@pooflabs/web 0.0.85-rc3 → 0.0.87

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/dist/auth/providers/solana-mobile-wallet-provider.d.ts +43 -0
  2. package/dist/{index-B5qYY4YM.js → index-B-x9RTF7.js} +2 -2
  3. package/dist/index-B-x9RTF7.js.map +1 -0
  4. package/dist/{index-BaKs3A8s.js → index-BKN0IwAx.js} +3054 -300
  5. package/dist/index-BKN0IwAx.js.map +1 -0
  6. package/dist/{index-C4AnWFs_.esm.js → index-BTwX7FYW.esm.js} +425 -119
  7. package/dist/index-BTwX7FYW.esm.js.map +1 -0
  8. package/dist/{index-BzeiIIwF.js → index-DYBdUxnT.js} +3055 -301
  9. package/dist/index-DYBdUxnT.js.map +1 -0
  10. package/dist/{index-bEXLwE7_.js → index-Dj1tZr6X.js} +426 -118
  11. package/dist/index-Dj1tZr6X.js.map +1 -0
  12. package/dist/{index-dqqR5q7b.esm.js → index-DofM-ue2.esm.js} +3054 -301
  13. package/dist/index-DofM-ue2.esm.js.map +1 -0
  14. package/dist/index-_k6pjuwx.esm.js +6 -0
  15. package/dist/index-_k6pjuwx.esm.js.map +1 -0
  16. package/dist/{index-BE-VWSJT.esm.js → index-x7a-wH2l.esm.js} +3055 -300
  17. package/dist/index-x7a-wH2l.esm.js.map +1 -0
  18. package/dist/{index.browser-D8ttddP4.esm.js → index.browser-Cndx2raY.esm.js} +506 -1876
  19. package/dist/index.browser-Cndx2raY.esm.js.map +1 -0
  20. package/dist/{index.browser-CN6obNQM.js → index.browser-D7-FFk3q.js} +506 -1876
  21. package/dist/index.browser-D7-FFk3q.js.map +1 -0
  22. package/dist/{index.browser-CZIJCtms.js → index.browser-DlA-NKvf.js} +1223 -2565
  23. package/dist/index.browser-DlA-NKvf.js.map +1 -0
  24. package/dist/{index.browser-DQIwLToJ.esm.js → index.browser-nVGFrIHK.esm.js} +1223 -2565
  25. package/dist/index.browser-nVGFrIHK.esm.js.map +1 -0
  26. package/dist/index.esm.js +1 -1
  27. package/dist/index.js +1 -1
  28. package/dist/{index.native-DLziTime.esm.js → index.native-19VsREMJ.esm.js} +43 -62
  29. package/dist/index.native-19VsREMJ.esm.js.map +1 -0
  30. package/dist/{index.native-pG1NTZ0f.js → index.native-D8vj3Lbr.js} +44 -61
  31. package/dist/index.native-D8vj3Lbr.js.map +1 -0
  32. package/dist/index.native.esm.js +1 -1
  33. package/dist/index.native.js +1 -1
  34. package/dist/{phantom-wallet-provider-zBp7-uEw.js → phantom-wallet-provider-BlZZa_3s.js} +4 -4
  35. package/dist/{phantom-wallet-provider-zBp7-uEw.js.map → phantom-wallet-provider-BlZZa_3s.js.map} +1 -1
  36. package/dist/{phantom-wallet-provider-CP6NXRwG.esm.js → phantom-wallet-provider-Bz3qEFzX.esm.js} +4 -4
  37. package/dist/{phantom-wallet-provider-CP6NXRwG.esm.js.map → phantom-wallet-provider-Bz3qEFzX.esm.js.map} +1 -1
  38. package/dist/{privy-wallet-provider-CoyW5Gdg.js → privy-wallet-provider-CqCgq7uT.js} +3 -3
  39. package/dist/privy-wallet-provider-CqCgq7uT.js.map +1 -0
  40. package/dist/{privy-wallet-provider-CGYvf3-r.esm.js → privy-wallet-provider-DgNFzioA.esm.js} +3 -3
  41. package/dist/privy-wallet-provider-DgNFzioA.esm.js.map +1 -0
  42. package/dist/{solana-mobile-wallet-provider-B8rHfsPN.esm.js → solana-mobile-wallet-provider-EeQsBTdr.esm.js} +385 -60
  43. package/dist/solana-mobile-wallet-provider-EeQsBTdr.esm.js.map +1 -0
  44. package/dist/{solana-mobile-wallet-provider-CN-D_H4l.js → solana-mobile-wallet-provider-VqIGfdMV.js} +385 -60
  45. package/dist/solana-mobile-wallet-provider-VqIGfdMV.js.map +1 -0
  46. package/package.json +1 -1
  47. package/dist/index-B5qYY4YM.js.map +0 -1
  48. package/dist/index-BE-VWSJT.esm.js.map +0 -1
  49. package/dist/index-BaKs3A8s.js.map +0 -1
  50. package/dist/index-BzeiIIwF.js.map +0 -1
  51. package/dist/index-C4AnWFs_.esm.js.map +0 -1
  52. package/dist/index-TzHXEf3-.esm.js +0 -6
  53. package/dist/index-TzHXEf3-.esm.js.map +0 -1
  54. package/dist/index-bEXLwE7_.js.map +0 -1
  55. package/dist/index-dqqR5q7b.esm.js.map +0 -1
  56. package/dist/index.browser-CN6obNQM.js.map +0 -1
  57. package/dist/index.browser-CZIJCtms.js.map +0 -1
  58. package/dist/index.browser-D8ttddP4.esm.js.map +0 -1
  59. package/dist/index.browser-DQIwLToJ.esm.js.map +0 -1
  60. package/dist/index.native-DLziTime.esm.js.map +0 -1
  61. package/dist/index.native-pG1NTZ0f.js.map +0 -1
  62. package/dist/privy-wallet-provider-CGYvf3-r.esm.js.map +0 -1
  63. package/dist/privy-wallet-provider-CoyW5Gdg.js.map +0 -1
  64. package/dist/solana-mobile-wallet-provider-B8rHfsPN.esm.js.map +0 -1
  65. package/dist/solana-mobile-wallet-provider-CN-D_H4l.js.map +0 -1
package/dist/{index-dqqR5q7b.esm.js → index-DofM-ue2.esm.js} RENAMED
@@ -1,8 +1,7 @@
1
1
  import * as React from 'react';
2
2
  import { useContext, createContext, useState, useMemo, useRef, useEffect, useCallback } from 'react';
3
3
  import globalAxios, { isAxiosError } from 'axios';
4
- import { b as bufferExports } from './index-TzHXEf3-.esm.js';
5
- import { o as getDefaultExportFromCjs, d as base58 } from './index.native-DLziTime.esm.js';
4
+ import { c as commonjsRequire, r as require$$0, b as bufferExports, g as getDefaultExportFromCjs, a as base58 } from './index-BTwX7FYW.esm.js';
6
5
  import { Transaction as Transaction$1, VersionedTransaction } from '@solana/web3.js';
7
6
  import { jsx, jsxs, Fragment } from 'react/jsx-runtime';
8
7
  import '@coral-xyz/anchor';
@@ -999,6 +998,2410 @@ function isSolanaChain(networkId) {
999
998
  return network === "solana";
1000
999
  }
1001
1000
 
1001
+ var naclFast = {exports: {}};
1002
+
1003
+ var hasRequiredNaclFast;
1004
+
1005
+ function requireNaclFast () {
1006
+ if (hasRequiredNaclFast) return naclFast.exports;
1007
+ hasRequiredNaclFast = 1;
1008
+ (function (module) {
1009
+ (function(nacl) {
1010
+
1011
+ // Ported in 2014 by Dmitry Chestnykh and Devi Mandiri.
1012
+ // Public domain.
1013
+ //
1014
+ // Implementation derived from TweetNaCl version 20140427.
1015
+ // See for details: http://tweetnacl.cr.yp.to/
1016
+
1017
+ var gf = function(init) {
1018
+ var i, r = new Float64Array(16);
1019
+ if (init) for (i = 0; i < init.length; i++) r[i] = init[i];
1020
+ return r;
1021
+ };
1022
+
1023
+ // Pluggable, initialized in high-level API below.
1024
+ var randombytes = function(/* x, n */) { throw new Error('no PRNG'); };
1025
+
1026
+ var _0 = new Uint8Array(16);
1027
+ var _9 = new Uint8Array(32); _9[0] = 9;
1028
+
1029
+ var gf0 = gf(),
1030
+ gf1 = gf([1]),
1031
+ _121665 = gf([0xdb41, 1]),
1032
+ D = gf([0x78a3, 0x1359, 0x4dca, 0x75eb, 0xd8ab, 0x4141, 0x0a4d, 0x0070, 0xe898, 0x7779, 0x4079, 0x8cc7, 0xfe73, 0x2b6f, 0x6cee, 0x5203]),
1033
+ D2 = gf([0xf159, 0x26b2, 0x9b94, 0xebd6, 0xb156, 0x8283, 0x149a, 0x00e0, 0xd130, 0xeef3, 0x80f2, 0x198e, 0xfce7, 0x56df, 0xd9dc, 0x2406]),
1034
+ X = gf([0xd51a, 0x8f25, 0x2d60, 0xc956, 0xa7b2, 0x9525, 0xc760, 0x692c, 0xdc5c, 0xfdd6, 0xe231, 0xc0a4, 0x53fe, 0xcd6e, 0x36d3, 0x2169]),
1035
+ Y = gf([0x6658, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666, 0x6666]),
1036
+ I = gf([0xa0b0, 0x4a0e, 0x1b27, 0xc4ee, 0xe478, 0xad2f, 0x1806, 0x2f43, 0xd7a7, 0x3dfb, 0x0099, 0x2b4d, 0xdf0b, 0x4fc1, 0x2480, 0x2b83]);
1037
+
1038
+ function ts64(x, i, h, l) {
1039
+ x[i] = (h >> 24) & 0xff;
1040
+ x[i+1] = (h >> 16) & 0xff;
1041
+ x[i+2] = (h >> 8) & 0xff;
1042
+ x[i+3] = h & 0xff;
1043
+ x[i+4] = (l >> 24) & 0xff;
1044
+ x[i+5] = (l >> 16) & 0xff;
1045
+ x[i+6] = (l >> 8) & 0xff;
1046
+ x[i+7] = l & 0xff;
1047
+ }
1048
+
1049
+ function vn(x, xi, y, yi, n) {
1050
+ var i,d = 0;
1051
+ for (i = 0; i < n; i++) d |= x[xi+i]^y[yi+i];
1052
+ return (1 & ((d - 1) >>> 8)) - 1;
1053
+ }
1054
+
1055
+ function crypto_verify_16(x, xi, y, yi) {
1056
+ return vn(x,xi,y,yi,16);
1057
+ }
1058
+
1059
+ function crypto_verify_32(x, xi, y, yi) {
1060
+ return vn(x,xi,y,yi,32);
1061
+ }
1062
+
1063
+ function core_salsa20(o, p, k, c) {
1064
+ var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,
1065
+ j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,
1066
+ j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,
1067
+ j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,
1068
+ j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,
1069
+ j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,
1070
+ j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,
1071
+ j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,
1072
+ j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,
1073
+ j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,
1074
+ j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,
1075
+ j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,
1076
+ j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,
1077
+ j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,
1078
+ j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,
1079
+ j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;
1080
+
1081
+ var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,
1082
+ x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,
1083
+ x15 = j15, u;
1084
+
1085
+ for (var i = 0; i < 20; i += 2) {
1086
+ u = x0 + x12 | 0;
1087
+ x4 ^= u<<7 | u>>>(32-7);
1088
+ u = x4 + x0 | 0;
1089
+ x8 ^= u<<9 | u>>>(32-9);
1090
+ u = x8 + x4 | 0;
1091
+ x12 ^= u<<13 | u>>>(32-13);
1092
+ u = x12 + x8 | 0;
1093
+ x0 ^= u<<18 | u>>>(32-18);
1094
+
1095
+ u = x5 + x1 | 0;
1096
+ x9 ^= u<<7 | u>>>(32-7);
1097
+ u = x9 + x5 | 0;
1098
+ x13 ^= u<<9 | u>>>(32-9);
1099
+ u = x13 + x9 | 0;
1100
+ x1 ^= u<<13 | u>>>(32-13);
1101
+ u = x1 + x13 | 0;
1102
+ x5 ^= u<<18 | u>>>(32-18);
1103
+
1104
+ u = x10 + x6 | 0;
1105
+ x14 ^= u<<7 | u>>>(32-7);
1106
+ u = x14 + x10 | 0;
1107
+ x2 ^= u<<9 | u>>>(32-9);
1108
+ u = x2 + x14 | 0;
1109
+ x6 ^= u<<13 | u>>>(32-13);
1110
+ u = x6 + x2 | 0;
1111
+ x10 ^= u<<18 | u>>>(32-18);
1112
+
1113
+ u = x15 + x11 | 0;
1114
+ x3 ^= u<<7 | u>>>(32-7);
1115
+ u = x3 + x15 | 0;
1116
+ x7 ^= u<<9 | u>>>(32-9);
1117
+ u = x7 + x3 | 0;
1118
+ x11 ^= u<<13 | u>>>(32-13);
1119
+ u = x11 + x7 | 0;
1120
+ x15 ^= u<<18 | u>>>(32-18);
1121
+
1122
+ u = x0 + x3 | 0;
1123
+ x1 ^= u<<7 | u>>>(32-7);
1124
+ u = x1 + x0 | 0;
1125
+ x2 ^= u<<9 | u>>>(32-9);
1126
+ u = x2 + x1 | 0;
1127
+ x3 ^= u<<13 | u>>>(32-13);
1128
+ u = x3 + x2 | 0;
1129
+ x0 ^= u<<18 | u>>>(32-18);
1130
+
1131
+ u = x5 + x4 | 0;
1132
+ x6 ^= u<<7 | u>>>(32-7);
1133
+ u = x6 + x5 | 0;
1134
+ x7 ^= u<<9 | u>>>(32-9);
1135
+ u = x7 + x6 | 0;
1136
+ x4 ^= u<<13 | u>>>(32-13);
1137
+ u = x4 + x7 | 0;
1138
+ x5 ^= u<<18 | u>>>(32-18);
1139
+
1140
+ u = x10 + x9 | 0;
1141
+ x11 ^= u<<7 | u>>>(32-7);
1142
+ u = x11 + x10 | 0;
1143
+ x8 ^= u<<9 | u>>>(32-9);
1144
+ u = x8 + x11 | 0;
1145
+ x9 ^= u<<13 | u>>>(32-13);
1146
+ u = x9 + x8 | 0;
1147
+ x10 ^= u<<18 | u>>>(32-18);
1148
+
1149
+ u = x15 + x14 | 0;
1150
+ x12 ^= u<<7 | u>>>(32-7);
1151
+ u = x12 + x15 | 0;
1152
+ x13 ^= u<<9 | u>>>(32-9);
1153
+ u = x13 + x12 | 0;
1154
+ x14 ^= u<<13 | u>>>(32-13);
1155
+ u = x14 + x13 | 0;
1156
+ x15 ^= u<<18 | u>>>(32-18);
1157
+ }
1158
+ x0 = x0 + j0 | 0;
1159
+ x1 = x1 + j1 | 0;
1160
+ x2 = x2 + j2 | 0;
1161
+ x3 = x3 + j3 | 0;
1162
+ x4 = x4 + j4 | 0;
1163
+ x5 = x5 + j5 | 0;
1164
+ x6 = x6 + j6 | 0;
1165
+ x7 = x7 + j7 | 0;
1166
+ x8 = x8 + j8 | 0;
1167
+ x9 = x9 + j9 | 0;
1168
+ x10 = x10 + j10 | 0;
1169
+ x11 = x11 + j11 | 0;
1170
+ x12 = x12 + j12 | 0;
1171
+ x13 = x13 + j13 | 0;
1172
+ x14 = x14 + j14 | 0;
1173
+ x15 = x15 + j15 | 0;
1174
+
1175
+ o[ 0] = x0 >>> 0 & 0xff;
1176
+ o[ 1] = x0 >>> 8 & 0xff;
1177
+ o[ 2] = x0 >>> 16 & 0xff;
1178
+ o[ 3] = x0 >>> 24 & 0xff;
1179
+
1180
+ o[ 4] = x1 >>> 0 & 0xff;
1181
+ o[ 5] = x1 >>> 8 & 0xff;
1182
+ o[ 6] = x1 >>> 16 & 0xff;
1183
+ o[ 7] = x1 >>> 24 & 0xff;
1184
+
1185
+ o[ 8] = x2 >>> 0 & 0xff;
1186
+ o[ 9] = x2 >>> 8 & 0xff;
1187
+ o[10] = x2 >>> 16 & 0xff;
1188
+ o[11] = x2 >>> 24 & 0xff;
1189
+
1190
+ o[12] = x3 >>> 0 & 0xff;
1191
+ o[13] = x3 >>> 8 & 0xff;
1192
+ o[14] = x3 >>> 16 & 0xff;
1193
+ o[15] = x3 >>> 24 & 0xff;
1194
+
1195
+ o[16] = x4 >>> 0 & 0xff;
1196
+ o[17] = x4 >>> 8 & 0xff;
1197
+ o[18] = x4 >>> 16 & 0xff;
1198
+ o[19] = x4 >>> 24 & 0xff;
1199
+
1200
+ o[20] = x5 >>> 0 & 0xff;
1201
+ o[21] = x5 >>> 8 & 0xff;
1202
+ o[22] = x5 >>> 16 & 0xff;
1203
+ o[23] = x5 >>> 24 & 0xff;
1204
+
1205
+ o[24] = x6 >>> 0 & 0xff;
1206
+ o[25] = x6 >>> 8 & 0xff;
1207
+ o[26] = x6 >>> 16 & 0xff;
1208
+ o[27] = x6 >>> 24 & 0xff;
1209
+
1210
+ o[28] = x7 >>> 0 & 0xff;
1211
+ o[29] = x7 >>> 8 & 0xff;
1212
+ o[30] = x7 >>> 16 & 0xff;
1213
+ o[31] = x7 >>> 24 & 0xff;
1214
+
1215
