circle-ir 3.55.0 → 3.56.0

package/dist/analysis/passes/weak-crypto-pass.d.ts

@@ -27,6 +27,12 @@
  *       `Crypto.Cipher.Blowfish.new(...)` (pycryptodome / pycrypto)
  *     - `cryptography.hazmat.primitives.ciphers.algorithms.{TripleDES,Blowfish,ARC4,IDEA,SEED,CAST5}`
  *     - `AES.new(key, AES.MODE_ECB)` — ECB mode argument
+ *     - `modes.ECB()` (cryptography.hazmat) — issue #87
+ *     - `AES.new(b"literal", …)` / `algorithms.AES(b"literal")` — hardcoded
+ *       symmetric key (CWE-321, issue #87). Detected for both inline byte
+ *       literals and variables resolved via constant propagation.
+ *     - `rsa.generate_private_key(key_size=<2048)` — weak RSA key size
+ *       (CWE-326, issue #87)
  *   JavaScript / TypeScript:
  *     - `crypto.createCipher(...)` (deprecated; always weak)
  *     - `crypto.createCipheriv("des-..."|"rc4"|"bf-..."|"des-ede"|".*-ecb")`
@@ -34,6 +40,10 @@
  *     - `des.NewCipher(...)` / `des.NewTripleDESCipher(...)` / `rc4.NewCipher(...)`
  *       (from `crypto/des` and `crypto/rc4`)
  *     - `cipher.NewECBEncrypter(...)` (custom ECB wrappers — best-effort)
+ *     - `aes.NewCipher([]byte("literal"))` — hardcoded symmetric key
+ *       (CWE-321, issue #87)
+ *     - `rsa.GenerateKey(rand.Reader, <2048)` — weak RSA key size
+ *       (CWE-326, issue #87)
  *
  * Aligned with: gosec G401/G405, Bandit B304/B305/B306, OWASP Benchmark `crypto` category.
  */

package/dist/analysis/passes/weak-crypto-pass.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"weak-crypto-pass.d.ts","sourceRoot":"","sources":["../../../src/analysis/passes/weak-crypto-pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAkI9E,MAAM,MAAM,eAAe,GACvB,aAAa,GACb,UAAU,GACV,gBAAgB,GAChB,WAAW,GACX,eAAe,GACf,cAAc,CAAC;AAYnB,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,KAAK,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,eAAe,CAAC;QACvB,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC,CAAC;CACJ;AAED,qBAAa,cAAe,YAAW,YAAY,CAAC,gBAAgB,CAAC;IACnE,QAAQ,CAAC,IAAI,iBAAiB;IAC9B,QAAQ,CAAC,QAAQ,EAAG,UAAU,CAAU;IAExC,GAAG,CAAC,GAAG,EAAE,WAAW,GAAG,gBAAgB;IAgCvC,OAAO,CAAC,YAAY;IA0CpB,OAAO,CAAC,QAAQ;IA2BhB,OAAO,CAAC,MAAM;CAqJf"}
+{"version":3,"file":"weak-crypto-pass.d.ts","sourceRoot":"","sources":["../../../src/analysis/passes/weak-crypto-pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgDG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AA0T9E,MAAM,MAAM,eAAe,GACvB,aAAa,GACb,UAAU,GACV,gBAAgB,GAChB,WAAW,GACX,eAAe,GACf,cAAc,CAAC;AAYnB,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,KAAK,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,eAAe,CAAC;QACvB,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC,CAAC;CACJ;AAED,qBAAa,cAAe,YAAW,YAAY,CAAC,gBAAgB,CAAC;IACnE,QAAQ,CAAC,IAAI,iBAAiB;IAC9B,QAAQ,CAAC,QAAQ,EAAG,UAAU,CAAU;IAExC,GAAG,CAAC,GAAG,EAAE,WAAW,GAAG,gBAAgB;IA+CvC,OAAO,CAAC,YAAY;IA0CpB,OAAO,CAAC,QAAQ;IA2BhB,OAAO,CAAC,MAAM;CA4Nf"}

package/dist/analysis/passes/weak-crypto-pass.js

@@ -27,6 +27,12 @@
  *       `Crypto.Cipher.Blowfish.new(...)` (pycryptodome / pycrypto)
  *     - `cryptography.hazmat.primitives.ciphers.algorithms.{TripleDES,Blowfish,ARC4,IDEA,SEED,CAST5}`
  *     - `AES.new(key, AES.MODE_ECB)` — ECB mode argument
+ *     - `modes.ECB()` (cryptography.hazmat) — issue #87
+ *     - `AES.new(b"literal", …)` / `algorithms.AES(b"literal")` — hardcoded
+ *       symmetric key (CWE-321, issue #87). Detected for both inline byte
+ *       literals and variables resolved via constant propagation.
