npm - @optimystic/quereus-plugin-crypto - Versions diffs - 0.2.0 - Mend

@optimystic/quereus-plugin-crypto 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,474 @@
+import { sha512, sha256 } from '@noble/hashes/sha2';
+import { blake3 } from '@noble/hashes/blake3';
+import { concatBytes, utf8ToBytes } from '@noble/hashes/utils';
+import { secp256k1 } from '@noble/curves/secp256k1';
+import { p256 } from '@noble/curves/nist';
+import { ed25519 } from '@noble/curves/ed25519';
+import { hexToBytes, bytesToHex } from '@noble/curves/abstract/utils';
+import { fromString, toString } from 'uint8arrays';
+// src/crypto.ts
+function toBytes(input, encoding = "base64url") {
+  if (input === null || input === void 0) {
+    return new Uint8Array(0);
+  }
+  if (input instanceof Uint8Array) {
+    return input;
+  }
+  if (typeof input === "string") {
+    switch (encoding) {
+      case "base64url":
+        return fromString(input, "base64url");
+      case "base64":
+        return fromString(input, "base64");
+      case "hex":
+        return hexToBytes(input);
+      case "utf8":
+        return utf8ToBytes(input);
+      default:
+        return fromString(input, "base64url");
+    }
+  }
+  throw new Error("Invalid input type");
+}
+function fromBytes(bytes, encoding = "base64url") {
+  switch (encoding) {
+    case "base64url":
+      return toString(bytes, "base64url");
+    case "base64":
+      return toString(bytes, "base64");
+    case "hex":
+      return bytesToHex(bytes);
+    case "utf8":
+      return toString(bytes, "utf8");
+    case "bytes":
+      return bytes;
+    default:
+      return toString(bytes, "base64url");
+  }
+}
+function digest(data, algorithm = "sha256", inputEncoding = "base64url", outputEncoding = "base64url") {
+  const bytes = toBytes(data, inputEncoding);
+  let hashBytes;
+  switch (algorithm) {
+    case "sha256":
+      hashBytes = sha256(bytes);
+      break;
+    case "sha512":
+      hashBytes = sha512(bytes);
+      break;
+    case "blake3":
+      hashBytes = blake3(bytes);
+      break;
+    default:
+      throw new Error(`Unsupported hash algorithm: ${algorithm}`);
+  }
+  return fromBytes(hashBytes, outputEncoding);
+}
+function hashMod(data, bits, algorithm = "sha256", inputEncoding = "base64url") {
+  if (bits <= 0 || bits > 53) {
+    throw new Error("Bits must be between 1 and 53 (JavaScript safe integer limit)");
+  }
+  const hashBytes = toBytes(digest(data, algorithm, inputEncoding, "base64url"), "base64url");
+  const view = new DataView(hashBytes.buffer, hashBytes.byteOffset, Math.min(8, hashBytes.length));
+  const fullHash = view.getBigUint64(0, false);
+  const modulus = BigInt(2) ** BigInt(bits);
+  const result = fullHash % modulus;
+  return Number(result);
+}
+function sign(data, privateKey, curve = "secp256k1", inputEncoding = "base64url", keyEncoding = "base64url", outputEncoding = "base64url") {
+  const dataBytes = toBytes(data, inputEncoding);
+  const keyBytes = toBytes(privateKey, keyEncoding);
+  let sigBytes;
+  switch (curve) {
+    case "secp256k1": {
+      const sig = secp256k1.sign(dataBytes, keyBytes, { lowS: true });
+      sigBytes = sig.toCompactRawBytes();
+      break;
+    }
+    case "p256": {
+      const sig = p256.sign(dataBytes, keyBytes, { lowS: true });
+      sigBytes = sig.toCompactRawBytes();
+      break;
+    }
+    case "ed25519": {
+      sigBytes = ed25519.sign(dataBytes, keyBytes);
+      break;
+    }
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+  return fromBytes(sigBytes, outputEncoding);
+}
+function verify(data, signature, publicKey, curve = "secp256k1", inputEncoding = "base64url", sigEncoding = "base64url", keyEncoding = "base64url") {
+  try {
+    const dataBytes = toBytes(data, inputEncoding);
+    const sigBytes = toBytes(signature, sigEncoding);
+    const keyBytes = toBytes(publicKey, keyEncoding);
+    switch (curve) {
+      case "secp256k1": {
+        return secp256k1.verify(sigBytes, dataBytes, keyBytes);
+      }
+      case "p256": {
+        return p256.verify(sigBytes, dataBytes, keyBytes);
+      }
+      case "ed25519": {
+        return ed25519.verify(sigBytes, dataBytes, keyBytes);
+      }
+      default:
+        throw new Error(`Unsupported curve: ${curve}`);
+    }
+  } catch {
+    return false;
+  }
+}
+function randomBytes(bits = 256, encoding = "base64url") {
+  const bytes = Math.ceil(bits / 8);
+  const randomBytesArray = new Uint8Array(bytes);
+  crypto.getRandomValues(randomBytesArray);
+  return fromBytes(randomBytesArray, encoding);
+}
+function generatePrivateKey(curve = "secp256k1", encoding = "base64url") {
+  let keyBytes;
+  switch (curve) {
+    case "secp256k1":
+      keyBytes = secp256k1.utils.randomPrivateKey();
+      break;
+    case "p256":
+      keyBytes = p256.utils.randomPrivateKey();
+      break;
+    case "ed25519":
+      keyBytes = ed25519.utils.randomPrivateKey();
+      break;
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+  return fromBytes(keyBytes, encoding);
+}
+function getPublicKey(privateKey, curve = "secp256k1", keyEncoding = "base64url", outputEncoding = "base64url") {
+  const keyBytes = toBytes(privateKey, keyEncoding);
+  let pubBytes;
+  switch (curve) {
+    case "secp256k1":
+      pubBytes = secp256k1.getPublicKey(keyBytes);
+      break;
+    case "p256":
+      pubBytes = p256.getPublicKey(keyBytes);
+      break;
+    case "ed25519":
+      pubBytes = ed25519.getPublicKey(keyBytes);
+      break;
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+  return fromBytes(pubBytes, outputEncoding);
+}
+function inputToBytes(input) {
+  if (input === null || input === void 0) {
+    return new Uint8Array(0);
+  }
+  if (typeof input === "string") {
+    return utf8ToBytes(input);
+  }
+  if (input instanceof Uint8Array) {
+    return input;
+  }
+  if (typeof input === "number") {
+    const buffer = new ArrayBuffer(8);
+    const view = new DataView(buffer);
+    view.setFloat64(0, input, false);
+    return new Uint8Array(buffer);
+  }
+  if (typeof input === "boolean") {
+    return new Uint8Array([input ? 1 : 0]);
+  }
+  return utf8ToBytes(String(input));
+}
+function getHashFunction(algorithm) {
+  switch (algorithm) {
+    case "sha256":
+      return sha256;
+    case "sha512":
+      return sha512;
+    case "blake3":
+      return blake3;
+    default:
+      throw new Error(`Unsupported hash algorithm: ${algorithm}`);
+  }
+}
+function Digest(...args) {
+  return DigestWithOptions({ algorithm: "sha256", output: "uint8array" }, ...args);
+}
+function DigestWithOptions(options, ...args) {
+  const algorithm = options.algorithm || "sha256";
+  const output = options.output || "uint8array";
+  const byteArrays = args.map(inputToBytes);
+  const combined = concatBytes(...byteArrays);
+  const hashFunction = getHashFunction(algorithm);
+  const hash = hashFunction(combined);
+  if (output === "hex") {
+    return Array.from(hash).map((b) => b.toString(16).padStart(2, "0")).join("");
+  }
+  return hash;
+}
+Digest.withOptions = (options) => {
+  return (...args) => DigestWithOptions(options, ...args);
+};
+Digest.sha256 = (...args) => {
+  return DigestWithOptions({ algorithm: "sha256" }, ...args);
+};
+Digest.sha512 = (...args) => {
+  return DigestWithOptions({ algorithm: "sha512" }, ...args);
+};
+Digest.blake3 = (...args) => {
+  return DigestWithOptions({ algorithm: "blake3" }, ...args);
+};
+Digest.hex = (...args) => {
+  return DigestWithOptions({ algorithm: "sha256", output: "hex" }, ...args);
+};
+Digest.sha256Hex = (...args) => {
+  return DigestWithOptions({ algorithm: "sha256", output: "hex" }, ...args);
+};
+Digest.sha512Hex = (...args) => {
+  return DigestWithOptions({ algorithm: "sha512", output: "hex" }, ...args);
+};
+Digest.blake3Hex = (...args) => {
+  return DigestWithOptions({ algorithm: "blake3", output: "hex" }, ...args);
+};
+function normalizePrivateKey(privateKey) {
+  if (privateKey instanceof Uint8Array) {