+ o[32] = x8 >>> 0 & 0xff;
1216
+ o[33] = x8 >>> 8 & 0xff;
1217
+ o[34] = x8 >>> 16 & 0xff;
1218
+ o[35] = x8 >>> 24 & 0xff;
1219
+
1220
+ o[36] = x9 >>> 0 & 0xff;
1221
+ o[37] = x9 >>> 8 & 0xff;
1222
+ o[38] = x9 >>> 16 & 0xff;
1223
+ o[39] = x9 >>> 24 & 0xff;
1224
+
1225
+ o[40] = x10 >>> 0 & 0xff;
1226
+ o[41] = x10 >>> 8 & 0xff;
1227
+ o[42] = x10 >>> 16 & 0xff;
1228
+ o[43] = x10 >>> 24 & 0xff;
1229
+
1230
+ o[44] = x11 >>> 0 & 0xff;
1231
+ o[45] = x11 >>> 8 & 0xff;
1232
+ o[46] = x11 >>> 16 & 0xff;
1233
+ o[47] = x11 >>> 24 & 0xff;
1234
+
1235
+ o[48] = x12 >>> 0 & 0xff;
1236
+ o[49] = x12 >>> 8 & 0xff;
1237
+ o[50] = x12 >>> 16 & 0xff;
1238
+ o[51] = x12 >>> 24 & 0xff;
1239
+
1240
+ o[52] = x13 >>> 0 & 0xff;
1241
+ o[53] = x13 >>> 8 & 0xff;
1242
+ o[54] = x13 >>> 16 & 0xff;
1243
+ o[55] = x13 >>> 24 & 0xff;
1244
+
1245
+ o[56] = x14 >>> 0 & 0xff;
1246
+ o[57] = x14 >>> 8 & 0xff;
1247
+ o[58] = x14 >>> 16 & 0xff;
1248
+ o[59] = x14 >>> 24 & 0xff;
1249
+
1250
+ o[60] = x15 >>> 0 & 0xff;
1251
+ o[61] = x15 >>> 8 & 0xff;
1252
+ o[62] = x15 >>> 16 & 0xff;
1253
+ o[63] = x15 >>> 24 & 0xff;
1254
+ }
1255
+
1256
+ function core_hsalsa20(o,p,k,c) {
1257
+ var j0 = c[ 0] & 0xff | (c[ 1] & 0xff)<<8 | (c[ 2] & 0xff)<<16 | (c[ 3] & 0xff)<<24,
1258
+ j1 = k[ 0] & 0xff | (k[ 1] & 0xff)<<8 | (k[ 2] & 0xff)<<16 | (k[ 3] & 0xff)<<24,
1259
+ j2 = k[ 4] & 0xff | (k[ 5] & 0xff)<<8 | (k[ 6] & 0xff)<<16 | (k[ 7] & 0xff)<<24,
1260
+ j3 = k[ 8] & 0xff | (k[ 9] & 0xff)<<8 | (k[10] & 0xff)<<16 | (k[11] & 0xff)<<24,
1261
+ j4 = k[12] & 0xff | (k[13] & 0xff)<<8 | (k[14] & 0xff)<<16 | (k[15] & 0xff)<<24,
1262
+ j5 = c[ 4] & 0xff | (c[ 5] & 0xff)<<8 | (c[ 6] & 0xff)<<16 | (c[ 7] & 0xff)<<24,
1263
+ j6 = p[ 0] & 0xff | (p[ 1] & 0xff)<<8 | (p[ 2] & 0xff)<<16 | (p[ 3] & 0xff)<<24,
1264
+ j7 = p[ 4] & 0xff | (p[ 5] & 0xff)<<8 | (p[ 6] & 0xff)<<16 | (p[ 7] & 0xff)<<24,
1265
+ j8 = p[ 8] & 0xff | (p[ 9] & 0xff)<<8 | (p[10] & 0xff)<<16 | (p[11] & 0xff)<<24,
1266
+ j9 = p[12] & 0xff | (p[13] & 0xff)<<8 | (p[14] & 0xff)<<16 | (p[15] & 0xff)<<24,
1267
+ j10 = c[ 8] & 0xff | (c[ 9] & 0xff)<<8 | (c[10] & 0xff)<<16 | (c[11] & 0xff)<<24,
1268
+ j11 = k[16] & 0xff | (k[17] & 0xff)<<8 | (k[18] & 0xff)<<16 | (k[19] & 0xff)<<24,
1269
+ j12 = k[20] & 0xff | (k[21] & 0xff)<<8 | (k[22] & 0xff)<<16 | (k[23] & 0xff)<<24,
1270
+ j13 = k[24] & 0xff | (k[25] & 0xff)<<8 | (k[26] & 0xff)<<16 | (k[27] & 0xff)<<24,
1271
+ j14 = k[28] & 0xff | (k[29] & 0xff)<<8 | (k[30] & 0xff)<<16 | (k[31] & 0xff)<<24,
1272
+ j15 = c[12] & 0xff | (c[13] & 0xff)<<8 | (c[14] & 0xff)<<16 | (c[15] & 0xff)<<24;
1273
+
1274
+ var x0 = j0, x1 = j1, x2 = j2, x3 = j3, x4 = j4, x5 = j5, x6 = j6, x7 = j7,
1275
+ x8 = j8, x9 = j9, x10 = j10, x11 = j11, x12 = j12, x13 = j13, x14 = j14,
1276
+ x15 = j15, u;
1277
+
1278
+ for (var i = 0; i < 20; i += 2) {
1279
+ u = x0 + x12 | 0;
1280
+ x4 ^= u<<7 | u>>>(32-7);
1281
+ u = x4 + x0 | 0;
1282
+ x8 ^= u<<9 | u>>>(32-9);
1283
+ u = x8 + x4 | 0;
1284
+ x12 ^= u<<13 | u>>>(32-13);
1285
+ u = x12 + x8 | 0;
1286
+ x0 ^= u<<18 | u>>>(32-18);
1287
+
1288
+ u = x5 + x1 | 0;
1289
+ x9 ^= u<<7 | u>>>(32-7);
1290
+ u = x9 + x5 | 0;
1291
+ x13 ^= u<<9 | u>>>(32-9);
1292
+ u = x13 + x9 | 0;
1293
+ x1 ^= u<<13 | u>>>(32-13);
1294
+ u = x1 + x13 | 0;
1295
+ x5 ^= u<<18 | u>>>(32-18);
1296
+
1297
+ u = x10 + x6 | 0;
1298
+ x14 ^= u<<7 | u>>>(32-7);
1299
+ u = x14 + x10 | 0;
1300
+ x2 ^= u<<9 | u>>>(32-9);
1301
+ u = x2 + x14 | 0;
1302
+ x6 ^= u<<13 | u>>>(32-13);
1303
+ u = x6 + x2 | 0;
1304
+ x10 ^= u<<18 | u>>>(32-18);
1305
+
1306
+ u = x15 + x11 | 0;
1307
+ x3 ^= u<<7 | u>>>(32-7);
1308
+ u = x3 + x15 | 0;
1309
+ x7 ^= u<<9 | u>>>(32-9);
1310
+ u = x7 + x3 | 0;
1311
+ x11 ^= u<<13 | u>>>(32-13);
1312
+ u = x11 + x7 | 0;
1313
+ x15 ^= u<<18 | u>>>(32-18);
1314
+
1315
+ u = x0 + x3 | 0;
1316
+ x1 ^= u<<7 | u>>>(32-7);
1317
+ u = x1 + x0 | 0;
1318
+ x2 ^= u<<9 | u>>>(32-9);
1319
+ u = x2 + x1 | 0;
1320
+ x3 ^= u<<13 | u>>>(32-13);
1321
+ u = x3 + x2 | 0;
1322
+ x0 ^= u<<18 | u>>>(32-18);
1323
+
1324
+ u = x5 + x4 | 0;
1325
+ x6 ^= u<<7 | u>>>(32-7);
1326
+ u = x6 + x5 | 0;
1327
+ x7 ^= u<<9 | u>>>(32-9);
1328
+ u = x7 + x6 | 0;
1329
+ x4 ^= u<<13 | u>>>(32-13);
1330
+ u = x4 + x7 | 0;
1331
+ x5 ^= u<<18 | u>>>(32-18);
1332
+
1333
+ u = x10 + x9 | 0;
1334
+ x11 ^= u<<7 | u>>>(32-7);
1335
+ u = x11 + x10 | 0;
1336
+ x8 ^= u<<9 | u>>>(32-9);
1337
+ u = x8 + x11 | 0;
1338
+ x9 ^= u<<13 | u>>>(32-13);
1339
+ u = x9 + x8 | 0;
1340
+ x10 ^= u<<18 | u>>>(32-18);
1341
+
1342
+ u = x15 + x14 | 0;
1343
+ x12 ^= u<<7 | u>>>(32-7);
1344
+ u = x12 + x15 | 0;
1345
+ x13 ^= u<<9 | u>>>(32-9);
1346
+ u = x13 + x12 | 0;
1347
+ x14 ^= u<<13 | u>>>(32-13);
1348
+ u = x14 + x13 | 0;
1349
+ x15 ^= u<<18 | u>>>(32-18);
1350
+ }
1351
+
1352
+ o[ 0] = x0 >>> 0 & 0xff;
1353
+ o[ 1] = x0 >>> 8 & 0xff;
1354
+ o[ 2] = x0 >>> 16 & 0xff;
1355
+ o[ 3] = x0 >>> 24 & 0xff;
1356
+
1357
+ o[ 4] = x5 >>> 0 & 0xff;
1358
+ o[ 5] = x5 >>> 8 & 0xff;
1359
+ o[ 6] = x5 >>> 16 & 0xff;
1360
+ o[ 7] = x5 >>> 24 & 0xff;
1361
+
1362
+ o[ 8] = x10 >>> 0 & 0xff;
1363
+ o[ 9] = x10 >>> 8 & 0xff;
1364
+ o[10] = x10 >>> 16 & 0xff;
1365
+ o[11] = x10 >>> 24 & 0xff;
1366
+
1367
+ o[12] = x15 >>> 0 & 0xff;
1368
+ o[13] = x15 >>> 8 & 0xff;
1369
+ o[14] = x15 >>> 16 & 0xff;
1370
+ o[15] = x15 >>> 24 & 0xff;
1371
+
1372
+ o[16] = x6 >>> 0 & 0xff;
1373
+ o[17] = x6 >>> 8 & 0xff;
1374
+ o[18] = x6 >>> 16 & 0xff;
1375
+ o[19] = x6 >>> 24 & 0xff;
1376
+
1377
+ o[20] = x7 >>> 0 & 0xff;
1378
+ o[21] = x7 >>> 8 & 0xff;
1379
+ o[22] = x7 >>> 16 & 0xff;
1380
+ o[23] = x7 >>> 24 & 0xff;
1381
+
1382
+ o[24] = x8 >>> 0 & 0xff;
1383
+ o[25] = x8 >>> 8 & 0xff;
1384
+ o[26] = x8 >>> 16 & 0xff;
1385
+ o[27] = x8 >>> 24 & 0xff;
1386
+
1387
+ o[28] = x9 >>> 0 & 0xff;
1388
+ o[29] = x9 >>> 8 & 0xff;
1389
+ o[30] = x9 >>> 16 & 0xff;
1390
+ o[31] = x9 >>> 24 & 0xff;
1391
+ }
1392
+
1393
+ function crypto_core_salsa20(out,inp,k,c) {
1394
+ core_salsa20(out,inp,k,c);
1395
+ }
1396
+
1397
+ function crypto_core_hsalsa20(out,inp,k,c) {
1398
+ core_hsalsa20(out,inp,k,c);
1399
+ }
1400
+
1401
+ var sigma = new Uint8Array([101, 120, 112, 97, 110, 100, 32, 51, 50, 45, 98, 121, 116, 101, 32, 107]);
1402
+ // "expand 32-byte k"
1403
+
1404
+ function crypto_stream_salsa20_xor(c,cpos,m,mpos,b,n,k) {
1405
+ var z = new Uint8Array(16), x = new Uint8Array(64);
1406
+ var u, i;
1407
+ for (i = 0; i < 16; i++) z[i] = 0;
1408
+ for (i = 0; i < 8; i++) z[i] = n[i];
1409
+ while (b >= 64) {
1410
+ crypto_core_salsa20(x,z,k,sigma);
1411
+ for (i = 0; i < 64; i++) c[cpos+i] = m[mpos+i] ^ x[i];
1412
+ u = 1;
1413
+ for (i = 8; i < 16; i++) {
1414
+ u = u + (z[i] & 0xff) | 0;
1415
+ z[i] = u & 0xff;
1416
+ u >>>= 8;
1417
+ }
1418
+ b -= 64;
1419
+ cpos += 64;
1420
+ mpos += 64;
1421
+ }
1422
+ if (b > 0) {
1423
+ crypto_core_salsa20(x,z,k,sigma);
1424
+ for (i = 0; i < b; i++) c[cpos+i] = m[mpos+i] ^ x[i];
1425
+ }
1426
+ return 0;
1427
+ }
1428
+
1429
+ function crypto_stream_salsa20(c,cpos,b,n,k) {
1430
+ var z = new Uint8Array(16), x = new Uint8Array(64);
1431
+ var u, i;
1432
+ for (i = 0; i < 16; i++) z[i] = 0;
1433
+ for (i = 0; i < 8; i++) z[i] = n[i];
1434
+ while (b >= 64) {
1435
+ crypto_core_salsa20(x,z,k,sigma);
1436
+ for (i = 0; i < 64; i++) c[cpos+i] = x[i];
1437
+ u = 1;
1438
+ for (i = 8; i < 16; i++) {
1439
+ u = u + (z[i] & 0xff) | 0;
1440
+ z[i] = u & 0xff;
1441
+ u >>>= 8;
1442
+ }
1443
+ b -= 64;
1444
+ cpos += 64;
1445
+ }
1446
+ if (b > 0) {
1447
+ crypto_core_salsa20(x,z,k,sigma);
1448
+ for (i = 0; i < b; i++) c[cpos+i] = x[i];
1449
+ }
1450
+ return 0;
1451
+ }
1452
+
1453
+ function crypto_stream(c,cpos,d,n,k) {
1454
+ var s = new Uint8Array(32);
1455
+ crypto_core_hsalsa20(s,n,k,sigma);
1456
+ var sn = new Uint8Array(8);
1457
+ for (var i = 0; i < 8; i++) sn[i] = n[i+16];
1458
+ return crypto_stream_salsa20(c,cpos,d,sn,s);
1459
+ }
1460
+
1461
+ function crypto_stream_xor(c,cpos,m,mpos,d,n,k) {
1462
+ var s = new Uint8Array(32);
1463
+ crypto_core_hsalsa20(s,n,k,sigma);
1464
+ var sn = new Uint8Array(8);
1465
+ for (var i = 0; i < 8; i++) sn[i] = n[i+16];
1466
+ return crypto_stream_salsa20_xor(c,cpos,m,mpos,d,sn,s);
1467
+ }
1468
+
1469
+ /*
1470
+ * Port of Andrew Moon's Poly1305-donna-16. Public domain.
1471
+ * https://github.com/floodyberry/poly1305-donna
1472
+ */
1473
+
1474
+ var poly1305 = function(key) {
1475
+ this.buffer = new Uint8Array(16);
1476
+ this.r = new Uint16Array(10);
1477
+ this.h = new Uint16Array(10);
1478
+ this.pad = new Uint16Array(8);
1479
+ this.leftover = 0;
1480
+ this.fin = 0;
1481
+
1482
+ var t0, t1, t2, t3, t4, t5, t6, t7;
1483
+
1484
+ t0 = key[ 0] & 0xff | (key[ 1] & 0xff) << 8; this.r[0] = ( t0 ) & 0x1fff;
1485
+ t1 = key[ 2] & 0xff | (key[ 3] & 0xff) << 8; this.r[1] = ((t0 >>> 13) | (t1 << 3)) & 0x1fff;
1486
+ t2 = key[ 4] & 0xff | (key[ 5] & 0xff) << 8; this.r[2] = ((t1 >>> 10) | (t2 << 6)) & 0x1f03;
1487
+ t3 = key[ 6] & 0xff | (key[ 7] & 0xff) << 8; this.r[3] = ((t2 >>> 7) | (t3 << 9)) & 0x1fff;
1488
+ t4 = key[ 8] & 0xff | (key[ 9] & 0xff) << 8; this.r[4] = ((t3 >>> 4) | (t4 << 12)) & 0x00ff;
1489
+ this.r[5] = ((t4 >>> 1)) & 0x1ffe;
1490
+ t5 = key[10] & 0xff | (key[11] & 0xff) << 8; this.r[6] = ((t4 >>> 14) | (t5 << 2)) & 0x1fff;
1491
+ t6 = key[12] & 0xff | (key[13] & 0xff) << 8; this.r[7] = ((t5 >>> 11) | (t6 << 5)) & 0x1f81;
1492
+ t7 = key[14] & 0xff | (key[15] & 0xff) << 8; this.r[8] = ((t6 >>> 8) | (t7 << 8)) & 0x1fff;
1493
+ this.r[9] = ((t7 >>> 5)) & 0x007f;
1494
+
1495
+ this.pad[0] = key[16] & 0xff | (key[17] & 0xff) << 8;
1496
+ this.pad[1] = key[18] & 0xff | (key[19] & 0xff) << 8;
1497
+ this.pad[2] = key[20] & 0xff | (key[21] & 0xff) << 8;
1498
+ this.pad[3] = key[22] & 0xff | (key[23] & 0xff) << 8;
1499
+ this.pad[4] = key[24] & 0xff | (key[25] & 0xff) << 8;
1500
+ this.pad[5] = key[26] & 0xff | (key[27] & 0xff) << 8;
1501
+ this.pad[6] = key[28] & 0xff | (key[29] & 0xff) << 8;
1502
+ this.pad[7] = key[30] & 0xff | (key[31] & 0xff) << 8;
1503
+ };
1504
+
1505
+ poly1305.prototype.blocks = function(m, mpos, bytes) {
1506
+ var hibit = this.fin ? 0 : (1 << 11);
1507
+ var t0, t1, t2, t3, t4, t5, t6, t7, c;
1508
+ var d0, d1, d2, d3, d4, d5, d6, d7, d8, d9;
1509
+
1510
+ var h0 = this.h[0],
1511
+ h1 = this.h[1],
1512
+ h2 = this.h[2],
1513
+ h3 = this.h[3],
1514
+ h4 = this.h[4],
1515
+ h5 = this.h[5],
1516
+ h6 = this.h[6],
1517
+ h7 = this.h[7],
1518
+ h8 = this.h[8],
1519
+ h9 = this.h[9];
1520
+
1521
+ var r0 = this.r[0],
1522
+ r1 = this.r[1],
1523
+ r2 = this.r[2],
1524
+ r3 = this.r[3],
1525
+ r4 = this.r[4],
1526
+ r5 = this.r[5],
1527
+ r6 = this.r[6],
1528
+ r7 = this.r[7],
1529
+ r8 = this.r[8],
1530
+ r9 = this.r[9];
1531
+
1532
+ while (bytes >= 16) {
1533
+ t0 = m[mpos+ 0] & 0xff | (m[mpos+ 1] & 0xff) << 8; h0 += ( t0 ) & 0x1fff;
1534
+ t1 = m[mpos+ 2] & 0xff | (m[mpos+ 3] & 0xff) << 8; h1 += ((t0 >>> 13) | (t1 << 3)) & 0x1fff;
1535
+ t2 = m[mpos+ 4] & 0xff | (m[mpos+ 5] & 0xff) << 8; h2 += ((t1 >>> 10) | (t2 << 6)) & 0x1fff;
1536
+ t3 = m[mpos+ 6] & 0xff | (m[mpos+ 7] & 0xff) << 8; h3 += ((t2 >>> 7) | (t3 << 9)) & 0x1fff;
1537
+ t4 = m[mpos+ 8] & 0xff | (m[mpos+ 9] & 0xff) << 8; h4 += ((t3 >>> 4) | (t4 << 12)) & 0x1fff;
1538
+ h5 += ((t4 >>> 1)) & 0x1fff;
1539
+ t5 = m[mpos+10] & 0xff | (m[mpos+11] & 0xff) << 8; h6 += ((t4 >>> 14) | (t5 << 2)) & 0x1fff;
1540
+ t6 = m[mpos+12] & 0xff | (m[mpos+13] & 0xff) << 8; h7 += ((t5 >>> 11) | (t6 << 5)) & 0x1fff;
1541
+ t7 = m[mpos+14] & 0xff | (m[mpos+15] & 0xff) << 8; h8 += ((t6 >>> 8) | (t7 << 8)) & 0x1fff;
1542
+ h9 += ((t7 >>> 5)) | hibit;
1543
+
1544
+ c = 0;
1545
+
1546
+ d0 = c;
1547
+ d0 += h0 * r0;
1548
+ d0 += h1 * (5 * r9);
1549
+ d0 += h2 * (5 * r8);
1550
+ d0 += h3 * (5 * r7);
1551
+ d0 += h4 * (5 * r6);
1552
+ c = (d0 >>> 13); d0 &= 0x1fff;
1553
+ d0 += h5 * (5 * r5);
1554
+ d0 += h6 * (5 * r4);
1555
+ d0 += h7 * (5 * r3);
1556
+ d0 += h8 * (5 * r2);
1557
+ d0 += h9 * (5 * r1);
1558
+ c += (d0 >>> 13); d0 &= 0x1fff;
1559
+
1560
+ d1 = c;
1561
+ d1 += h0 * r1;
1562
+ d1 += h1 * r0;
1563
+ d1 += h2 * (5 * r9);
1564
+ d1 += h3 * (5 * r8);
1565
+ d1 += h4 * (5 * r7);
1566
+ c = (d1 >>> 13); d1 &= 0x1fff;
1567
+ d1 += h5 * (5 * r6);
1568
+ d1 += h6 * (5 * r5);
1569
+ d1 += h7 * (5 * r4);
1570
+ d1 += h8 * (5 * r3);
1571
+ d1 += h9 * (5 * r2);
1572
+ c += (d1 >>> 13); d1 &= 0x1fff;
1573
+
