@noble/curves 2.0.1 → 2.2.0

package/abstract/hash-to-curve.js

@@ -1,12 +1,16 @@
-import { abytes, asafenumber, asciiToBytes, bytesToNumberBE, concatBytes, isBytes, validateObject, } from "../utils.js";
+import { abytes, asafenumber, asciiToBytes, bytesToNumberBE, copyBytes, concatBytes, isBytes, validateObject, } from "../utils.js";
 import { FpInvertBatch, mod } from "./modular.js";
 // Octet Stream to Integer. "spec" implementation of os2ip is 2.5x slower vs bytesToNumberBE.
 const os2ip = bytesToNumberBE;
-// Integer to Octet Stream (numberToBytesBE)
+// Integer to Octet Stream (numberToBytesBE).
 function i2osp(value, length) {
     asafenumber(value);
     asafenumber(length);
-    if (value < 0 || value >= 1 << (8 * length))
+    // This helper stays on the JS bitwise/u32 fast-path. Callers that need wider encodings should
+    // use bigint + numberToBytesBE instead of routing large widths through this small helper.
+    if (length < 0 || length > 4)
+        throw new Error('invalid I2OSP length: ' + length);
+    if (value < 0 || value > 2 ** (8 * length) - 1)
         throw new Error('invalid I2OSP input: ' + value);
     const res = Array.from({ length }).fill(0);
     for (let i = length - 1; i >= 0; i--) {
@@ -15,6 +19,7 @@ function i2osp(value, length) {
     }
     return new Uint8Array(res);
 }
+// RFC 9380 only applies strxor() to equal-length strings; callers must preserve that invariant.
 function strxor(a, b) {
     const arr = new Uint8Array(a.length);
     for (let i = 0; i < a.length; i++) {
@@ -27,11 +32,31 @@ function strxor(a, b) {
 function normDST(DST) {
     if (!isBytes(DST) && typeof DST !== 'string')
         throw new Error('DST must be Uint8Array or ascii string');
-    return typeof DST === 'string' ? asciiToBytes(DST) : DST;
+    const dst = typeof DST === 'string' ? asciiToBytes(DST) : DST;
+    // RFC 9380 §3.1 requirement 2: tags "MUST have nonzero length".
+    if (dst.length === 0)
+        throw new Error('DST must be non-empty');
+    return dst;
 }
 /**
- * Produces a uniformly random byte string using a cryptographic hash function H that outputs b bits.
- * [RFC 9380 5.3.1](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1).
+ * Produces a uniformly random byte string using a cryptographic hash
+ * function H that outputs b bits.
+ * See {@link https://www.rfc-editor.org/rfc/rfc9380#section-5.3.1 | RFC 9380 section 5.3.1}.
+ * @param msg - Input message.
+ * @param DST - Domain separation tag. This helper normalizes DST, rejects empty DSTs, and
+ *   oversize-hashes DST when needed.
+ * @param lenInBytes - Output length.
+ * @param H - Hash function.
+ * @returns Uniform byte string.
+ * @throws If the message, DST, hash, or output length is invalid. {@link Error}
+ * @example
+ * Expand one message into uniform bytes with the XMD construction.
+ *
+ * ```ts
+ * import { expand_message_xmd } from '@noble/curves/abstract/hash-to-curve.js';
+ * import { sha256 } from '@noble/hashes/sha2.js';
+ * const uniform = expand_message_xmd(new TextEncoder().encode('hello noble'), 'DST', 32, sha256);
+ * ```
  */
 export function expand_message_xmd(msg, DST, lenInBytes, H) {
     abytes(msg);
@@ -45,12 +70,15 @@ export function expand_message_xmd(msg, DST, lenInBytes, H) {
     if (lenInBytes > 65535 || ell > 255)
         throw new Error('expand_message_xmd: invalid lenInBytes');
     const DST_prime = concatBytes(DST, i2osp(DST.length, 1));
-    const Z_pad = i2osp(0, r_in_bytes);
+    const Z_pad = new Uint8Array(r_in_bytes); // RFC 9380: Z_pad = I2OSP(0, s_in_bytes)
     const l_i_b_str = i2osp(lenInBytes, 2); // len_in_bytes_str
     const b = new Array(ell);
     const b_0 = H(concatBytes(Z_pad, msg, l_i_b_str, i2osp(0, 1), DST_prime));
     b[0] = H(concatBytes(b_0, i2osp(1, 1), DST_prime));
-    for (let i = 1; i <= ell; i++) {
+    // `b[0]` already stores RFC `b_1`, so only derive `b_2..b_ell` here. The old `<= ell`
+    // loop computed one extra tail block, which was usually sliced away but broke at max `ell=255`
+    // by reaching `I2OSP(256, 1)`.
