@noble/post-quantum 0.4.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +65 -64
- package/_crystals.d.ts +2 -2
- package/_crystals.d.ts.map +1 -1
- package/_crystals.js +31 -46
- package/_crystals.js.map +1 -1
- package/hybrid.d.ts +102 -0
- package/hybrid.d.ts.map +1 -0
- package/hybrid.js +283 -0
- package/hybrid.js.map +1 -0
- package/index.d.ts +1 -0
- package/index.js +4 -4
- package/index.js.map +1 -1
- package/ml-dsa.d.ts +16 -8
- package/ml-dsa.d.ts.map +1 -1
- package/ml-dsa.js +130 -66
- package/ml-dsa.js.map +1 -1
- package/ml-kem.d.ts +1 -14
- package/ml-kem.d.ts.map +1 -1
- package/ml-kem.js +70 -53
- package/ml-kem.js.map +1 -1
- package/package.json +39 -62
- package/slh-dsa.d.ts +5 -4
- package/slh-dsa.d.ts.map +1 -1
- package/slh-dsa.js +114 -86
- package/slh-dsa.js.map +1 -1
- package/src/_crystals.ts +30 -41
- package/src/hybrid.ts +372 -0
- package/src/index.ts +3 -3
- package/src/ml-dsa.ts +131 -41
- package/src/ml-kem.ts +51 -47
- package/src/slh-dsa.ts +92 -51
- package/src/utils.ts +86 -52
- package/utils.d.ts +47 -11
- package/utils.d.ts.map +1 -1
- package/utils.js +54 -62
- package/utils.js.map +1 -1
- package/esm/_crystals.d.ts +0 -34
- package/esm/_crystals.d.ts.map +0 -1
- package/esm/_crystals.js +0 -141
- package/esm/_crystals.js.map +0 -1
- package/esm/index.d.ts +0 -2
- package/esm/index.d.ts.map +0 -1
- package/esm/index.js +0 -21
- package/esm/index.js.map +0 -1
- package/esm/ml-dsa.d.ts +0 -25
- package/esm/ml-dsa.d.ts.map +0 -1
- package/esm/ml-dsa.js +0 -519
- package/esm/ml-dsa.js.map +0 -1
- package/esm/ml-kem.d.ts +0 -34
- package/esm/ml-kem.d.ts.map +0 -1
- package/esm/ml-kem.js +0 -305
- package/esm/ml-kem.js.map +0 -1
- package/esm/package.json +0 -10
- package/esm/slh-dsa.d.ts +0 -62
- package/esm/slh-dsa.d.ts.map +0 -1
- package/esm/slh-dsa.js +0 -595
- package/esm/slh-dsa.js.map +0 -1
- package/esm/utils.d.ts +0 -46
- package/esm/utils.d.ts.map +0 -1
- package/esm/utils.js +0 -135
- package/esm/utils.js.map +0 -1
- package/src/package.json +0 -3
package/esm/ml-kem.js
DELETED
|
@@ -1,305 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* ML-KEM: Module Lattice-based Key Encapsulation Mechanism from
|
|
3
|
-
* [FIPS-203](https://csrc.nist.gov/pubs/fips/203/ipd). A.k.a. CRYSTALS-Kyber.
|
|
4
|
-
*
|
|
5
|
-
* Key encapsulation is similar to DH / ECDH (think X25519), with important differences:
|
|
6
|
-
* * Unlike in ECDH, we can't verify if it was "Bob" who've sent the shared secret
|
|
7
|
-
* * Unlike ECDH, it is probabalistic and relies on quality of randomness (CSPRNG).
|
|
8
|
-
* * Decapsulation never throws an error, even when shared secret was
|
|
9
|
-
* encrypted by a different public key. It will just return a different shared secret.
|
|
10
|
-
*
|
|
11
|
-
* There are some concerns with regards to security: see
|
|
12
|
-
* [djb blog](https://blog.cr.yp.to/20231003-countcorrectly.html) and
|
|
13
|
-
* [mailing list](https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/W2VOzy0wz_E).
|
|
14
|
-
*
|
|
15
|
-
* Has similar internals to ML-DSA, but their keys and params are different.
|
|
16
|
-
*
|
|
17
|
-
* Check out [official site](https://www.pq-crystals.org/kyber/resources.shtml),
|
|
18
|
-
* [repo](https://github.com/pq-crystals/kyber),
|
|
19
|
-
* [spec](https://datatracker.ietf.org/doc/draft-cfrg-schwabe-kyber/).