1574
+ d2 = c;
1575
+ d2 += h0 * r2;
1576
+ d2 += h1 * r1;
1577
+ d2 += h2 * r0;
1578
+ d2 += h3 * (5 * r9);
1579
+ d2 += h4 * (5 * r8);
1580
+ c = (d2 >>> 13); d2 &= 0x1fff;
1581
+ d2 += h5 * (5 * r7);
1582
+ d2 += h6 * (5 * r6);
1583
+ d2 += h7 * (5 * r5);
1584
+ d2 += h8 * (5 * r4);
1585
+ d2 += h9 * (5 * r3);
1586
+ c += (d2 >>> 13); d2 &= 0x1fff;
1587
+
1588
+ d3 = c;
1589
+ d3 += h0 * r3;
1590
+ d3 += h1 * r2;
1591
+ d3 += h2 * r1;
1592
+ d3 += h3 * r0;
1593
+ d3 += h4 * (5 * r9);
1594
+ c = (d3 >>> 13); d3 &= 0x1fff;
1595
+ d3 += h5 * (5 * r8);
1596
+ d3 += h6 * (5 * r7);
1597
+ d3 += h7 * (5 * r6);
1598
+ d3 += h8 * (5 * r5);
1599
+ d3 += h9 * (5 * r4);
1600
+ c += (d3 >>> 13); d3 &= 0x1fff;
1601
+
1602
+ d4 = c;
1603
+ d4 += h0 * r4;
1604
+ d4 += h1 * r3;
1605
+ d4 += h2 * r2;
1606
+ d4 += h3 * r1;
1607
+ d4 += h4 * r0;
1608
+ c = (d4 >>> 13); d4 &= 0x1fff;
1609
+ d4 += h5 * (5 * r9);
1610
+ d4 += h6 * (5 * r8);
1611
+ d4 += h7 * (5 * r7);
1612
+ d4 += h8 * (5 * r6);
1613
+ d4 += h9 * (5 * r5);
1614
+ c += (d4 >>> 13); d4 &= 0x1fff;
1615
+
1616
+ d5 = c;
1617
+ d5 += h0 * r5;
1618
+ d5 += h1 * r4;
1619
+ d5 += h2 * r3;
1620
+ d5 += h3 * r2;
1621
+ d5 += h4 * r1;
1622
+ c = (d5 >>> 13); d5 &= 0x1fff;
1623
+ d5 += h5 * r0;
1624
+ d5 += h6 * (5 * r9);
1625
+ d5 += h7 * (5 * r8);
1626
+ d5 += h8 * (5 * r7);
1627
+ d5 += h9 * (5 * r6);
1628
+ c += (d5 >>> 13); d5 &= 0x1fff;
1629
+
1630
+ d6 = c;
1631
+ d6 += h0 * r6;
1632
+ d6 += h1 * r5;
1633
+ d6 += h2 * r4;
1634
+ d6 += h3 * r3;
1635
+ d6 += h4 * r2;
1636
+ c = (d6 >>> 13); d6 &= 0x1fff;
1637
+ d6 += h5 * r1;
1638
+ d6 += h6 * r0;
1639
+ d6 += h7 * (5 * r9);
1640
+ d6 += h8 * (5 * r8);
1641
+ d6 += h9 * (5 * r7);
1642
+ c += (d6 >>> 13); d6 &= 0x1fff;
1643
+
1644
+ d7 = c;
1645
+ d7 += h0 * r7;
1646
+ d7 += h1 * r6;
1647
+ d7 += h2 * r5;
1648
+ d7 += h3 * r4;
1649
+ d7 += h4 * r3;
1650
+ c = (d7 >>> 13); d7 &= 0x1fff;
1651
+ d7 += h5 * r2;
1652
+ d7 += h6 * r1;
1653
+ d7 += h7 * r0;
1654
+ d7 += h8 * (5 * r9);
1655
+ d7 += h9 * (5 * r8);
1656
+ c += (d7 >>> 13); d7 &= 0x1fff;
1657
+
1658
+ d8 = c;
1659
+ d8 += h0 * r8;
1660
+ d8 += h1 * r7;
1661
+ d8 += h2 * r6;
1662
+ d8 += h3 * r5;
1663
+ d8 += h4 * r4;
1664
+ c = (d8 >>> 13); d8 &= 0x1fff;
1665
+ d8 += h5 * r3;
1666
+ d8 += h6 * r2;
1667
+ d8 += h7 * r1;
1668
+ d8 += h8 * r0;
1669
+ d8 += h9 * (5 * r9);
1670
+ c += (d8 >>> 13); d8 &= 0x1fff;
1671
+
1672
+ d9 = c;
1673
+ d9 += h0 * r9;
1674
+ d9 += h1 * r8;
1675
+ d9 += h2 * r7;
1676
+ d9 += h3 * r6;
1677
+ d9 += h4 * r5;
1678
+ c = (d9 >>> 13); d9 &= 0x1fff;
1679
+ d9 += h5 * r4;
1680
+ d9 += h6 * r3;
1681
+ d9 += h7 * r2;
1682
+ d9 += h8 * r1;
1683
+ d9 += h9 * r0;
1684
+ c += (d9 >>> 13); d9 &= 0x1fff;
1685
+
1686
+ c = (((c << 2) + c)) | 0;
1687
+ c = (c + d0) | 0;
1688
+ d0 = c & 0x1fff;
1689
+ c = (c >>> 13);
1690
+ d1 += c;
1691
+
1692
+ h0 = d0;
1693
+ h1 = d1;
1694
+ h2 = d2;
1695
+ h3 = d3;
1696
+ h4 = d4;
1697
+ h5 = d5;
1698
+ h6 = d6;
1699
+ h7 = d7;
1700
+ h8 = d8;
1701
+ h9 = d9;
1702
+
1703
+ mpos += 16;
1704
+ bytes -= 16;
1705
+ }
1706
+ this.h[0] = h0;
1707
+ this.h[1] = h1;
1708
+ this.h[2] = h2;
1709
+ this.h[3] = h3;
1710
+ this.h[4] = h4;
1711
+ this.h[5] = h5;
1712
+ this.h[6] = h6;
1713
+ this.h[7] = h7;
1714
+ this.h[8] = h8;
1715
+ this.h[9] = h9;
1716
+ };
1717
+
1718
+ poly1305.prototype.finish = function(mac, macpos) {
1719
+ var g = new Uint16Array(10);
1720
+ var c, mask, f, i;
1721
+
1722
+ if (this.leftover) {
1723
+ i = this.leftover;
1724
+ this.buffer[i++] = 1;
1725
+ for (; i < 16; i++) this.buffer[i] = 0;
1726
+ this.fin = 1;
1727
+ this.blocks(this.buffer, 0, 16);
1728
+ }
1729
+
1730
+ c = this.h[1] >>> 13;
1731
+ this.h[1] &= 0x1fff;
1732
+ for (i = 2; i < 10; i++) {
1733
+ this.h[i] += c;
1734
+ c = this.h[i] >>> 13;
1735
+ this.h[i] &= 0x1fff;
1736
+ }
1737
+ this.h[0] += (c * 5);
1738
+ c = this.h[0] >>> 13;
1739
+ this.h[0] &= 0x1fff;
1740
+ this.h[1] += c;
1741
+ c = this.h[1] >>> 13;
1742
+ this.h[1] &= 0x1fff;
1743
+ this.h[2] += c;
1744
+
1745
+ g[0] = this.h[0] + 5;
1746
+ c = g[0] >>> 13;
1747
+ g[0] &= 0x1fff;
1748
+ for (i = 1; i < 10; i++) {
1749
+ g[i] = this.h[i] + c;
1750
+ c = g[i] >>> 13;
1751
+ g[i] &= 0x1fff;
1752
+ }
1753
+ g[9] -= (1 << 13);
1754
+
1755
+ mask = (c ^ 1) - 1;
1756
+ for (i = 0; i < 10; i++) g[i] &= mask;
1757
+ mask = ~mask;
1758
+ for (i = 0; i < 10; i++) this.h[i] = (this.h[i] & mask) | g[i];
1759
+
1760
+ this.h[0] = ((this.h[0] ) | (this.h[1] << 13) ) & 0xffff;
1761
+ this.h[1] = ((this.h[1] >>> 3) | (this.h[2] << 10) ) & 0xffff;
1762
+ this.h[2] = ((this.h[2] >>> 6) | (this.h[3] << 7) ) & 0xffff;
1763
+ this.h[3] = ((this.h[3] >>> 9) | (this.h[4] << 4) ) & 0xffff;
1764
+ this.h[4] = ((this.h[4] >>> 12) | (this.h[5] << 1) | (this.h[6] << 14)) & 0xffff;
1765
+ this.h[5] = ((this.h[6] >>> 2) | (this.h[7] << 11) ) & 0xffff;
1766
+ this.h[6] = ((this.h[7] >>> 5) | (this.h[8] << 8) ) & 0xffff;
1767
+ this.h[7] = ((this.h[8] >>> 8) | (this.h[9] << 5) ) & 0xffff;
1768
+
1769
+ f = this.h[0] + this.pad[0];
1770
+ this.h[0] = f & 0xffff;
1771
+ for (i = 1; i < 8; i++) {
1772
+ f = (((this.h[i] + this.pad[i]) | 0) + (f >>> 16)) | 0;
1773
+ this.h[i] = f & 0xffff;
1774
+ }
1775
+
1776
+ mac[macpos+ 0] = (this.h[0] >>> 0) & 0xff;
1777
+ mac[macpos+ 1] = (this.h[0] >>> 8) & 0xff;
1778
+ mac[macpos+ 2] = (this.h[1] >>> 0) & 0xff;
1779
+ mac[macpos+ 3] = (this.h[1] >>> 8) & 0xff;
1780
+ mac[macpos+ 4] = (this.h[2] >>> 0) & 0xff;
1781
+ mac[macpos+ 5] = (this.h[2] >>> 8) & 0xff;
1782
+ mac[macpos+ 6] = (this.h[3] >>> 0) & 0xff;
1783
+ mac[macpos+ 7] = (this.h[3] >>> 8) & 0xff;
1784
+ mac[macpos+ 8] = (this.h[4] >>> 0) & 0xff;
1785
+ mac[macpos+ 9] = (this.h[4] >>> 8) & 0xff;
1786
+ mac[macpos+10] = (this.h[5] >>> 0) & 0xff;
1787
+ mac[macpos+11] = (this.h[5] >>> 8) & 0xff;
1788
+ mac[macpos+12] = (this.h[6] >>> 0) & 0xff;
1789
+ mac[macpos+13] = (this.h[6] >>> 8) & 0xff;
1790
+ mac[macpos+14] = (this.h[7] >>> 0) & 0xff;
1791
+ mac[macpos+15] = (this.h[7] >>> 8) & 0xff;
1792
+ };
1793
+
1794
+ poly1305.prototype.update = function(m, mpos, bytes) {
1795
+ var i, want;
1796
+
1797
+ if (this.leftover) {
1798
+ want = (16 - this.leftover);
1799
+ if (want > bytes)
1800
+ want = bytes;
1801
+ for (i = 0; i < want; i++)
1802
+ this.buffer[this.leftover + i] = m[mpos+i];
1803
+ bytes -= want;
1804
+ mpos += want;
1805
+ this.leftover += want;
1806
+ if (this.leftover < 16)
1807
+ return;
1808
+ this.blocks(this.buffer, 0, 16);
1809
+ this.leftover = 0;
1810
+ }
1811
+
1812
+ if (bytes >= 16) {
1813
+ want = bytes - (bytes % 16);
1814
+ this.blocks(m, mpos, want);
1815
+ mpos += want;
1816
+ bytes -= want;
1817
+ }
1818
+
1819
+ if (bytes) {
1820
+ for (i = 0; i < bytes; i++)
1821
+ this.buffer[this.leftover + i] = m[mpos+i];
1822
+ this.leftover += bytes;
1823
+ }
1824
+ };
1825
+
1826
+ function crypto_onetimeauth(out, outpos, m, mpos, n, k) {
1827
+ var s = new poly1305(k);
1828
+ s.update(m, mpos, n);
1829
+ s.finish(out, outpos);
1830
+ return 0;
1831
+ }
1832
+
1833
+ function crypto_onetimeauth_verify(h, hpos, m, mpos, n, k) {
1834
+ var x = new Uint8Array(16);
1835
+ crypto_onetimeauth(x,0,m,mpos,n,k);
1836
+ return crypto_verify_16(h,hpos,x,0);
1837
+ }
1838
+
1839
+ function crypto_secretbox(c,m,d,n,k) {
1840
+ var i;
1841
+ if (d < 32) return -1;
1842
+ crypto_stream_xor(c,0,m,0,d,n,k);
1843
+ crypto_onetimeauth(c, 16, c, 32, d - 32, c);
1844
+ for (i = 0; i < 16; i++) c[i] = 0;
1845
+ return 0;
1846
+ }
1847
+
1848
+ function crypto_secretbox_open(m,c,d,n,k) {
1849
+ var i;
1850
+ var x = new Uint8Array(32);
1851
+ if (d < 32) return -1;
1852
+ crypto_stream(x,0,32,n,k);
1853
+ if (crypto_onetimeauth_verify(c, 16,c, 32,d - 32,x) !== 0) return -1;
1854
+ crypto_stream_xor(m,0,c,0,d,n,k);
1855
+ for (i = 0; i < 32; i++) m[i] = 0;
1856
+ return 0;
1857
+ }
1858
+
1859
+ function set25519(r, a) {
1860
+ var i;
1861
+ for (i = 0; i < 16; i++) r[i] = a[i]|0;
1862
+ }
1863
+
1864
+ function car25519(o) {
1865
+ var i, v, c = 1;
1866
+ for (i = 0; i < 16; i++) {
1867
+ v = o[i] + c + 65535;
1868
+ c = Math.floor(v / 65536);
1869
+ o[i] = v - c * 65536;
1870
+ }
1871
+ o[0] += c-1 + 37 * (c-1);
1872
+ }
1873
+
1874
+ function sel25519(p, q, b) {
1875
+ var t, c = ~(b-1);
1876
+ for (var i = 0; i < 16; i++) {
1877
+ t = c & (p[i] ^ q[i]);
1878
+ p[i] ^= t;
1879
+ q[i] ^= t;
1880
+ }
1881
+ }
1882
+
1883
+ function pack25519(o, n) {
1884
+ var i, j, b;
1885
+ var m = gf(), t = gf();
1886
+ for (i = 0; i < 16; i++) t[i] = n[i];
1887
+ car25519(t);
1888
+ car25519(t);
1889
+ car25519(t);
1890
+ for (j = 0; j < 2; j++) {
1891
+ m[0] = t[0] - 0xffed;
1892
+ for (i = 1; i < 15; i++) {
1893
+ m[i] = t[i] - 0xffff - ((m[i-1]>>16) & 1);
1894
+ m[i-1] &= 0xffff;
1895
+ }
1896
+ m[15] = t[15] - 0x7fff - ((m[14]>>16) & 1);
1897
+ b = (m[15]>>16) & 1;
1898
+ m[14] &= 0xffff;
1899
+ sel25519(t, m, 1-b);
1900
+ }
1901
+ for (i = 0; i < 16; i++) {
1902
+ o[2*i] = t[i] & 0xff;
1903
+ o[2*i+1] = t[i]>>8;
1904
+ }
1905
+ }
1906
+
1907
+ function neq25519(a, b) {
1908
+ var c = new Uint8Array(32), d = new Uint8Array(32);
1909
+ pack25519(c, a);
1910
+ pack25519(d, b);
1911
+ return crypto_verify_32(c, 0, d, 0);
1912
+ }
1913
+
1914
+ function par25519(a) {
1915
+ var d = new Uint8Array(32);
1916
+ pack25519(d, a);
1917
+ return d[0] & 1;
1918
+ }
1919
+
1920
+ function unpack25519(o, n) {
1921
+ var i;
1922
+ for (i = 0; i < 16; i++) o[i] = n[2*i] + (n[2*i+1] << 8);
1923
+ o[15] &= 0x7fff;
1924
+ }
1925
+
1926
+ function A(o, a, b) {
1927
+ for (var i = 0; i < 16; i++) o[i] = a[i] + b[i];
1928
+ }
1929
+
1930
+ function Z(o, a, b) {
1931
+ for (var i = 0; i < 16; i++) o[i] = a[i] - b[i];
1932
+ }
1933
+
1934
+ function M(o, a, b) {
1935
+ var v, c,
1936
+ t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0, t5 = 0, t6 = 0, t7 = 0,
1937
+ t8 = 0, t9 = 0, t10 = 0, t11 = 0, t12 = 0, t13 = 0, t14 = 0, t15 = 0,
1938
+ t16 = 0, t17 = 0, t18 = 0, t19 = 0, t20 = 0, t21 = 0, t22 = 0, t23 = 0,
1939
+ t24 = 0, t25 = 0, t26 = 0, t27 = 0, t28 = 0, t29 = 0, t30 = 0,
1940
+ b0 = b[0],
1941
+ b1 = b[1],
1942
+ b2 = b[2],
1943
+ b3 = b[3],
1944
+ b4 = b[4],
1945
+ b5 = b[5],
1946
+ b6 = b[6],
1947
+ b7 = b[7],
1948
+ b8 = b[8],
1949
+ b9 = b[9],
1950
+ b10 = b[10],
1951
+ b11 = b[11],
1952
+ b12 = b[12],
1953
+ b13 = b[13],
1954
+ b14 = b[14],
1955
+ b15 = b[15];
1956
+
1957
+ v = a[0];
1958
+ t0 += v * b0;
1959
+ t1 += v * b1;
1960
+ t2 += v * b2;
1961
+ t3 += v * b3;
1962
+ t4 += v * b4;
1963
+ t5 += v * b5;
1964
+ t6 += v * b6;
1965
+ t7 += v * b7;
1966
+ t8 += v * b8;
1967
+ t9 += v * b9;
1968
+ t10 += v * b10;
1969
+ t11 += v * b11;
1970
+ t12 += v * b12;
1971
+ t13 += v * b13;
1972
+ t14 += v * b14;
1973
+ t15 += v * b15;
1974
+ v = a[1];
1975
+ t1 += v * b0;
1976
+ t2 += v * b1;
1977
+ t3 += v * b2;
1978
+ t4 += v * b3;
1979
+ t5 += v * b4;
1980
+ t6 += v * b5;
1981
+ t7 += v * b6;
1982
+ t8 += v * b7;
1983
+ t9 += v * b8;
1984
+ t10 += v * b9;
1985
+ t11 += v * b10;
1986
+ t12 += v * b11;
1987
+ t13 += v * b12;
1988
+ t14 += v * b13;
1989
+ t15 += v * b14;
1990
+ t16 += v * b15;
1991
+ v = a[2];
1992
+ t2 += v * b0;
1993
+ t3 += v * b1;
1994
+ t4 += v * b2;
1995
+ t5 += v * b3;
1996
+ t6 += v * b4;
1997
+ t7 += v * b5;
1998
+ t8 += v * b6;
1999
+ t9 += v * b7;
2000
+ t10 += v * b8;
2001
+ t11 += v * b9;
2002
+ t12 += v * b10;
2003
+ t13 += v * b11;
2004
+ t14 += v * b12;
2005
+ t15 += v * b13;
2006
+ t16 += v * b14;
2007
+ t17 += v * b15;
2008
+ v = a[3];
2009
+ t3 += v * b0;
2010
+ t4 += v * b1;
2011
+ t5 += v * b2;
2012
+ t6 += v * b3;
2013
+ t7 += v * b4;
2014
+ t8 += v * b5;
2015
+ t9 += v * b6;
2016
+ t10 += v * b7;
2017
+ t11 += v * b8;
2018
+ t12 += v * b9;
2019
+ t13 += v * b10;
2020
+ t14 += v * b11;
2021
+ t15 += v * b12;
2022
+ t16 += v * b13;
2023
+ t17 += v * b14;
2024
+ t18 += v * b15;
2025
+ v = a[4];
2026
+ t4 += v * b0;
2027
+ t5 += v * b1;
2028
+ t6 += v * b2;
2029
+ t7 += v * b3;
2030
+ t8 += v * b4;
2031
+ t9 += v * b5;
2032
+ t10 += v * b6;
2033
+ t11 += v * b7;
2034
+ t12 += v * b8;
2035
+ t13 += v * b9;
2036
+ t14 += v * b10;
2037
+ t15 += v * b11;
2038
+ t16 += v * b12;
2039
+ t17 += v * b13;
2040
+ t18 += v * b14;
2041
+ t19 += v * b15;
2042
+ v = a[5];
2043
+ t5 += v * b0;
2044
+ t6 += v * b1;
2045
+ t7 += v * b2;
2046
+ t8 += v * b3;
2047
+ t9 += v * b4;
