.redSqr = function redSqr() { + assert(this.red, "redSqr works only with red numbers"); this.red._verify1(this); return this.red.sqr(this); }; - BN.prototype.redISqr = function redISqr () { - assert(this.red, 'redISqr works only with red numbers'); + BN.prototype.redISqr = function redISqr() { + assert(this.red, "redISqr works only with red numbers"); this.red._verify1(this); return this.red.isqr(this); }; // Square root over p - BN.prototype.redSqrt = function redSqrt () { - assert(this.red, 'redSqrt works only with red numbers'); + BN.prototype.redSqrt = function redSqrt() { + assert(this.red, "redSqrt works only with red numbers"); this.red._verify1(this); return this.red.sqrt(this); }; - BN.prototype.redInvm = function redInvm () { - assert(this.red, 'redInvm works only with red numbers'); + BN.prototype.redInvm = function redInvm() { + assert(this.red, "redInvm works only with red numbers"); this.red._verify1(this); return this.red.invm(this); }; // Return negative clone of `this` % `red modulo` - BN.prototype.redNeg = function redNeg () { - assert(this.red, 'redNeg works only with red numbers'); + BN.prototype.redNeg = function redNeg() { + assert(this.red, "redNeg works only with red numbers"); this.red._verify1(this); return this.red.neg(this); }; - BN.prototype.redPow = function redPow (num) { - assert(this.red && !num.red, 'redPow(normalNum)'); + BN.prototype.redPow = function redPow(num) { + assert(this.red && !num.red, "redPow(normalNum)"); this.red._verify1(this); return this.red.pow(this, num); }; @@ -3040,11 +3039,11 @@ k256: null, p224: null, p192: null, - p25519: null + p25519: null, }; // Pseudo-Mersenne prime - function MPrime (name, p) { + function MPrime(name, p) { // P = 2 ^ N - K this.name = name; this.p = new BN(p, 16); @@ -3054,13 +3053,13 @@ this.tmp = this._tmp(); } - MPrime.prototype._tmp = function _tmp () { + MPrime.prototype._tmp = function _tmp() { var tmp = new BN(null); tmp.words = new Array(Math.ceil(this.n / 13)); return tmp; }; - MPrime.prototype.ireduce = function ireduce (num) { + MPrime.prototype.ireduce = function ireduce(num) { // Assumes that `num` is less than `P^2` // num = HI * (2 ^ N - K) + HI * K + LO = HI * K + LO (mod P) var r = num; @@ -3092,23 +3091,24 @@ return r; }; - MPrime.prototype.split = function split (input, out) { + MPrime.prototype.split = function split(input, out) { input.iushrn(this.n, 0, out); }; - MPrime.prototype.imulK = function imulK (num) { + MPrime.prototype.imulK = function imulK(num) { return num.imul(this.k); }; - function K256 () { + function K256() { MPrime.call( this, - 'k256', - 'ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f'); + "k256", + "ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe fffffc2f", + ); } inherits(K256, MPrime); - K256.prototype.split = function split (input, output) { + K256.prototype.split = function split(input, output) { // 256 = 9 * 26 + 22 var mask = 0x3fffff; @@ -3142,7 +3142,7 @@ } }; - K256.prototype.imulK = function imulK (num) { + K256.prototype.imulK = function imulK(num) { // K = 0x1000003d1 = [ 0x40, 0x3d1 ] num.words[num.length] = 0; num.words[num.length + 1] = 0; @@ -3167,32 +3167,35 @@ return num; }; - function P224 () { + function P224() { MPrime.call( this, - 'p224', - 'ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001'); + "p224", + "ffffffff ffffffff ffffffff ffffffff 00000000 00000000 00000001", + ); } inherits(P224, MPrime); - function P192 () { + function P192() { MPrime.call( this, - 'p192', - 'ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff'); + "p192", + "ffffffff ffffffff ffffffff fffffffe ffffffff ffffffff", + ); } inherits(P192, MPrime); - function P25519 () { + function P25519() { // 2 ^ 255 - 19 MPrime.call( this, - '25519', - '7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed'); + "25519", + "7fffffffffffffff ffffffffffffffff ffffffffffffffff ffffffffffffffed", + ); } inherits(P25519, MPrime); - P25519.prototype.imulK = function imulK (num) { + P25519.prototype.imulK = function imulK(num) { // K = 0x13 var carry = 0; for (var i = 0; i < num.length; i++) { @@ -3210,21 +3213,21 @@ }; // Exported mostly for testing purposes, use plain name instead - BN._prime = function prime (name) { + BN._prime = function prime(name) { // Cached version of prime if (primes[name]) return primes[name]; var prime; - if (name === 'k256') { + if (name === "k256") { prime = new K256(); - } else if (name === 'p224') { + } else if (name === "p224") { prime = new P224(); - } else if (name === 'p192') { + } else if (name === "p192") { prime = new P192(); - } else if (name === 'p25519') { + } else if (name === "p25519") { prime = new P25519(); } else { - throw new Error('Unknown prime ' + name); + throw new Error("Unknown prime " + name); } primes[name] = prime; @@ -3234,37 +3237,36 @@ // // Base reduction engine // - function Red (m) { - if (typeof m === 'string') { + function Red(m) { + if (typeof m === "string") { var prime = BN._prime(m); this.m = prime.p; this.prime = prime; } else { - assert(m.gtn(1), 'modulus must be greater than 1'); + assert(m.gtn(1), "modulus must be greater than 1"); this.m = m; this.prime = null; } } - Red.prototype._verify1 = function _verify1 (a) { - assert(a.negative === 0, 'red works only with positives'); - assert(a.red, 'red works only with red numbers'); + Red.prototype._verify1 = function _verify1(a) { + assert(a.negative === 0, "red works only with positives"); + assert(a.red, "red works only with red numbers"); }; - Red.prototype._verify2 = function _verify2 (a, b) { - assert((a.negative | b.negative) === 0, 'red works only with positives'); - assert(a.red && a.red === b.red, - 'red works only with red numbers'); + Red.prototype._verify2 = function _verify2(a, b) { + assert((a.negative | b.negative) === 0, "red works only with positives"); + assert(a.red && a.red === b.red, "red works only with red numbers"); }; - Red.prototype.imod = function imod (a) { + Red.prototype.imod = function imod(a) { if (this.prime) return this.prime.ireduce(a)._forceRed(this); move(a, a.umod(this.m)._forceRed(this)); return a; }; - Red.prototype.neg = function neg (a) { + Red.prototype.neg = function neg(a) { if (a.isZero()) { return a.clone(); } @@ -3272,7 +3274,7 @@ return this.m.sub(a)._forceRed(this); }; - Red.prototype.add = function add (a, b) { + Red.prototype.add = function add(a, b) { this._verify2(a, b); var res = a.add(b); @@ -3282,7 +3284,7 @@ return res._forceRed(this); }; - Red.prototype.iadd = function iadd (a, b) { + Red.prototype.iadd = function iadd(a, b) { this._verify2(a, b); var res = a.iadd(b); @@ -3292,7 +3294,7 @@ return res; }; - Red.prototype.sub = function sub (a, b) { + Red.prototype.sub = function sub(a, b) { this._verify2(a, b); var res = a.sub(b); @@ -3302,7 +3304,7 @@ return res._forceRed(this); }; - Red.prototype.isub = function isub (a, b) { + Red.prototype.isub = function isub(a, b) { this._verify2(a, b); var res = a.isub(b); @@ -3312,30 +3314,30 @@ return res; }; - Red.prototype.shl = function shl (a, num) { + Red.prototype.shl = function shl(a, num) { this._verify1(a); return this.imod(a.ushln(num)); }; - Red.prototype.imul = function imul (a, b) { + Red.prototype.imul = function imul(a, b) { this._verify2(a, b); return this.imod(a.imul(b)); }; - Red.prototype.mul = function mul (a, b) { + Red.prototype.mul = function mul(a, b) { this._verify2(a, b); return this.imod(a.mul(b)); }; - Red.prototype.isqr = function isqr (a) { + Red.prototype.isqr = function isqr(a) { return this.imul(a, a.clone()); }; - Red.prototype.sqr = function sqr (a) { + Red.prototype.sqr = function sqr(a) { return this.mul(a, a); }; - Red.prototype.sqrt = function sqrt (a) { + Red.prototype.sqrt = function sqrt(a) { if (a.isZero()) return a.clone(); var mod3 = this.m.andln(3); @@ -3392,7 +3394,7 @@ return r; }; - Red.prototype.invm = function invm (a) { + Red.prototype.invm = function invm(a) { var inv = a._invmp(this.m); if (inv.negative !== 0) { inv.negative = 0; @@ -3402,7 +3404,7 @@ } }; - Red.prototype.pow = function pow (a, num) { + Red.prototype.pow = function pow(a, num) { if (num.isZero()) return new BN(1).toRed(this); if (num.cmpn(1) === 0) return a.clone(); @@ -3450,13 +3452,13 @@ return res; }; - Red.prototype.convertTo = function convertTo (num) { + Red.prototype.convertTo = function convertTo(num) { var r = num.umod(this.m); return r === num ? r.clone() : r; }; - Red.prototype.convertFrom = function convertFrom (num) { + Red.prototype.convertFrom = function convertFrom(num) { var res = num.clone(); res.red = null; return res; @@ -3466,11 +3468,11 @@ // Montgomery method engine // - BN.mont = function mont (num) { + BN.mont = function mont(num) { return new Mont(num); }; - function Mont (m) { + function Mont(m) { Red.call(this, m); this.shift = this.m.bitLength(); @@ -3488,17 +3490,17 @@ } inherits(Mont, Red); - Mont.prototype.convertTo = function convertTo (num) { + Mont.prototype.convertTo = function convertTo(num) { return this.imod(num.ushln(this.shift)); }; - Mont.prototype.convertFrom = function convertFrom (num) { + Mont.prototype.convertFrom = function convertFrom(num) { var r = this.imod(num.mul(this.rinv)); r.red = null; return r; }; - Mont.prototype.imul = function imul (a, b) { + Mont.prototype.imul = function imul(a, b) { if (a.isZero() || b.isZero()) { a.words[0] = 0; a.length = 1; @@ -3519,7 +3521,7 @@ return res._forceRed(this); }; - Mont.prototype.mul = function mul (a, b) { + Mont.prototype.mul = function mul(a, b) { if (a.isZero() || b.isZero()) return new BN(0)._forceRed(this); var t = a.mul(b); @@ -3535,7 +3537,7 @@ return res._forceRed(this); }; - Mont.prototype.invm = function invm (a) { + Mont.prototype.invm = function invm(a) { // (AR)^-1 * R^2 = (A^-1 * R^-1) * R^2 = A^-1 * R var res = this.imod(a._invmp(this.m).mul(this.r2)); return res._forceRed(this); diff --git a/vue.config.js b/vue.config.js index 429f9c7..364757e 100644 --- a/vue.config.js +++ b/vue.config.js @@ -11,13 +11,9 @@ module.exports = defineConfig({ iconPaths: { faviconSVG: "img/icons/safari-pinned-tab.svg", }, + workboxPluginMode: "InjectManifest", workboxOptions: { - importScripts: [ - "additional-scripts.js", - "safari-notifications.js", - "nacl.js", - "sw-bn.js", - ], + swSrc: "./sw_scripts/additional-scripts.js", }, }, });