|
|
20
|
-
* @module
|
|
21
|
-
*/
|
|
22
|
-
/*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */
|
|
23
|
-
import { sha3_256, sha3_512, shake256 } from '@noble/hashes/sha3';
|
|
24
|
-
import { u32, wrapConstructor, wrapConstructorWithOpts } from '@noble/hashes/utils';
|
|
25
|
-
import { genCrystals, XOF128 } from './_crystals.js';
|
|
26
|
-
import { cleanBytes, ensureBytes, equalBytes, randomBytes, splitCoder, vecCoder, } from './utils.js';
|
|
27
|
-
const N = 256; // Kyber (not FIPS-203) supports different lengths, but all std modes were using 256
|
|
28
|
-
const Q = 3329; // 13*(2**8)+1, modulo prime
|
|
29
|
-
const F = 3303; // 3303 ≡ 128**(−1) mod q (FIPS-203)
|
|
30
|
-
const ROOT_OF_UNITY = 17; // ζ = 17 ∈ Zq is a primitive 256-th root of unity modulo Q. ζ**128 ≡−1
|
|
31
|
-
const { mod, nttZetas, NTT, bitsCoder } = genCrystals({
|
|
32
|
-
N,
|
|
33
|
-
Q,
|
|
34
|
-
F,
|
|
35
|
-
ROOT_OF_UNITY,
|
|
36
|
-
newPoly: (n) => new Uint16Array(n),
|
|
37
|
-
brvBits: 7,
|
|
38
|
-
isKyber: true,
|
|
39
|
-
});
|
|
40
|
-
/** Internal params of ML-KEM versions */
|
|
41
|
-
// prettier-ignore
|
|
42
|
-
export const PARAMS = {
|
|
43
|
-
512: { N, Q, K: 2, ETA1: 3, ETA2: 2, du: 10, dv: 4, RBGstrength: 128 },
|
|
44
|
-
768: { N, Q, K: 3, ETA1: 2, ETA2: 2, du: 10, dv: 4, RBGstrength: 192 },
|
|
45
|
-
1024: { N, Q, K: 4, ETA1: 2, ETA2: 2, du: 11, dv: 5, RBGstrength: 256 },
|
|
46
|
-
};
|
|
47
|
-
// FIPS-203: compress/decompress
|
|
48
|
-
const compress = (d) => {
|
|
49
|
-
// Special case, no need to compress, pass as is, but strip high bytes on compression
|
|
50
|
-
if (d >= 12)
|
|
51
|
-
return { encode: (i) => i, decode: (i) => i };
|
|
52
|
-
// NOTE: we don't use float arithmetic (forbidden by FIPS-203 and high chance of bugs).
|
|
53
|
-
// Comments map to python implementation in RFC (draft-cfrg-schwabe-kyber)
|
|
54
|
-
// const round = (i: number) => Math.floor(i + 0.5) | 0;
|
|
55
|
-
const a = 2 ** (d - 1);
|
|
56
|
-
return {
|
|
57
|
-
// const compress = (i: number) => round((2 ** d / Q) * i) % 2 ** d;
|
|
58
|
-
encode: (i) => ((i << d) + Q / 2) / Q,
|
|
59
|
-
// const decompress = (i: number) => round((Q / 2 ** d) * i);
|
|
60
|
-
decode: (i) => (i * Q + a) >>> d,
|
|
61
|
-
};
|
|
62
|
-
};
|
|
63
|
-
// NOTE: we merge encoding and compress because it is faster, also both require same d param
|
|
64
|
-
// Converts between bytes and d-bits compressed representation. Kinda like convertRadix2 from @scure/base
|
|
65
|
-
// decode(encode(t)) == t, but there is loss of information on encode(decode(t))
|
|
66
|
-
const polyCoder = (d) => bitsCoder(d, compress(d));
|
|
67
|
-
function polyAdd(a, b) {
|
|
68
|
-
for (let i = 0; i < N; i++)
|
|
69
|
-
a[i] = mod(a[i] + b[i]); // a += b
|
|
70
|
-
}
|
|
71
|
-
function polySub(a, b) {
|
|
72
|
-
for (let i = 0; i < N; i++)
|
|
73
|
-
a[i] = mod(a[i] - b[i]); // a -= b
|
|
74
|
-
}
|
|
75
|
-
// FIPS-203: Computes the product of two degree-one polynomials with respect to a quadratic modulus
|
|
76
|
-
function BaseCaseMultiply(a0, a1, b0, b1, zeta) {
|
|
77
|
-
const c0 = mod(a1 * b1 * zeta + a0 * b0);
|
|
78
|
-
const c1 = mod(a0 * b1 + a1 * b0);
|
|
79
|
-
return { c0, c1 };
|
|
80
|
-
}
|
|
81
|
-
// FIPS-203: Computes the product (in the ring Tq) of two NTT representations. NOTE: works inplace for f
|
|
82
|
-
// NOTE: since multiply defined only for NTT representation, we need to convert to NTT, multiply and convert back
|
|
83
|
-
function MultiplyNTTs(f, g) {
|
|
84
|
-