+    return privateKey;
+  }
+  if (typeof privateKey === "string") {
+    return hexToBytes(privateKey);
+  }
+  if (typeof privateKey === "bigint") {
+    const hex = privateKey.toString(16).padStart(64, "0");
+    return hexToBytes(hex);
+  }
+  throw new Error("Invalid private key format");
+}
+function normalizeDigest(digest2) {
+  if (digest2 instanceof Uint8Array) {
+    return digest2;
+  }
+  if (typeof digest2 === "string") {
+    return hexToBytes(digest2);
+  }
+  throw new Error("Invalid digest format");
+}
+function formatSignature(signature, format, curve) {
+  switch (format) {
+    case "uint8array":
+      if (curve === "ed25519") {
+        return signature;
+      }
+      return signature.toCompactRawBytes();
+    case "hex":
+      if (curve === "ed25519") {
+        return bytesToHex(signature);
+      }
+      return signature.toCompactHex();
+    case "compact":
+      if (curve === "ed25519") {
+        return signature;
+      }
+      return signature.toCompactRawBytes();
+    case "der":
+      if (curve === "ed25519") {
+        throw new Error("DER format not supported for ed25519");
+      }
+      return signature.toCompactRawBytes();
+    default:
+      throw new Error(`Unsupported signature format: ${format}`);
+  }
+}
+function Sign(digest2, privateKey, options = {}) {
+  const {
+    curve = "secp256k1",
+    format = "uint8array",
+    extraEntropy = false,
+    lowS = true
+  } = options;
+  const normalizedDigest = normalizeDigest(digest2);
+  const normalizedPrivateKey = normalizePrivateKey(privateKey);
+  let signature;
+  switch (curve) {
+    case "secp256k1": {
+      const signOptions = { lowS };
+      if (extraEntropy) {
+        signOptions.extraEntropy = extraEntropy;
+      }
+      signature = secp256k1.sign(normalizedDigest, normalizedPrivateKey, signOptions);
+      break;
+    }
+    case "p256": {
+      const signOptions = { lowS };
+      if (extraEntropy) {
+        signOptions.extraEntropy = extraEntropy;
+      }
+      signature = p256.sign(normalizedDigest, normalizedPrivateKey, signOptions);
+      break;
+    }
+    case "ed25519": {
+      signature = ed25519.sign(normalizedDigest, normalizedPrivateKey);
+      break;
+    }
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+  return formatSignature(signature, format, curve);
+}
+Sign.secp256k1 = (digest2, privateKey, options = {}) => {
+  return Sign(digest2, privateKey, { ...options, curve: "secp256k1" });
+};
+Sign.p256 = (digest2, privateKey, options = {}) => {
+  return Sign(digest2, privateKey, { ...options, curve: "p256" });
+};
+Sign.ed25519 = (digest2, privateKey, options = {}) => {
+  return Sign(digest2, privateKey, { ...options, curve: "ed25519" });
+};
+Sign.generatePrivateKey = (curve = "secp256k1") => {
+  switch (curve) {
+    case "secp256k1":
+      return secp256k1.utils.randomPrivateKey();
+    case "p256":
+      return p256.utils.randomPrivateKey();
+    case "ed25519":
+      return ed25519.utils.randomPrivateKey();
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+};
+Sign.getPublicKey = (privateKey, curve = "secp256k1") => {
+  const normalizedPrivateKey = normalizePrivateKey(privateKey);
+  switch (curve) {
+    case "secp256k1":
+      return secp256k1.getPublicKey(normalizedPrivateKey);
+    case "p256":
+      return p256.getPublicKey(normalizedPrivateKey);
+    case "ed25519":
+      return ed25519.getPublicKey(normalizedPrivateKey);
+    default:
+      throw new Error(`Unsupported curve: ${curve}`);
+  }
+};
+function normalizeBytes(input) {
+  if (input instanceof Uint8Array) {
+    return input;
+  }
+  if (typeof input === "string") {
+    return hexToBytes(input);
+  }
+  throw new Error("Invalid input format - expected Uint8Array or hex string");
+}
+function detectSignatureFormat(signature, curve) {
+  const length = signature.length;
+  if (curve === "ed25519") {
+    return "raw";
+  }
+  if (length === 64) {
+    return "compact";
+  }
+  if (length >= 70 && length <= 72 && signature[0] === 48) {
+    return "der";
+  }
+  return "compact";
+}
+function parseSignature(signature, format, curve) {
+  if (curve === "ed25519") {
+    return signature;
+  }
+  switch (format) {
+    case "compact":
+      if (curve === "secp256k1") {
+        return secp256k1.Signature.fromCompact(signature);
+      } else if (curve === "p256") {
+        return p256.Signature.fromCompact(signature);
+      }
+      break;
+    case "der":
+      if (curve === "secp256k1") {
+        return secp256k1.Signature.fromDER(signature);
+      } else if (curve === "p256") {
+        return p256.Signature.fromDER(signature);
+      }
+      break;
+    case "raw":
+      if (curve === "secp256k1") {
+        return secp256k1.Signature.fromCompact(signature);
+      } else if (curve === "p256") {
+        return p256.Signature.fromCompact(signature);
+      }
+      break;
+  }
+  throw new Error(`Failed to parse signature for curve ${curve} with format ${format}`);
+}
+function SignatureValid(digest2, signature, publicKey, options = {}) {
+  try {
+    const {
+      curve = "secp256k1",
+      signatureFormat,
+      allowMalleableSignatures
+    } = options;
+    const normalizedDigest = normalizeBytes(digest2);
+    const normalizedSignature = normalizeBytes(signature);
+    const normalizedPublicKey = normalizeBytes(publicKey);
+    const detectedFormat = signatureFormat || detectSignatureFormat(normalizedSignature, curve);
+    const parsedSignature = parseSignature(normalizedSignature, detectedFormat, curve);
+    const verifyOptions = {};
+    if (curve !== "ed25519" && allowMalleableSignatures !== void 0) {
+      verifyOptions.lowS = !allowMalleableSignatures;
+    }
+    switch (curve) {
+      case "secp256k1":
+        return secp256k1.verify(parsedSignature, normalizedDigest, normalizedPublicKey, verifyOptions);
+      case "p256":
+        return p256.verify(parsedSignature, normalizedDigest, normalizedPublicKey, verifyOptions);
+      case "ed25519":
+        return ed25519.verify(parsedSignature, normalizedDigest, normalizedPublicKey);
+      default:
+        throw new Error(`Unsupported curve: ${curve}`);
+    }
+  } catch (error) {
+    return false;
+  }
+}
+SignatureValid.secp256k1 = (digest2, signature, publicKey, options = {}) => {
+  return SignatureValid(digest2, signature, publicKey, { ...options, curve: "secp256k1" });
+};
+SignatureValid.p256 = (digest2, signature, publicKey, options = {}) => {
+  return SignatureValid(digest2, signature, publicKey, { ...options, curve: "p256" });
+};
+SignatureValid.ed25519 = (digest2, signature, publicKey, options = {}) => {
+  return SignatureValid(digest2, signature, publicKey, { ...options, curve: "ed25519" });
+};
+SignatureValid.batch = (verifications) => {
+  return verifications.map(
+    ({ digest: digest2, signature, publicKey, options }) => SignatureValid(digest2, signature, publicKey, options)
+  );
+};
+SignatureValid.detailed = (digest2, signature, publicKey, options = {}) => {
+  const curve = options.curve || "secp256k1";
+  try {
+    const normalizedSignature = normalizeBytes(signature);
+    const detectedFormat = options.signatureFormat || detectSignatureFormat(normalizedSignature, curve);
+    const valid = SignatureValid(digest2, signature, publicKey, options);
+    return {
+      valid,
+      curve,
+      signatureFormat: detectedFormat
+    };
+  } catch (error) {
+    return {
+      valid: false,
+      curve,
+      signatureFormat: "unknown",
+      error: error instanceof Error ? error.message : "Unknown error"
+    };
+  }
+};