+ *     - `rsa.generate_private_key(key_size=<2048)` — weak RSA key size
+ *       (CWE-326, issue #87)
  *   JavaScript / TypeScript:
  *     - `crypto.createCipher(...)` (deprecated; always weak)
  *     - `crypto.createCipheriv("des-..."|"rc4"|"bf-..."|"des-ede"|".*-ecb")`
@@ -34,6 +40,10 @@
  *     - `des.NewCipher(...)` / `des.NewTripleDESCipher(...)` / `rc4.NewCipher(...)`
  *       (from `crypto/des` and `crypto/rc4`)
  *     - `cipher.NewECBEncrypter(...)` (custom ECB wrappers — best-effort)
+ *     - `aes.NewCipher([]byte("literal"))` — hardcoded symmetric key
+ *       (CWE-321, issue #87)
+ *     - `rsa.GenerateKey(rand.Reader, <2048)` — weak RSA key size
+ *       (CWE-326, issue #87)
  *
  * Aligned with: gosec G401/G405, Bandit B304/B305/B306, OWASP Benchmark `crypto` category.
  */
@@ -163,6 +173,183 @@ function detectHardcodedKeyJava(call) {
         return `literal string`;
     return null;
 }
+/**
+ * Detect a hardcoded symmetric key passed as the first positional argument
+ * of a Python cipher constructor (`AES.new`, `DES.new`, `algorithms.AES(…)`,
+ * etc.).
+ *
+ * Patterns flagged (returns a human-readable detail string):
+ *   - inline bytes literal `b"…"` / `b'…'`
+ *   - inline string literal `"…"` / `'…'` (legacy pycrypto style)
+ *   - variable resolved by constant propagation to a string/bytes constant
+ *
+ * Returns null when the key argument is a runtime value (function call,
+ * env-var lookup, parameter, etc.).
+ */
+function detectHardcodedKeyPython(call, constProp, literalBindings) {
+    const arg = call.arguments.find((a) => a.position === 0);
+    if (!arg)
+        return null;
+    // Prefer `expression` over `literal` — the Python plugin's `literal`
+    // field strips the trailing quote on bytes literals, breaking the
+    // `^b"…"$` regex.
+    const expr = (arg.expression ?? arg.literal ?? '').trim();
+    if (!expr)
+        return null;
+    // Inline bytes literal: b"…" / b'…' / rb"…" / br"…"
+    if (/^[bB][rR]?["'][^"']*["']$/.test(expr) || /^[rR][bB]["'][^"']*["']$/.test(expr)) {
+        return `literal bytes ${expr.slice(0, 24)}${expr.length > 24 ? '…' : ''}`;
+    }
+    // Inline plain string literal: "…" / '…'
+    if (/^["'][^"']*["']$/.test(expr)) {
+        return `literal string ${expr.slice(0, 24)}${expr.length > 24 ? '…' : ''}`;
+    }
+    // Variable resolved by constant propagation (Java symbol table).
+    if (arg.variable && constProp) {
+        const sym = constProp.symbols.get(arg.variable);
+        if (sym && sym.type === 'string' && typeof sym.value === 'string') {
+            return `constant-propagated bytes from \`${arg.variable}\``;
+        }
+    }
+    // Variable bound to a literal RHS earlier in the file (regex scan
+    // fallback for languages whose const-prop pass does not yet track
+    // string/bytes assignments).
+    if (arg.variable) {
+        const lit = literalBindings.get(arg.variable);
+        if (lit) {
+            return `literal-bound ${arg.variable} = ${lit.slice(0, 24)}${lit.length > 24 ? '…' : ''}`;
+        }
+    }
+    return null;
+}
+/**
+ * Detect a hardcoded symmetric key passed as the first positional argument
+ * of a Go cipher constructor (`aes.NewCipher`, `des.NewCipher`, etc.).
+ *
+ * Patterns flagged:
+ *   - inline `[]byte("literal")` conversion
+ *   - inline `[]byte{0x00, 0x01, …}` composite literal
+ *   - variable resolved by constant propagation to a string constant
+ *
+ * Returns null when the key argument is a runtime value.
+ */
+function detectHardcodedKeyGo(call, constProp, literalBindings) {
+    const arg = call.arguments.find((a) => a.position === 0);
+    if (!arg)
+        return null;
+    const expr = (arg.literal ?? arg.expression ?? '').trim();
+    if (!expr)
+        return null;
+    // []byte("literal") / []byte(`literal`)
+    if (/^\[\s*\]\s*byte\s*\(\s*["'`][^"'`]*["'`]\s*\)$/.test(expr)) {
+        return `literal []byte("…")`;
+    }
+    // []byte{0x00, 0x01, …}
+    if (/^\[\s*\]\s*byte\s*\{[^}]*\}$/.test(expr)) {
+        return `literal []byte{…} composite`;
+    }
+    // Variable resolved by constant propagation.