for (let i = 0; i < N / 2; i++) {
|
|
85
|
-
let z = nttZetas[64 + (i >> 1)];
|
|
86
|
-
if (i & 1)
|
|
87
|
-
z = -z;
|
|
88
|
-
const { c0, c1 } = BaseCaseMultiply(f[2 * i + 0], f[2 * i + 1], g[2 * i + 0], g[2 * i + 1], z);
|
|
89
|
-
f[2 * i + 0] = c0;
|
|
90
|
-
f[2 * i + 1] = c1;
|
|
91
|
-
}
|
|
92
|
-
return f;
|
|
93
|
-
}
|
|
94
|
-
// Return poly in NTT representation
|
|
95
|
-
function SampleNTT(xof) {
|
|
96
|
-
const r = new Uint16Array(N);
|
|
97
|
-
for (let j = 0; j < N;) {
|
|
98
|
-
const b = xof();
|
|
99
|
-
if (b.length % 3)
|
|
100
|
-
throw new Error('SampleNTT: unaligned block');
|
|
101
|
-
for (let i = 0; j < N && i + 3 <= b.length; i += 3) {
|
|
102
|
-
const d1 = ((b[i + 0] >> 0) | (b[i + 1] << 8)) & 0xfff;
|
|
103
|
-
const d2 = ((b[i + 1] >> 4) | (b[i + 2] << 4)) & 0xfff;
|
|
104
|
-
if (d1 < Q)
|
|
105
|
-
r[j++] = d1;
|
|
106
|
-
if (j < N && d2 < Q)
|
|
107
|
-
r[j++] = d2;
|
|
108
|
-
}
|
|
109
|
-
}
|
|
110
|
-
return r;
|
|
111
|
-
}
|
|
112
|
-
// Sampling from the centered binomial distribution
|
|
113
|
-
// Returns poly with small coefficients (noise/errors)
|
|
114
|
-
function sampleCBD(PRF, seed, nonce, eta) {
|
|
115
|
-
const buf = PRF((eta * N) / 4, seed, nonce);
|
|
116
|
-
const r = new Uint16Array(N);
|
|
117
|
-
const b32 = u32(buf);
|
|
118
|
-
let len = 0;
|
|
119
|
-
for (let i = 0, p = 0, bb = 0, t0 = 0; i < b32.length; i++) {
|
|
120
|
-
let b = b32[i];
|
|
121
|
-
for (let j = 0; j < 32; j++) {
|
|
122
|
-
bb += b & 1;
|
|
123
|
-
b >>= 1;
|
|
124
|
-
len += 1;
|
|
125
|
-
if (len === eta) {
|
|
126
|
-
t0 = bb;
|
|
127
|
-
bb = 0;
|
|
128
|
-
}
|
|
129
|
-
else if (len === 2 * eta) {
|
|
130
|
-
r[p++] = mod(t0 - bb);
|
|
131
|
-
bb = 0;
|
|
132
|
-
len = 0;
|
|
133
|
-
}
|
|
134
|
-
}
|
|
135
|
-
}
|
|
136
|
-
if (len)
|
|
137
|
-
throw new Error(`sampleCBD: leftover bits: ${len}`);
|
|
138
|
-
return r;
|
|
139
|
-
}
|
|
140
|
-
// K-PKE
|
|
141
|
-
// As per FIPS-203, it doesn't perform any input validation and can't be used in standalone fashion.
|
|
142
|
-
const genKPKE = (opts) => {
|
|
143
|
-
const { K, PRF, XOF, HASH512, ETA1, ETA2, du, dv } = opts;
|
|
144
|
-
const poly1 = polyCoder(1);
|
|
145
|
-
const polyV = polyCoder(dv);
|
|
146
|
-
const polyU = polyCoder(du);
|
|
147
|
-
const publicCoder = splitCoder(vecCoder(polyCoder(12), K), 32);
|
|
148
|
-
const secretCoder = vecCoder(polyCoder(12), K);
|
|
149
|
-
const cipherCoder = splitCoder(vecCoder(polyU, K), polyV);
|
|
150
|
-
const seedCoder = splitCoder(32, 32);
|
|
151
|
-
return {
|
|
152
|
-
secretCoder,
|
|
153
|
-
secretKeyLen: secretCoder.bytesLen,
|
|
154
|
-
publicKeyLen: publicCoder.bytesLen,
|
|
155
|
-
cipherTextLen: cipherCoder.bytesLen,
|
|
156
|
-
keygen: (seed) => {
|
|
157
|
-
const seedDst = new Uint8Array(33);
|
|
158
|
-
seedDst.set(seed);
|
|
159
|
-
seedDst[32] = K;
|
|
160
|
-
const seedHash = HASH512(seedDst);
|
|
161
|
-
const [rho, sigma] = seedCoder.decode(seedHash);
|
|
162
|
-
const sHat = [];
|
|
163
|
-
const tHat = [];
|
|
164
|
-
for (let i = 0; i < K; i++)
|
|
165
|
-
sHat.push(NTT.encode(sampleCBD(PRF, sigma, i, ETA1)));
|
|
166
|
-
const x = XOF(rho);
|
|
167
|
-
for (let i = 0; i < K; i++) {
|
|
168
|
-
const e = NTT.encode(sampleCBD(PRF, sigma, K + i, ETA1));
|
|
169
|
-
for (let j = 0; j < K; j++) {
|
|
170
|
-
const aji = SampleNTT(x.get(j, i)); // A[j][i], inplace
|
|
171
|
-
polyAdd(e, MultiplyNTTs(aji, sHat[j]));
|
|
172
|
-
}
|
|
173
|
-
tHat.push(e); // t ← A ◦ s + e
|
|
174
|
-
}
|
|
175
|
-
x.clean();
|