+    for (let i = 1; i < ell; i++) {
         const args = [strxor(b_0, b[i - 1]), i2osp(i + 1, 1), DST_prime];
         b[i] = H(concatBytes(...args));
     }
@@ -62,14 +90,36 @@ export function expand_message_xmd(msg, DST, lenInBytes, H) {
  * 1. The collision resistance of H MUST be at least k bits.
  * 2. H MUST be an XOF that has been proved indifferentiable from
  *    a random oracle under a reasonable cryptographic assumption.
- * [RFC 9380 5.3.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2).
+ * See {@link https://www.rfc-editor.org/rfc/rfc9380#section-5.3.2 | RFC 9380 section 5.3.2}.
+ * @param msg - Input message.
+ * @param DST - Domain separation tag. This helper normalizes DST, rejects empty DSTs, and
+ *   oversize-hashes DST when needed.
+ * @param lenInBytes - Output length.
+ * @param k - Target security level.
+ * @param H - XOF hash function.
+ * @returns Uniform byte string.
+ * @throws If the message, DST, XOF, or output length is invalid. {@link Error}
+ * @example
+ * Expand one message into uniform bytes with the XOF construction.
+ *
+ * ```ts
+ * import { expand_message_xof } from '@noble/curves/abstract/hash-to-curve.js';
+ * import { shake256 } from '@noble/hashes/sha3.js';
+ * const uniform = expand_message_xof(
+ *   new TextEncoder().encode('hello noble'),
+ *   'DST',
+ *   32,
+ *   128,
+ *   shake256
+ * );
+ * ```
  */
 export function expand_message_xof(msg, DST, lenInBytes, k, H) {
     abytes(msg);
     asafenumber(lenInBytes);
     DST = normDST(DST);
     // https://www.rfc-editor.org/rfc/rfc9380#section-5.3.3
-    // DST = H('H2C-OVERSIZE-DST-' || a_very_long_DST, Math.ceil((lenInBytes * k) / 8));
+    // RFC 9380 §5.3.3: DST = H("H2C-OVERSIZE-DST-" || a_very_long_DST, ceil(2 * k / 8)).
     if (DST.length > 255) {
         const dkLen = Math.ceil((2 * k) / 8);
         DST = H.create({ dkLen }).update(asciiToBytes('H2C-OVERSIZE-DST-')).update(DST).digest();
@@ -86,11 +136,27 @@ export function expand_message_xof(msg, DST, lenInBytes, k, H) {
 }
 /**
  * Hashes arbitrary-length byte strings to a list of one or more elements of a finite field F.
- * [RFC 9380 5.2](https://www.rfc-editor.org/rfc/rfc9380#section-5.2).
- * @param msg a byte string containing the message to hash
- * @param count the number of elements of F to output
- * @param options `{DST: string, p: bigint, m: number, k: number, expand: 'xmd' | 'xof', hash: H}`, see above
- * @returns [u_0, ..., u_(count - 1)], a list of field elements.
+ * See {@link https://www.rfc-editor.org/rfc/rfc9380#section-5.2 | RFC 9380 section 5.2}.
+ * @param msg - Input message bytes.
+ * @param count - Number of field elements to derive. Must be `>= 1`.
+ * @param options - RFC 9380 options. See {@link H2COpts}. `m` must be `>= 1`.