+    if (arg.variable && constProp) {
+        const sym = constProp.symbols.get(arg.variable);
+        if (sym && sym.type === 'string' && typeof sym.value === 'string') {
+            return `constant-propagated key from \`${arg.variable}\``;
+        }
+    }
+    // Regex fallback: `var key = []byte("…")` / `key := []byte("…")` /
+    // `const key = "…"` earlier in the same file.
+    if (arg.variable) {
+        const lit = literalBindings.get(arg.variable);
+        if (lit) {
+            return `literal-bound ${arg.variable} = ${lit.slice(0, 24)}${lit.length > 24 ? '…' : ''}`;
+        }
+    }
+    return null;
+}
+/**
+ * Extract a weak (< 2048) `key_size` argument from a Python
+ * `…rsa.generate_private_key(...)` call.
+ *
+ * The Python plugin renders keyword arguments as `name=value` in
+ * `argument.expression` and exposes the numeric RHS in `argument.literal`,
+ * so we scan every positional and keyword argument for a `key_size=N`
+ * spelling first, then fall back to a positional `key_size` (uncommon in
+ * the cryptography API but accepted via `**kwargs`).
+ */
+function parseWeakRsaKeySizePython(call) {
+    for (const arg of call.arguments) {
+        const expr = (arg.expression ?? '').trim();
+        const lit = (arg.literal ?? '').trim();
+        const m = expr.match(/^key_size\s*=\s*(-?\d+)\s*$/);
+        if (m && m[1]) {
+            const n = parseInt(m[1], 10);
+            if (Number.isFinite(n) && n > 0 && n < 2048)
+                return n;
+            return null;
+        }
+        // Keyword arg where expression='key_size=…' but literal already isolated.
+        if (/^key_size\s*=/.test(expr) && lit) {
+            const n = parseInt(lit, 10);
+            if (Number.isFinite(n) && n > 0 && n < 2048)
+                return n;
+        }
+    }
+    return null;
+}
+/**
+ * Build a `<name> → <literal>` map by regex-scanning the file's source.
+ *
+ * Recognised forms per language (only inline literal RHSes — not function
+ * calls, attribute lookups, parameters, etc.):
+ *
+ *   Python:
+ *     `name = b"…"` / `name = b'…'`     (bytes literal)
+ *     `name = "…"` / `name = '…'`        (string literal)
+ *
+ *   Go:
+ *     `name := []byte("…")` / `var name = []byte("…")`
+ *     `name := "…"` / `const name = "…"`
+ *
+ * Used by `detectHardcodedKeyPython` / `detectHardcodedKeyGo` to recognise
+ * the common pattern `key = b"…"; AES.new(key, …)`. Returns an empty map
+ * for unsupported languages or when the source is empty.
+ */
+function scanLiteralBindings(code, language) {
+    const out = new Map();
+    if (!code)
+        return out;
+    if (language === 'python') {
+        // `name = b"…"` (preferred form) or `name = "…"` (legacy / Python 2).
+        const re = /^[ \t]*([A-Za-z_][A-Za-z0-9_]*)\s*=\s*(b[rR]?["'][^"']*["']|[rR]?b["'][^"']*["']|["'][^"']*["'])\s*(?:$|#)/gm;
+        let m;
+        while ((m = re.exec(code)) !== null) {
+            if (m[1] && m[2])
+                out.set(m[1], m[2]);
+        }
+        return out;
+    }
+    if (language === 'go') {
+        // `name := []byte("…")` / `var name = []byte("…")` / `const name = "…"` /
+        // `name := "…"`.
+        const reByte = /^[ \t]*(?:var\s+)?([A-Za-z_][A-Za-z0-9_]*)\s*(?::=|=)\s*(\[\s*\]\s*byte\s*\(\s*["'`][^"'`]*["'`]\s*\))/gm;
+        let m;
+        while ((m = reByte.exec(code)) !== null) {
+            if (m[1] && m[2])
+                out.set(m[1], m[2]);
+        }
+        const reStr = /^[ \t]*(?:var|const)\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*(["'`][^"'`]*["'`])/gm;
+        while ((m = reStr.exec(code)) !== null) {
+            if (m[1] && m[2])
+                out.set(m[1], m[2]);
+        }
+        const reShort = /^[ \t]*([A-Za-z_][A-Za-z0-9_]*)\s*:=\s*(["'`][^"'`]*["'`])/gm;
+        while ((m = reShort.exec(code)) !== null) {
+            if (m[1] && m[2])
+                out.set(m[1], m[2]);
+        }
+        return out;
+    }
+    return out;
+}
 /** Map issue kind → CWE identifier. */
 const ISSUE_CWE = {
     'weak-cipher': 'CWE-327',
@@ -176,11 +363,24 @@ export class WeakCryptoPass {
     name = 'weak-crypto';
     category = 'security';
     run(ctx) {
-        const { graph, language } = ctx;
+        const { graph, language, code } = ctx;
         const file = graph.ir.meta.file;
         const findings = [];
+        // Optional constant-propagation result — used to resolve a variable whose
+        // assigned value is a literal bytes/string (Python `key = b"…"` → AES.new).