|
176
|
-
const res = {
|
|
177
|
-
publicKey: publicCoder.encode([tHat, rho]),
|
|
178
|
-
secretKey: secretCoder.encode(sHat),
|
|
179
|
-
};
|
|
180
|
-
cleanBytes(rho, sigma, sHat, tHat, seedDst, seedHash);
|
|
181
|
-
return res;
|
|
182
|
-
},
|
|
183
|
-
encrypt: (publicKey, msg, seed) => {
|
|
184
|
-
const [tHat, rho] = publicCoder.decode(publicKey);
|
|
185
|
-
const rHat = [];
|
|
186
|
-
for (let i = 0; i < K; i++)
|
|
187
|
-
rHat.push(NTT.encode(sampleCBD(PRF, seed, i, ETA1)));
|
|
188
|
-
const x = XOF(rho);
|
|
189
|
-
const tmp2 = new Uint16Array(N);
|
|
190
|
-
const u = [];
|
|
191
|
-
for (let i = 0; i < K; i++) {
|
|
192
|
-
const e1 = sampleCBD(PRF, seed, K + i, ETA2);
|
|
193
|
-
const tmp = new Uint16Array(N);
|
|
194
|
-
for (let j = 0; j < K; j++) {
|
|
195
|
-
const aij = SampleNTT(x.get(i, j)); // A[i][j], inplace
|
|
196
|
-
polyAdd(tmp, MultiplyNTTs(aij, rHat[j])); // t += aij * rHat[j]
|
|
197
|
-
}
|
|
198
|
-
polyAdd(e1, NTT.decode(tmp)); // e1 += tmp
|
|
199
|
-
u.push(e1);
|
|
200
|
-
polyAdd(tmp2, MultiplyNTTs(tHat[i], rHat[i])); // t2 += tHat[i] * rHat[i]
|
|
201
|
-
tmp.fill(0);
|
|
202
|
-
}
|
|
203
|
-
x.clean();
|
|
204
|
-
const e2 = sampleCBD(PRF, seed, 2 * K, ETA2);
|
|
205
|
-
polyAdd(e2, NTT.decode(tmp2)); // e2 += tmp2
|
|
206
|
-
const v = poly1.decode(msg); // encode plaintext m into polynomial v
|
|
207
|
-
polyAdd(v, e2); // v += e2
|
|
208
|
-
cleanBytes(tHat, rHat, tmp2, e2);
|
|
209
|
-
return cipherCoder.encode([u, v]);
|
|
210
|
-
},
|
|
211
|
-
decrypt: (cipherText, privateKey) => {
|
|
212
|
-
const [u, v] = cipherCoder.decode(cipherText);
|
|
213
|
-
const sk = secretCoder.decode(privateKey); // s ← ByteDecode_12(dkPKE)
|
|
214
|
-
const tmp = new Uint16Array(N);
|
|
215
|
-
for (let i = 0; i < K; i++)
|
|
216
|
-
polyAdd(tmp, MultiplyNTTs(sk[i], NTT.encode(u[i]))); // tmp += sk[i] * u[i]
|
|
217
|
-
polySub(v, NTT.decode(tmp)); // v += tmp
|
|
218
|
-
cleanBytes(tmp, sk, u);
|
|
219
|
-
return poly1.encode(v);
|
|
220
|
-
},
|
|
221
|
-
};
|
|
222
|
-
};
|
|
223
|
-
function createKyber(opts) {
|
|
224
|
-
const KPKE = genKPKE(opts);
|
|
225
|
-
const { HASH256, HASH512, KDF } = opts;
|
|
226
|
-
const { secretCoder: KPKESecretCoder, cipherTextLen } = KPKE;
|
|
227
|
-
const publicKeyLen = KPKE.publicKeyLen; // 384*K+32
|
|
228
|
-
const secretCoder = splitCoder(KPKE.secretKeyLen, KPKE.publicKeyLen, 32, 32);
|
|
229
|
-
const secretKeyLen = secretCoder.bytesLen;
|
|
230
|
-
const msgLen = 32;
|
|
231
|
-
return {
|
|
232
|
-
publicKeyLen,
|
|
233
|
-
msgLen,
|
|
234
|
-
keygen: (seed = randomBytes(64)) => {
|
|
235
|
-
ensureBytes(seed, 64);
|
|
236
|
-
const { publicKey, secretKey: sk } = KPKE.keygen(seed.subarray(0, 32));
|
|
237
|
-
const publicKeyHash = HASH256(publicKey);
|
|
238
|
-
// (dkPKE||ek||H(ek)||z)
|
|
239
|
-
const secretKey = secretCoder.encode([sk, publicKey, publicKeyHash, seed.subarray(32)]);
|
|
240
|
-
cleanBytes(sk, publicKeyHash);
|
|
241
|
-
return { publicKey, secretKey };
|
|
242
|
-
},
|
|
243
|
-
encapsulate: (publicKey, msg = randomBytes(32)) => {
|
|
244
|
-
ensureBytes(publicKey, publicKeyLen);
|
|
245
|
-
ensureBytes(msg, msgLen);
|
|
246
|
-
// FIPS-203 includes additional verification check for modulus
|
|
247
|
-
const eke = publicKey.subarray(0, 384 * opts.K);
|
|
248
|
-
const ek = KPKESecretCoder.encode(KPKESecretCoder.decode(eke.slice())); // Copy because of inplace encoding
|
|
249
|
-
// (Modulus check.) Perform the computation ek ← ByteEncode12(ByteDecode12(eke)).