+ * @returns `[u_0, ..., u_(count - 1)]`, a list of field elements.
+ * @throws If the expander choice or RFC 9380 options are invalid. {@link Error}
+ * @example
+ * Hash one message into field elements before mapping it onto a curve.
+ *
+ * ```ts
+ * import { hash_to_field } from '@noble/curves/abstract/hash-to-curve.js';
+ * import { sha256 } from '@noble/hashes/sha2.js';
+ * const scalars = hash_to_field(new TextEncoder().encode('hello noble'), 2, {
+ *   DST: 'DST',
+ *   p: 17n,
+ *   m: 1,
+ *   k: 128,
+ *   expand: 'xmd',
+ *   hash: sha256,
+ * });
+ * ```
  */
 export function hash_to_field(msg, count, options) {
     validateObject(options, {
@@ -103,6 +169,12 @@ export function hash_to_field(msg, count, options) {
     asafenumber(hash.outputLen, 'valid hash');
     abytes(msg);
     asafenumber(count);
+    // RFC 9380 §5.2 defines hash_to_field over a list of one or more field elements and requires
+    // extension degree `m >= 1`; rejecting here avoids degenerate `[]` / `[[]]` helper outputs.
+    if (count < 1)
+        throw new Error('hash_to_field: expected count >= 1');
+    if (m < 1)
+        throw new Error('hash_to_field: expected m >= 1');
     const log2p = p.toString(2).length;
     const L = Math.ceil((log2p + k) / 8); // section 5.1 of ietf draft link above
     const len_in_bytes = count * m * L;
@@ -132,49 +204,115 @@ export function hash_to_field(msg, count, options) {
     }
     return u;
 }
+/**
+ * @param field - Field implementation.
+ * @param map - Isogeny coefficients.
+ * @returns Isogeny mapping helper.
+ * @example
+ * Build one rational isogeny map, then apply it to affine x/y coordinates.
+ *
+ * ```ts
+ * import { isogenyMap } from '@noble/curves/abstract/hash-to-curve.js';
+ * import { Field } from '@noble/curves/abstract/modular.js';
+ * const Fp = Field(17n);
+ * const iso = isogenyMap(Fp, [[0n, 1n], [1n], [1n], [1n]]);
+ * const point = iso(3n, 5n);
+ * ```
+ */
 export function isogenyMap(field, map) {
     // Make same order as in spec
     const coeff = map.map((i) => Array.from(i).reverse());
     return (x, y) => {
         const [xn, xd, yn, yd] = coeff.map((val) => val.reduce((acc, i) => field.add(field.mul(acc, x), i)));
-        // 6.6.3
-        // Exceptional cases of iso_map are inputs that cause the denominator of
-        // either rational function to evaluate to zero; such cases MUST return
-        // the identity point on E.
+        // RFC 9380 §6.6.3 / Appendix E: denominator-zero exceptional cases must
+        // return the identity on E.
+        // Shipped Weierstrass consumers encode that affine identity as all-zero
+        // coordinates, so `passZero=true` intentionally collapses zero
+        // denominators to `{ x: 0, y: 0 }`.
         const [xd_inv, yd_inv] = FpInvertBatch(field, [xd, yd], true);
         x = field.mul(xn, xd_inv); // xNum / xDen
         y = field.mul(y, field.mul(yn, yd_inv)); // y * (yNum / yDev)
         return { x, y };
     };
 }
-export const _DST_scalar = asciiToBytes('HashToScalar-');
-/** Creates hash-to-curve methods from EC Point and mapToCurve function. See {@link H2CHasher}. */
+// Keep the shared DST removable when the selected bundle never hashes to scalar.
+// Callers that need protocol-specific scalar domain separation must override this generic default.
+// RFC 9497 §§4.1-4.5 use this ASCII prefix before appending the ciphersuite context string.
+// Export a string instead of mutable bytes so callers cannot poison default hash-to-scalar behavior
+// by mutating a shared Uint8Array in place.
+export const _DST_scalar = 'HashToScalar-';
+/**
+ * Creates hash-to-curve methods from EC Point and mapToCurve function. See {@link H2CHasher}.