2048
+ t10 += v * b5;
2049
+ t11 += v * b6;
2050
+ t12 += v * b7;
2051
+ t13 += v * b8;
2052
+ t14 += v * b9;
2053
+ t15 += v * b10;
2054
+ t16 += v * b11;
2055
+ t17 += v * b12;
2056
+ t18 += v * b13;
2057
+ t19 += v * b14;
2058
+ t20 += v * b15;
2059
+ v = a[6];
2060
+ t6 += v * b0;
2061
+ t7 += v * b1;
2062
+ t8 += v * b2;
2063
+ t9 += v * b3;
2064
+ t10 += v * b4;
2065
+ t11 += v * b5;
2066
+ t12 += v * b6;
2067
+ t13 += v * b7;
2068
+ t14 += v * b8;
2069
+ t15 += v * b9;
2070
+ t16 += v * b10;
2071
+ t17 += v * b11;
2072
+ t18 += v * b12;
2073
+ t19 += v * b13;
2074
+ t20 += v * b14;
2075
+ t21 += v * b15;
2076
+ v = a[7];
2077
+ t7 += v * b0;
2078
+ t8 += v * b1;
2079
+ t9 += v * b2;
2080
+ t10 += v * b3;
2081
+ t11 += v * b4;
2082
+ t12 += v * b5;
2083
+ t13 += v * b6;
2084
+ t14 += v * b7;
2085
+ t15 += v * b8;
2086
+ t16 += v * b9;
2087
+ t17 += v * b10;
2088
+ t18 += v * b11;
2089
+ t19 += v * b12;
2090
+ t20 += v * b13;
2091
+ t21 += v * b14;
2092
+ t22 += v * b15;
2093
+ v = a[8];
2094
+ t8 += v * b0;
2095
+ t9 += v * b1;
2096
+ t10 += v * b2;
2097
+ t11 += v * b3;
2098
+ t12 += v * b4;
2099
+ t13 += v * b5;
2100
+ t14 += v * b6;
2101
+ t15 += v * b7;
2102
+ t16 += v * b8;
2103
+ t17 += v * b9;
2104
+ t18 += v * b10;
2105
+ t19 += v * b11;
2106
+ t20 += v * b12;
2107
+ t21 += v * b13;
2108
+ t22 += v * b14;
2109
+ t23 += v * b15;
2110
+ v = a[9];
2111
+ t9 += v * b0;
2112
+ t10 += v * b1;
2113
+ t11 += v * b2;
2114
+ t12 += v * b3;
2115
+ t13 += v * b4;
2116
+ t14 += v * b5;
2117
+ t15 += v * b6;
2118
+ t16 += v * b7;
2119
+ t17 += v * b8;
2120
+ t18 += v * b9;
2121
+ t19 += v * b10;
2122
+ t20 += v * b11;
2123
+ t21 += v * b12;
2124
+ t22 += v * b13;
2125
+ t23 += v * b14;
2126
+ t24 += v * b15;
2127
+ v = a[10];
2128
+ t10 += v * b0;
2129
+ t11 += v * b1;
2130
+ t12 += v * b2;
2131
+ t13 += v * b3;
2132
+ t14 += v * b4;
2133
+ t15 += v * b5;
2134
+ t16 += v * b6;
2135
+ t17 += v * b7;
2136
+ t18 += v * b8;
2137
+ t19 += v * b9;
2138
+ t20 += v * b10;
2139
+ t21 += v * b11;
2140
+ t22 += v * b12;
2141
+ t23 += v * b13;
2142
+ t24 += v * b14;
2143
+ t25 += v * b15;
2144
+ v = a[11];
2145
+ t11 += v * b0;
2146
+ t12 += v * b1;
2147
+ t13 += v * b2;
2148
+ t14 += v * b3;
2149
+ t15 += v * b4;
2150
+ t16 += v * b5;
2151
+ t17 += v * b6;
2152
+ t18 += v * b7;
2153
+ t19 += v * b8;
2154
+ t20 += v * b9;
2155
+ t21 += v * b10;
2156
+ t22 += v * b11;
2157
+ t23 += v * b12;
2158
+ t24 += v * b13;
2159
+ t25 += v * b14;
2160
+ t26 += v * b15;
2161
+ v = a[12];
2162
+ t12 += v * b0;
2163
+ t13 += v * b1;
2164
+ t14 += v * b2;
2165
+ t15 += v * b3;
2166
+ t16 += v * b4;
2167
+ t17 += v * b5;
2168
+ t18 += v * b6;
2169
+ t19 += v * b7;
2170
+ t20 += v * b8;
2171
+ t21 += v * b9;
2172
+ t22 += v * b10;
2173
+ t23 += v * b11;
2174
+ t24 += v * b12;
2175
+ t25 += v * b13;
2176
+ t26 += v * b14;
2177
+ t27 += v * b15;
2178
+ v = a[13];
2179
+ t13 += v * b0;
2180
+ t14 += v * b1;
2181
+ t15 += v * b2;
2182
+ t16 += v * b3;
2183
+ t17 += v * b4;
2184
+ t18 += v * b5;
2185
+ t19 += v * b6;
2186
+ t20 += v * b7;
2187
+ t21 += v * b8;
2188
+ t22 += v * b9;
2189
+ t23 += v * b10;
2190
+ t24 += v * b11;
2191
+ t25 += v * b12;
2192
+ t26 += v * b13;
2193
+ t27 += v * b14;
2194
+ t28 += v * b15;
2195
+ v = a[14];
2196
+ t14 += v * b0;
2197
+ t15 += v * b1;
2198
+ t16 += v * b2;
2199
+ t17 += v * b3;
2200
+ t18 += v * b4;
2201
+ t19 += v * b5;
2202
+ t20 += v * b6;
2203
+ t21 += v * b7;
2204
+ t22 += v * b8;
2205
+ t23 += v * b9;
2206
+ t24 += v * b10;
2207
+ t25 += v * b11;
2208
+ t26 += v * b12;
2209
+ t27 += v * b13;
2210
+ t28 += v * b14;
2211
+ t29 += v * b15;
2212
+ v = a[15];
2213
+ t15 += v * b0;
2214
+ t16 += v * b1;
2215
+ t17 += v * b2;
2216
+ t18 += v * b3;
2217
+ t19 += v * b4;
2218
+ t20 += v * b5;
2219
+ t21 += v * b6;
2220
+ t22 += v * b7;
2221
+ t23 += v * b8;
2222
+ t24 += v * b9;
2223
+ t25 += v * b10;
2224
+ t26 += v * b11;
2225
+ t27 += v * b12;
2226
+ t28 += v * b13;
2227
+ t29 += v * b14;
2228
+ t30 += v * b15;
2229
+
2230
+ t0 += 38 * t16;
2231
+ t1 += 38 * t17;
2232
+ t2 += 38 * t18;
2233
+ t3 += 38 * t19;
2234
+ t4 += 38 * t20;
2235
+ t5 += 38 * t21;
2236
+ t6 += 38 * t22;
2237
+ t7 += 38 * t23;
2238
+ t8 += 38 * t24;
2239
+ t9 += 38 * t25;
2240
+ t10 += 38 * t26;
2241
+ t11 += 38 * t27;
2242
+ t12 += 38 * t28;
2243
+ t13 += 38 * t29;
2244
+ t14 += 38 * t30;
2245
+ // t15 left as is
2246
+
2247
+ // first car
2248
+ c = 1;
2249
+ v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;
2250
+ v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;
2251
+ v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;
2252
+ v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;
2253
+ v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;
2254
+ v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;
2255
+ v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;
2256
+ v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;
2257
+ v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;
2258
+ v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;
2259
+ v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;
2260
+ v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;
2261
+ v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;
2262
+ v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;
2263
+ v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;
2264
+ v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;
2265
+ t0 += c-1 + 37 * (c-1);
2266
+
2267
+ // second car
2268
+ c = 1;
2269
+ v = t0 + c + 65535; c = Math.floor(v / 65536); t0 = v - c * 65536;
2270
+ v = t1 + c + 65535; c = Math.floor(v / 65536); t1 = v - c * 65536;
2271
+ v = t2 + c + 65535; c = Math.floor(v / 65536); t2 = v - c * 65536;
2272
+ v = t3 + c + 65535; c = Math.floor(v / 65536); t3 = v - c * 65536;
2273
+ v = t4 + c + 65535; c = Math.floor(v / 65536); t4 = v - c * 65536;
2274
+ v = t5 + c + 65535; c = Math.floor(v / 65536); t5 = v - c * 65536;
2275
+ v = t6 + c + 65535; c = Math.floor(v / 65536); t6 = v - c * 65536;
2276
+ v = t7 + c + 65535; c = Math.floor(v / 65536); t7 = v - c * 65536;
2277
+ v = t8 + c + 65535; c = Math.floor(v / 65536); t8 = v - c * 65536;
2278
+ v = t9 + c + 65535; c = Math.floor(v / 65536); t9 = v - c * 65536;
2279
+ v = t10 + c + 65535; c = Math.floor(v / 65536); t10 = v - c * 65536;
2280
+ v = t11 + c + 65535; c = Math.floor(v / 65536); t11 = v - c * 65536;
2281
+ v = t12 + c + 65535; c = Math.floor(v / 65536); t12 = v - c * 65536;
2282
+ v = t13 + c + 65535; c = Math.floor(v / 65536); t13 = v - c * 65536;
2283
+ v = t14 + c + 65535; c = Math.floor(v / 65536); t14 = v - c * 65536;
2284
+ v = t15 + c + 65535; c = Math.floor(v / 65536); t15 = v - c * 65536;
2285
+ t0 += c-1 + 37 * (c-1);
2286
+
2287
+ o[ 0] = t0;
2288
+ o[ 1] = t1;
2289
+ o[ 2] = t2;
2290
+ o[ 3] = t3;
2291
+ o[ 4] = t4;
2292
+ o[ 5] = t5;
2293
+ o[ 6] = t6;
2294
+ o[ 7] = t7;
2295
+ o[ 8] = t8;
2296
+ o[ 9] = t9;
2297
+ o[10] = t10;
2298
+ o[11] = t11;
2299
+ o[12] = t12;
2300
+ o[13] = t13;
2301
+ o[14] = t14;
2302
+ o[15] = t15;
2303
+ }
2304
+
2305
+ function S(o, a) {
2306
+ M(o, a, a);
2307
+ }
2308
+
2309
+ function inv25519(o, i) {
2310
+ var c = gf();
2311
+ var a;
2312
+ for (a = 0; a < 16; a++) c[a] = i[a];
2313
+ for (a = 253; a >= 0; a--) {
2314
+ S(c, c);
2315
+ if(a !== 2 && a !== 4) M(c, c, i);
2316
+ }
2317
+ for (a = 0; a < 16; a++) o[a] = c[a];
2318
+ }
2319
+
2320
+ function pow2523(o, i) {
2321
+ var c = gf();
2322
+ var a;
2323
+ for (a = 0; a < 16; a++) c[a] = i[a];
2324
+ for (a = 250; a >= 0; a--) {
2325
+ S(c, c);
2326
+ if(a !== 1) M(c, c, i);
2327
+ }
2328
+ for (a = 0; a < 16; a++) o[a] = c[a];
2329
+ }
2330
+
2331
+ function crypto_scalarmult(q, n, p) {
2332
+ var z = new Uint8Array(32);
2333
+ var x = new Float64Array(80), r, i;
2334
+ var a = gf(), b = gf(), c = gf(),
2335
+ d = gf(), e = gf(), f = gf();
2336
+ for (i = 0; i < 31; i++) z[i] = n[i];
2337
+ z[31]=(n[31]&127)|64;
2338
+ z[0]&=248;
2339
+ unpack25519(x,p);
2340
+ for (i = 0; i < 16; i++) {
2341
+ b[i]=x[i];
2342
+ d[i]=a[i]=c[i]=0;
2343
+ }
2344
+ a[0]=d[0]=1;
2345
+ for (i=254; i>=0; --i) {
2346
+ r=(z[i>>>3]>>>(i&7))&1;
2347
+ sel25519(a,b,r);
2348
+ sel25519(c,d,r);
2349
+ A(e,a,c);
2350
+ Z(a,a,c);
2351
+ A(c,b,d);
2352
+ Z(b,b,d);
2353
+ S(d,e);
2354
+ S(f,a);
2355
+ M(a,c,a);
2356
+ M(c,b,e);
2357
+ A(e,a,c);
2358
+ Z(a,a,c);
2359
+ S(b,a);
2360
+ Z(c,d,f);
2361
+ M(a,c,_121665);
2362
+ A(a,a,d);
2363
+ M(c,c,a);
2364
+ M(a,d,f);
2365
+ M(d,b,x);
2366
+ S(b,e);
2367
+ sel25519(a,b,r);
2368
+ sel25519(c,d,r);
2369
+ }
2370
+ for (i = 0; i < 16; i++) {
2371
+ x[i+16]=a[i];
2372
+ x[i+32]=c[i];
2373
+ x[i+48]=b[i];
2374
+ x[i+64]=d[i];
2375
+ }
2376
+ var x32 = x.subarray(32);
2377
+ var x16 = x.subarray(16);
2378
+ inv25519(x32,x32);
2379
+ M(x16,x16,x32);
2380
+ pack25519(q,x16);
2381
+ return 0;
2382
+ }
2383
+
2384
+ function crypto_scalarmult_base(q, n) {
2385
+ return crypto_scalarmult(q, n, _9);
2386
+ }
2387
+
2388
+ function crypto_box_keypair(y, x) {
2389
+ randombytes(x, 32);
2390
+ return crypto_scalarmult_base(y, x);
2391
+ }
2392
+
2393
+ function crypto_box_beforenm(k, y, x) {
2394
+ var s = new Uint8Array(32);
2395
+ crypto_scalarmult(s, x, y);
2396
+ return crypto_core_hsalsa20(k, _0, s, sigma);
2397
+ }
2398
+
2399
+ var crypto_box_afternm = crypto_secretbox;
2400
+ var crypto_box_open_afternm = crypto_secretbox_open;
2401
+
2402
+ function crypto_box(c, m, d, n, y, x) {
2403
+ var k = new Uint8Array(32);
2404
+ crypto_box_beforenm(k, y, x);
2405
+ return crypto_box_afternm(c, m, d, n, k);
2406
+ }
2407
+
2408
+ function crypto_box_open(m, c, d, n, y, x) {
2409
+ var k = new Uint8Array(32);
2410
+ crypto_box_beforenm(k, y, x);
2411
+ return crypto_box_open_afternm(m, c, d, n, k);
2412
+ }
2413
+
2414
+ var K = [
2415
+ 0x428a2f98, 0xd728ae22, 0x71374491, 0x23ef65cd,
2416
+ 0xb5c0fbcf, 0xec4d3b2f, 0xe9b5dba5, 0x8189dbbc,
2417
+ 0x3956c25b, 0xf348b538, 0x59f111f1, 0xb605d019,
2418
+ 0x923f82a4, 0xaf194f9b, 0xab1c5ed5, 0xda6d8118,
2419
+ 0xd807aa98, 0xa3030242, 0x12835b01, 0x45706fbe,
2420
+ 0x243185be, 0x4ee4b28c, 0x550c7dc3, 0xd5ffb4e2,
2421
+ 0x72be5d74, 0xf27b896f, 0x80deb1fe, 0x3b1696b1,
2422
+ 0x9bdc06a7, 0x25c71235, 0xc19bf174, 0xcf692694,
2423
+ 0xe49b69c1, 0x9ef14ad2, 0xefbe4786, 0x384f25e3,
2424
+ 0x0fc19dc6, 0x8b8cd5b5, 0x240ca1cc, 0x77ac9c65,
2425
+ 0x2de92c6f, 0x592b0275, 0x4a7484aa, 0x6ea6e483,
2426
+ 0x5cb0a9dc, 0xbd41fbd4, 0x76f988da, 0x831153b5,
2427
+ 0x983e5152, 0xee66dfab, 0xa831c66d, 0x2db43210,
2428
+ 0xb00327c8, 0x98fb213f, 0xbf597fc7, 0xbeef0ee4,
2429
+ 0xc6e00bf3, 0x3da88fc2, 0xd5a79147, 0x930aa725,
2430
+ 0x06ca6351, 0xe003826f, 0x14292967, 0x0a0e6e70,
2431
+ 0x27b70a85, 0x46d22ffc, 0x2e1b2138, 0x5c26c926,
2432
+ 0x4d2c6dfc, 0x5ac42aed, 0x53380d13, 0x9d95b3df,
2433
+ 0x650a7354, 0x8baf63de, 0x766a0abb, 0x3c77b2a8,
2434
+ 0x81c2c92e, 0x47edaee6, 0x92722c85, 0x1482353b,
2435
+ 0xa2bfe8a1, 0x4cf10364, 0xa81a664b, 0xbc423001,
2436
+ 0xc24b8b70, 0xd0f89791, 0xc76c51a3, 0x0654be30,
2437
+ 0xd192e819, 0xd6ef5218, 0xd6990624, 0x5565a910,
2438
+ 0xf40e3585, 0x5771202a, 0x106aa070, 0x32bbd1b8,
2439
+ 0x19a4c116, 0xb8d2d0c8, 0x1e376c08, 0x5141ab53,
2440
+ 0x2748774c, 0xdf8eeb99, 0x34b0bcb5, 0xe19b48a8,
2441
+ 0x391c0cb3, 0xc5c95a63, 0x4ed8aa4a, 0xe3418acb,
2442
+ 0x5b9cca4f, 0x7763e373, 0x682e6ff3, 0xd6b2b8a3,
2443
+ 0x748f82ee, 0x5defb2fc, 0x78a5636f, 0x43172f60,
2444
+ 0x84c87814, 0xa1f0ab72, 0x8cc70208, 0x1a6439ec,
2445
+ 0x90befffa, 0x23631e28, 0xa4506ceb, 0xde82bde9,
2446
+ 0xbef9a3f7, 0xb2c67915, 0xc67178f2, 0xe372532b,
2447
+ 0xca273ece, 0xea26619c, 0xd186b8c7, 0x21c0c207,
2448
+ 0xeada7dd6, 0xcde0eb1e, 0xf57d4f7f, 0xee6ed178,
2449
+ 0x06f067aa, 0x72176fba, 0x0a637dc5, 0xa2c898a6,
2450
+ 0x113f9804, 0xbef90dae, 0x1b710b35, 0x131c471b,
2451
+ 0x28db77f5, 0x23047d84, 0x32caab7b, 0x40c72493,
2452
+ 0x3c9ebe0a, 0x15c9bebc, 0x431d67c4, 0x9c100d4c,
2453
+ 0x4cc5d4be, 0xcb3e42b6, 0x597f299c, 0xfc657e2a,
2454
+ 0x5fcb6fab, 0x3ad6faec, 0x6c44198c, 0x4a475817
2455
+ ];
2456
+
2457
+ function crypto_hashblocks_hl(hh, hl, m, n) {
2458
+ var wh = new Int32Array(16), wl = new Int32Array(16),
2459
+ bh0, bh1, bh2, bh3, bh4, bh5, bh6, bh7,
2460
+ bl0, bl1, bl2, bl3, bl4, bl5, bl6, bl7,
2461
+ th, tl, i, j, h, l, a, b, c, d;
2462
+
2463
+ var ah0 = hh[0],
2464
+ ah1 = hh[1],