|
|
250
|
-
// If ek = ̸ eke, the input is invalid. (See Section 4.2.1.)
|
|
251
|
-
if (!equalBytes(ek, eke)) {
|
|
252
|
-
cleanBytes(ek);
|
|
253
|
-
throw new Error('ML-KEM.encapsulate: wrong publicKey modulus');
|
|
254
|
-
}
|
|
255
|
-
cleanBytes(ek);
|
|
256
|
-
const kr = HASH512.create().update(msg).update(HASH256(publicKey)).digest(); // derive randomness
|
|
257
|
-
const cipherText = KPKE.encrypt(publicKey, msg, kr.subarray(32, 64));
|
|
258
|
-
kr.subarray(32).fill(0);
|
|
259
|
-
return { cipherText, sharedSecret: kr.subarray(0, 32) };
|
|
260
|
-
},
|
|
261
|
-
decapsulate: (cipherText, secretKey) => {
|
|
262
|
-
ensureBytes(secretKey, secretKeyLen); // 768*k + 96
|
|
263
|
-
ensureBytes(cipherText, cipherTextLen); // 32(du*k + dv)
|
|
264
|
-
const [sk, publicKey, publicKeyHash, z] = secretCoder.decode(secretKey);
|
|
265
|
-
const msg = KPKE.decrypt(cipherText, sk);
|
|
266
|
-
const kr = HASH512.create().update(msg).update(publicKeyHash).digest(); // derive randomness, Khat, rHat = G(mHat || h)
|
|
267
|
-
const Khat = kr.subarray(0, 32);
|
|
268
|
-
const cipherText2 = KPKE.encrypt(publicKey, msg, kr.subarray(32, 64)); // re-encrypt using the derived randomness
|
|
269
|
-
const isValid = equalBytes(cipherText, cipherText2); // if ciphertexts do not match, “implicitly reject”
|
|
270
|
-
const Kbar = KDF.create({ dkLen: 32 }).update(z).update(cipherText).digest();
|
|
271
|
-
cleanBytes(msg, cipherText2, !isValid ? Khat : Kbar);
|
|
272
|
-
return isValid ? Khat : Kbar;
|
|
273
|
-
},
|
|
274
|
-
};
|
|
275
|
-
}
|
|
276
|
-
function shakePRF(dkLen, key, nonce) {
|
|
277
|
-
return shake256
|
|
278
|
-
.create({ dkLen })
|
|
279
|
-
.update(key)
|
|
280
|
-
.update(new Uint8Array([nonce]))
|
|
281
|
-
.digest();
|
|
282
|
-
}
|
|
283
|
-
const opts = {
|
|
284
|
-
HASH256: sha3_256,
|
|
285
|
-
HASH512: sha3_512,
|
|
286
|
-
KDF: shake256,
|
|
287
|
-
XOF: XOF128,
|
|
288
|
-
PRF: shakePRF,
|
|
289
|
-
};
|
|
290
|
-
/** ML-KEM-512 for 128-bit security level. Not recommended after 2030, as per ASD. */
|
|
291
|
-
export const ml_kem512 = /* @__PURE__ */ createKyber({
|
|
292
|
-
...opts,
|
|
293
|
-
...PARAMS[512],
|
|
294
|
-
});
|
|
295
|
-
/** ML-KEM-768, for 192-bit security level. Not recommended after 2030, as per ASD. */
|
|
296
|
-
export const ml_kem768 = /* @__PURE__ */ createKyber({
|
|
297
|
-
...opts,
|
|
298
|
-
...PARAMS[768],
|
|
299
|
-
});
|
|
300
|
-
/** ML-KEM-1024 for 256-bit security level. OK after 2030, as per ASD. */
|
|
301
|
-
export const ml_kem1024 = /* @__PURE__ */ createKyber({
|
|
302
|
-
...opts,
|
|
303
|
-
...PARAMS[1024],
|
|
304
|
-
});
|
|
305
|
-
//# sourceMappingURL=ml-kem.js.map
|
package/esm/ml-kem.js.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ml-kem.js","sourceRoot":"","sources":["../src/ml-kem.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,4EAA4E;AAC5E,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAClE,OAAO,EAAE,GAAG,EAAE,eAAe,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACpF,OAAO,EAAE,WAAW,EAAY,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EACL,UAAU,EAEV,WAAW,EACX,UAAU,EACV,WAAW,EACX,UAAU,EACV,QAAQ,GACT,MAAM,YAAY,CAAC;AAoBpB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,oFAAoF;AACnG,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,4BAA4B;AAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,oCAAoC;AACpD,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC,uEAAuE;AACjG,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,WAAW,CAAC;IACpD,CAAC;IACD,CAAC;IACD,CAAC;IACD,aAAa;IACb,OAAO,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC;IAC1C,OAAO,EAAE,CAAC;IACV,OAAO,EAAE,IAAI;CACd,CAAC,CAAC;AAaH,yCAAyC;AACzC,kBAAkB;AAClB,MAAM,CAAC,MAAM,MAAM,GAA6B;IAC9C,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;IACtE,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;IACtE,IAAI,EAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;CAC9D,CAAC;AAEX,gCAAgC;AAChC,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAyB,EAAE;IACpD,qFAAqF;IACrF,IAAI,CAAC,IAAI,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;IAC3E,uFAAuF;IACvF,0EAA0E;IAC1E,wDAAwD;IACxD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,OAAO;QACL,oEAAoE;QACpE,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC;QAC7C,6DAA6D;QAC7D,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC;KACzC,CAAC;AACJ,CAAC,CAAC;AAEF,4FAA4F;AAC5F,yGAAyG;AACzG,gFAAgF;AAChF,MAAM,SAAS,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AAK3D,SAAS,OAAO,CAAC,CAAO,EAAE,CAAO;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;AAChE,CAAC;AACD,SAAS,OAAO,CAAC,CAAO,EAAE,CAAO;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;QAAE,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