+ * @param Point - Point constructor.
+ * @param mapToCurve - Map-to-curve function.
+ * @param defaults - Default hash-to-curve options. This object is frozen in place and reused as
+ *   the shared defaults bundle for the returned helpers.
+ * @returns Hash-to-curve helper namespace.
+ * @throws If the map-to-curve callback or default hash-to-curve options are invalid. {@link Error}
+ * @example
+ * Bundle hash-to-curve, hash-to-scalar, and encode-to-curve helpers for one curve.
+ *
+ * ```ts
+ * import { createHasher } from '@noble/curves/abstract/hash-to-curve.js';
+ * import { p256 } from '@noble/curves/nist.js';
+ * import { sha256 } from '@noble/hashes/sha2.js';
+ * const hasher = createHasher(p256.Point, () => p256.Point.BASE.toAffine(), {
+ *   DST: 'P256_XMD:SHA-256_SSWU_RO_',
+ *   encodeDST: 'P256_XMD:SHA-256_SSWU_NU_',
+ *   p: p256.Point.Fp.ORDER,
+ *   m: 1,
+ *   k: 128,
+ *   expand: 'xmd',
+ *   hash: sha256,
+ * });
+ * const point = hasher.encodeToCurve(new TextEncoder().encode('hello noble'));
+ * ```
+ */
 export function createHasher(Point, mapToCurve, defaults) {
     if (typeof mapToCurve !== 'function')
         throw new Error('mapToCurve() must be defined');
+    // `Point` is intentionally not shape-validated eagerly here: point constructors vary across
+    // curve families, so this helper only checks the hooks it can validate cheaply. Misconfigured
+    // suites fail later when hashing first touches Point.fromAffine / Point.ZERO / clearCofactor().
+    const snapshot = (src) => Object.freeze({
+        ...src,
+        DST: isBytes(src.DST) ? copyBytes(src.DST) : src.DST,
+        ...(src.encodeDST === undefined
+            ? {}
+            : { encodeDST: isBytes(src.encodeDST) ? copyBytes(src.encodeDST) : src.encodeDST }),
+    });
+    // Keep one private defaults snapshot for actual hashing and expose fresh
+    // detached snapshots via the public getter.
+    // Otherwise a caller could mutate `hasher.defaults.DST` in place and poison
+    // the singleton hasher for every other consumer in the same process.
+    const safeDefaults = snapshot(defaults);
     function map(num) {
         return Point.fromAffine(mapToCurve(num));
     }
     function clear(initial) {
         const P = initial.clearCofactor();
+        // Keep ZERO as the algebraic cofactor-clearing result here; strict public point-validity
+        // surfaces may still reject it later, but createHasher.clear() itself is not that boundary.
         if (P.equals(Point.ZERO))
-            return Point.ZERO; // zero will throw in assert
+            return Point.ZERO;
         P.assertValidity();
         return P;
     }
-    return {
-        defaults: Object.freeze(defaults),
+    return Object.freeze({
+        get defaults() {
+            return snapshot(safeDefaults);
+        },
         Point,
         hashToCurve(msg, options) {
-            const opts = Object.assign({}, defaults, options);
+            const opts = Object.assign({}, safeDefaults, options);
             const u = hash_to_field(msg, 2, opts);
             const u0 = map(u[0]);
             const u1 = map(u[1]);
             return clear(u0.add(u1));
         },
         encodeToCurve(msg, options) {
-            const optsDst = defaults.encodeDST ? { DST: defaults.encodeDST } : {};
-            const opts = Object.assign({}, defaults, optsDst, options);
+            const optsDst = safeDefaults.encodeDST ? { DST: safeDefaults.encodeDST } : {};
+            const opts = Object.assign({}, safeDefaults, optsDst, options);
             const u = hash_to_field(msg, 1, opts);
             const u0 = map(u[0]);
             return clear(u0);
@@ -182,7 +320,7 @@ export function createHasher(Point, mapToCurve, defaults) {
         /** See {@link H2CHasher} */
         mapToCurve(scalars) {
             // Curves with m=1 accept only single scalar
-            if (defaults.m === 1) {
+            if (safeDefaults.m === 1) {
                 if (typeof scalars !== 'bigint')
                     throw new Error('expected bigint (m=1)');
                 return clear(map([scalars]));
@@ -195,13 +333,14 @@ export function createHasher(Point, mapToCurve, defaults) {
             return clear(map(scalars));
         },
         // hash_to_scalar can produce 0: https://www.rfc-editor.org/errata/eid8393
-        // RFC 9380, draft-irtf-cfrg-bbs-signatures-08
+        // RFC 9380, draft-irtf-cfrg-bbs-signatures-08. Default scalar DST is the shared generic
+        // `HashToScalar-` prefix above unless the caller overrides it per invocation.