2465
+ ah2 = hh[2],
2466
+ ah3 = hh[3],
2467
+ ah4 = hh[4],
2468
+ ah5 = hh[5],
2469
+ ah6 = hh[6],
2470
+ ah7 = hh[7],
2471
+
2472
+ al0 = hl[0],
2473
+ al1 = hl[1],
2474
+ al2 = hl[2],
2475
+ al3 = hl[3],
2476
+ al4 = hl[4],
2477
+ al5 = hl[5],
2478
+ al6 = hl[6],
2479
+ al7 = hl[7];
2480
+
2481
+ var pos = 0;
2482
+ while (n >= 128) {
2483
+ for (i = 0; i < 16; i++) {
2484
+ j = 8 * i + pos;
2485
+ wh[i] = (m[j+0] << 24) | (m[j+1] << 16) | (m[j+2] << 8) | m[j+3];
2486
+ wl[i] = (m[j+4] << 24) | (m[j+5] << 16) | (m[j+6] << 8) | m[j+7];
2487
+ }
2488
+ for (i = 0; i < 80; i++) {
2489
+ bh0 = ah0;
2490
+ bh1 = ah1;
2491
+ bh2 = ah2;
2492
+ bh3 = ah3;
2493
+ bh4 = ah4;
2494
+ bh5 = ah5;
2495
+ bh6 = ah6;
2496
+ bh7 = ah7;
2497
+
2498
+ bl0 = al0;
2499
+ bl1 = al1;
2500
+ bl2 = al2;
2501
+ bl3 = al3;
2502
+ bl4 = al4;
2503
+ bl5 = al5;
2504
+ bl6 = al6;
2505
+ bl7 = al7;
2506
+
2507
+ // add
2508
+ h = ah7;
2509
+ l = al7;
2510
+
2511
+ a = l & 0xffff; b = l >>> 16;
2512
+ c = h & 0xffff; d = h >>> 16;
2513
+
2514
+ // Sigma1
2515
+ h = ((ah4 >>> 14) | (al4 << (32-14))) ^ ((ah4 >>> 18) | (al4 << (32-18))) ^ ((al4 >>> (41-32)) | (ah4 << (32-(41-32))));
2516
+ l = ((al4 >>> 14) | (ah4 << (32-14))) ^ ((al4 >>> 18) | (ah4 << (32-18))) ^ ((ah4 >>> (41-32)) | (al4 << (32-(41-32))));
2517
+
2518
+ a += l & 0xffff; b += l >>> 16;
2519
+ c += h & 0xffff; d += h >>> 16;
2520
+
2521
+ // Ch
2522
+ h = (ah4 & ah5) ^ (~ah4 & ah6);
2523
+ l = (al4 & al5) ^ (~al4 & al6);
2524
+
2525
+ a += l & 0xffff; b += l >>> 16;
2526
+ c += h & 0xffff; d += h >>> 16;
2527
+
2528
+ // K
2529
+ h = K[i*2];
2530
+ l = K[i*2+1];
2531
+
2532
+ a += l & 0xffff; b += l >>> 16;
2533
+ c += h & 0xffff; d += h >>> 16;
2534
+
2535
+ // w
2536
+ h = wh[i%16];
2537
+ l = wl[i%16];
2538
+
2539
+ a += l & 0xffff; b += l >>> 16;
2540
+ c += h & 0xffff; d += h >>> 16;
2541
+
2542
+ b += a >>> 16;
2543
+ c += b >>> 16;
2544
+ d += c >>> 16;
2545
+
2546
+ th = c & 0xffff | d << 16;
2547
+ tl = a & 0xffff | b << 16;
2548
+
2549
+ // add
2550
+ h = th;
2551
+ l = tl;
2552
+
2553
+ a = l & 0xffff; b = l >>> 16;
2554
+ c = h & 0xffff; d = h >>> 16;
2555
+
2556
+ // Sigma0
2557
+ h = ((ah0 >>> 28) | (al0 << (32-28))) ^ ((al0 >>> (34-32)) | (ah0 << (32-(34-32)))) ^ ((al0 >>> (39-32)) | (ah0 << (32-(39-32))));
2558
+ l = ((al0 >>> 28) | (ah0 << (32-28))) ^ ((ah0 >>> (34-32)) | (al0 << (32-(34-32)))) ^ ((ah0 >>> (39-32)) | (al0 << (32-(39-32))));
2559
+
2560
+ a += l & 0xffff; b += l >>> 16;
2561
+ c += h & 0xffff; d += h >>> 16;
2562
+
2563
+ // Maj
2564
+ h = (ah0 & ah1) ^ (ah0 & ah2) ^ (ah1 & ah2);
2565
+ l = (al0 & al1) ^ (al0 & al2) ^ (al1 & al2);
2566
+
2567
+ a += l & 0xffff; b += l >>> 16;
2568
+ c += h & 0xffff; d += h >>> 16;
2569
+
2570
+ b += a >>> 16;
2571
+ c += b >>> 16;
2572
+ d += c >>> 16;
2573
+
2574
+ bh7 = (c & 0xffff) | (d << 16);
2575
+ bl7 = (a & 0xffff) | (b << 16);
2576
+
2577
+ // add
2578
+ h = bh3;
2579
+ l = bl3;
2580
+
2581
+ a = l & 0xffff; b = l >>> 16;
2582
+ c = h & 0xffff; d = h >>> 16;
2583
+
2584
+ h = th;
2585
+ l = tl;
2586
+
2587
+ a += l & 0xffff; b += l >>> 16;
2588
+ c += h & 0xffff; d += h >>> 16;
2589
+
2590
+ b += a >>> 16;
2591
+ c += b >>> 16;
2592
+ d += c >>> 16;
2593
+
2594
+ bh3 = (c & 0xffff) | (d << 16);
2595
+ bl3 = (a & 0xffff) | (b << 16);
2596
+
2597
+ ah1 = bh0;
2598
+ ah2 = bh1;
2599
+ ah3 = bh2;
2600
+ ah4 = bh3;
2601
+ ah5 = bh4;
2602
+ ah6 = bh5;
2603
+ ah7 = bh6;
2604
+ ah0 = bh7;
2605
+
2606
+ al1 = bl0;
2607
+ al2 = bl1;
2608
+ al3 = bl2;
2609
+ al4 = bl3;
2610
+ al5 = bl4;
2611
+ al6 = bl5;
2612
+ al7 = bl6;
2613
+ al0 = bl7;
2614
+
2615
+ if (i%16 === 15) {
2616
+ for (j = 0; j < 16; j++) {
2617
+ // add
2618
+ h = wh[j];
2619
+ l = wl[j];
2620
+
2621
+ a = l & 0xffff; b = l >>> 16;
2622
+ c = h & 0xffff; d = h >>> 16;
2623
+
2624
+ h = wh[(j+9)%16];
2625
+ l = wl[(j+9)%16];
2626
+
2627
+ a += l & 0xffff; b += l >>> 16;
2628
+ c += h & 0xffff; d += h >>> 16;
2629
+
2630
+ // sigma0
2631
+ th = wh[(j+1)%16];
2632
+ tl = wl[(j+1)%16];
2633
+ h = ((th >>> 1) | (tl << (32-1))) ^ ((th >>> 8) | (tl << (32-8))) ^ (th >>> 7);
2634
+ l = ((tl >>> 1) | (th << (32-1))) ^ ((tl >>> 8) | (th << (32-8))) ^ ((tl >>> 7) | (th << (32-7)));
2635
+
2636
+ a += l & 0xffff; b += l >>> 16;
2637
+ c += h & 0xffff; d += h >>> 16;
2638
+
2639
+ // sigma1
2640
+ th = wh[(j+14)%16];
2641
+ tl = wl[(j+14)%16];
2642
+ h = ((th >>> 19) | (tl << (32-19))) ^ ((tl >>> (61-32)) | (th << (32-(61-32)))) ^ (th >>> 6);
2643
+ l = ((tl >>> 19) | (th << (32-19))) ^ ((th >>> (61-32)) | (tl << (32-(61-32)))) ^ ((tl >>> 6) | (th << (32-6)));
2644
+
2645
+ a += l & 0xffff; b += l >>> 16;
2646
+ c += h & 0xffff; d += h >>> 16;
2647
+
2648
+ b += a >>> 16;
2649
+ c += b >>> 16;
2650
+ d += c >>> 16;
2651
+
2652
+ wh[j] = (c & 0xffff) | (d << 16);
2653
+ wl[j] = (a & 0xffff) | (b << 16);
2654
+ }
2655
+ }
2656
+ }
2657
+
2658
+ // add
2659
+ h = ah0;
2660
+ l = al0;
2661
+
2662
+ a = l & 0xffff; b = l >>> 16;
2663
+ c = h & 0xffff; d = h >>> 16;
2664
+
2665
+ h = hh[0];
2666
+ l = hl[0];
2667
+
2668
+ a += l & 0xffff; b += l >>> 16;
2669
+ c += h & 0xffff; d += h >>> 16;
2670
+
2671
+ b += a >>> 16;
2672
+ c += b >>> 16;
2673
+ d += c >>> 16;
2674
+
2675
+ hh[0] = ah0 = (c & 0xffff) | (d << 16);
2676
+ hl[0] = al0 = (a & 0xffff) | (b << 16);
2677
+
2678
+ h = ah1;
2679
+ l = al1;
2680
+
2681
+ a = l & 0xffff; b = l >>> 16;
2682
+ c = h & 0xffff; d = h >>> 16;
2683
+
2684
+ h = hh[1];
2685
+ l = hl[1];
2686
+
2687
+ a += l & 0xffff; b += l >>> 16;
2688
+ c += h & 0xffff; d += h >>> 16;
2689
+
2690
+ b += a >>> 16;
2691
+ c += b >>> 16;
2692
+ d += c >>> 16;
2693
+
2694
+ hh[1] = ah1 = (c & 0xffff) | (d << 16);
2695
+ hl[1] = al1 = (a & 0xffff) | (b << 16);
2696
+
2697
+ h = ah2;
2698
+ l = al2;
2699
+
2700
+ a = l & 0xffff; b = l >>> 16;
2701
+ c = h & 0xffff; d = h >>> 16;
2702
+
2703
+ h = hh[2];
2704
+ l = hl[2];
2705
+
2706
+ a += l & 0xffff; b += l >>> 16;
2707
+ c += h & 0xffff; d += h >>> 16;
2708
+
2709
+ b += a >>> 16;
2710
+ c += b >>> 16;
2711
+ d += c >>> 16;
2712
+
2713
+ hh[2] = ah2 = (c & 0xffff) | (d << 16);
2714
+ hl[2] = al2 = (a & 0xffff) | (b << 16);
2715
+
2716
+ h = ah3;
2717
+ l = al3;
2718
+
2719
+ a = l & 0xffff; b = l >>> 16;
2720
+ c = h & 0xffff; d = h >>> 16;
2721
+
2722
+ h = hh[3];
2723
+ l = hl[3];
2724
+
2725
+ a += l & 0xffff; b += l >>> 16;
2726
+ c += h & 0xffff; d += h >>> 16;
2727
+
2728
+ b += a >>> 16;
2729
+ c += b >>> 16;
2730
+ d += c >>> 16;
2731
+
2732
+ hh[3] = ah3 = (c & 0xffff) | (d << 16);
2733
+ hl[3] = al3 = (a & 0xffff) | (b << 16);
2734
+
2735
+ h = ah4;
2736
+ l = al4;
2737
+
2738
+ a = l & 0xffff; b = l >>> 16;
2739
+ c = h & 0xffff; d = h >>> 16;
2740
+
2741
+ h = hh[4];
2742
+ l = hl[4];
2743
+
2744
+ a += l & 0xffff; b += l >>> 16;
2745
+ c += h & 0xffff; d += h >>> 16;
2746
+
2747
+ b += a >>> 16;
2748
+ c += b >>> 16;
2749
+ d += c >>> 16;
2750
+
2751
+ hh[4] = ah4 = (c & 0xffff) | (d << 16);
2752
+ hl[4] = al4 = (a & 0xffff) | (b << 16);
2753
+
2754
+ h = ah5;
2755
+ l = al5;
2756
+
2757
+ a = l & 0xffff; b = l >>> 16;
2758
+ c = h & 0xffff; d = h >>> 16;
2759
+
2760
+ h = hh[5];
2761
+ l = hl[5];
2762
+
2763
+ a += l & 0xffff; b += l >>> 16;
2764
+ c += h & 0xffff; d += h >>> 16;
2765
+
2766
+ b += a >>> 16;
2767
+ c += b >>> 16;
2768
+ d += c >>> 16;
2769
+
2770
+ hh[5] = ah5 = (c & 0xffff) | (d << 16);
2771
+ hl[5] = al5 = (a & 0xffff) | (b << 16);
2772
+
2773
+ h = ah6;
2774
+ l = al6;
2775
+
2776
+ a = l & 0xffff; b = l >>> 16;
2777
+ c = h & 0xffff; d = h >>> 16;
2778
+
2779
+ h = hh[6];
2780
+ l = hl[6];
2781
+
2782
+ a += l & 0xffff; b += l >>> 16;
2783
+ c += h & 0xffff; d += h >>> 16;
2784
+
2785
+ b += a >>> 16;
2786
+ c += b >>> 16;
2787
+ d += c >>> 16;
2788
+
2789
+ hh[6] = ah6 = (c & 0xffff) | (d << 16);
2790
+ hl[6] = al6 = (a & 0xffff) | (b << 16);
2791
+
2792
+ h = ah7;
2793
+ l = al7;
2794
+
2795
+ a = l & 0xffff; b = l >>> 16;
2796
+ c = h & 0xffff; d = h >>> 16;
2797
+
2798
+ h = hh[7];
2799
+ l = hl[7];
2800
+
2801
+ a += l & 0xffff; b += l >>> 16;
2802
+ c += h & 0xffff; d += h >>> 16;
2803
+
2804
+ b += a >>> 16;
2805
+ c += b >>> 16;
2806
+ d += c >>> 16;
2807
+
2808
+ hh[7] = ah7 = (c & 0xffff) | (d << 16);
2809
+ hl[7] = al7 = (a & 0xffff) | (b << 16);
2810
+
2811
+ pos += 128;
2812
+ n -= 128;
2813
+ }
2814
+
2815
+ return n;
2816
+ }
2817
+
2818
+ function crypto_hash(out, m, n) {
2819
+ var hh = new Int32Array(8),
2820
+ hl = new Int32Array(8),
2821
+ x = new Uint8Array(256),
2822
+ i, b = n;
2823
+
2824
+ hh[0] = 0x6a09e667;
2825
+ hh[1] = 0xbb67ae85;
2826
+ hh[2] = 0x3c6ef372;
2827
+ hh[3] = 0xa54ff53a;
2828
+ hh[4] = 0x510e527f;
2829
+ hh[5] = 0x9b05688c;
2830
+ hh[6] = 0x1f83d9ab;
2831
+ hh[7] = 0x5be0cd19;
2832
+
2833
+ hl[0] = 0xf3bcc908;
2834
+ hl[1] = 0x84caa73b;
2835
+ hl[2] = 0xfe94f82b;
2836
+ hl[3] = 0x5f1d36f1;
2837
+ hl[4] = 0xade682d1;
2838
+ hl[5] = 0x2b3e6c1f;
2839
+ hl[6] = 0xfb41bd6b;
2840
+ hl[7] = 0x137e2179;
2841
+
2842
+ crypto_hashblocks_hl(hh, hl, m, n);
2843
+ n %= 128;
2844
+
2845
+ for (i = 0; i < n; i++) x[i] = m[b-n+i];
2846
+ x[n] = 128;
2847
+
2848
+ n = 256-128*(n<112?1:0);
2849
+ x[n-9] = 0;
2850
+ ts64(x, n-8, (b / 0x20000000) | 0, b << 3);
2851
+ crypto_hashblocks_hl(hh, hl, x, n);
2852
+
2853
+ for (i = 0; i < 8; i++) ts64(out, 8*i, hh[i], hl[i]);
2854
+
2855
+ return 0;
2856
+ }
2857
+
2858
+ function add(p, q) {
2859
+ var a = gf(), b = gf(), c = gf(),
2860
+ d = gf(), e = gf(), f = gf(),
2861
+ g = gf(), h = gf(), t = gf();
2862
+
2863
+ Z(a, p[1], p[0]);
2864
+ Z(t, q[1], q[0]);
2865
+ M(a, a, t);
2866
+ A(b, p[0], p[1]);
2867
+ A(t, q[0], q[1]);
2868
+ M(b, b, t);
2869
+ M(c, p[3], q[3]);
2870
+ M(c, c, D2);
2871
+ M(d, p[2], q[2]);
2872
+ A(d, d, d);
2873
+ Z(e, b, a);
2874
+ Z(f, d, c);
2875
+ A(g, d, c);
2876
+ A(h, b, a);
2877
+
2878
+ M(p[0], e, f);
2879
+ M(p[1], h, g);
2880
+ M(p[2], g, f);
2881
+ M(p[3], e, h);
2882
+ }
2883
+
2884
+ function cswap(p, q, b) {
2885
+ var i;
2886
+ for (i = 0; i < 4; i++) {
2887
+ sel25519(p[i], q[i], b);
2888
+ }
2889
+ }
2890
+
2891
+ function pack(r, p) {
2892
+ var tx = gf(), ty = gf(), zi = gf();
2893
+ inv25519(zi, p[2]);
2894
+ M(tx, p[0], zi);
2895
+ M(ty, p[1], zi);
2896
+ pack25519(r, ty);
2897
+ r[31] ^= par25519(tx) << 7;
2898
+ }
2899
+
2900
+ function scalarmult(p, q, s) {
2901
+ var b, i;
2902
+ set25519(p[0], gf0);
2903
+ set25519(p[1], gf1);
2904
+ set25519(p[2], gf1);
2905
+ set25519(p[3], gf0);
2906
+ for (i = 255; i >= 0; --i) {
2907
+ b = (s[(i/8)|0] >> (i&7)) & 1;
2908
+ cswap(p, q, b);
2909
+ add(q, p);
2910
+ add(p, p);
2911
+ cswap(p, q, b);
2912
+ }
2913
+ }
2914
+
2915
+ function scalarbase(p, s) {
2916
+ var q = [gf(), gf(), gf(), gf()];
2917
+ set25519(q[0], X);
2918
+ set25519(q[1], Y);
2919
+ set25519(q[2], gf1);
2920
+ M(q[3], X, Y);
2921
+ scalarmult(p, q, s);
2922
+ }
2923
+
2924
+ function crypto_sign_keypair(pk, sk, seeded) {
2925
+ var d = new Uint8Array(64);
2926
+ var p = [gf(), gf(), gf(), gf()];
2927
+ var i;
2928
+
2929
+ if (!seeded) randombytes(sk, 32);
2930
+ crypto_hash(d, sk, 32);
2931
+ d[0] &= 248;
2932
+ d[31] &= 127;
2933
+ d[31] |= 64;
2934
+
2935
+ scalarbase(p, d);
2936
+ pack(pk, p);
2937
+
2938
+ for (i = 0; i < 32; i++) sk[i+32] = pk[i];
2939
+ return 0;
2940
+ }
2941
+
2942
+ var L = new Float64Array([0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x10]);
2943
+
2944
+ function modL(r, x) {
2945
+ var carry, i, j, k;
2946
+ for (i = 63; i >= 32; --i) {
2947
+ carry = 0;
2948
+ for (j = i - 32, k = i - 12; j < k; ++j) {
2949
+ x[j] += carry - 16 * x[i] * L[j - (i - 32)];
2950
+ carry = Math.floor((x[j] + 128) / 256);
2951
+ x[j] -= carry * 256;
2952
+ }
2953
+ x[j] += carry;
2954
+ x[i] = 0;
2955
+ }
2956
+ carry = 0;
2957
+ for (j = 0; j < 32; j++) {
2958
+ x[j] += carry - (x[31] >> 4) * L[j];
2959
+ carry = x[j] >> 8;
2960
+ x[j] &= 255;
2961
+ }
2962
+ for (j = 0; j < 32; j++) x[j] -= carry * L[j];
2963
+ for (i = 0; i < 32; i++) {
2964
+ x[i+1] += x[i] >> 8;
2965
+ r[i] = x[i] & 255;
2966
+ }
2967
+ }
2968
+
2969
+ function reduce(r) {
2970
+ var x = new Float64Array(64), i;
2971
+ for (i = 0; i < 64; i++) x[i] = r[i];
2972
+ for (i = 0; i < 64; i++) r[i] = 0;
2973
+ modL(r, x);
2974
+ }
2975
+
2976
+ // Note: difference from C - smlen returned, not passed as argument.