;AAChE,CAAC;AAED,mGAAmG;AACnG,SAAS,gBAAgB,CAAC,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,EAAU,EAAE,IAAY;IACpF,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IACzC,MAAM,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IAClC,OAAO,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC;AACpB,CAAC;AAED,wGAAwG;AACxG,iHAAiH;AACjH,SAAS,YAAY,CAAC,CAAO,EAAE,CAAO;IACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/B,IAAI,CAAC,GAAG,QAAQ,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC;YAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QAClB,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/F,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QAClB,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;IACpB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAgBD,oCAAoC;AACpC,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,CAAC,GAAS,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAI,CAAC;QACxB,MAAM,CAAC,GAAG,GAAG,EAAE,CAAC;QAChB,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;YACvD,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;YACvD,IAAI,EAAE,GAAG,CAAC;gBAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YACxB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC;gBAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;QACnC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,mDAAmD;AACnD,sDAAsD;AACtD,SAAS,SAAS,CAAC,GAAQ,EAAE,IAAgB,EAAE,KAAa,EAAE,GAAW;IACvE,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IAC5C,MAAM,CAAC,GAAS,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;IACnC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3D,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;YACZ,CAAC,KAAK,CAAC,CAAC;YACR,GAAG,IAAI,CAAC,CAAC;YACT,IAAI,GAAG,KAAK,GAAG,EAAE,CAAC;gBAChB,EAAE,GAAG,EAAE,CAAC;gBACR,EAAE,GAAG,CAAC,CAAC;YACT,CAAC;iBAAM,IAAI,GAAG,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC;gBAC3B,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;gBACtB,EAAE,GAAG,CAAC,CAAC;gBACP,GAAG,GAAG,CAAC,CAAC;YACV,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAG,EAAE,CAAC,CAAC;IAC7D,OAAO,CAAC,CAAC;AACX,CAAC;AAED,QAAQ;AACR,oGAAoG;AACpG,MAAM,OAAO,GAAG,CAAC,IAAe,EAAE,EAAE;IAClC,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC;IAC1D,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;IAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC;IAC5B,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC/D,MAAM,WAAW,GAAG,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/C,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,UAAU,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IACrC,OAAO;QACL,WAAW;QACX,YAAY,EAAE,WAAW,CAAC,QAAQ;QAClC,YAAY,EAAE,WAAW,CAAC,QAAQ;QAClC,aAAa,EAAE,WAAW,CAAC,QAAQ;QACnC,MAAM,EAAE,CAAC,IAAgB,EAAE,EAAE;YAC3B,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAClB,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC;YAChB,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;YAElC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAChD,MAAM,IAAI,GAAW,EAAE,CAAC;YACxB,MAAM,IAAI,GAAW,EAAE,CAAC;YACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;gBAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;YAClF,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3B,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBACzD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;oBACvD,OAAO,CAAC,CAAC,EAAE,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzC,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;YAChC,CAAC;YACD,CAAC,CAAC,KAAK,EAAE,CAAC;YACV,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBAC1C,SAAS,EAAE,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC;aACpC,CAAC;YACF,UAAU,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACtD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,EAAE,CAAC,SAAqB,EAAE,GAAe,EAAE,IAAgB,EAAE,EAAE;YACpE,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,EAAE,CAAC;YAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;gBAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;YACjF,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,MAAM,IAAI,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,CAAC,GAAG,EAAE,CAAC;YACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3B,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC;gBAC7C,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;gBAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;oBACvD,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;gBACjE,CAAC;gBACD,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY;gBAC1C,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACX,OAAO,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;gBACzE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACd,CAAC;YACD,CAAC,CAAC,KAAK,EAAE,CAAC;YACV,MAAM,EAAE,GAAG,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC;YAC7C,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,aAAa;YAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,uCAAuC;YACpE,OAAO,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU;YAC1B,UAAU,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;YACjC,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,EAAE,CAAC,UAAsB,EAAE,UAAsB,EAAE,EAAE;YAC1D,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAC9C,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,4BAA4B;YACvE,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;gBAAE,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,sBAAsB;YACvG,OAAO,CAAC,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW;YACxC,UAAU,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACzB,CAAC;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,SAAS,WAAW,CAAC,IAAe;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACvC,MAAM,EAAE,WAAW,EAAE,eAAe,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC;IAC7D,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,WAAW;IACnD,MAAM,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAAG,WAAW,CAAC,QAAQ,CAAC;IAC1C,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,OAAO;QACL,YAAY;QACZ,MAAM;QACN,MAAM,EAAE,CAAC,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC,EAAE,EAAE;YACjC,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACtB,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YACvE,MAAM,aAAa,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;YACzC,wBAAwB;YACxB,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxF,UAAU,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC;YAC9B,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;QAClC,CAAC;QACD,WAAW,EAAE,CAAC,SAAqB,EAAE,GAAG,GAAG,WAAW,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5D,WAAW,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACrC,WAAW,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAEzB,8DAA8D;YAC9D,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAChD,MAAM,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,mCAAmC;YAC3G,iFAAiF;YACjF,4DAA4D;YAC5D,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,CAAC;gBACzB,UAAU,CAAC,EAAE,CAAC,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YACD,UAAU,CAAC,EAAE,CAAC,CAAC;YACf,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,oBAAoB;YACjG,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;YACrE,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACxB,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QAC1D,CAAC;QACD,WAAW,EAAE,CAAC,UAAsB,EAAE,SAAqB,EAAE,EAAE;YAC7D,WAAW,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC,aAAa;YACnD,WAAW,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,gBAAgB;YACxD,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YACzC,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,+CAA+C;YACvH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;YACjH,MAAM,OAAO,GAAG,UAAU,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,mDAAmD;YACxG,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,EAAE,CAAC;YAC7E,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACrD,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/B,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,KAAa,EAAE,GAAe,EAAE,KAAa;IAC7D,OAAO,QAAQ;SACZ,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC;SACjB,MAAM,CAAC,GAAG,CAAC;SACX,MAAM,CAAC,IAAI,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SAC/B,MAAM,EAAE,CAAC;AACd,CAAC;AAED,MAAM,IAAI,GAAG;IACX,OAAO,EAAE,QAAQ;IACjB,OAAO,EAAE,QAAQ;IACjB,GAAG,EAAE,QAAQ;IACb,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,QAAQ;CACd,CAAC;AAEF,qFAAqF;AACrF,MAAM,CAAC,MAAM,SAAS,GAAQ,eAAe,CAAC,WAAW,CAAC;IACxD,GAAG,IAAI;IACP,GAAG,MAAM,CAAC,GAAG,CAAC;CACf,CAAC,CAAC;AAEH,sFAAsF;AACtF,MAAM,CAAC,MAAM,SAAS,GAAQ,eAAe,CAAC,WAAW,CAAC;IACxD,GAAG,IAAI;IACP,GAAG,MAAM,CAAC,GAAG,CAAC;CACf,CAAC,CAAC;AAEH,yEAAyE;AACzE,MAAM,CAAC,MAAM,UAAU,GAAQ,eAAe,CAAC,WAAW,CAAC;IACzD,GAAG,IAAI;IACP,GAAG,MAAM,CAAC,IAAI,CAAC;CAChB,CAAC,CAAC"}
|
package/esm/package.json
DELETED
package/esm/slh-dsa.d.ts
DELETED
|
@@ -1,62 +0,0 @@
|
|
|
1
|
-
import { type Signer } from './utils.js';
|
|
2
|
-
/**
|
|
3
|
-
* * N: Security parameter (in bytes). W: Winternitz parameter
|
|
4
|
-
* * H: Hypertree height. D: Hypertree layers
|
|
5
|
-
* * K: FORS trees numbers. A: FORS trees height
|
|
6
|
-
*/
|
|
7
|
-
export type SphincsOpts = {
|
|
8
|
-
N: number;
|
|
9
|
-
W: number;
|
|
10
|
-
H: number;
|
|
11
|
-
D: number;
|
|
12
|
-
K: number;
|
|
13
|
-
A: number;
|
|
14
|
-
};
|
|
15
|
-
export type SphincsHashOpts = {
|
|
16
|
-
isCompressed?: boolean;
|
|
17
|
-