         hashToScalar(msg, options) {
             // @ts-ignore
             const N = Point.Fn.ORDER;
-            const opts = Object.assign({}, defaults, { p: N, m: 1, DST: _DST_scalar }, options);
+            const opts = Object.assign({}, safeDefaults, { p: N, m: 1, DST: _DST_scalar }, options);
             return hash_to_field(msg, 1, opts)[0][0];
         },
-    };
+    });
 }
 //# sourceMappingURL=hash-to-curve.js.map

package/abstract/hash-to-curve.js.map

@@ -1 +1 @@
-{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,MAAM,EACN,WAAW,EACX,YAAY,EACZ,eAAe,EACf,WAAW,EACX,OAAO,EACP,cAAc,GACf,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,aAAa,EAAE,GAAG,EAAe,MAAM,cAAc,CAAC;AAgD/D,6FAA6F;AAC7F,MAAM,KAAK,GAAG,eAAe,CAAC;AAE9B,4CAA4C;AAC5C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,WAAW,CAAC,KAAK,CAAC,CAAC;IACnB,WAAW,CAAC,MAAM,CAAC,CAAC;IACpB,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,KAAK,CAAC,CAAC;IAC9F,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;IACf,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,gEAAgE;AAChE,iFAAiF;AACjF,SAAS,OAAO,CAAC,GAAiB;IAChC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAC1C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAC3D,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAiB,EACjB,UAAkB,EAClB,CAAQ;IAER,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,UAAU,CAAC,CAAC;IACxB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACnC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,mBAAmB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAe,EACf,GAAiB,EACjB,UAAkB,EAClB,CAAS,EACT,CAAQ;IAER,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,UAAU,CAAC,CAAC;IACxB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,oFAAoF;IACpF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3F,CAAC;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,GAAe,EAAE,KAAa,EAAE,OAAgB;IAC5E,cAAc,CAAC,OAAO,EAAE;QACtB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,IAAI,EAAE,UAAU;KACjB,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAC/C,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,KAAK,CAAC,CAAC;IACnB,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QAC5B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;QACvC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;IACZ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAID,MAAM,UAAU,UAAU,CAAyB,KAAQ,EAAE,GAAe;IAC1E,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACzC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,QAAQ;QACR,wEAAwE;QACxE,uEAAuE;QACvE,2BAA2B;QAC3B,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,aAAa,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC9D,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,WAAW,GAAe,YAAY,CAAC,eAAe,CAAC,CAAC;AAErE,kGAAkG;AAClG,MAAM,UAAU,YAAY,CAC1B,KAAS,EACT,UAAgC,EAChC,QAAgD;IAEhD,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,SAAS,GAAG,CAAC,GAAa;QACxB,OAAO,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAa,CAAC;IACvD,CAAC;IACD,SAAS,KAAK,CAAC,OAAiB;QAC9B,MAAM,CAAC,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC,IAAgB,CAAC,CAAC,4BAA4B;QACrF,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,OAAO,CAAa,CAAC;IACvB,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC;QACjC,KAAK;QAEL,WAAW,CAAC,GAAe,EAAE,OAAoB;YAC/C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;YAClD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAa,CAAC,CAAC;QACvC,CAAC;QACD,aAAa,CAAC,GAAe,EAAE,OAAoB;YACjD,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACtE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC3D,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;QACD,4BAA4B;QAC5B,UAAU,CAAC,OAA0B;YACnC,4CAA4C;YAC5C,IAAI,QAAQ,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;gBACrB,IAAI,OAAO,OAAO,KAAK,QAAQ;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBAC1E,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,KAAK,MAAM,CAAC,IAAI,OAAO;gBACrB,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,0EAA0E;QAC1E,8CAA8C;QAC9C,YAAY,CAAC,GAAe,EAAE,OAAoB;YAChD,aAAa;YACb,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YACpF,OAAO,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"hash-to-curve.js","sourceRoot":"","sources":["../src/abstract/hash-to-curve.