+export { Digest, Sign, SignatureValid, digest, generatePrivateKey, getPublicKey, hashMod, randomBytes, sign, verify };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/crypto.ts","../src/digest.ts","../src/sign.ts","../src/signature-valid.ts"],"names":["uint8ArrayFromString","uint8ArrayToString","utf8ToBytes","sha256","sha512","blake3","concatBytes","hexToBytes","digest","bytesToHex","secp256k1","p256","ed25519"],"mappings":";;;;;;;;;;AAwBA,SAAS,OAAA,CAAQ,KAAA,EAA+C,QAAA,GAAqB,WAAA,EAAyB;AAC7G,EAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,KAAU,MAAA,EAAW;AAC1C,IAAA,OAAO,IAAI,WAAW,CAAC,CAAA;AAAA,EACxB;AAEA,EAAA,IAAI,iBAAiB,UAAA,EAAY;AAChC,IAAA,OAAO,KAAA;AAAA,EACR;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC9B,IAAA,QAAQ,QAAA;AAAU,MACjB,KAAK,WAAA;AACJ,QAAA,OAAOA,UAAA,CAAqB,OAAO,WAAW,CAAA;AAAA,MAC/C,KAAK,QAAA;AACJ,QAAA,OAAOA,UAAA,CAAqB,OAAO,QAAQ,CAAA;AAAA,MAC5C,KAAK,KAAA;AACJ,QAAA,OAAO,WAAW,KAAK,CAAA;AAAA,MACxB,KAAK,MAAA;AACJ,QAAA,OAAO,YAAY,KAAK,CAAA;AAAA,MACzB;AACC,QAAA,OAAOA,UAAA,CAAqB,OAAO,WAAW,CAAA;AAAA;AAChD,EACD;AAEA,EAAA,MAAM,IAAI,MAAM,oBAAoB,CAAA;AACrC;AAKA,SAAS,SAAA,CAAU,KAAA,EAAmB,QAAA,GAAqB,WAAA,EAAkC;AAC5F,EAAA,QAAQ,QAAA;AAAU,IACjB,KAAK,WAAA;AACJ,MAAA,OAAOC,QAAA,CAAmB,OAAO,WAAW,CAAA;AAAA,IAC7C,KAAK,QAAA;AACJ,MAAA,OAAOA,QAAA,CAAmB,OAAO,QAAQ,CAAA;AAAA,IAC1C,KAAK,KAAA;AACJ,MAAA,OAAO,WAAW,KAAK,CAAA;AAAA,IACxB,KAAK,MAAA;AACJ,MAAA,OAAOA,QAAA,CAAmB,OAAO,MAAM,CAAA;AAAA,IACxC,KAAK,OAAA;AACJ,MAAA,OAAO,KAAA;AAAA,IACR;AACC,MAAA,OAAOA,QAAA,CAAmB,OAAO,WAAW,CAAA;AAAA;AAE/C;AAuBO,SAAS,OACf,IAAA,EACA,SAAA,GAA2B,UAC3B,aAAA,GAA0B,WAAA,EAC1B,iBAA2B,WAAA,EACL;AACtB,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,IAAA,EAAM,aAAa,CAAA;AAEzC,EAAA,IAAI,SAAA;AACJ,EAAA,QAAQ,SAAA;AAAW,IAClB,KAAK,QAAA;AACJ,MAAA,SAAA,GAAY,OAAO,KAAK,CAAA;AACxB,MAAA;AAAA,IACD,KAAK,QAAA;AACJ,MAAA,SAAA,GAAY,OAAO,KAAK,CAAA;AACxB,MAAA;AAAA,IACD,KAAK,QAAA;AACJ,MAAA,SAAA,GAAY,OAAO,KAAK,CAAA;AACxB,MAAA;AAAA,IACD;AACC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,4BAAA,EAA+B,SAAS,CAAA,CAAE,CAAA;AAAA;AAG5D,EAAA,OAAO,SAAA,CAAU,WAAW,cAAc,CAAA;AAC3C;AAqBO,SAAS,QACf,IAAA,EACA,IAAA,EACA,SAAA,GAA2B,QAAA,EAC3B,gBAA0B,WAAA,EACjB;AACT,EAAA,IAAI,IAAA,IAAQ,CAAA,IAAK,IAAA,GAAO,EAAA,EAAI;AAC3B,IAAA,MAAM,IAAI,MAAM,+DAA+D,CAAA;AAAA,EAChF;AAEA,EAAA,MAAM,SAAA,GAAY,QAAQ,MAAA,CAAO,IAAA,EAAM,WAAW,aAAA,EAAe,WAAW,GAAa,WAAW,CAAA;AAGpG,EAAA,MAAM,IAAA,GAAO,IAAI,QAAA,CAAS,SAAA,CAAU,MAAA,EAAQ,SAAA,CAAU,UAAA,EAAY,IAAA,CAAK,GAAA,CAAI,CAAA,EAAG,SAAA,CAAU,MAAM,CAAC,CAAA;AAC/F,EAAA,MAAM,QAAA,GAAW,IAAA,CAAK,YAAA,CAAa,CAAA,EAAG,KAAK,CAAA;AAG3C,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,CAAC,CAAA,IAAK,OAAO,IAAI,CAAA;AACxC,EAAA,MAAM,SAAS,QAAA,GAAW,OAAA;AAE1B,EAAA,OAAO,OAAO,MAAM,CAAA;AACrB;AAsBO,SAAS,IAAA,CACf,IAAA,EACA,UAAA,EACA,KAAA,GAAmB,WAAA,EACnB,gBAA0B,WAAA,EAC1B,WAAA,GAAwB,WAAA,EACxB,cAAA,GAA2B,WAAA,EACL;AACtB,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,IAAA,EAAM,aAAa,CAAA;AAC7C,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,UAAA,EAAY,WAAW,CAAA;AAEhD,EAAA,IAAI,QAAA;AAEJ,EAAA,QAAQ,KAAA;AAAO,IACd,KAAK,WAAA,EAAa;AACjB,MAAA,MAAM,GAAA,GAAM,UAAU,IAAA,CAAK,SAAA,EAAW,UAAU,EAAE,IAAA,EAAM,MAAM,CAAA;AAC9D,MAAA,QAAA,GAAW,IAAI,iBAAA,EAAkB;AACjC,MAAA;AAAA,IACD;AAAA,IACA,KAAK,MAAA,EAAQ;AACZ,MAAA,MAAM,GAAA,GAAM,KAAK,IAAA,CAAK,SAAA,EAAW,UAAU,EAAE,IAAA,EAAM,MAAM,CAAA;AACzD,MAAA,QAAA,GAAW,IAAI,iBAAA,EAAkB;AACjC,MAAA;AAAA,IACD;AAAA,IACA,KAAK,SAAA,EAAW;AACf,MAAA,QAAA,GAAW,OAAA,CAAQ,IAAA,CAAK,SAAA,EAAW,QAAQ,CAAA;AAC3C,MAAA;AAAA,IACD;AAAA,IACA;AACC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAG/C,EAAA,OAAO,SAAA,CAAU,UAAU,cAAc,CAAA;AAC1C;AAuBO,SAAS,MAAA,CACf,IAAA,EACA,SAAA,EACA,SAAA,EACA,KAAA,GAAmB,WAAA,EACnB,aAAA,GAA0B,WAAA,EAC1B,WAAA,GAAwB,WAAA,EACxB,WAAA,GAAwB,WAAA,EACd;AACV,EAAA,IAAI;AACH,IAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,IAAA,EAAM,aAAa,CAAA;AAC7C,IAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,SAAA,EAAW,WAAW,CAAA;AAC/C,IAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,SAAA,EAAW,WAAW,CAAA;AAE/C,IAAA,QAAQ,KAAA;AAAO,MACd,KAAK,WAAA,EAAa;AACjB,QAAA,OAAO,SAAA,CAAU,MAAA,CAAO,QAAA,EAAU,SAAA,EAAW,QAAQ,CAAA;AAAA,MACtD;AAAA,MACA,KAAK,MAAA,EAAQ;AACZ,QAAA,OAAO,IAAA,CAAK,MAAA,CAAO,QAAA,EAAU,SAAA,EAAW,QAAQ,CAAA;AAAA,MACjD;AAAA,MACA,KAAK,SAAA,EAAW;AACf,QAAA,OAAO,OAAA,CAAQ,MAAA,CAAO,QAAA,EAAU,SAAA,EAAW,QAAQ,CAAA;AAAA,MACpD;AAAA,MACA;AACC,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAC/C,EACD,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,KAAA;AAAA,EACR;AACD;AASO,SAAS,WAAA,CAAY,IAAA,GAAe,GAAA,EAAK,QAAA,GAAqB,WAAA,EAAkC;AACtG,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,IAAA,CAAK,IAAA,GAAO,CAAC,CAAA;AAChC,EAAA,MAAM,gBAAA,GAAmB,IAAI,UAAA,CAAW,KAAK,CAAA;AAC7C,EAAA,MAAA,CAAO,gBAAgB,gBAAgB,CAAA;AACvC,EAAA,OAAO,SAAA,CAAU,kBAAkB,QAAQ,CAAA;AAC5C;AAKO,SAAS,kBAAA,CAAmB,KAAA,GAAmB,WAAA,EAAa,QAAA,GAAqB,WAAA,EAAkC;AACzH,EAAA,IAAI,QAAA;AAEJ,EAAA,QAAQ,KAAA;AAAO,IACd,KAAK,WAAA;AACJ,MAAA,QAAA,GAAW,SAAA,CAAU,MAAM,gBAAA,EAAiB;AAC5C,MAAA;AAAA,IACD,KAAK,MAAA;AACJ,MAAA,QAAA,GAAW,IAAA,CAAK,MAAM,gBAAA,EAAiB;AACvC,MAAA;AAAA,IACD,KAAK,SAAA;AACJ,MAAA,QAAA,GAAW,OAAA,CAAQ,MAAM,gBAAA,EAAiB;AAC1C,MAAA;AAAA,IACD;AACC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAG/C,EAAA,OAAO,SAAA,CAAU,UAAU,QAAQ,CAAA;AACpC;AAKO,SAAS,aACf,UAAA,EACA,KAAA,GAAmB,aACnB,WAAA,GAAwB,WAAA,EACxB,iBAA2B,WAAA,EACL;AACtB,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,UAAA,EAAY,WAAW,CAAA;AAEhD,EAAA,IAAI,QAAA;AAEJ,EAAA,QAAQ,KAAA;AAAO,IACd,KAAK,WAAA;AACJ,MAAA,QAAA,GAAW,SAAA,CAAU,aAAa,QAAQ,CAAA;AAC1C,MAAA;AAAA,IACD,KAAK,MAAA;AACJ,MAAA,QAAA,GAAW,IAAA,CAAK,aAAa,QAAQ,CAAA;AACrC,MAAA;AAAA,IACD,KAAK,SAAA;AACJ,MAAA,QAAA,GAAW,OAAA,CAAQ,aAAa,QAAQ,CAAA;AACxC,MAAA;AAAA,IACD;AACC,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAG/C,EAAA,OAAO,SAAA,CAAU,UAAU,cAAc,CAAA;AAC1C;ACzSA,SAAS,aAAa,KAAA,EAAgC;AACpD,EAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,KAAU,MAAA,EAAW;AACzC,IAAA,OAAO,IAAI,WAAW,CAAC,CAAA;AAAA,EACzB;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAOC,YAAY,KAAK,CAAA;AAAA,EAC1B;AAEA,EAAA,IAAI,iBAAiB,UAAA,EAAY;AAC/B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAE7B,IAAA,MAAM,MAAA,GAAS,IAAI,WAAA,CAAY,CAAC,CAAA;AAChC,IAAA,MAAM,IAAA,GAAO,IAAI,QAAA,CAAS,MAAM,CAAA;AAChC,IAAA,IAAA,CAAK,UAAA,CAAW,CAAA,EAAG,KAAA,EAAO,KAAK,CAAA;AAC/B,IAAA,OAAO,IAAI,WAAW,MAAM,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,OAAO,UAAU,SAAA,EAAW;AAC9B,IAAA,OAAO,IAAI,UAAA,CAAW,CAAC,KAAA,GAAQ,CAAA,GAAI,CAAC,CAAC,CAAA;AAAA,EACvC;AAGA,EAAA,OAAOA,WAAAA,CAAY,MAAA,CAAO,KAAK,CAAC,CAAA;AAClC;AAKA,SAAS,gBAAgB,SAAA,EAA4D;AACnF,EAAA,QAAQ,SAAA;AAAW,IACjB,KAAK,QAAA;AACH,MAAA,OAAOC,MAAAA;AAAA,IACT,KAAK,QAAA;AACH,MAAA,OAAOC,MAAAA;AAAA,IACT,KAAK,QAAA;AACH,MAAA,OAAOC,MAAAA;AAAA,IACT;AACE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,4BAAA,EAA+B,SAAS,CAAA,CAAE,CAAA;AAAA;AAEhE;AAuBO,SAAS,UAAU,IAAA,EAAiC;AACzD,EAAA,OAAO,iBAAA,CAAkB,EAAE,SAAA,EAAW,QAAA,EAAU,QAAQ,YAAA,EAAa,EAAG,GAAG,IAAI,CAAA;AACjF;AAKO,SAAS,iBAAA,CAAkB,YAA2B,IAAA,EAA0C;AACrG,EAAA,MAAM,SAAA,GAAY,QAAQ,SAAA,IAAa,QAAA;AACvC,EAAA,MAAM,MAAA,GAAS,QAAQ,MAAA,IAAU,YAAA;AAGjC,EAAA,MAAM,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,YAAY,CAAA;AACxC,EAAA,MAAM,QAAA,GAAWC,WAAAA,CAAY,GAAG,UAAU,CAAA;AAG1C,EAAA,MAAM,YAAA,GAAe,gBAAgB,SAAS,CAAA;AAC9C,EAAA,MAAM,IAAA,GAAO,aAAa,QAAQ,CAAA;AAGlC,EAAA,IAAI,WAAW,KAAA,EAAO;AACpB,IAAA,OAAO,MAAM,IAAA,CAAK,IAAI,CAAA,CACnB,GAAA,CAAI,OAAK,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CACxC,KAAK,EAAE,CAAA;AAAA,EACZ;AAEA,EAAA,OAAO,IAAA;AACT;AAKA,MAAA,CAAO,WAAA,GAAc,CAAC,OAAA,KAA2B;AAC/C,EAAA,OAAO,CAAA,GAAI,IAAA,KAAwB,iBAAA,CAAkB,OAAA,EAAS,GAAG,IAAI,CAAA;AACvE,CAAA;AAKA,MAAA,CAAO,MAAA,GAAS,IAAI,IAAA,KAAoC;AACtD,EAAA,OAAO,kBAAkB,EAAE,SAAA,EAAW,QAAA,EAAS,EAAG,GAAG,IAAI,CAAA;AAC3D,CAAA;AAEA,MAAA,CAAO,MAAA,GAAS,IAAI,IAAA,KAAoC;AACtD,EAAA,OAAO,kBAAkB,EAAE,SAAA,EAAW,QAAA,EAAS,EAAG,GAAG,IAAI,CAAA;AAC3D,CAAA;AAEA,MAAA,CAAO,MAAA,GAAS,IAAI,IAAA,KAAoC;AACtD,EAAA,OAAO,kBAAkB,EAAE,SAAA,EAAW,QAAA,EAAS,EAAG,GAAG,IAAI,CAAA;AAC3D,CAAA;AAKA,MAAA,CAAO,GAAA,GAAM,IAAI,IAAA,KAAgC;AAC/C,EAAA,OAAO,iBAAA,CAAkB,EAAE,SAAA,EAAW,QAAA,EAAU,QAAQ,KAAA,EAAM,EAAG,GAAG,IAAI,CAAA;AAC1E,CAAA;AAEA,MAAA,CAAO,SAAA,GAAY,IAAI,IAAA,KAAgC;AACrD,EAAA,OAAO,iBAAA,CAAkB,EAAE,SAAA,EAAW,QAAA,EAAU,QAAQ,KAAA,EAAM,EAAG,GAAG,IAAI,CAAA;AAC1E,CAAA;AAEA,MAAA,CAAO,SAAA,GAAY,IAAI,IAAA,KAAgC;AACrD,EAAA,OAAO,iBAAA,CAAkB,EAAE,SAAA,EAAW,QAAA,EAAU,QAAQ,KAAA,EAAM,EAAG,GAAG,IAAI,CAAA;AAC1E,CAAA;AAEA,MAAA,CAAO,SAAA,GAAY,IAAI,IAAA,KAAgC;AACrD,EAAA,OAAO,iBAAA,CAAkB,EAAE,SAAA,EAAW,QAAA,EAAU,QAAQ,KAAA,EAAM,EAAG,GAAG,IAAI,CAAA;AAC1E,CAAA;ACxHA,SAAS,oBAAoB,UAAA,EAAyC;AACpE,EAAA,IAAI,sBAAsB,UAAA,EAAY;AACpC,IAAA,OAAO,UAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,eAAe,QAAA,EAAU;AAElC,IAAA,OAAOC,WAAW,UAAU,CAAA;AAAA,EAC9B;AAEA,EAAA,IAAI,OAAO,eAAe,QAAA,EAAU;AAElC,IAAA,MAAM,MAAM,UAAA,CAAW,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,IAAI,GAAG,CAAA;AACpD,IAAA,OAAOA,WAAW,GAAG,CAAA;AAAA,EACvB;AAEA,EAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAC9C;AAKA,SAAS,gBAAgBC,OAAAA,EAAiC;AACxD,EAAA,IAAIA,mBAAkB,UAAA,EAAY;AAChC,IAAA,OAAOA,OAAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAOA,YAAW,QAAA,EAAU;AAC9B,IAAA,OAAOD,WAAWC,OAAM,CAAA;AAAA,EAC1B;AAEA,EAAA,MAAM,IAAI,MAAM,uBAAuB,CAAA;AACzC;AAKA,SAAS,eAAA,CAAgB,SAAA,EAAgB,MAAA,EAAyB,KAAA,EAAuC;AACvG,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,YAAA;AACH,MAAA,IAAI,UAAU,SAAA,EAAW;AACvB,QAAA,OAAO,SAAA;AAAA,MACT;AACA,MAAA,OAAO,UAAU,iBAAA,EAAkB;AAAA,IAErC,KAAK,KAAA;AACH,MAAA,IAAI,UAAU,SAAA,EAAW;AACvB,QAAA,OAAOC,WAAW,SAAS,CAAA;AAAA,MAC7B;AACA,MAAA,OAAO,UAAU,YAAA,EAAa;AAAA,IAEhC,KAAK,SAAA;AACH,MAAA,IAAI,UAAU,SAAA,EAAW;AACvB,QAAA,OAAO,SAAA;AAAA,MACT;AACA,MAAA,OAAO,UAAU,iBAAA,EAAkB;AAAA,IAErC,KAAK,KAAA;AACH,MAAA,IAAI,UAAU,SAAA,EAAW;AACvB,QAAA,MAAM,IAAI,MAAM,sCAAsC,CAAA;AAAA,MACxD;AAGA,MAAA,OAAO,UAAU,iBAAA,EAAkB;AAAA,IAErC;AACE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8BAAA,EAAiC,MAAM,CAAA,CAAE,CAAA;AAAA;AAE/D;AA6BO,SAAS,IAAA,CACdD,OAAAA,EACA,UAAA,EACA,OAAA,GAAuB,EAAC,EACH;AACrB,EAAA,MAAM;AAAA,IACJ,KAAA,GAAQ,WAAA;AAAA,IACR,MAAA,GAAS,YAAA;AAAA,IACT,YAAA,GAAe,KAAA;AAAA,IACf,IAAA,GAAO;AAAA,GACT,GAAI,OAAA;AAEJ,EAAA,MAAM,gBAAA,GAAmB,gBAAgBA,OAAM,CAAA;AAC/C,EAAA,MAAM,oBAAA,GAAuB,oBAAoB,UAAU,CAAA;AAE3D,EAAA,IAAI,SAAA;AAEJ,EAAA,QAAQ,KAAA;AAAO,IACb,KAAK,WAAA,EAAa;AAChB,MAAA,MAAM,WAAA,GAAmB,EAAE,IAAA,EAAK;AAChC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,WAAA,CAAY,YAAA,GAAe,YAAA;AAAA,MAC7B;AACA,MAAA,SAAA,GAAYE,SAAAA,CAAU,IAAA,CAAK,gBAAA,EAAkB,oBAAA,EAAsB,WAAW,CAAA;AAC9E,MAAA;AAAA,IACF;AAAA,IAEA,KAAK,MAAA,EAAQ;AACX,MAAA,MAAM,WAAA,GAAmB,EAAE,IAAA,EAAK;AAChC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,WAAA,CAAY,YAAA,GAAe,YAAA;AAAA,MAC7B;AACA,MAAA,SAAA,GAAYC,IAAAA,CAAK,IAAA,CAAK,gBAAA,EAAkB,oBAAA,EAAsB,WAAW,CAAA;AACzE,MAAA;AAAA,IACF;AAAA,IAEA,KAAK,SAAA,EAAW;AACd,MAAA,SAAA,GAAYC,OAAAA,CAAQ,IAAA,CAAK,gBAAA,EAAkB,oBAAoB,CAAA;AAC/D,MAAA;AAAA,IACF;AAAA,IAEA;AACE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAGjD,EAAA,OAAO,eAAA,CAAgB,SAAA,EAAW,MAAA,EAAQ,KAAK,CAAA;AACjD;AAKA,IAAA,CAAK,YAAY,CAACJ,OAAAA,EAAqB,UAAA,EAA6B,OAAA,GAAsC,EAAC,KAAM;AAC/G,EAAA,OAAO,IAAA,CAAKA,SAAQ,UAAA,EAAY,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,aAAa,CAAA;AACpE,CAAA;AAEA,IAAA,CAAK,OAAO,CAACA,OAAAA,EAAqB,UAAA,EAA6B,OAAA,GAAsC,EAAC,KAAM;AAC1G,EAAA,OAAO,IAAA,CAAKA,SAAQ,UAAA,EAAY,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,QAAQ,CAAA;AAC/D,CAAA;AAEA,IAAA,CAAK,UAAU,CAACA,OAAAA,EAAqB,UAAA,EAA6B,OAAA,GAAsC,EAAC,KAAM;AAC7G,EAAA,OAAO,IAAA,CAAKA,SAAQ,UAAA,EAAY,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,WAAW,CAAA;AAClE,CAAA;AAKA,IAAA,CAAK,kBAAA,GAAqB,CAAC,KAAA,GAAmB,WAAA,KAA4B;AACxE,EAAA,QAAQ,KAAA;AAAO,IACb,KAAK,WAAA;AACH,MAAA,OAAOE,SAAAA,CAAU,MAAM,gBAAA,EAAiB;AAAA,IAC1C,KAAK,MAAA;AACH,MAAA,OAAOC,IAAAA,CAAK,MAAM,gBAAA,EAAiB;AAAA,IACrC,KAAK,SAAA;AACH,MAAA,OAAOC,OAAAA,CAAQ,MAAM,gBAAA,EAAiB;AAAA,IACxC;AACE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAEnD,CAAA;AAKA,IAAA,CAAK,YAAA,GAAe,CAAC,UAAA,EAA6B,KAAA,GAAmB,WAAA,KAA4B;AAC/F,EAAA,MAAM,oBAAA,GAAuB,oBAAoB,UAAU,CAAA;AAE3D,EAAA,QAAQ,KAAA;AAAO,IACb,KAAK,WAAA;AACH,MAAA,OAAOF,SAAAA,CAAU,aAAa,oBAAoB,CAAA;AAAA,IACpD,KAAK,MAAA;AACH,MAAA,OAAOC,IAAAA,CAAK,aAAa,oBAAoB,CAAA;AAAA,IAC/C,KAAK,SAAA;AACH,MAAA,OAAOC,OAAAA,CAAQ,aAAa,oBAAoB,CAAA;AAAA,IAClD;AACE,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AAEnD,CAAA;AC5MA,SAAS,eAAe,KAAA,EAA+B;AACrD,EAAA,IAAI,iBAAiB,UAAA,EAAY;AAC/B,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC7B,IAAA,OAAOL,WAAW,KAAK,CAAA;AAAA,EACzB;AAEA,EAAA,MAAM,IAAI,MAAM,0DAA0D,CAAA;AAC5E;AAKA,SAAS,qBAAA,CAAsB,WAAuB,KAAA,EAA6C;AACjG,EAAA,MAAM,SAAS,SAAA,CAAU,MAAA;AAEzB,EAAA,IAAI,UAAU,SAAA,EAAW;AACvB,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,IAAI,WAAW,EAAA,EAAI;AACjB,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,IAAI,UAAU,EAAA,IAAM,MAAA,IAAU,MAAM,SAAA,CAAU,CAAC,MAAM,EAAA,EAAM;AACzD,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,OAAO,SAAA;AACT;AAKA,SAAS,cAAA,CAAe,SAAA,EAAuB,MAAA,EAAmC,KAAA,EAAuB;AACvG,EAAA,IAAI,UAAU,SAAA,EAAW;AAEvB,IAAA,OAAO,SAAA;AAAA,EACT;AAGA,EAAA,QAAQ,MAAA;AAAQ,IACd,KAAK,SAAA;AACH,MAAA,IAAI,UAAU,WAAA,EAAa;AACzB,QAAA,OAAOG,SAAAA,CAAU,SAAA,CAAU,WAAA,CAAY,SAAS,CAAA;AAAA,MAClD,CAAA,MAAA,IAAW,UAAU,MAAA,EAAQ;AAC3B,QAAA,OAAOC,IAAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,CAAA;AAAA,MAC7C;AACA,MAAA;AAAA,IAEF,KAAK,KAAA;AACH,MAAA,IAAI,UAAU,WAAA,EAAa;AACzB,QAAA,OAAOD,SAAAA,CAAU,SAAA,CAAU,OAAA,CAAQ,SAAS,CAAA;AAAA,MAC9C,CAAA,MAAA,IAAW,UAAU,MAAA,EAAQ;AAC3B,QAAA,OAAOC,IAAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,SAAS,CAAA;AAAA,MACzC;AACA,MAAA;AAAA,IAEF,KAAK,KAAA;AAEH,MAAA,IAAI,UAAU,WAAA,EAAa;AACzB,QAAA,OAAOD,SAAAA,CAAU,SAAA,CAAU,WAAA,CAAY,SAAS,CAAA;AAAA,MAClD,CAAA,MAAA,IAAW,UAAU,MAAA,EAAQ;AAC3B,QAAA,OAAOC,IAAAA,CAAK,SAAA,CAAU,WAAA,CAAY,SAAS,CAAA;AAAA,MAC7C;AACA,MAAA;AAAA;AAGJ,EAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oCAAA,EAAuC,KAAK,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAE,CAAA;AACtF;AAiCO,SAAS,eACdH,OAAAA,EACA,SAAA,EACA,SAAA,EACA,OAAA,GAAyB,EAAC,EACjB;AACT,EAAA,IAAI;AACF,IAAA,MAAM;AAAA,MACJ,KAAA,GAAQ,WAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF,GAAI,OAAA;AAEJ,IAAA,MAAM,gBAAA,GAAmB,eAAeA,OAAM,CAAA;AAC9C,IAAA,MAAM,mBAAA,GAAsB,eAAe,SAAS,CAAA;AACpD,IAAA,MAAM,mBAAA,GAAsB,eAAe,SAAS,CAAA;AAGpD,IAAA,MAAM,cAAA,GAAiB,eAAA,IAAmB,qBAAA,CAAsB,mBAAA,EAAqB,KAAK,CAAA;AAG1F,IAAA,MAAM,eAAA,GAAkB,cAAA,CAAe,mBAAA,EAAqB,cAAA,EAAgB,KAAK,CAAA;AAGjF,IAAA,MAAM,gBAAqB,EAAC;AAG5B,IAAA,IAAI,KAAA,KAAU,SAAA,IAAa,wBAAA,KAA6B,KAAA,CAAA,EAAW;AACjE,MAAA,aAAA,CAAc,OAAO,CAAC,wBAAA;AAAA,IACxB;AAGA,IAAA,QAAQ,KAAA;AAAO,MACb,KAAK,WAAA;AACH,QAAA,OAAOE,SAAAA,CAAU,MAAA,CAAO,eAAA,EAAiB,gBAAA,EAAkB,qBAAqB,aAAa,CAAA;AAAA,MAE/F,KAAK,MAAA;AACH,QAAA,OAAOC,IAAAA,CAAK,MAAA,CAAO,eAAA,EAAiB,gBAAA,EAAkB,qBAAqB,aAAa,CAAA;AAAA,MAE1F,KAAK,SAAA;AACH,QAAA,OAAOC,OAAAA,CAAQ,MAAA,CAAO,eAAA,EAAiB,gBAAA,EAAkB,mBAAmB,CAAA;AAAA,MAE9E;AACE,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,mBAAA,EAAsB,KAAK,CAAA,CAAE,CAAA;AAAA;AACjD,EACF,SAAS,KAAA,EAAO;AAEd,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAKA,cAAA,CAAe,YAAY,CACzBJ,OAAAA,EACA,WACA,SAAA,EACA,OAAA,GAAwC,EAAC,KAC7B;AACZ,EAAA,OAAO,cAAA,CAAeA,SAAQ,SAAA,EAAW,SAAA,EAAW,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,WAAA,EAAa,CAAA;AACxF,CAAA;AAEA,cAAA,CAAe,OAAO,CACpBA,OAAAA,EACA,WACA,SAAA,EACA,OAAA,GAAwC,EAAC,KAC7B;AACZ,EAAA,OAAO,cAAA,CAAeA,SAAQ,SAAA,EAAW,SAAA,EAAW,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,MAAA,EAAQ,CAAA;AACnF,CAAA;AAEA,cAAA,CAAe,UAAU,CACvBA,OAAAA,EACA,WACA,SAAA,EACA,OAAA,GAAwC,EAAC,KAC7B;AACZ,EAAA,OAAO,cAAA,CAAeA,SAAQ,SAAA,EAAW,SAAA,EAAW,EAAE,GAAG,OAAA,EAAS,KAAA,EAAO,SAAA,EAAW,CAAA;AACtF,CAAA;AAKA,cAAA,CAAe,KAAA,GAAQ,CACrB,aAAA,KAMc;AACd,EAAA,OAAO,aAAA,CAAc,GAAA;AAAA,IAAI,CAAC,EAAE,MAAA,EAAAA,OAAAA,EAAQ,SAAA,EAAW,SAAA,EAAW,OAAA,EAAQ,KAChE,cAAA,CAAeA,OAAAA,EAAQ,SAAA,EAAW,SAAA,EAAW,OAAO;AAAA,GACtD;AACF,CAAA;AAKA,cAAA,CAAe,WAAW,CACxBA,OAAAA,EACA,WACA,SAAA,EACA,OAAA,GAAyB,EAAC,KAMvB;AACH,EAAA,MAAM,KAAA,GAAQ,QAAQ,KAAA,IAAS,WAAA;AAE/B,EAAA,IAAI;AACF,IAAA,MAAM,mBAAA,GAAsB,eAAe,SAAS,CAAA;AACpD,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,eAAA,IAAmB,qBAAA,CAAsB,qBAAqB,KAAK,CAAA;AAElG,IAAA,MAAM,KAAA,GAAQ,cAAA,CAAeA,OAAAA,EAAQ,SAAA,EAAW,WAAW,OAAO,CAAA;AAElE,IAAA,OAAO;AAAA,MACL,KAAA;AAAA,MACA,KAAA;AAAA,MACA,eAAA,EAAiB;AAAA,KACnB;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAO;AAAA,MACL,KAAA,EAAO,KAAA;AAAA,MACP,KAAA;AAAA,MACA,eAAA,EAAiB,SAAA;AAAA,MACjB,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,KAClD;AAAA,EACF;AACF,CAAA","file":"index.js","sourcesContent":["/**\n * Cryptographic Functions for Quereus\n *\n * Idiomatic ES module exports with base64url as default encoding.