2977
+ function crypto_sign(sm, m, n, sk) {
2978
+ var d = new Uint8Array(64), h = new Uint8Array(64), r = new Uint8Array(64);
2979
+ var i, j, x = new Float64Array(64);
2980
+ var p = [gf(), gf(), gf(), gf()];
2981
+
2982
+ crypto_hash(d, sk, 32);
2983
+ d[0] &= 248;
2984
+ d[31] &= 127;
2985
+ d[31] |= 64;
2986
+
2987
+ var smlen = n + 64;
2988
+ for (i = 0; i < n; i++) sm[64 + i] = m[i];
2989
+ for (i = 0; i < 32; i++) sm[32 + i] = d[32 + i];
2990
+
2991
+ crypto_hash(r, sm.subarray(32), n+32);
2992
+ reduce(r);
2993
+ scalarbase(p, r);
2994
+ pack(sm, p);
2995
+
2996
+ for (i = 32; i < 64; i++) sm[i] = sk[i];
2997
+ crypto_hash(h, sm, n + 64);
2998
+ reduce(h);
2999
+
3000
+ for (i = 0; i < 64; i++) x[i] = 0;
3001
+ for (i = 0; i < 32; i++) x[i] = r[i];
3002
+ for (i = 0; i < 32; i++) {
3003
+ for (j = 0; j < 32; j++) {
3004
+ x[i+j] += h[i] * d[j];
3005
+ }
3006
+ }
3007
+
3008
+ modL(sm.subarray(32), x);
3009
+ return smlen;
3010
+ }
3011
+
3012
+ function unpackneg(r, p) {
3013
+ var t = gf(), chk = gf(), num = gf(),
3014
+ den = gf(), den2 = gf(), den4 = gf(),
3015
+ den6 = gf();
3016
+
3017
+ set25519(r[2], gf1);
3018
+ unpack25519(r[1], p);
3019
+ S(num, r[1]);
3020
+ M(den, num, D);
3021
+ Z(num, num, r[2]);
3022
+ A(den, r[2], den);
3023
+
3024
+ S(den2, den);
3025
+ S(den4, den2);
3026
+ M(den6, den4, den2);
3027
+ M(t, den6, num);
3028
+ M(t, t, den);
3029
+
3030
+ pow2523(t, t);
3031
+ M(t, t, num);
3032
+ M(t, t, den);
3033
+ M(t, t, den);
3034
+ M(r[0], t, den);
3035
+
3036
+ S(chk, r[0]);
3037
+ M(chk, chk, den);
3038
+ if (neq25519(chk, num)) M(r[0], r[0], I);
3039
+
3040
+ S(chk, r[0]);
3041
+ M(chk, chk, den);
3042
+ if (neq25519(chk, num)) return -1;
3043
+
3044
+ if (par25519(r[0]) === (p[31]>>7)) Z(r[0], gf0, r[0]);
3045
+
3046
+ M(r[3], r[0], r[1]);
3047
+ return 0;
3048
+ }
3049
+
3050
+ function crypto_sign_open(m, sm, n, pk) {
3051
+ var i;
3052
+ var t = new Uint8Array(32), h = new Uint8Array(64);
3053
+ var p = [gf(), gf(), gf(), gf()],
3054
+ q = [gf(), gf(), gf(), gf()];
3055
+
3056
+ if (n < 64) return -1;
3057
+
3058
+ if (unpackneg(q, pk)) return -1;
3059
+
3060
+ for (i = 0; i < n; i++) m[i] = sm[i];
3061
+ for (i = 0; i < 32; i++) m[i+32] = pk[i];
3062
+ crypto_hash(h, m, n);
3063
+ reduce(h);
3064
+ scalarmult(p, q, h);
3065
+
3066
+ scalarbase(q, sm.subarray(32));
3067
+ add(p, q);
3068
+ pack(t, p);
3069
+
3070
+ n -= 64;
3071
+ if (crypto_verify_32(sm, 0, t, 0)) {
3072
+ for (i = 0; i < n; i++) m[i] = 0;
3073
+ return -1;
3074
+ }
3075
+
3076
+ for (i = 0; i < n; i++) m[i] = sm[i + 64];
3077
+ return n;
3078
+ }
3079
+
3080
+ var crypto_secretbox_KEYBYTES = 32,
3081
+ crypto_secretbox_NONCEBYTES = 24,
3082
+ crypto_secretbox_ZEROBYTES = 32,
3083
+ crypto_secretbox_BOXZEROBYTES = 16,
3084
+ crypto_scalarmult_BYTES = 32,
3085
+ crypto_scalarmult_SCALARBYTES = 32,
3086
+ crypto_box_PUBLICKEYBYTES = 32,
3087
+ crypto_box_SECRETKEYBYTES = 32,
3088
+ crypto_box_BEFORENMBYTES = 32,
3089
+ crypto_box_NONCEBYTES = crypto_secretbox_NONCEBYTES,
3090
+ crypto_box_ZEROBYTES = crypto_secretbox_ZEROBYTES,
3091
+ crypto_box_BOXZEROBYTES = crypto_secretbox_BOXZEROBYTES,
3092
+ crypto_sign_BYTES = 64,
3093
+ crypto_sign_PUBLICKEYBYTES = 32,
3094
+ crypto_sign_SECRETKEYBYTES = 64,
3095
+ crypto_sign_SEEDBYTES = 32,
3096
+ crypto_hash_BYTES = 64;
3097
+
3098
+ nacl.lowlevel = {
3099
+ crypto_core_hsalsa20: crypto_core_hsalsa20,
3100
+ crypto_stream_xor: crypto_stream_xor,
3101
+ crypto_stream: crypto_stream,
3102
+ crypto_stream_salsa20_xor: crypto_stream_salsa20_xor,
3103
+ crypto_stream_salsa20: crypto_stream_salsa20,
3104
+ crypto_onetimeauth: crypto_onetimeauth,
3105
+ crypto_onetimeauth_verify: crypto_onetimeauth_verify,
3106
+ crypto_verify_16: crypto_verify_16,
3107
+ crypto_verify_32: crypto_verify_32,
3108
+ crypto_secretbox: crypto_secretbox,
3109
+ crypto_secretbox_open: crypto_secretbox_open,
3110
+ crypto_scalarmult: crypto_scalarmult,
3111
+ crypto_scalarmult_base: crypto_scalarmult_base,
3112
+ crypto_box_beforenm: crypto_box_beforenm,
3113
+ crypto_box_afternm: crypto_box_afternm,
3114
+ crypto_box: crypto_box,
3115
+ crypto_box_open: crypto_box_open,
3116
+ crypto_box_keypair: crypto_box_keypair,
3117
+ crypto_hash: crypto_hash,
3118
+ crypto_sign: crypto_sign,
3119
+ crypto_sign_keypair: crypto_sign_keypair,
3120
+ crypto_sign_open: crypto_sign_open,
3121
+
3122
+ crypto_secretbox_KEYBYTES: crypto_secretbox_KEYBYTES,
3123
+ crypto_secretbox_NONCEBYTES: crypto_secretbox_NONCEBYTES,
3124
+ crypto_secretbox_ZEROBYTES: crypto_secretbox_ZEROBYTES,
3125
+ crypto_secretbox_BOXZEROBYTES: crypto_secretbox_BOXZEROBYTES,
3126
+ crypto_scalarmult_BYTES: crypto_scalarmult_BYTES,
3127
+ crypto_scalarmult_SCALARBYTES: crypto_scalarmult_SCALARBYTES,
3128
+ crypto_box_PUBLICKEYBYTES: crypto_box_PUBLICKEYBYTES,
3129
+ crypto_box_SECRETKEYBYTES: crypto_box_SECRETKEYBYTES,
3130
+ crypto_box_BEFORENMBYTES: crypto_box_BEFORENMBYTES,
3131
+ crypto_box_NONCEBYTES: crypto_box_NONCEBYTES,
3132
+ crypto_box_ZEROBYTES: crypto_box_ZEROBYTES,
3133
+ crypto_box_BOXZEROBYTES: crypto_box_BOXZEROBYTES,
3134
+ crypto_sign_BYTES: crypto_sign_BYTES,
3135
+ crypto_sign_PUBLICKEYBYTES: crypto_sign_PUBLICKEYBYTES,
3136
+ crypto_sign_SECRETKEYBYTES: crypto_sign_SECRETKEYBYTES,
3137
+ crypto_sign_SEEDBYTES: crypto_sign_SEEDBYTES,
3138
+ crypto_hash_BYTES: crypto_hash_BYTES,
3139
+
3140
+ gf: gf,
3141
+ D: D,
3142
+ L: L,
3143
+ pack25519: pack25519,
3144
+ unpack25519: unpack25519,
3145
+ M: M,
3146
+ A: A,
3147
+ S: S,
3148
+ Z: Z,
3149
+ pow2523: pow2523,
3150
+ add: add,
3151
+ set25519: set25519,
3152
+ modL: modL,
3153
+ scalarmult: scalarmult,
3154
+ scalarbase: scalarbase,
3155
+ };
3156
+
3157
+ /* High-level API */
3158
+
3159
+ function checkLengths(k, n) {
3160
+ if (k.length !== crypto_secretbox_KEYBYTES) throw new Error('bad key size');
3161
+ if (n.length !== crypto_secretbox_NONCEBYTES) throw new Error('bad nonce size');
3162
+ }
3163
+
3164
+ function checkBoxLengths(pk, sk) {
3165
+ if (pk.length !== crypto_box_PUBLICKEYBYTES) throw new Error('bad public key size');
3166
+ if (sk.length !== crypto_box_SECRETKEYBYTES) throw new Error('bad secret key size');
3167
+ }
3168
+
3169
+ function checkArrayTypes() {
3170
+ for (var i = 0; i < arguments.length; i++) {
3171
+ if (!(arguments[i] instanceof Uint8Array))
3172
+ throw new TypeError('unexpected type, use Uint8Array');
3173
+ }
3174
+ }
3175
+
3176
+ function cleanup(arr) {
3177
+ for (var i = 0; i < arr.length; i++) arr[i] = 0;
3178
+ }
3179
+
3180
+ nacl.randomBytes = function(n) {
3181
+ var b = new Uint8Array(n);
3182
+ randombytes(b, n);
3183
+ return b;
3184
+ };
3185
+
3186
+ nacl.secretbox = function(msg, nonce, key) {
3187
+ checkArrayTypes(msg, nonce, key);
3188
+ checkLengths(key, nonce);
3189
+ var m = new Uint8Array(crypto_secretbox_ZEROBYTES + msg.length);
3190
+ var c = new Uint8Array(m.length);
3191
+ for (var i = 0; i < msg.length; i++) m[i+crypto_secretbox_ZEROBYTES] = msg[i];
3192
+ crypto_secretbox(c, m, m.length, nonce, key);
3193
+ return c.subarray(crypto_secretbox_BOXZEROBYTES);
3194
+ };
3195
+
3196
+ nacl.secretbox.open = function(box, nonce, key) {
3197
+ checkArrayTypes(box, nonce, key);
3198
+ checkLengths(key, nonce);
3199
+ var c = new Uint8Array(crypto_secretbox_BOXZEROBYTES + box.length);
3200
+ var m = new Uint8Array(c.length);
3201
+ for (var i = 0; i < box.length; i++) c[i+crypto_secretbox_BOXZEROBYTES] = box[i];
3202
+ if (c.length < 32) return null;
3203
+ if (crypto_secretbox_open(m, c, c.length, nonce, key) !== 0) return null;
3204
+ return m.subarray(crypto_secretbox_ZEROBYTES);
3205
+ };
3206
+
3207
+ nacl.secretbox.keyLength = crypto_secretbox_KEYBYTES;
3208
+ nacl.secretbox.nonceLength = crypto_secretbox_NONCEBYTES;
3209
+ nacl.secretbox.overheadLength = crypto_secretbox_BOXZEROBYTES;
3210
+
3211
+ nacl.scalarMult = function(n, p) {
3212
+ checkArrayTypes(n, p);
3213
+ if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');
3214
+ if (p.length !== crypto_scalarmult_BYTES) throw new Error('bad p size');
3215
+ var q = new Uint8Array(crypto_scalarmult_BYTES);
3216
+ crypto_scalarmult(q, n, p);
3217
+ return q;
3218
+ };
3219
+
3220
+ nacl.scalarMult.base = function(n) {
3221
+ checkArrayTypes(n);
3222
+ if (n.length !== crypto_scalarmult_SCALARBYTES) throw new Error('bad n size');
3223
+ var q = new Uint8Array(crypto_scalarmult_BYTES);
3224
+ crypto_scalarmult_base(q, n);
3225
+ return q;
3226
+ };
3227
+
3228
+ nacl.scalarMult.scalarLength = crypto_scalarmult_SCALARBYTES;
3229
+ nacl.scalarMult.groupElementLength = crypto_scalarmult_BYTES;
3230
+
3231
+ nacl.box = function(msg, nonce, publicKey, secretKey) {
3232
+ var k = nacl.box.before(publicKey, secretKey);
3233
+ return nacl.secretbox(msg, nonce, k);
3234
+ };
3235
+
3236
+ nacl.box.before = function(publicKey, secretKey) {
3237
+ checkArrayTypes(publicKey, secretKey);
3238
+ checkBoxLengths(publicKey, secretKey);
3239
+ var k = new Uint8Array(crypto_box_BEFORENMBYTES);
3240
+ crypto_box_beforenm(k, publicKey, secretKey);
3241
+ return k;
3242
+ };
3243
+
3244
+ nacl.box.after = nacl.secretbox;
3245
+
3246
+ nacl.box.open = function(msg, nonce, publicKey, secretKey) {
3247
+ var k = nacl.box.before(publicKey, secretKey);
3248
+ return nacl.secretbox.open(msg, nonce, k);
3249
+ };
3250
+
3251
+ nacl.box.open.after = nacl.secretbox.open;
3252
+
3253
+ nacl.box.keyPair = function() {
3254
+ var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
3255
+ var sk = new Uint8Array(crypto_box_SECRETKEYBYTES);
3256
+ crypto_box_keypair(pk, sk);
3257
+ return {publicKey: pk, secretKey: sk};
3258
+ };
3259
+
3260
+ nacl.box.keyPair.fromSecretKey = function(secretKey) {
3261
+ checkArrayTypes(secretKey);
3262
+ if (secretKey.length !== crypto_box_SECRETKEYBYTES)
3263
+ throw new Error('bad secret key size');
3264
+ var pk = new Uint8Array(crypto_box_PUBLICKEYBYTES);
3265
+ crypto_scalarmult_base(pk, secretKey);
3266
+ return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
3267
+ };
3268
+
3269
+ nacl.box.publicKeyLength = crypto_box_PUBLICKEYBYTES;
3270
+ nacl.box.secretKeyLength = crypto_box_SECRETKEYBYTES;
3271
+ nacl.box.sharedKeyLength = crypto_box_BEFORENMBYTES;
3272
+ nacl.box.nonceLength = crypto_box_NONCEBYTES;
3273
+ nacl.box.overheadLength = nacl.secretbox.overheadLength;
3274
+
3275
+ nacl.sign = function(msg, secretKey) {
3276
+ checkArrayTypes(msg, secretKey);
3277
+ if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
3278
+ throw new Error('bad secret key size');
3279
+ var signedMsg = new Uint8Array(crypto_sign_BYTES+msg.length);
3280
+ crypto_sign(signedMsg, msg, msg.length, secretKey);
3281
+ return signedMsg;
3282
+ };
3283
+
3284
+ nacl.sign.open = function(signedMsg, publicKey) {
3285
+ checkArrayTypes(signedMsg, publicKey);
3286
+ if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)
3287
+ throw new Error('bad public key size');
3288
+ var tmp = new Uint8Array(signedMsg.length);
3289
+ var mlen = crypto_sign_open(tmp, signedMsg, signedMsg.length, publicKey);
3290
+ if (mlen < 0) return null;
3291
+ var m = new Uint8Array(mlen);
3292
+ for (var i = 0; i < m.length; i++) m[i] = tmp[i];
3293
+ return m;
3294
+ };
3295
+
3296
+ nacl.sign.detached = function(msg, secretKey) {
3297
+ var signedMsg = nacl.sign(msg, secretKey);
3298
+ var sig = new Uint8Array(crypto_sign_BYTES);
3299
+ for (var i = 0; i < sig.length; i++) sig[i] = signedMsg[i];
3300
+ return sig;
3301
+ };
3302
+
3303
+ nacl.sign.detached.verify = function(msg, sig, publicKey) {
3304
+ checkArrayTypes(msg, sig, publicKey);
3305
+ if (sig.length !== crypto_sign_BYTES)
3306
+ throw new Error('bad signature size');
3307
+ if (publicKey.length !== crypto_sign_PUBLICKEYBYTES)
3308
+ throw new Error('bad public key size');
3309
+ var sm = new Uint8Array(crypto_sign_BYTES + msg.length);
3310
+ var m = new Uint8Array(crypto_sign_BYTES + msg.length);
3311
+ var i;
3312
+ for (i = 0; i < crypto_sign_BYTES; i++) sm[i] = sig[i];
3313
+ for (i = 0; i < msg.length; i++) sm[i+crypto_sign_BYTES] = msg[i];
3314
+ return (crypto_sign_open(m, sm, sm.length, publicKey) >= 0);
3315
+ };
3316
+
3317
+ nacl.sign.keyPair = function() {
3318
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
3319
+ var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
3320
+ crypto_sign_keypair(pk, sk);
3321
+ return {publicKey: pk, secretKey: sk};
3322
+ };
3323
+
3324
+ nacl.sign.keyPair.fromSecretKey = function(secretKey) {
3325
+ checkArrayTypes(secretKey);
3326
+ if (secretKey.length !== crypto_sign_SECRETKEYBYTES)
3327
+ throw new Error('bad secret key size');
3328
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
3329
+ for (var i = 0; i < pk.length; i++) pk[i] = secretKey[32+i];
3330
+ return {publicKey: pk, secretKey: new Uint8Array(secretKey)};
3331
+ };
3332
+
3333
+ nacl.sign.keyPair.fromSeed = function(seed) {
3334
+ checkArrayTypes(seed);
3335
+ if (seed.length !== crypto_sign_SEEDBYTES)
3336
+ throw new Error('bad seed size');
3337
+ var pk = new Uint8Array(crypto_sign_PUBLICKEYBYTES);
3338
+ var sk = new Uint8Array(crypto_sign_SECRETKEYBYTES);
3339
+ for (var i = 0; i < 32; i++) sk[i] = seed[i];
3340
+ crypto_sign_keypair(pk, sk, true);
3341
+ return {publicKey: pk, secretKey: sk};
3342
+ };
3343
+
3344
+ nacl.sign.publicKeyLength = crypto_sign_PUBLICKEYBYTES;
3345
+ nacl.sign.secretKeyLength = crypto_sign_SECRETKEYBYTES;
3346
+ nacl.sign.seedLength = crypto_sign_SEEDBYTES;
3347
+ nacl.sign.signatureLength = crypto_sign_BYTES;
3348
+
3349
+ nacl.hash = function(msg) {
3350
+ checkArrayTypes(msg);
3351
+ var h = new Uint8Array(crypto_hash_BYTES);
3352
+ crypto_hash(h, msg, msg.length);
3353
+ return h;
3354
+ };
3355
+
3356
+ nacl.hash.hashLength = crypto_hash_BYTES;
3357
+
3358
+ nacl.verify = function(x, y) {
3359
+ checkArrayTypes(x, y);
3360
+ // Zero length arguments are considered not equal.
3361
+ if (x.length === 0 || y.length === 0) return false;
3362
+ if (x.length !== y.length) return false;
3363
+ return (vn(x, 0, y, 0, x.length) === 0) ? true : false;
3364
+ };
3365
+
3366
+ nacl.setPRNG = function(fn) {
3367
+ randombytes = fn;
3368
+ };
3369
+
3370
+ (function() {
3371
+ // Initialize PRNG if environment provides CSPRNG.
3372
+ // If not, methods calling randombytes will throw.
3373
+ var crypto = typeof self !== 'undefined' ? (self.crypto || self.msCrypto) : null;
3374
+ if (crypto && crypto.getRandomValues) {
3375
+ // Browsers.
3376
+ var QUOTA = 65536;
3377
+ nacl.setPRNG(function(x, n) {
3378
+ var i, v = new Uint8Array(n);
3379
+ for (i = 0; i < n; i += QUOTA) {
3380
+ crypto.getRandomValues(v.subarray(i, i + Math.min(n - i, QUOTA)));
3381
+ }
3382
+ for (i = 0; i < n; i++) x[i] = v[i];
3383
+ cleanup(v);
3384
+ });
3385
+ } else if (typeof commonjsRequire !== 'undefined') {
3386
+ // Node.js.