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,MAAM,EACN,WAAW,EACX,YAAY,EACZ,eAAe,EACf,SAAS,EACT,WAAW,EACX,OAAO,EACP,cAAc,GACf,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,aAAa,EAAE,GAAG,EAAe,MAAM,cAAc,CAAC;AA0G/D,6FAA6F;AAC7F,MAAM,KAAK,GAAG,eAAe,CAAC;AAE9B,6CAA6C;AAC7C,SAAS,KAAK,CAAC,KAAa,EAAE,MAAc;IAC1C,WAAW,CAAC,KAAK,CAAC,CAAC;IACnB,WAAW,CAAC,MAAM,CAAC,CAAC;IACpB,8FAA8F;IAC9F,0FAA0F;IAC1F,IAAI,MAAM,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,MAAM,CAAC,CAAC;IACjF,IAAI,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,KAAK,CAAC,CAAC;IACjG,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAa,CAAC;IACvD,KAAK,IAAI,CAAC,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QACtB,KAAK,MAAM,CAAC,CAAC;IACf,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAqB,CAAC;AACjD,CAAC;AAED,gGAAgG;AAChG,SAAS,MAAM,CAAC,CAAmB,EAAE,CAAmB;IACtD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IACD,OAAO,GAAuB,CAAC;AACjC,CAAC;AAED,gEAAgE;AAChE,iFAAiF;AACjF,SAAS,OAAO,CAAC,GAAuB;IACtC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAC1C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,MAAM,GAAG,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC9D,gEAAgE;IAChE,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC/D,OAAO,GAAuB,CAAC;AACjC,CAAC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAqB,EACrB,GAAuB,EACvB,UAAkB,EAClB,CAAc;IAEd,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,UAAU,CAAC,CAAC;IACxB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QAAE,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,mBAAmB,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IACnF,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,yCAAyC;IACnF,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC,mBAAmB;IAC3D,MAAM,CAAC,GAAG,IAAI,KAAK,CAAa,GAAG,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IACnD,sFAAsF;IACtF,+FAA+F;IAC/F,+BAA+B;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,mBAAmB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,OAAO,mBAAmB,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,UAAU,kBAAkB,CAChC,GAAqB,EACrB,GAAuB,EACvB,UAAkB,EAClB,CAAS,EACT,CAAc;IAEd,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,UAAU,CAAC,CAAC;IACxB,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACnB,uDAAuD;IACvD,qFAAqF;IACrF,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,mBAAmB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;IAC3F,CAAC;IACD,IAAI,UAAU,GAAG,KAAK,IAAI,GAAG,CAAC,MAAM,GAAG,GAAG;QACxC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,OAAO,CACL,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC;SAC5B,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC7B,2CAA2C;SAC1C,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;SAC5B,MAAM,EAAE,CACZ,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,aAAa,CAC3B,GAAqB,EACrB,KAAa,EACb,OAAsB;IAEtB,cAAc,CAAC,OAAO,EAAE;QACtB,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,CAAC,EAAE,QAAQ;QACX,IAAI,EAAE,UAAU;KACjB,CAAC,CAAC;IACH,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAC/C,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAC1C,MAAM,CAAC,GAAG,CAAC,CAAC;IACZ,WAAW,CAAC,KAAK,CAAC,CAAC;IACnB,6FAA6F;IAC7F,4FAA4F;IAC5F,IAAI,KAAK,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACrE,IAAI,CAAC,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IAC7D,