\n * All functions accept and return base64url strings by default for SQL compatibility.\n */\n\nimport { sha256, sha512 } from '@noble/hashes/sha2';\nimport { blake3 } from '@noble/hashes/blake3';\nimport { concatBytes, utf8ToBytes } from '@noble/hashes/utils';\nimport { secp256k1 } from '@noble/curves/secp256k1';\nimport { p256 } from '@noble/curves/nist';\nimport { ed25519 } from '@noble/curves/ed25519';\nimport { hexToBytes, bytesToHex } from '@noble/curves/abstract/utils';\nimport { toString as uint8ArrayToString, fromString as uint8ArrayFromString } from 'uint8arrays';\n\n// Type definitions\nexport type HashAlgorithm = 'sha256' | 'sha512' | 'blake3';\nexport type CurveType = 'secp256k1' | 'p256' | 'ed25519';\nexport type Encoding = 'base64url' | 'base64' | 'hex' | 'utf8' | 'bytes';\n\n/**\n * Convert input to Uint8Array, handling various encodings\n */\nfunction toBytes(input: string | Uint8Array | null | undefined, encoding: Encoding = 'base64url'): Uint8Array {\n\tif (input === null || input === undefined) {\n\t\treturn new Uint8Array(0);\n\t}\n\n\tif (input instanceof Uint8Array) {\n\t\treturn input;\n\t}\n\n\tif (typeof input === 'string') {\n\t\tswitch (encoding) {\n\t\t\tcase 'base64url':\n\t\t\t\treturn uint8ArrayFromString(input, 'base64url');\n\t\t\tcase 'base64':\n\t\t\t\treturn uint8ArrayFromString(input, 'base64');\n\t\t\tcase 'hex':\n\t\t\t\treturn hexToBytes(input);\n\t\t\tcase 'utf8':\n\t\t\t\treturn utf8ToBytes(input);\n\t\t\tdefault:\n\t\t\t\treturn uint8ArrayFromString(input, 'base64url');\n\t\t}\n\t}\n\n\tthrow new Error('Invalid input type');\n}\n\n/**\n * Convert Uint8Array to string in specified encoding\n */\nfunction fromBytes(bytes: Uint8Array, encoding: Encoding = 'base64url'): string | Uint8Array {\n\tswitch (encoding) {\n\t\tcase 'base64url':\n\t\t\treturn uint8ArrayToString(bytes, 'base64url');\n\t\tcase 'base64':\n\t\t\treturn uint8ArrayToString(bytes, 'base64');\n\t\tcase 'hex':\n\t\t\treturn bytesToHex(bytes);\n\t\tcase 'utf8':\n\t\t\treturn uint8ArrayToString(bytes, 'utf8');\n\t\tcase 'bytes':\n\t\t\treturn bytes;\n\t\tdefault:\n\t\t\treturn uint8ArrayToString(bytes, 'base64url');\n\t}\n}\n\n/**\n * Compute hash digest of input data\n *\n * @param data - Data to hash (base64url string or Uint8Array)\n * @param algorithm - Hash algorithm (default: 'sha256')\n * @param inputEncoding - Encoding of input string (default: 'base64url')\n * @param outputEncoding - Encoding of output (default: 'base64url')\n * @returns Hash digest in specified encoding\n *\n * @example\n * ```typescript\n * // Hash UTF-8 text, output as base64url\n * const hash = digest('hello world', 'sha256', 'utf8');\n *\n * // Hash base64url data with SHA-512\n * const hash2 = digest('SGVsbG8', 'sha512');\n *\n * // Get raw bytes\n * const bytes = digest('data', 'blake3', 'utf8', 'bytes');\n * ```\n */\nexport function digest(\n\tdata: string | Uint8Array,\n\talgorithm: HashAlgorithm = 'sha256',\n\tinputEncoding: Encoding = 'base64url',\n\toutputEncoding: Encoding = 'base64url'\n): string | Uint8Array {\n\tconst bytes = toBytes(data, inputEncoding);\n\n\tlet hashBytes: Uint8Array;\n\tswitch (algorithm) {\n\t\tcase 'sha256':\n\t\t\thashBytes = sha256(bytes);\n\t\t\tbreak;\n\t\tcase 'sha512':\n\t\t\thashBytes = sha512(bytes);\n\t\t\tbreak;\n\t\tcase 'blake3':\n\t\t\thashBytes = blake3(bytes);\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported hash algorithm: ${algorithm}`);\n\t}\n\n\treturn fromBytes(hashBytes, outputEncoding);\n}\n\n/**\n * Hash data and return modulo of specified bit length\n * Useful for generating fixed-size hash values (e.g., 16-bit, 32-bit)\n *\n * @param data - Data to hash\n * @param bits - Number of bits for the result (e.g., 16 for 16-bit hash)\n * @param algorithm - Hash algorithm (default: 'sha256')\n * @param inputEncoding - Encoding of input string (default: 'base64url')\n * @returns Integer hash value modulo 2^bits\n *\n * @example\n * ```typescript\n * // Get 16-bit hash (0-65535)\n * const hash16 = hashMod('hello', 16, 'sha256', 'utf8');\n *\n * // Get 32-bit hash\n * const hash32 = hashMod('world', 32, 'sha256', 'utf8');\n * ```\n */\nexport function hashMod(\n\tdata: string | Uint8Array,\n\tbits: number,\n\talgorithm: HashAlgorithm = 'sha256',\n\tinputEncoding: Encoding = 'base64url'\n): number {\n\tif (bits <= 0 || bits > 53) {\n\t\tthrow new Error('Bits must be between 1 and 53 (JavaScript safe integer limit)');\n\t}\n\n\tconst hashBytes = toBytes(digest(data, algorithm, inputEncoding, 'base64url') as string, 'base64url');\n\n\t// Take first 8 bytes and convert to number\n\tconst view = new DataView(hashBytes.buffer, hashBytes.byteOffset, Math.min(8, hashBytes.length));\n\tconst fullHash = view.getBigUint64(0, false); // big-endian\n\n\t// Modulo by 2^bits\n\tconst modulus = BigInt(2) ** BigInt(bits);\n\tconst result = fullHash % modulus;\n\n\treturn Number(result);\n}\n\n/**\n * Sign data with a private key\n *\n * @param data - Data to sign (typically a hash)\n * @param privateKey - Private key (base64url string or Uint8Array)\n * @param curve - Elliptic curve (default: 'secp256k1')\n * @param inputEncoding - Encoding of data input (default: 'base64url')\n * @param keyEncoding - Encoding of private key (default: 'base64url')\n * @param outputEncoding - Encoding of signature output (default: 'base64url')\n * @returns Signature in specified encoding\n *\n * @example\n * ```typescript\n * // Sign a hash with secp256k1\n * const sig = sign(hashData, privateKey);\n *\n * // Sign with Ed25519\n * const sig2 = sign(hashData, privateKey, 'ed25519');\n * ```\n */\nexport function sign(\n\tdata: string | Uint8Array,\n\tprivateKey: string | Uint8Array,\n\tcurve: CurveType = 'secp256k1',\n\tinputEncoding: Encoding = 'base64url',\n\tkeyEncoding: Encoding = 'base64url',\n\toutputEncoding: Encoding = 'base64url'\n): string | Uint8Array {\n\tconst dataBytes = toBytes(data, inputEncoding);\n\tconst keyBytes = toBytes(privateKey, keyEncoding);\n\n\tlet sigBytes: Uint8Array;\n\n\tswitch (curve) {\n\t\tcase 'secp256k1': {\n\t\t\tconst sig = secp256k1.sign(dataBytes, keyBytes, { lowS: true });\n\t\t\tsigBytes = sig.toCompactRawBytes();\n\t\t\tbreak;\n\t\t}\n\t\tcase 'p256': {\n\t\t\tconst sig = p256.sign(dataBytes, keyBytes, { lowS: true });\n\t\t\tsigBytes = sig.toCompactRawBytes();\n\t\t\tbreak;\n\t\t}\n\t\tcase 'ed25519': {\n\t\t\tsigBytes = ed25519.sign(dataBytes, keyBytes);\n\t\t\tbreak;\n\t\t}\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported curve: ${curve}`);\n\t}\n\n\treturn fromBytes(sigBytes, outputEncoding);\n}\n\n/**\n * Verify a signature\n *\n * @param data - Data that was signed\n * @param signature - Signature to verify\n * @param publicKey - Public key\n * @param curve - Elliptic curve (default: 'secp256k1')\n * @param inputEncoding - Encoding of data input (default: 'base64url')\n * @param sigEncoding - Encoding of signature (default: 'base64url')\n * @param keyEncoding - Encoding of public key (default: 'base64url')\n * @returns true if signature is valid, false otherwise\n *\n * @example\n * ```typescript\n * // Verify a signature\n * const isValid = verify(hashData, signature, publicKey);\n *\n * // Verify with Ed25519\n * const isValid2 = verify(hashData, signature, publicKey, 'ed25519');\n * ```\n */\nexport function verify(\n\tdata: string | Uint8Array,\n\tsignature: string | Uint8Array,\n\tpublicKey: string | Uint8Array,\n\tcurve: CurveType = 'secp256k1',\n\tinputEncoding: Encoding = 'base64url',\n\tsigEncoding: Encoding = 'base64url',\n\tkeyEncoding: Encoding = 'base64url'\n): boolean {\n\ttry {\n\t\tconst dataBytes = toBytes(data, inputEncoding);\n\t\tconst sigBytes = toBytes(signature, sigEncoding);\n\t\tconst keyBytes = toBytes(publicKey, keyEncoding);\n\n\t\tswitch (curve) {\n\t\t\tcase 