getContext: GetContext;
|
|
18
|
-
};
|
|
19
|
-
/** Winternitz signature params. */
|
|
20
|
-
export declare const PARAMS: Record<string, SphincsOpts>;
|
|
21
|
-
/** Address, byte array of size ADDR_BYTES */
|
|
22
|
-
export type ADRS = Uint8Array;
|
|
23
|
-
export type Context = {
|
|
24
|
-
PRFaddr: (addr: ADRS) => Uint8Array;
|
|
25
|
-
PRFmsg: (skPRF: Uint8Array, random: Uint8Array, msg: Uint8Array) => Uint8Array;
|
|
26
|
-
Hmsg: (R: Uint8Array, pk: Uint8Array, m: Uint8Array, outLen: number) => Uint8Array;
|
|
27
|
-
thash1: (input: Uint8Array, addr: ADRS) => Uint8Array;
|
|
28
|
-
thashN: (blocks: number, input: Uint8Array, addr: ADRS) => Uint8Array;
|
|
29
|
-
clean: () => void;
|
|
30
|
-
};
|
|
31
|
-
export type GetContext = (opts: SphincsOpts) => (pub_seed: Uint8Array, sk_seed?: Uint8Array) => Context;
|
|
32
|
-
export type SphincsSigner = Signer & {
|
|
33
|
-
seedLen: number;
|
|
34
|
-
} & {
|
|
35
|
-
internal: Signer;
|
|
36
|
-
prehash: (hashName: string) => Signer;
|
|
37
|
-
};
|
|
38
|
-
/** SLH-DSA: 128-bit fast SHAKE version. */
|
|
39
|
-
export declare const slh_dsa_shake_128f: SphincsSigner;
|
|
40
|
-
/** SLH-DSA: 128-bit short SHAKE version. */
|
|
41
|
-
export declare const slh_dsa_shake_128s: SphincsSigner;
|
|
42
|
-
/** SLH-DSA: 192-bit fast SHAKE version. */
|
|
43
|
-
export declare const slh_dsa_shake_192f: SphincsSigner;
|
|
44
|
-
/** SLH-DSA: 192-bit short SHAKE version. */
|
|
45
|
-
export declare const slh_dsa_shake_192s: SphincsSigner;
|
|
46
|
-
/** SLH-DSA: 256-bit fast SHAKE version. */
|
|
47
|
-
export declare const slh_dsa_shake_256f: SphincsSigner;
|
|
48
|
-
/** SLH-DSA: 256-bit short SHAKE version. */
|
|
49
|
-
export declare const slh_dsa_shake_256s: SphincsSigner;
|
|
50
|
-
/** SLH-DSA: 128-bit fast SHA2 version. */
|
|
51
|
-
export declare const slh_dsa_sha2_128f: SphincsSigner;
|
|
52
|
-
/** SLH-DSA: 128-bit small SHA2 version. */
|
|
53
|
-
export declare const slh_dsa_sha2_128s: SphincsSigner;
|
|
54
|
-
/** SLH-DSA: 192-bit fast SHA2 version. */
|
|
55
|
-
export declare const slh_dsa_sha2_192f: SphincsSigner;
|
|
56
|
-
/** SLH-DSA: 192-bit small SHA2 version. */
|
|
57
|
-
export declare const slh_dsa_sha2_192s: SphincsSigner;
|
|
58
|
-
/** SLH-DSA: 256-bit fast SHA2 version. */
|
|
59
|
-
export declare const slh_dsa_sha2_256f: SphincsSigner;
|
|
60
|
-
/** SLH-DSA: 256-bit small SHA2 version. */
|
|
61
|
-
export declare const slh_dsa_sha2_256s: SphincsSigner;
|
|
62
|
-
//# sourceMappingURL=slh-dsa.d.ts.map
|
package/esm/slh-dsa.d.ts.map
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"slh-dsa.d.ts","sourceRoot":"","sources":["../src/slh-dsa.ts"],"names":[],"mappings":"AAkCA,OAAO,EAEL,KAAK,MAAM,EAUZ,MAAM,YAAY,CAAC;AAEpB;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG;IACxB,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;IACV,CAAC,EAAE,MAAM,CAAC;CACX,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,EAAE,UAAU,CAAC;CACxB,CAAC;AAEF,mCAAmC;AACnC,eAAO,MAAM,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAOrC,CAAC;AAYX,6CAA6C;AAC7C,MAAM,MAAM,IAAI,GAAG,UAAU,CAAC;AAE9B,MAAM,MAAM,OAAO,GAAG;IACpB,OAAO,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,UAAU,CAAC;IACpC,MAAM,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,KAAK,UAAU,CAAC;IAC/E,IAAI,EAAE,CAAC,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,KAAK,UAAU,CAAC;IACnF,MAAM,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,KAAK,UAAU,CAAC;IACtD,MAAM,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,KAAK,UAAU,CAAC;IACtE,KAAK,EAAE,MAAM,IAAI,CAAC;CACnB,CAAC;AACF,MAAM,MAAM,UAAU,GAAG,CACvB,IAAI,EAAE,WAAW,KACd,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC;AAqC7D,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG;IAAE,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG;IACzD,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,MAAM,CAAC;CACvC,CAAC;AA4cF,2CAA2C;AAC3C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AACnG,4CAA4C;AAC5C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AACnG,2CAA2C;AAC3C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AACnG,4CAA4C;AAC5C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AACnG,2CAA2C;AAC3C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AACnG,4CAA4C;AAC5C,eAAO,MAAM,kBAAkB,EAAE,aAAiE,CAAC;AAoGnG,0CAA0C;AAC1C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC;AACnG,2CAA2C;AAC3C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC;AACnG,0CAA0C;AAC1C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC;AACnG,2CAA2C;AAC3C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC;AACnG,0CAA0C;AAC1C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC;AACnG,2CAA2C;AAC3C,eAAO,MAAM,iBAAiB,EAAE,aAAkE,CAAC"}
|