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,uCAAuC;IAC7E,MAAM,YAAY,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,GAAG,CAAC,CAAC,sBAAsB;IAC/B,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACrB,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;SAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QAC5B,GAAG,GAAG,kBAAkB,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;SAAM,IAAI,MAAM,KAAK,gBAAgB,EAAE,CAAC;QACvC,0BAA0B;QAC1B,GAAG,GAAG,GAAG,CAAC;IACZ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACnC,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAID;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,UAAU,CAAyB,KAAQ,EAAE,GAAe;IAC1E,6BAA6B;IAC7B,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,CAAI,EAAE,CAAI,EAAE,EAAE;QACpB,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CACzC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CACxD,CAAC;QACF,wEAAwE;QACxE,4BAA4B;QAC5B,wEAAwE;QACxE,+DAA+D;QAC/D,oCAAoC;QACpC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,aAAa,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;QAC9D,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,cAAc;QACzC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,oBAAoB;QAC7D,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAED,iFAAiF;AACjF,mGAAmG;AACnG,4FAA4F;AAC5F,oGAAoG;AACpG,4CAA4C;AAC5C,MAAM,CAAC,MAAM,WAAW,GAAG,eAAwB,CAAC;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,UAAU,YAAY,CAC1B,KAAS,EACT,UAAgC,EAChC,QAAsD;IAEtD,IAAI,OAAO,UAAU,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACtF,4FAA4F;IAC5F,8FAA8F;IAC9F,gGAAgG;IAChG,MAAM,QAAQ,GAAG,CAAC,GAAiD,EAAqB,EAAE,CACxF,MAAM,CAAC,MAAM,CAAC;QACZ,GAAG,GAAG;QACN,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG;QACpD,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS;YAC7B,CAAC,CAAC,EAAE;YACJ,CAAC,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC;KACtF,CAAsB,CAAC;IAC1B,yEAAyE;IACzE,4CAA4C;IAC5C,4EAA4E;IAC5E,qEAAqE;IACrE,MAAM,YAAY,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACxC,SAAS,GAAG,CAAC,GAAa;QACxB,OAAO,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAa,CAAC;IACvD,CAAC;IACD,SAAS,KAAK,CAAC,OAAiB;QAC9B,MAAM,CAAC,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;QAClC,yFAAyF;QACzF,4FAA4F;QAC5F,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC,IAAgB,CAAC;QACxD,CAAC,CAAC,cAAc,EAAE,CAAC;QACnB,OAAO,CAAa,CAAC;IACvB,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI,QAAQ;YACV,OAAO,QAAQ,CAAC,YAAY,CAAC,CAAC;QAChC,CAAC;QACD,KAAK;QAEL,WAAW,CAAC,GAAqB,EAAE,OAA0B;YAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;YACtD,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAa,CAAC,CAAC;QACvC,CAAC;QACD,aAAa,CAAC,GAAqB,EAAE,OAA0B;YAC7D,MAAM,OAAO,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,YAAY,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YAC/D,MAAM,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YACtC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,OAAO,KAAK,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;QACD,4BAA4B;QAC5B,UAAU,CAAC,OAA0B;YACnC,4CAA4C;YAC5C,IAAI,YAAY,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,IAAI,OAAO,OAAO,KAAK,QAAQ;oBAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBAC1E,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,KAAK,MAAM,CAAC,IAAI,OAAO;gBACrB,IAAI,OAAO,CAAC,KAAK,QAAQ;oBAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1E,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7B,CAAC;QAED,0EAA0E;QAC1E,wFAAwF;QACxF,8EAA8E;QAC9E,YAAY,CAAC,GAAqB,EAAE,OAA0B;YAC5D,aAAa;YACb,MAAM,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;YACzB,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,YAAY,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;YACxF,OAAO,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;KACF,CAAC,CAAC;AACL,CAAC"}