'secp256k1': {\n\t\t\t\treturn secp256k1.verify(sigBytes, dataBytes, keyBytes);\n\t\t\t}\n\t\t\tcase 'p256': {\n\t\t\t\treturn p256.verify(sigBytes, dataBytes, keyBytes);\n\t\t\t}\n\t\t\tcase 'ed25519': {\n\t\t\t\treturn ed25519.verify(sigBytes, dataBytes, keyBytes);\n\t\t\t}\n\t\t\tdefault:\n\t\t\t\tthrow new Error(`Unsupported curve: ${curve}`);\n\t\t}\n\t} catch {\n\t\treturn false;\n\t}\n}\n\n/**\n * Generate cryptographically secure random bytes\n *\n * @param bits - Number of bits to generate (default: 256)\n * @param encoding - Output encoding (default: 'base64url')\n * @returns Random bytes in the specified encoding\n */\nexport function randomBytes(bits: number = 256, encoding: Encoding = 'base64url'): string | Uint8Array {\n\tconst bytes = Math.ceil(bits / 8);\n\tconst randomBytesArray = new Uint8Array(bytes);\n\tcrypto.getRandomValues(randomBytesArray);\n\treturn fromBytes(randomBytesArray, encoding);\n}\n\n/**\n * Generate a random private key\n */\nexport function generatePrivateKey(curve: CurveType = 'secp256k1', encoding: Encoding = 'base64url'): string | Uint8Array {\n\tlet keyBytes: Uint8Array;\n\n\tswitch (curve) {\n\t\tcase 'secp256k1':\n\t\t\tkeyBytes = secp256k1.utils.randomPrivateKey();\n\t\t\tbreak;\n\t\tcase 'p256':\n\t\t\tkeyBytes = p256.utils.randomPrivateKey();\n\t\t\tbreak;\n\t\tcase 'ed25519':\n\t\t\tkeyBytes = ed25519.utils.randomPrivateKey();\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported curve: ${curve}`);\n\t}\n\n\treturn fromBytes(keyBytes, encoding);\n}\n\n/**\n * Get public key from private key\n */\nexport function getPublicKey(\n\tprivateKey: string | Uint8Array,\n\tcurve: CurveType = 'secp256k1',\n\tkeyEncoding: Encoding = 'base64url',\n\toutputEncoding: Encoding = 'base64url'\n): string | Uint8Array {\n\tconst keyBytes = toBytes(privateKey, keyEncoding);\n\n\tlet pubBytes: Uint8Array;\n\n\tswitch (curve) {\n\t\tcase 'secp256k1':\n\t\t\tpubBytes = secp256k1.getPublicKey(keyBytes);\n\t\t\tbreak;\n\t\tcase 'p256':\n\t\t\tpubBytes = p256.getPublicKey(keyBytes);\n\t\t\tbreak;\n\t\tcase 'ed25519':\n\t\t\tpubBytes = ed25519.getPublicKey(keyBytes);\n\t\t\tbreak;\n\t\tdefault:\n\t\t\tthrow new Error(`Unsupported curve: ${curve}`);\n\t}\n\n\treturn fromBytes(pubBytes, outputEncoding);\n}\n\n","/**\r\n * Digest Function for Quereus\r\n *\r\n * Computes the hash of all arguments combined.\r\n * Uses SHA-256 from @noble/hashes for portable implementation.\r\n * Compatible with React Native and all JS environments.\r\n */\r\n\r\nimport { sha256 } from '@noble/hashes/sha2';\r\nimport { sha512 } from '@noble/hashes/sha2';\r\nimport { blake3 } from '@noble/hashes/blake3';\r\nimport { concatBytes, utf8ToBytes } from '@noble/hashes/utils';\r\n\r\n/**\r\n * Hash algorithm options\r\n */\r\nexport type HashAlgorithm = 'sha256' | 'sha512' | 'blake3';\r\n\r\n/**\r\n * Input type for digest function - can be string, Uint8Array, or number\r\n */\r\nexport type DigestInput = string | Uint8Array | number | boolean | null | undefined;\r\n\r\n/**\r\n * Options for the digest function\r\n */\r\nexport interface DigestOptions {\r\n /** Hash algorithm to use (default: sha256) */\r\n algorithm?: HashAlgorithm;\r\n /** Output format (default: uint8array) */\r\n output?: 'uint8array' | 'hex';\r\n}\r\n\r\n/**\r\n * Convert various input types to Uint8Array for hashing\r\n */\r\nfunction inputToBytes(input: DigestInput): Uint8Array {\r\n if (input === null || input === undefined) {\r\n return new Uint8Array(0);\r\n }\r\n\r\n if (typeof input === 'string') {\r\n return utf8ToBytes(input);\r\n }\r\n\r\n if (input instanceof Uint8Array) {\r\n return input;\r\n }\r\n\r\n if (typeof input === 'number') {\r\n // Convert number to 8-byte big-endian representation\r\n const buffer = new ArrayBuffer(8);\r\n const view = new DataView(buffer);\r\n view.setFloat64(0, input, false); // big-endian\r\n return new Uint8Array(buffer);\r\n }\r\n\r\n if (typeof input === 'boolean') {\r\n return new Uint8Array([input ? 1 : 0]);\r\n }\r\n\r\n // Fallback: convert to string then to bytes\r\n return utf8ToBytes(String(input));\r\n}\r\n\r\n/**\r\n * Get hash function based on algorithm\r\n */\r\nfunction getHashFunction(algorithm: HashAlgorithm): (data: Uint8Array) => Uint8Array {\r\n switch (algorithm) {\r\n case 'sha256':\r\n return sha256;\r\n case 'sha512':\r\n return sha512;\r\n case 'blake3':\r\n return blake3;\r\n default:\r\n throw new Error(`Unsupported hash algorithm: ${algorithm}`);\r\n }\r\n}\r\n\r\n/**\r\n * Computes the hash of all arguments\r\n *\r\n * @param {...DigestInput} args - Variable number of arguments to hash\r\n * @returns {Uint8Array} The computed hash as a Uint8Array\r\n *\r\n * @example\r\n * ```typescript\r\n * // Hash a string\r\n * const hash1 = Digest('hello world');\r\n *\r\n * // Hash multiple arguments\r\n * const hash2 = Digest('user:', 123, 'session');\r\n *\r\n * // Hash with specific algorithm\r\n * const hash3 = Digest.withOptions({ algorithm: 'sha512' })('data1', 'data2');\r\n *\r\n * // Get hex output\r\n * const hexHash = Digest.withOptions({ output: 'hex' })('hello');\r\n * ```\r\n */\r\nexport function Digest(...args: DigestInput[]): Uint8Array {\r\n return DigestWithOptions({ algorithm: 'sha256', output: 'uint8array' }, ...args) as Uint8Array;\r\n}\r\n\r\n/**\r\n * Digest function with custom options\r\n */\r\nexport function DigestWithOptions(options: DigestOptions, ...args: DigestInput[]): Uint8Array | string {\r\n const algorithm = options.algorithm || 'sha256';\r\n const output = options.output || 'uint8array';\r\n\r\n // Convert all arguments to bytes and concatenate\r\n const byteArrays = args.map(inputToBytes);\r\n const combined = concatBytes(...byteArrays);\r\n\r\n // Hash the combined data\r\n const hashFunction = getHashFunction(algorithm);\r\n const hash = hashFunction(combined);\r\n\r\n // Return in requested format\r\n if (output === 'hex') {\r\n return Array.from(hash)\r\n .map(b => b.toString(16).padStart(2, '0'))\r\n .join('');\r\n }\r\n\r\n return hash;\r\n}\r\n\r\n/**\r\n * Create a digest function with preset options\r\n */\r\nDigest.withOptions = (options: DigestOptions) => {\r\n return (...args: DigestInput[]) => DigestWithOptions(options, ...args);\r\n};\r\n\r\n/**\r\n * Convenience functions for specific algorithms\r\n */\r\nDigest.sha256 = (...args: DigestInput[]): Uint8Array => {\r\n return DigestWithOptions({ algorithm: 'sha256' }, ...args) as Uint8Array;\r\n};\r\n\r\nDigest.sha512 = (...args: DigestInput[]): Uint8Array => {\r\n return DigestWithOptions({ algorithm: 'sha512' }, ...args) as Uint8Array;\r\n};\r\n\r\nDigest.blake3 = (...args: DigestInput[]): Uint8Array => {\r\n return DigestWithOptions({ algorithm: 'blake3' }, ...args) as Uint8Array;\r\n};\r\n\r\n/**\r\n * Hex output variants\r\n */\r\nDigest.hex = (...args: DigestInput[]): string => {\r\n return DigestWithOptions({ algorithm: 'sha256', output: 'hex' }, ...args) as string;\r\n};\r\n\r\nDigest.sha256Hex = (...args: DigestInput[]): string => {\r\n return DigestWithOptions({ algorithm: 'sha256', output: 'hex' }, ...args) as string;\r\n};\r\n\r\nDigest.sha512Hex = (...args: DigestInput[]): string => {\r\n return DigestWithOptions({ algorithm: 'sha512', output: 'hex' }, ...args) as string;\r\n};\r\n\r\nDigest.blake3Hex = (...args: DigestInput[]): string => {\r\n return DigestWithOptions({ algorithm: 'blake3', output: 'hex' }, ...args) as string;\r\n};\r\n\r\nexport default Digest;\r\n","/**\r\n * Sign Function for Quereus\r\n *\r\n * Returns the signature for the given payload using an ECC private key.\r\n * Uses secp256k1 from @noble/curves for portable implementation.\r\n * Compatible with React Native and all JS environments.