3387
+ crypto = require$$0;
3388
+ if (crypto && crypto.randomBytes) {
3389
+ nacl.setPRNG(function(x, n) {
3390
+ var i, v = crypto.randomBytes(n);
3391
+ for (i = 0; i < n; i++) x[i] = v[i];
3392
+ cleanup(v);
3393
+ });
3394
+ }
3395
+ }
3396
+ })();
3397
+
3398
+ })(module.exports ? module.exports : (self.nacl = self.nacl || {}));
3399
+ } (naclFast));
3400
+ return naclFast.exports;
3401
+ }
3402
+
3403
+ requireNaclFast();
3404
+
1002
3405
  // src/PhantomClient.ts
1003
3406
  var CAIP2_NETWORK_MAPPINGS = {
1004
3407
  // Solana networks
@@ -2954,13 +5357,13 @@ function createAutoConfirmPlugin() {
2954
5357
  };
2955
5358
  }
2956
5359
 
2957
- var eventemitter3 = {exports: {}};
5360
+ var eventemitter3$1 = {exports: {}};
2958
5361
 
2959
- var hasRequiredEventemitter3;
5362
+ var hasRequiredEventemitter3$1;
2960
5363
 
2961
- function requireEventemitter3 () {
2962
- if (hasRequiredEventemitter3) return eventemitter3.exports;
2963
- hasRequiredEventemitter3 = 1;
5364
+ function requireEventemitter3$1 () {
5365
+ if (hasRequiredEventemitter3$1) return eventemitter3$1.exports;
5366
+ hasRequiredEventemitter3$1 = 1;
2964
5367
  (function (module) {
2965
5368
 
2966
5369
  var has = Object.prototype.hasOwnProperty
@@ -3297,12 +5700,12 @@ function requireEventemitter3 () {
3297
5700
  {
3298
5701
  module.exports = EventEmitter;
3299
5702
  }
3300
- } (eventemitter3));
3301
- return eventemitter3.exports;
5703
+ } (eventemitter3$1));
5704
+ return eventemitter3$1.exports;
3302
5705
  }
3303
5706
 
3304
- var eventemitter3Exports = requireEventemitter3();
3305
- var EventEmitter3 = /*@__PURE__*/getDefaultExportFromCjs(eventemitter3Exports);
5707
+ var eventemitter3Exports$1 = requireEventemitter3$1();
5708
+ var EventEmitter3 = /*@__PURE__*/getDefaultExportFromCjs(eventemitter3Exports$1);
3306
5709
 
3307
5710
  // src/index.ts
3308
5711
  var isBrowser = typeof window !== "undefined" && typeof window.btoa !== "undefined";
@@ -8623,300 +11026,650 @@ class Transaction {
8623
11026
  assertArgument(result.isSigned(), "unsigned transaction cannot define '.hash'", "tx", tx);
8624
11027
  assertArgument(result.hash === tx.hash, "hash mismatch", "tx", tx);
8625
11028
  }
8626
- if (tx.from != null) {
8627
- assertArgument(result.isSigned(), "unsigned transaction cannot define '.from'", "tx", tx);
8628
- assertArgument(result.from.toLowerCase() === (tx.from || "").toLowerCase(), "from mismatch", "tx", tx);
11029
+ if (tx.from != null) {
11030
+ assertArgument(result.isSigned(), "unsigned transaction cannot define '.from'", "tx", tx);
11031
+ assertArgument(result.from.toLowerCase() === (tx.from || "").toLowerCase(), "from mismatch", "tx", tx);
11032
+ }
11033
+ return result;
11034
+ }
11035
+ }
11036
+
11037
+ // src/index.ts
11038
+ function parseSignMessageResponse(base64Response, networkId) {
11039
+ const networkPrefix = networkId.split(":")[0].toLowerCase();
11040
+ switch (networkPrefix) {
11041
+ case "solana":
11042
+ return parseSolanaSignatureResponse(base64Response);
11043
+ case "eip155":
11044
+ case "ethereum":
11045
+ return parseEVMSignatureResponse(base64Response);
11046
+ case "sui":
11047
+ return parseSuiSignatureResponse(base64Response);
11048
+ case "bip122":
11049
+ case "bitcoin":
11050
+ return parseBitcoinSignatureResponse(base64Response);
11051
+ default:
11052
+ return {
11053
+ signature: base64Response,
11054
+ rawSignature: base64Response
11055
+ };
11056
+ }
11057
+ }
11058
+ function parseTransactionResponse(base64RawTransaction, networkId, hash) {
11059
+ let rawTransaction = base64RawTransaction;
11060
+ if (isEthereumChain(networkId)) {
11061
+ try {
11062
+ const txBytes = base64urlDecode(base64RawTransaction);
11063
+ rawTransaction = "0x" + bufferExports.Buffer.from(txBytes).toString("hex");
11064
+ } catch (error) {
11065
+ rawTransaction = base64RawTransaction.startsWith("0x") ? base64RawTransaction : "0x" + base64RawTransaction;
11066
+ }
11067
+ }
11068
+ if (hash) {
11069
+ return {
11070
+ hash,
11071
+ rawTransaction,
11072
+ blockExplorer: getExplorerUrl(networkId, "transaction", hash)
11073
+ };
11074
+ } else {
11075
+ return {
11076
+ rawTransaction
11077
+ };
11078
+ }
11079
+ }
11080
+ function parseSolanaSignatureResponse(base64Response) {
11081
+ try {
11082
+ const signatureBytes = base64urlDecode(base64Response);
11083
+ const signature = base58.encode(signatureBytes);
11084
+ return {
11085
+ signature,
11086
+ rawSignature: base64Response
11087
+ };
11088
+ } catch (error) {
11089
+ return {
11090
+ signature: base64Response,
11091
+ rawSignature: base64Response
11092
+ };
11093
+ }
11094
+ }
11095
+ function parseEVMSignatureResponse(base64Response) {
11096
+ const signatureBytes = base64urlDecode(base64Response);
11097
+ const signature = "0x" + bufferExports.Buffer.from(signatureBytes).toString("hex");
11098
+ return {
11099
+ signature,
11100
+ rawSignature: base64Response
11101
+ };
11102
+ }
11103
+ function parseSuiSignatureResponse(base64Response) {
11104
+ try {
11105
+ const signatureBytes = base64urlDecode(base64Response);
11106
+ const signature = bufferExports.Buffer.from(signatureBytes).toString("base64");
11107
+ return {
11108
+ signature,
11109
+ rawSignature: base64Response
11110
+ };
11111
+ } catch (error) {
11112
+ return {
11113
+ signature: base64Response,
11114
+ rawSignature: base64Response
11115
+ };
11116
+ }
11117
+ }
11118
+ function parseBitcoinSignatureResponse(base64Response) {
11119
+ try {
11120
+ const signatureBytes = base64urlDecode(base64Response);
11121
+ const signature = bufferExports.Buffer.from(signatureBytes).toString("hex");
11122
+ return {
11123
+ signature,
11124
+ rawSignature: base64Response
11125
+ };
11126
+ } catch (error) {
11127
+ return {
11128
+ signature: base64Response,
11129
+ rawSignature: base64Response
11130
+ };
11131
+ }
11132
+ }
11133
+ function parseSolanaSignedTransaction(base64RawTransaction) {
11134
+ try {
11135
+ const transactionBytes = base64urlDecode(base64RawTransaction);
11136
+ return deserializeSolanaTransaction(transactionBytes);
11137
+ } catch (error) {
11138
+ return null;
11139
+ }
11140
+ }
11141
+ function deserializeSolanaTransaction(transactionBytes) {
11142
+ try {
11143
+ const transaction = Transaction$1.from(transactionBytes);
11144
+ return transaction;
11145
+ } catch (legacyError) {
11146
+ if (legacyError instanceof Error && legacyError.message.includes("Versioned messages")) {
11147
+ const versionedTransaction = VersionedTransaction.deserialize(transactionBytes);
11148
+ return versionedTransaction;
11149
+ }
11150
+ throw legacyError;
11151
+ }
11152
+ }
11153
+
11154
+ // src/index.ts
11155
+ async function parseToKmsTransaction(transaction, networkId) {
11156
+ const networkPrefix = networkId.split(":")[0].toLowerCase();
11157
+ switch (networkPrefix) {
11158
+ case "solana":
11159
+ return parseSolanaTransactionToBase64Url(transaction);
11160
+ case "ethereum":
11161
+ case "eip155":
11162
+ case "polygon":
11163
+ case "optimism":
11164
+ case "arbitrum":
11165
+ case "base":
11166
+ return parseEVMTransactionToHex(transaction);
11167
+ case "sui":
11168
+ return await parseSuiTransactionToBase64Url(transaction);
11169
+ case "bitcoin":
11170
+ return parseBitcoinTransactionToBase64Url(transaction);
11171
+ default:
11172
+ throw new Error(`Unsupported network: ${networkPrefix}`);
11173
+ }
11174
+ }
11175
+ function parseSolanaTransactionToBase64Url(transaction) {
11176
+ if (transaction?.messageBytes != null) {
11177
+ return {
11178
+ parsed: base64urlEncode(transaction.messageBytes),
11179
+ originalFormat: "@solana/kit"
11180
+ };
11181
+ }
11182
+ if (typeof transaction?.serialize === "function") {
11183
+ const serialized = transaction.serialize({
11184
+ requireAllSignatures: false,
11185
+ verifySignatures: false
11186
+ });
11187
+ return {
11188
+ parsed: base64urlEncode(serialized),
11189
+ originalFormat: "@solana/web3.js"
11190
+ };
11191
+ }
11192
+ if (transaction instanceof Uint8Array) {
11193
+ return {
11194
+ parsed: base64urlEncode(transaction),
11195
+ originalFormat: "bytes"
11196
+ };
11197
+ }
11198
+ if (typeof transaction === "string") {
11199
+ try {
11200
+ const bytes = bufferExports.Buffer.from(transaction, "base64");
11201
+ return {
11202
+ parsed: base64urlEncode(new Uint8Array(bytes)),
11203
+ originalFormat: "base64"
11204
+ };
11205
+ } catch {
11206
+ throw new Error("Unsupported Solana transaction format");
11207
+ }
11208
+ }
11209
+ throw new Error("Unsupported Solana transaction format");
11210
+ }
11211
+ function parseEVMTransactionToHex(transaction) {
11212
+ if (typeof transaction === "string" && transaction.startsWith("0x")) {
11213
+ return {
11214
+ parsed: transaction,
11215
+ originalFormat: "hex"
11216
+ };
11217
+ }
11218
+ if (transaction?.serialize && typeof transaction.serialize === "function") {
11219
+ const serialized = transaction.serialize();
11220
+ const hex = serialized.startsWith("0x") ? serialized : "0x" + serialized;
11221
+ return {
11222
+ parsed: hex,
11223
+ originalFormat: "ethers"
11224
+ };
11225
+ }
11226
+ if (transaction instanceof Uint8Array) {
11227
+ const hex = "0x" + bufferExports.Buffer.from(transaction).toString("hex");
11228
+ return {
11229
+ parsed: hex,
11230
+ originalFormat: "bytes"
11231
+ };
11232
+ }
11233
+ if (transaction && typeof transaction === "object" && (transaction.to || transaction.data || transaction.from)) {
11234
+ try {
11235
+ const { from, gas, ...txForSerialization } = transaction;
11236
+ if (gas) {
11237
+ txForSerialization.gasLimit = gas;
11238
+ }
11239
+ if (!txForSerialization.gasLimit) {
11240
+ if (txForSerialization.to && txForSerialization.value && !txForSerialization.data) {
11241
+ txForSerialization.gasLimit = "0x5208";
11242
+ }
11243
+ }
11244
+ if (txForSerialization.to && typeof txForSerialization.to === "string") {
11245
+ try {
11246
+ txForSerialization.to = getAddress(txForSerialization.to);
11247
+ } catch {
11248
+ txForSerialization.to = txForSerialization.to.toLowerCase();
8629
11249
  }
8630
- return result;
11250
+ }
11251
+ const serialized = Transaction.from(txForSerialization).unsignedSerialized;
11252
+ const hex = serialized.startsWith("0x") ? serialized : "0x" + serialized;
11253
+ return {
11254
+ parsed: hex,
11255
+ originalFormat: "json"
11256
+ };
11257
+ } catch (error) {
11258
+ const errorMessage = error instanceof Error ? error.message : "Unknown error";
11259
+ const txKeys = transaction ? Object.keys(transaction).join(", ") : "N/A";
11260
+ const txValues = transaction ? JSON.stringify(transaction, null, 2) : "N/A";
11261
+ throw new Error(
11262
+ `Failed to RLP encode EVM transaction: ${errorMessage}.
11263
+ Transaction keys: [${txKeys}].
11264
+ Transaction: ${txValues}
11265
+ Please ensure the transaction object includes required fields (to, value, chainId, gasLimit or gasPrice, etc.)`
11266
+ );
11267
+ }
11268
+ }
11269
+ throw new Error(
11270
+ "Unsupported EVM transaction format. Expected hex string, bytes, or transaction object with 'to', 'data', or 'from' fields."
11271
+ );
11272
+ }
11273
+ async function parseSuiTransactionToBase64Url(transaction) {
11274
+ if (transaction?.serialize && typeof transaction.serialize === "function") {
11275
+ const serialized = transaction.serialize();
11276
+ return {
11277
+ parsed: base64urlEncode(serialized),
11278
+ originalFormat: "sui-sdk"
11279
+ };
11280
+ }
11281
+ if (transaction instanceof Uint8Array) {
11282
+ return {
11283
+ parsed: base64urlEncode(transaction),
11284
+ originalFormat: "bytes"
11285
+ };
11286
+ }
11287
+ if (transaction?.build && typeof transaction.build === "function") {
11288
+ const built = await transaction.build();
11289
+ if (built?.serialize && typeof built.serialize === "function") {
11290
+ const serialized = built.serialize();
11291
+ return {
11292
+ parsed: base64urlEncode(serialized),
11293
+ originalFormat: "transaction-block"
11294
+ };
8631
11295
  }
11296
+ }
11297
+ throw new Error("Unsupported Sui transaction format");
11298
+ }
11299
+ function parseBitcoinTransactionToBase64Url(transaction) {
11300
+ if (transaction?.toBuffer && typeof transaction.toBuffer === "function") {
11301
+ const buffer = transaction.toBuffer();
11302
+ return {
11303
+ parsed: base64urlEncode(new Uint8Array(buffer)),
11304
+ originalFormat: "bitcoinjs-lib"
11305
+ };
11306
+ }
11307
+ if (transaction instanceof Uint8Array) {
11308
+ return {
11309
+ parsed: base64urlEncode(transaction),
11310
+ originalFormat: "bytes"
11311
+ };
11312
+ }
11313
+ if (typeof transaction === "string") {
11314
+ const bytes = new Uint8Array(bufferExports.Buffer.from(transaction, "hex"));
11315
+ return {
11316
+ parsed: base64urlEncode(bytes),
11317
+ originalFormat: "hex"
11318
+ };
11319
+ }
11320
+ throw new Error("Unsupported Bitcoin transaction format");
8632
11321
  }
8633
11322
 
8634
- // src/index.ts
8635
- function parseSignMessageResponse(base64Response, networkId) {
8636
- const networkPrefix = networkId.split(":")[0].toLowerCase();
8637
- switch (networkPrefix) {
8638
- case "solana":
8639
- return parseSolanaSignatureResponse(base64Response);
8640
- case "eip155":
8641
- case "ethereum":
8642
- return parseEVMSignatureResponse(base64Response);
8643
- case "sui":
8644
- return parseSuiSignatureResponse(base64Response);
8645
- case "bip122":
8646
- case "bitcoin":
8647
- return parseBitcoinSignatureResponse(base64Response);
8648
- default:
8649
- return {
8650
- signature: base64Response,
8651
- rawSignature: base64Response
8652
- };
8653
- }
8654
- }
8655
- function parseTransactionResponse(base64RawTransaction, networkId, hash) {
8656
- let rawTransaction = base64RawTransaction;
8657
- if (isEthereumChain(networkId)) {
8658
- try {
8659
- const txBytes = base64urlDecode(base64RawTransaction);
8660
- rawTransaction = "0x" + bufferExports.Buffer.from(txBytes).toString("hex");
8661
- } catch (error) {
8662
- rawTransaction = base64RawTransaction.startsWith("0x") ? base64RawTransaction : "0x" + base64RawTransaction;
8663
- }
8664
- }
8665
- if (hash) {
8666
- return {
8667
- hash,
8668
- rawTransaction,
8669
- blockExplorer: getExplorerUrl(networkId, "transaction", hash)
8670
- };
8671
- } else {
8672
- return {
8673
- rawTransaction
8674
- };
8675
- }
8676
- }
8677
- function parseSolanaSignatureResponse(base64Response) {
8678
- try {
8679
- const signatureBytes = base64urlDecode(base64Response);
8680
- const signature = base58.encode(signatureBytes);
8681
- return {
8682
- signature,
8683
- rawSignature: base64Response
8684
- };
8685
- } catch (error) {
8686
- return {
8687
- signature: base64Response,
8688
- rawSignature: base64Response
8689
- };
8690
- }
8691
- }
8692
- function parseEVMSignatureResponse(base64Response) {
8693
- const signatureBytes = base64urlDecode(base64Response);
8694
- const signature = "0x" + bufferExports.Buffer.from(signatureBytes).toString("hex");
8695
- return {
8696
- signature,
8697
- rawSignature: base64Response
8698
- };
8699
- }
8700
- function parseSuiSignatureResponse(base64Response) {
8701
- try {
8702
- const signatureBytes = base64urlDecode(base64Response);
8703
- const signature = bufferExports.Buffer.from(signatureBytes).toString("base64");
8704
- return {
8705
- signature,
8706
- rawSignature: base64Response
8707
- };
8708
- } catch (error) {
8709
- return {
8710
- signature: base64Response,
8711
- rawSignature: base64Response
8712
- };
8713
- }
8714
- }
8715
- function parseBitcoinSignatureResponse(base64Response) {
8716
- try {
8717
- const signatureBytes = base64urlDecode(base64Response);
8718
- const signature = bufferExports.Buffer.from(signatureBytes).toString("hex");
8719
- return {
8720
- signature,
8721
- rawSignature: base64Response
8722
- };
8723
- } catch (error) {
8724
- return {
8725
- signature: base64Response,
8726
- rawSignature: base64Response
8727
- };
8728
- }
8729
- }
8730
- function parseSolanaSignedTransaction(base64RawTransaction) {
8731
- try {
8732
- const transactionBytes = base64urlDecode(base64RawTransaction);
8733
- return deserializeSolanaTransaction(transactionBytes);
8734
- } catch (error) {
8735
- return null;
8736
- }
8737
- }
8738
- function deserializeSolanaTransaction(transactionBytes) {
8739
- try {
8740
- const transaction = Transaction$1.from(transactionBytes);
8741
- return transaction;
8742
- } catch (legacyError) {
8743
- if (legacyError instanceof Error && legacyError.message.includes("Versioned messages")) {
8744
- const versionedTransaction = VersionedTransaction.deserialize(transactionBytes);
8745
- return versionedTransaction;
8746
- }
8747
- throw legacyError;
8748
- }
8749
- }
11323
+ var eventemitter3 = {exports: {}};
11324
+
11325
+ var hasRequiredEventemitter3;
11326
+
11327
+ function requireEventemitter3 () {
11328
+ if (hasRequiredEventemitter3) return eventemitter3.exports;
11329
+ hasRequiredEventemitter3 = 1;
11330
+ (function (module) {
11331
+
11332
+ var has = Object.prototype.hasOwnProperty
11333
+ , prefix = '~';
11334
+
11335
+ /**
11336
+ * Constructor to create a storage for our `EE` objects.
11337
+ * An `Events` instance is a plain object whose properties are event names.
11338
+ *
11339
+ * @constructor
11340
+ * @private
11341
+ */
11342
+ function Events() {}
11343
+
11344
+ //
11345
+ // We try to not inherit from `Object.prototype`. In some engines creating an
11346
+ // instance in this way is faster than calling `Object.create(null)` directly.
11347
+ // If `Object.create(null)` is not supported we prefix the event names with a
11348
+ // character to make sure that the built-in object properties are not
11349
+ // overridden or used as an attack vector.
11350
+ //
11351
+ if (Object.create) {
11352
+ Events.prototype = Object.create(null);
11353
+
11354
+ //
11355
+ // This hack is needed because the `__proto__` property is still inherited in
11356
+ // some old browsers like Android 4, iPhone 5.1, Opera 11 and Safari 5.