\r\n */\r\n\r\nimport { secp256k1 } from '@noble/curves/secp256k1';\r\nimport { p256 } from '@noble/curves/nist';\r\nimport { ed25519 } from '@noble/curves/ed25519';\r\nimport { bytesToHex, hexToBytes } from '@noble/curves/abstract/utils';\r\n\r\n/**\r\n * Supported elliptic curve types\r\n */\r\nexport type CurveType = 'secp256k1' | 'p256' | 'ed25519';\r\n\r\n/**\r\n * Private key input - can be Uint8Array, hex string, or bigint\r\n */\r\nexport type PrivateKeyInput = Uint8Array | string | bigint;\r\n\r\n/**\r\n * Digest input - can be Uint8Array or hex string\r\n */\r\nexport type DigestInput = Uint8Array | string;\r\n\r\n/**\r\n * Signature output format options\r\n */\r\nexport type SignatureFormat = 'uint8array' | 'hex' | 'compact' | 'der';\r\n\r\n/**\r\n * Options for the Sign function\r\n */\r\nexport interface SignOptions {\r\n /** Elliptic curve to use (default: secp256k1) */\r\n curve?: CurveType;\r\n /** Output format for signature (default: uint8array) */\r\n format?: SignatureFormat;\r\n /** Additional entropy for signatures (hedged signatures) */\r\n extraEntropy?: boolean | Uint8Array;\r\n /** Use low-S canonical signatures (default: true) */\r\n lowS?: boolean;\r\n}\r\n\r\n/**\r\n * Normalize private key input to Uint8Array\r\n */\r\nfunction normalizePrivateKey(privateKey: PrivateKeyInput): Uint8Array {\r\n if (privateKey instanceof Uint8Array) {\r\n return privateKey;\r\n }\r\n\r\n if (typeof privateKey === 'string') {\r\n // Assume hex string\r\n return hexToBytes(privateKey);\r\n }\r\n\r\n if (typeof privateKey === 'bigint') {\r\n // Convert bigint to 32-byte array (for secp256k1/p256)\r\n const hex = privateKey.toString(16).padStart(64, '0');\r\n return hexToBytes(hex);\r\n }\r\n\r\n throw new Error('Invalid private key format');\r\n}\r\n\r\n/**\r\n * Normalize digest input to Uint8Array\r\n */\r\nfunction normalizeDigest(digest: DigestInput): Uint8Array {\r\n if (digest instanceof Uint8Array) {\r\n return digest;\r\n }\r\n\r\n if (typeof digest === 'string') {\r\n return hexToBytes(digest);\r\n }\r\n\r\n throw new Error('Invalid digest format');\r\n}\r\n\r\n/**\r\n * Format signature based on requested format\r\n */\r\nfunction formatSignature(signature: any, format: SignatureFormat, curve: CurveType): Uint8Array | string {\r\n switch (format) {\r\n case 'uint8array':\r\n if (curve === 'ed25519') {\r\n return signature;\r\n }\r\n return signature.toCompactRawBytes();\r\n\r\n case 'hex':\r\n if (curve === 'ed25519') {\r\n return bytesToHex(signature);\r\n }\r\n return signature.toCompactHex();\r\n\r\n case 'compact':\r\n if (curve === 'ed25519') {\r\n return signature;\r\n }\r\n return signature.toCompactRawBytes();\r\n\r\n case 'der':\r\n if (curve === 'ed25519') {\r\n throw new Error('DER format not supported for ed25519');\r\n }\r\n // Note: DER encoding would require additional implementation\r\n // For now, fall back to compact\r\n return signature.toCompactRawBytes();\r\n\r\n default:\r\n throw new Error(`Unsupported signature format: ${format}`);\r\n }\r\n}\r\n\r\n/**\r\n * Sign a digest using the specified private key and curve\r\n *\r\n * @param {DigestInput} digest - The digest/hash to sign\r\n * @param {PrivateKeyInput} privateKey - The private key to use for signing\r\n * @param {SignOptions} [options] - Optional signing parameters\r\n * @returns {Uint8Array | string} The signature in the requested format\r\n *\r\n * @example\r\n * ```typescript\r\n * // Basic usage with secp256k1\r\n * const digest = new Uint8Array(32).fill(1); // Your hash here\r\n * const privateKey = 'a'.repeat(64); // Your private key hex\r\n * const signature = Sign(digest, privateKey);\r\n *\r\n * // With specific curve and format\r\n * const sig = Sign(digest, privateKey, {\r\n * curve: 'p256',\r\n * format: 'hex'\r\n * });\r\n *\r\n * // With hedged signatures for extra security\r\n * const hedgedSig = Sign(digest, privateKey, {\r\n * extraEntropy: true\r\n * });\r\n * ```\r\n */\r\nexport function Sign(\r\n digest: DigestInput,\r\n privateKey: PrivateKeyInput,\r\n options: SignOptions = {}\r\n): Uint8Array | string {\r\n const {\r\n curve = 'secp256k1',\r\n format = 'uint8array',\r\n extraEntropy = false,\r\n lowS = true,\r\n } = options;\r\n\r\n const normalizedDigest = normalizeDigest(digest);\r\n const normalizedPrivateKey = normalizePrivateKey(privateKey);\r\n\r\n let signature: any;\r\n\r\n switch (curve) {\r\n case 'secp256k1': {\r\n const signOptions: any = { lowS };\r\n if (extraEntropy) {\r\n signOptions.extraEntropy = extraEntropy;\r\n }\r\n signature = secp256k1.sign(normalizedDigest, normalizedPrivateKey, signOptions);\r\n break;\r\n }\r\n\r\n case 'p256': {\r\n const signOptions: any = { lowS };\r\n if (extraEntropy) {\r\n signOptions.extraEntropy = extraEntropy;\r\n }\r\n signature = p256.sign(normalizedDigest, normalizedPrivateKey, signOptions);\r\n break;\r\n }\r\n\r\n case 'ed25519': {\r\n signature = ed25519.sign(normalizedDigest, normalizedPrivateKey);\r\n break;\r\n }\r\n\r\n default:\r\n throw new Error(`Unsupported curve: ${curve}`);\r\n }\r\n\r\n return formatSignature(signature, format, curve);\r\n}\r\n\r\n/**\r\n * Convenience functions for specific curves\r\n */\r\nSign.secp256k1 = (digest: DigestInput, privateKey: PrivateKeyInput, options: Omit<SignOptions, 'curve'> = {}) => {\r\n return Sign(digest, privateKey, { ...options, curve: 'secp256k1' });\r\n};\r\n\r\nSign.p256 = (digest: DigestInput, privateKey: PrivateKeyInput, options: Omit<SignOptions, 'curve'> = {}) => {\r\n return Sign(digest, privateKey, { ...options, curve: 'p256' });\r\n};\r\n\r\nSign.ed25519 = (digest: DigestInput, privateKey: PrivateKeyInput, options: Omit<SignOptions, 'curve'> = {}) => {\r\n return Sign(digest, privateKey, { ...options, curve: 'ed25519' });\r\n};\r\n\r\n/**\r\n * Generate a random private key for the specified curve\r\n */\r\nSign.generatePrivateKey = (curve: CurveType = 'secp256k1'): Uint8Array => {\r\n switch (curve) {\r\n case 'secp256k1':\r\n return secp256k1.utils.randomPrivateKey();\r\n case 'p256':\r\n return p256.utils.randomPrivateKey();\r\n case 'ed25519':\r\n return ed25519.utils.randomPrivateKey();\r\n default:\r\n throw new Error(`Unsupported curve: ${curve}`);\r\n }\r\n};\r\n\r\n/**\r\n * Get the public key for a given private key and curve\r\n */\r\nSign.getPublicKey = (privateKey: PrivateKeyInput, curve: CurveType = 'secp256k1'): Uint8Array => {\r\n const normalizedPrivateKey = normalizePrivateKey(privateKey);\r\n\r\n switch (curve) {\r\n case 'secp256k1':\r\n return secp256k1.getPublicKey(normalizedPrivateKey);\r\n case 'p256':\r\n return p256.getPublicKey(normalizedPrivateKey);\r\n case 'ed25519':\r\n return ed25519.getPublicKey(normalizedPrivateKey);\r\n default:\r\n throw new Error(`Unsupported curve: ${curve}`);\r\n }\r\n};\r\n\r\nexport default Sign;\r\n","/**\r\n * SignatureValid Function for Quereus\r\n *\r\n * Returns true if the ECC signature is valid for the given digest and public key.\r\n * Uses @noble/curves for portable implementation.\r\n * Compatible with React Native and all JS environments.\r\n */\r\n\r\nimport { secp256k1 } from '@noble/curves/secp256k1';\r\nimport { p256 } from '@noble/curves/nist';\r\nimport { ed25519 } from '@noble/curves/ed25519';\r\nimport { hexToBytes } from '@noble/curves/abstract/utils';\r\n\r\n/**\r\n * Supported elliptic curve types\r\n */\r\nexport type CurveType = 'secp256k1' | 'p256' | 'ed25519';\r\n\r\n/**\r\n * Input types that can be Uint8Array or hex string\r\n */\r\nexport type BytesInput = Uint8Array | string;\r\n\r\n/**\r\n * Options for signature verification\r\n */\r\nexport interface VerifyOptions {\r\n /** Elliptic curve to use (default: secp256k1) */\r\n curve?: CurveType;\r\n /** Signature format (default: auto-detect) */\r\n signatureFormat?: 'compact' | 'der' | 'raw';\r\n /** Allow malleable signatures (default: false for ECDSA, true for EdDSA) */\r\n allowMalleableSignatures?: boolean;\r\n}\r\n\r\n/**\r\n * Normalize input to Uint8Array\r\n */\r\nfunction normalizeBytes(input: BytesInput): Uint8Array {\r\n if (input instanceof Uint8Array) {\r\n return input;\r\n }\r\n\r\n if (typeof input === 'string') {\r\n return hexToBytes(input);\r\n }\r\n\r\n throw new Error('Invalid input format - expected Uint8Array or hex string');\r\n}\r\n\r\n/**\r\n * Auto-detect signature format based on length and curve\r\n */\r\nfunction detectSignatureFormat(signature: Uint8Array, curve: CurveType): 'compact' | 'der' | 'raw' {\r\n const length = signature.length;\r\n\r\n if (curve === 'ed25519') {\r\n return 'raw'; // Ed25519 signatures are always 64 bytes\r\n }\r\n\r\n // For ECDSA curves (secp256k1, p256)\r\n if (length === 64) {\r\n return 'compact'; // r + s concatenated (32 + 32 bytes)\r\n }\r\n\r\n if (length >= 70 && length <= 72 && signature[0] === 0x30) {\r\n return 'der'; // DER encoding starts with 0x30\r\n }\r\n\r\n // Default to compact for shorter signatures\r\n return 'compact';\r\n}\r\n\r\n/**\r\n * Parse signature based on format and curve\r\n */\r\nfunction parseSignature(signature: Uint8Array, format: 'compact' | 'der' | 'raw', curve: CurveType): any {\r\n if (curve === 'ed25519') {\r\n // Ed25519 signatures are always raw 64-byte format\r\n return signature;\r\n }\r\n\r\n // For ECDSA curves\r\n switch (format) {\r\n case 'compact':\r\n if (curve === 'secp256k1') {\r\n return secp256k1.Signature.fromCompact(signature);\r\n } else if (curve === 'p256') {\r\n return p256.Signature.fromCompact(signature);\r\n }\r\n break;\r\n\r\n case 'der':\r\n if (curve === 'secp256k1') {\r\n return secp256k1.Signature.fromDER(signature);\r\n } else if (curve === 'p256') {\r\n return p256.Signature.fromDER(signature);\r\n }\r\n break;\r\n\r\n case 'raw':\r\n // Treat as compact for ECDSA\r\n if (curve === 'secp256k1') {\r\n return secp256k1.Signature.fromCompact(signature);\r\n } else if (curve === 'p256') {\r\n return p256.Signature.fromCompact(signature);\r\n }\r\n break;\r\n }\r\n\r\n throw new Error(`Failed to parse signature for curve ${curve} with format ${format}`);\r\n}\r\n\r\n/**\r\n * Verify if an ECC signature is valid\r\n *\r\n * @param {BytesInput} digest - The digest/hash that was signed\r\n * @param {BytesInput} signature - The signature to verify\r\n * @param {BytesInput} publicKey - The public key to verify against\r\n * @param {VerifyOptions} [options] - Optional verification parameters\r\n * @returns {boolean} True if the signature is valid, false otherwise\r\n *\r\n * @example\r\n * ```typescript\r\n * // Basic usage with secp256k1\r\n * const isValid = SignatureValid(digest, signature, publicKey);\r\n *\r\n * // With specific curve\r\n * const isValid = SignatureValid(digest, signature, publicKey, {\r\n * curve: 'p256'\r\n * });\r\n *\r\n * // With specific signature format\r\n * const isValid = SignatureValid(digest, signature, publicKey, {\r\n * curve: 'secp256k1',\r\n * signatureFormat: 'der'\r\n * });\r\n *\r\n * // Allow malleable signatures\r\n * const isValid = SignatureValid(digest, signature, publicKey, {\r\n * allowMalleableSignatures: true\r\n * });\r\n * ```\r\n */\r\nexport function SignatureValid(\r\n digest: BytesInput,\r\n signature: BytesInput,\r\n publicKey: BytesInput,\r\n options: VerifyOptions = {}\r\n): boolean {\r\n try {\r\n const {\r\n curve = 'secp256k1',\r\n signatureFormat,\r\n allowMalleableSignatures,\r\n } = options;\r\n\r\n const normalizedDigest = normalizeBytes(digest);\r\n const normalizedSignature = normalizeBytes(signature);\r\n const normalizedPublicKey = normalizeBytes(publicKey);\r\n\r\n // Auto-detect signature format if not specified\r\n const detectedFormat = signatureFormat || detectSignatureFormat(normalizedSignature, curve);\r\n\r\n // Parse the signature\r\n const parsedSignature = parseSignature(normalizedSignature, detectedFormat, curve);\r\n\r\n // Set up verification options\r\n const verifyOptions: any = {};\r\n\r\n // Handle malleable signatures for ECDSA curves\r\n if (curve !== 'ed25519' && allowMalleableSignatures !== undefined) {\r\n verifyOptions.lowS = !allowMalleableSignatures;\r\n }\r\n\r\n // Verify the signature\r\n switch (curve) {\r\n case 'secp256k1':\r\n return secp256k1.verify(parsedSignature, normalizedDigest, normalizedPublicKey, verifyOptions);\r\n\r\n case 'p256':\r\n return p256.verify(parsedSignature, normalizedDigest, normalizedPublicKey, verifyOptions);\r\n\r\n case 'ed25519':\r\n return ed25519.verify(parsedSignature, normalizedDigest, normalizedPublicKey);\r\n\r\n default:\r\n throw new Error(`Unsupported curve: ${curve}`);\r\n }\r\n } catch (error) {\r\n // If any error occurs during verification, the signature is invalid\r\n return false;\r\n }\r\n}\r\n\r\n/**\r\n * Convenience functions for specific curves\r\n */\r\nSignatureValid.secp256k1 = (\r\n digest: BytesInput,\r\n signature: BytesInput,\r\n publicKey: BytesInput,\r\n options: Omit<VerifyOptions, 'curve'> = {}\r\n): boolean => {\r\n return SignatureValid(digest, signature, publicKey, { ...options, curve: 'secp256k1' });\r\n};\r\n\r\nSignatureValid.p256 = (\r\n digest: BytesInput,\r\n signature: BytesInput,\r\n publicKey: BytesInput,\r\n options: Omit<VerifyOptions, 'curve'> = {}\r\n): boolean => {\r\n return SignatureValid(digest, signature, publicKey, { ...options, curve: 'p256' });\r\n};\r\n\r\nSignatureValid.ed25519 = (\r\n digest: BytesInput,\r\n signature: BytesInput,\r\n publicKey: BytesInput,\r\n options: Omit<VerifyOptions, 'curve'> = {}\r\n): boolean => {\r\n return SignatureValid(digest, signature, publicKey, { ...options, curve: 'ed25519' });\r\n};\r\n\r\n/**\r\n * Batch verify multiple signatures (more efficient for multiple verifications)\r\n */\r\nSignatureValid.batch = (\r\n verifications: Array<{\r\n digest: BytesInput;\r\n signature: BytesInput;\r\n publicKey: BytesInput;\r\n options?: VerifyOptions;\r\n }>\r\n): boolean[] => {\r\n return verifications.map(({ digest, signature, publicKey, options }) =>\r\n SignatureValid(digest, signature, publicKey, options)\r\n );\r\n};\r\n\r\n/**\r\n * Verify and return detailed information about the verification\r\n */\r\nSignatureValid.detailed = (\r\n digest: BytesInput,\r\n signature: BytesInput,\r\n publicKey: BytesInput,\r\n options: VerifyOptions = {}\r\n): {\r\n valid: boolean;\r\n curve: CurveType;\r\n signatureFormat: string;\r\n error?: string;\r\n} => {\r\n const curve = options.curve || 'secp256k1';\r\n\r\n try {\r\n const normalizedSignature = normalizeBytes(signature);\r\n const detectedFormat = options.signatureFormat || detectSignatureFormat(normalizedSignature, curve);\r\n\r\n const valid = SignatureValid(digest, signature, publicKey, options);\r\n\r\n return {\r\n valid,\r\n curve,\r\n signatureFormat: detectedFormat,\r\n };\r\n } catch (error) {\r\n return {\r\n valid: false,\r\n curve,\r\n signatureFormat: 'unknown',\r\n error: error instanceof Error ? error.message : 'Unknown error',\r\n };\r\n }\r\n};\r\n\r\nexport default SignatureValid;\r\n"]}

package/dist/plugin.d.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import { Database, SqlValue, FunctionFlags } from '@quereus/quereus';
+/**
+ * Quereus Plugin Entry Point for Crypto Functions
+ *
+ * This module provides the plugin registration following Quereus 0.4.5 format.
+ * All metadata is in package.json - no manifest export needed.
+ */
+/**
+ * Plugin registration function
+ * This is called by Quereus when the plugin is loaded
+ */
+declare function register(_db: Database, _config?: Record<string, SqlValue>): {
+    functions: ({
+        schema: {
+            name: string;
+            numArgs: number;
+            flags: FunctionFlags;
+            returnType: {
+                typeClass: "scalar";
+                sqlType: string;
+            };
+            implementation: (...args: SqlValue[]) => string | Uint8Array<ArrayBufferLike>;
+        };
+    } | {
+        schema: {
+            name: string;
+            numArgs: number;
+            flags: FunctionFlags;
+            returnType: {
+                typeClass: "scalar";
+                sqlType: string;
+            };
+            implementation: (...args: SqlValue[]) => number;
+        };
+    })[];
+    vtables: never[];
+    collations: never[];
+};
+export { register as default };