11357
+ //
11358
+ if (!new Events().__proto__) prefix = false;
11359
+ }
11360
+
11361
+ /**
11362
+ * Representation of a single event listener.
11363
+ *
11364
+ * @param {Function} fn The listener function.
11365
+ * @param {*} context The context to invoke the listener with.
11366
+ * @param {Boolean} [once=false] Specify if the listener is a one-time listener.
11367
+ * @constructor
11368
+ * @private
11369
+ */
11370
+ function EE(fn, context, once) {
11371
+ this.fn = fn;
11372
+ this.context = context;
11373
+ this.once = once || false;
11374
+ }
11375
+
11376
+ /**
11377
+ * Add a listener for a given event.
11378
+ *
11379
+ * @param {EventEmitter} emitter Reference to the `EventEmitter` instance.
11380
+ * @param {(String|Symbol)} event The event name.
11381
+ * @param {Function} fn The listener function.
11382
+ * @param {*} context The context to invoke the listener with.
11383
+ * @param {Boolean} once Specify if the listener is a one-time listener.
11384
+ * @returns {EventEmitter}
11385
+ * @private
11386
+ */
11387
+ function addListener(emitter, event, fn, context, once) {
11388
+ if (typeof fn !== 'function') {
11389
+ throw new TypeError('The listener must be a function');
11390
+ }
11391
+
11392
+ var listener = new EE(fn, context || emitter, once)
11393
+ , evt = prefix ? prefix + event : event;
11394
+
11395
+ if (!emitter._events[evt]) emitter._events[evt] = listener, emitter._eventsCount++;
11396
+ else if (!emitter._events[evt].fn) emitter._events[evt].push(listener);
11397
+ else emitter._events[evt] = [emitter._events[evt], listener];
11398
+
11399
+ return emitter;
11400
+ }
11401
+
11402
+ /**
11403
+ * Clear event by name.
11404
+ *
11405
+ * @param {EventEmitter} emitter Reference to the `EventEmitter` instance.
11406
+ * @param {(String|Symbol)} evt The Event name.
11407
+ * @private
11408
+ */
11409
+ function clearEvent(emitter, evt) {
11410
+ if (--emitter._eventsCount === 0) emitter._events = new Events();
11411
+ else delete emitter._events[evt];
11412
+ }
11413
+
11414
+ /**
11415
+ * Minimal `EventEmitter` interface that is molded against the Node.js
11416
+ * `EventEmitter` interface.
11417
+ *
11418
+ * @constructor
11419
+ * @public
11420
+ */
11421
+ function EventEmitter() {
11422
+ this._events = new Events();
11423
+ this._eventsCount = 0;
11424
+ }
11425
+
11426
+ /**
11427
+ * Return an array listing the events for which the emitter has registered
11428
+ * listeners.
11429
+ *
11430
+ * @returns {Array}
11431
+ * @public
11432
+ */
11433
+ EventEmitter.prototype.eventNames = function eventNames() {
11434
+ var names = []
11435
+ , events
11436
+ , name;
11437
+
11438
+ if (this._eventsCount === 0) return names;
11439
+
11440
+ for (name in (events = this._events)) {
11441
+ if (has.call(events, name)) names.push(prefix ? name.slice(1) : name);
11442
+ }
11443
+
11444
+ if (Object.getOwnPropertySymbols) {
11445
+ return names.concat(Object.getOwnPropertySymbols(events));
11446
+ }
11447
+
11448
+ return names;
11449
+ };
11450
+
11451
+ /**
11452
+ * Return the listeners registered for a given event.
11453
+ *
11454
+ * @param {(String|Symbol)} event The event name.
11455
+ * @returns {Array} The registered listeners.
11456
+ * @public
11457
+ */
11458
+ EventEmitter.prototype.listeners = function listeners(event) {
11459
+ var evt = prefix ? prefix + event : event
11460
+ , handlers = this._events[evt];
11461
+
11462
+ if (!handlers) return [];
11463
+ if (handlers.fn) return [handlers.fn];
11464
+
11465
+ for (var i = 0, l = handlers.length, ee = new Array(l); i < l; i++) {
11466
+ ee[i] = handlers[i].fn;
11467
+ }
11468
+
11469
+ return ee;
11470
+ };
11471
+
11472
+ /**
11473
+ * Return the number of listeners listening to a given event.
11474
+ *
11475
+ * @param {(String|Symbol)} event The event name.
11476
+ * @returns {Number} The number of listeners.
11477
+ * @public
11478
+ */
11479
+ EventEmitter.prototype.listenerCount = function listenerCount(event) {
11480
+ var evt = prefix ? prefix + event : event
11481
+ , listeners = this._events[evt];
11482
+
11483
+ if (!listeners) return 0;
11484
+ if (listeners.fn) return 1;
11485
+ return listeners.length;
11486
+ };
11487
+
11488
+ /**
11489
+ * Calls each of the listeners registered for a given event.
11490
+ *
11491
+ * @param {(String|Symbol)} event The event name.
11492
+ * @returns {Boolean} `true` if the event had listeners, else `false`.
11493
+ * @public
11494
+ */
11495
+ EventEmitter.prototype.emit = function emit(event, a1, a2, a3, a4, a5) {
11496
+ var evt = prefix ? prefix + event : event;
11497
+
11498
+ if (!this._events[evt]) return false;
11499
+
11500
+ var listeners = this._events[evt]
11501
+ , len = arguments.length
11502
+ , args
11503
+ , i;
11504
+
11505
+ if (listeners.fn) {
11506
+ if (listeners.once) this.removeListener(event, listeners.fn, undefined, true);
11507
+
11508
+ switch (len) {
11509
+ case 1: return listeners.fn.call(listeners.context), true;
11510
+ case 2: return listeners.fn.call(listeners.context, a1), true;
11511
+ case 3: return listeners.fn.call(listeners.context, a1, a2), true;
11512
+ case 4: return listeners.fn.call(listeners.context, a1, a2, a3), true;
11513
+ case 5: return listeners.fn.call(listeners.context, a1, a2, a3, a4), true;
11514
+ case 6: return listeners.fn.call(listeners.context, a1, a2, a3, a4, a5), true;
11515
+ }
11516
+
11517
+ for (i = 1, args = new Array(len -1); i < len; i++) {
11518
+ args[i - 1] = arguments[i];
11519
+ }
11520
+
11521
+ listeners.fn.apply(listeners.context, args);
11522
+ } else {
11523
+ var length = listeners.length
11524
+ , j;
11525
+
11526
+ for (i = 0; i < length; i++) {
11527
+ if (listeners[i].once) this.removeListener(event, listeners[i].fn, undefined, true);
11528
+
11529
+ switch (len) {
11530
+ case 1: listeners[i].fn.call(listeners[i].context); break;
11531
+ case 2: listeners[i].fn.call(listeners[i].context, a1); break;
11532
+ case 3: listeners[i].fn.call(listeners[i].context, a1, a2); break;
11533
+ case 4: listeners[i].fn.call(listeners[i].context, a1, a2, a3); break;
11534
+ default:
11535
+ if (!args) for (j = 1, args = new Array(len -1); j < len; j++) {
11536
+ args[j - 1] = arguments[j];
11537
+ }
11538
+
11539
+ listeners[i].fn.apply(listeners[i].context, args);
11540
+ }
11541
+ }
11542
+ }
11543
+
11544
+ return true;
11545
+ };
11546
+
11547
+ /**
11548
+ * Add a listener for a given event.
11549
+ *
11550
+ * @param {(String|Symbol)} event The event name.
11551
+ * @param {Function} fn The listener function.
11552
+ * @param {*} [context=this] The context to invoke the listener with.
11553
+ * @returns {EventEmitter} `this`.
11554
+ * @public
11555
+ */
11556
+ EventEmitter.prototype.on = function on(event, fn, context) {
11557
+ return addListener(this, event, fn, context, false);
11558
+ };
11559
+
11560
+ /**
11561
+ * Add a one-time listener for a given event.
11562
+ *
11563
+ * @param {(String|Symbol)} event The event name.
11564
+ * @param {Function} fn The listener function.
11565
+ * @param {*} [context=this] The context to invoke the listener with.
11566
+ * @returns {EventEmitter} `this`.
11567
+ * @public
11568
+ */
11569
+ EventEmitter.prototype.once = function once(event, fn, context) {
11570
+ return addListener(this, event, fn, context, true);
11571
+ };
11572
+
11573
+ /**
11574
+ * Remove the listeners of a given event.
11575
+ *
11576
+ * @param {(String|Symbol)} event The event name.
11577
+ * @param {Function} fn Only remove the listeners that match this function.
11578
+ * @param {*} context Only remove the listeners that have this context.
11579
+ * @param {Boolean} once Only remove one-time listeners.
11580
+ * @returns {EventEmitter} `this`.
11581
+ * @public
11582
+ */
11583
+ EventEmitter.prototype.removeListener = function removeListener(event, fn, context, once) {
11584
+ var evt = prefix ? prefix + event : event;
8750
11585
 
8751
- // src/index.ts
8752
- async function parseToKmsTransaction(transaction, networkId) {
8753
- const networkPrefix = networkId.split(":")[0].toLowerCase();
8754
- switch (networkPrefix) {
8755
- case "solana":
8756
- return parseSolanaTransactionToBase64Url(transaction);
8757
- case "ethereum":
8758
- case "eip155":
8759
- case "polygon":
8760
- case "optimism":
8761
- case "arbitrum":
8762
- case "base":
8763
- return parseEVMTransactionToHex(transaction);
8764
- case "sui":
8765
- return await parseSuiTransactionToBase64Url(transaction);
8766
- case "bitcoin":
8767
- return parseBitcoinTransactionToBase64Url(transaction);
8768
- default:
8769
- throw new Error(`Unsupported network: ${networkPrefix}`);
8770
- }
8771
- }
8772
- function parseSolanaTransactionToBase64Url(transaction) {
8773
- if (transaction?.messageBytes != null) {
8774
- return {
8775
- parsed: base64urlEncode(transaction.messageBytes),
8776
- originalFormat: "@solana/kit"
8777
- };
8778
- }
8779
- if (typeof transaction?.serialize === "function") {
8780
- const serialized = transaction.serialize({
8781
- requireAllSignatures: false,
8782
- verifySignatures: false
8783
- });
8784
- return {
8785
- parsed: base64urlEncode(serialized),
8786
- originalFormat: "@solana/web3.js"
8787
- };
8788
- }
8789
- if (transaction instanceof Uint8Array) {
8790
- return {
8791
- parsed: base64urlEncode(transaction),
8792
- originalFormat: "bytes"
8793
- };
8794
- }
8795
- if (typeof transaction === "string") {
8796
- try {
8797
- const bytes = bufferExports.Buffer.from(transaction, "base64");
8798
- return {
8799
- parsed: base64urlEncode(new Uint8Array(bytes)),
8800
- originalFormat: "base64"
8801
- };
8802
- } catch {
8803
- throw new Error("Unsupported Solana transaction format");
8804
- }
8805
- }
8806
- throw new Error("Unsupported Solana transaction format");
8807
- }
8808
- function parseEVMTransactionToHex(transaction) {
8809
- if (typeof transaction === "string" && transaction.startsWith("0x")) {
8810
- return {
8811
- parsed: transaction,
8812
- originalFormat: "hex"
8813
- };
8814
- }
8815
- if (transaction?.serialize && typeof transaction.serialize === "function") {
8816
- const serialized = transaction.serialize();
8817
- const hex = serialized.startsWith("0x") ? serialized : "0x" + serialized;
8818
- return {
8819
- parsed: hex,
8820
- originalFormat: "ethers"
8821
- };
8822
- }
8823
- if (transaction instanceof Uint8Array) {
8824
- const hex = "0x" + bufferExports.Buffer.from(transaction).toString("hex");
8825
- return {
8826
- parsed: hex,
8827
- originalFormat: "bytes"
8828
- };
8829
- }
8830
- if (transaction && typeof transaction === "object" && (transaction.to || transaction.data || transaction.from)) {
8831
- try {
8832
- const { from, gas, ...txForSerialization } = transaction;
8833
- if (gas) {
8834
- txForSerialization.gasLimit = gas;
8835
- }
8836
- if (!txForSerialization.gasLimit) {
8837
- if (txForSerialization.to && txForSerialization.value && !txForSerialization.data) {
8838
- txForSerialization.gasLimit = "0x5208";
8839
- }
8840
- }
8841
- if (txForSerialization.to && typeof txForSerialization.to === "string") {
8842
- try {
8843
- txForSerialization.to = getAddress(txForSerialization.to);
8844
- } catch {
8845
- txForSerialization.to = txForSerialization.to.toLowerCase();
8846
- }
8847
- }
8848
- const serialized = Transaction.from(txForSerialization).unsignedSerialized;
8849
- const hex = serialized.startsWith("0x") ? serialized : "0x" + serialized;
8850
- return {
8851
- parsed: hex,
8852
- originalFormat: "json"
8853
- };
8854
- } catch (error) {
8855
- const errorMessage = error instanceof Error ? error.message : "Unknown error";
8856
- const txKeys = transaction ? Object.keys(transaction).join(", ") : "N/A";
8857
- const txValues = transaction ? JSON.stringify(transaction, null, 2) : "N/A";
8858
- throw new Error(
8859
- `Failed to RLP encode EVM transaction: ${errorMessage}.
8860
- Transaction keys: [${txKeys}].
8861
- Transaction: ${txValues}
8862
- Please ensure the transaction object includes required fields (to, value, chainId, gasLimit or gasPrice, etc.)`
8863
- );
8864
- }
8865
- }
8866
- throw new Error(
8867
- "Unsupported EVM transaction format. Expected hex string, bytes, or transaction object with 'to', 'data', or 'from' fields."
8868
- );
8869
- }
8870
- async function parseSuiTransactionToBase64Url(transaction) {
8871
- if (transaction?.serialize && typeof transaction.serialize === "function") {
8872
- const serialized = transaction.serialize();
8873
- return {
8874
- parsed: base64urlEncode(serialized),
8875
- originalFormat: "sui-sdk"
8876
- };
8877
- }
8878
- if (transaction instanceof Uint8Array) {
8879
- return {
8880
- parsed: base64urlEncode(transaction),
8881
- originalFormat: "bytes"
8882
- };
8883
- }
8884
- if (transaction?.build && typeof transaction.build === "function") {
8885
- const built = await transaction.build();
8886
- if (built?.serialize && typeof built.serialize === "function") {
8887
- const serialized = built.serialize();
8888
- return {
8889
- parsed: base64urlEncode(serialized),
8890
- originalFormat: "transaction-block"
8891
- };
8892
- }
8893
- }
8894
- throw new Error("Unsupported Sui transaction format");
8895
- }
8896
- function parseBitcoinTransactionToBase64Url(transaction) {
8897
- if (transaction?.toBuffer && typeof transaction.toBuffer === "function") {
8898
- const buffer = transaction.toBuffer();
8899
- return {
8900
- parsed: base64urlEncode(new Uint8Array(buffer)),
8901
- originalFormat: "bitcoinjs-lib"
8902
- };
8903
- }
8904
- if (transaction instanceof Uint8Array) {
8905
- return {
8906
- parsed: base64urlEncode(transaction),
8907
- originalFormat: "bytes"
8908
- };
8909
- }
8910
- if (typeof transaction === "string") {
8911
- const bytes = new Uint8Array(bufferExports.Buffer.from(transaction, "hex"));
8912
- return {
8913
- parsed: base64urlEncode(bytes),
8914
- originalFormat: "hex"
8915
- };
8916
- }
8917
- throw new Error("Unsupported Bitcoin transaction format");
11586
+ if (!this._events[evt]) return this;
11587
+ if (!fn) {
11588
+ clearEvent(this, evt);
11589
+ return this;
11590
+ }
11591
+
11592
+ var listeners = this._events[evt];
11593
+
11594
+ if (listeners.fn) {
11595
+ if (
11596
+ listeners.fn === fn &&
11597
+ (!once || listeners.once) &&
11598
+ (!context || listeners.context === context)
11599
+ ) {
11600
+ clearEvent(this, evt);
11601
+ }
11602
+ } else {
11603
+ for (var i = 0, events = [], length = listeners.length; i < length; i++) {
11604
+ if (
11605
+ listeners[i].fn !== fn ||
11606
+ (once && !listeners[i].once) ||
11607
+ (context && listeners[i].context !== context)
11608
+ ) {
11609
+ events.push(listeners[i]);
11610
+ }
11611
+ }
11612
+
11613
+ //
11614
+ // Reset the array, or remove it completely if we have no more listeners.
11615
+ //
11616
+ if (events.length) this._events[evt] = events.length === 1 ? events[0] : events;
11617
+ else clearEvent(this, evt);
11618
+ }
11619
+
11620
+ return this;
11621
+ };
11622
+
11623
+ /**
11624
+ * Remove all listeners, or those of the specified event.
11625
+ *
11626
+ * @param {(String|Symbol)} [event] The event name.
11627
+ * @returns {EventEmitter} `this`.
11628
+ * @public
11629
+ */
11630
+ EventEmitter.prototype.removeAllListeners = function removeAllListeners(event) {
11631
+ var evt;
11632
+
11633
+ if (event) {
11634
+ evt = prefix ? prefix + event : event;
11635
+ if (this._events[evt]) clearEvent(this, evt);
11636
+ } else {
11637
+ this._events = new Events();
11638
+ this._eventsCount = 0;
11639
+ }
11640
+
11641
+ return this;
11642
+ };
11643
+
11644
+ //
11645
+ // Alias methods names because people roll like that.
11646
+ //
11647
+ EventEmitter.prototype.off = EventEmitter.prototype.removeListener;
11648
+ EventEmitter.prototype.addListener = EventEmitter.prototype.on;
11649
+
11650
+ //
11651
+ // Expose the prefix.
11652
+ //
11653
+ EventEmitter.prefixed = prefix;
11654
+
11655
+ //
11656
+ // Allow `EventEmitter` to be imported as module namespace.
11657
+ //
11658
+ EventEmitter.EventEmitter = EventEmitter;
11659
+
11660
+ //
11661
+ // Expose the module.
11662
+ //
11663
+ {
11664
+ module.exports = EventEmitter;
11665
+ }
11666
+ } (eventemitter3));
11667
+ return eventemitter3.exports;
8918
11668
  }
8919
11669
 
11670
+ var eventemitter3Exports = requireEventemitter3();
11671
+ var EventEmitter2 = /*@__PURE__*/getDefaultExportFromCjs(eventemitter3Exports);
11672
+
8920
11673
  // src/embedded-provider.ts
8921
11674
 
8922
11675
  // src/constants.ts
@@ -8928,7 +11681,7 @@ var EmbeddedSolanaChain = class {
8928
11681
  this.currentNetworkId = NetworkId.SOLANA_MAINNET;
8929
11682
  this._connected = false;
8930
11683
  this._publicKey = null;
8931
- this.eventEmitter = new EventEmitter3();
11684
+ this.eventEmitter = new EventEmitter2();
8932
11685
  this.setupEventListeners();
8933
11686
  this.syncInitialState();
8934
11687
  }
@@ -9058,7 +11811,7 @@ var EmbeddedEthereumChain = class {
9058
11811
  this.currentNetworkId = NetworkId.ETHEREUM_MAINNET;
9059
11812
  this._connected = false;
9060
11813
  this._accounts = [];
9061
- this.eventEmitter = new EventEmitter3();
11814
+ this.eventEmitter = new EventEmitter2();
9062
11815
  this.setupEventListeners();
9063
11816
  this.syncInitialState();
9064
11817
  }
@@ -15737,4 +18490,4 @@ function ConnectBox({ maxWidth = "350px", transparent = false, appIcon, appName
15737
18490
  }
15738
18491
 
15739
18492
  export { DerivationInfoAddressFormatEnum as AddressType, ConnectBox, ConnectButton, DebugLevel, NetworkId, PhantomProvider, darkTheme, debug, isMobileDevice, lightTheme, mergeTheme, useAccounts, useAutoConfirm, useConnect, useDisconnect, useDiscoveredWallets, useEthereum, useIsExtensionInstalled, useIsPhantomLoginAvailable, useModal, usePhantom, useSolana, useTheme };
15740
- //# sourceMappingURL=index-dqqR5q7b.esm.js.map
18493
+ //# sourceMappingURL=index-DofM-ue2.esm.js.map