+        const constProp = ctx.hasResult('constant-propagation')
+            ? ctx.getResult('constant-propagation')
+            : null;
+        // Lightweight per-language source scan for `<name> = <literal>`
+        // bindings. Python's constant-propagation pass does not yet track
+        // `name = b"…"` style assignments, and Go's does not track
+        // `name := []byte("…")`. We do a one-pass regex over `ctx.code` to
+        // build a `name → literal` map used by hardcoded-key detection.
+        // This is a conservative augmentation — only inline literal RHSes
+        // are recognised; runtime values stay invisible.
+        const literalBindings = scanLiteralBindings(code, language);
         for (const call of graph.ir.calls) {
-            const detections = this.detect(call, language);
+            const detections = this.detect(call, language, constProp, literalBindings);
             for (const det of detections) {
                 const line = call.location.line;
                 findings.push({ line, language, ...det });
@@ -250,7 +450,7 @@ export class WeakCryptoPass {
                     'use RSA-OAEP with ≥2048-bit keys or modern curve-based schemes.');
         }
     }
-    detect(call, language) {
+    detect(call, language, constProp, literalBindings) {
         const method = call.method_name;
         const receiver = call.receiver ?? '';
         const out = [];
@@ -326,6 +526,15 @@ export class WeakCryptoPass {
                         out.push({ issue: 'ecb-mode', detail: 'AES.MODE_ECB', api: `${receiver}.new` });
                     }
                 }
+                // Hardcoded symmetric key — issue #87 (CWE-321). First arg is a bytes
+                // literal `b"…"` either inline or via a constant-propagated variable.
+                if (lastSeg === 'aes' || lastSeg.endsWith('.aes') ||
+                    WEAK_CIPHER_BASES.has(lastSeg)) {
+                    const keyDetail = detectHardcodedKeyPython(call, constProp, literalBindings);
+                    if (keyDetail) {
+                        out.push({ issue: 'hardcoded-key', detail: keyDetail, api: `${receiver}.new` });
+                    }
+                }
             }
             // cryptography.hazmat ciphers — algorithms.TripleDES(key) / Blowfish(key) / ARC4(key) / IDEA(key) / SEED(key) / CAST5(key)
             // Receiver here is `algorithms` (or full path); method is the algo name.
@@ -336,6 +545,32 @@ export class WeakCryptoPass {
                 if (WEAK_CIPHER_BASES.has(normalized)) {
                     out.push({ issue: 'weak-cipher', detail: normalized, api: `algorithms.${method}` });
                 }
+                // algorithms.AES(b"literal") — hardcoded key (CWE-321, issue #87).
+                if (m === 'aes') {
+                    const keyDetail = detectHardcodedKeyPython(call, constProp, literalBindings);
+                    if (keyDetail) {
+                        out.push({ issue: 'hardcoded-key', detail: keyDetail, api: `algorithms.${method}` });
+                    }
+                }
+            }
+            // cryptography.hazmat modes — modes.ECB() — issue #87 (CWE-327).
+            // Receiver is `modes` (or full path ending in `.modes`); method is `ECB`.
+            if (method === 'ECB' && (receiver === 'modes' || receiver.endsWith('.modes'))) {
+                out.push({ issue: 'ecb-mode', detail: 'modes.ECB()', api: `${receiver}.ECB` });
+            }
+            // cryptography.hazmat asymmetric — rsa.generate_private_key(key_size=N)
+            // / dsa.generate_private_key(key_size=N) — issue #87 (CWE-326).
+            if (method === 'generate_private_key' &&
+                (receiver === 'rsa' || receiver === 'dsa' ||
+                    receiver.endsWith('.rsa') || receiver.endsWith('.dsa'))) {
+                const n = parseWeakRsaKeySizePython(call);
+                if (n !== null) {
+                    out.push({
+                        issue: 'weak-rsa-key',
+                        detail: String(n),
+                        api: `${receiver}.generate_private_key`,
+                    });
+                }
             }
             return out;
         }
@@ -384,6 +619,31 @@ export class WeakCryptoPass {
             if ((method === 'NewECBEncrypter' || method === 'NewECBDecrypter') && receiver === 'cipher') {
                 out.push({ issue: 'ecb-mode', detail: method, api: `cipher.${method}` });
             }
+            // aes.NewCipher / des.NewCipher / des.NewTripleDESCipher hardcoded key —
+            // issue #87 (CWE-321). First arg is `[]byte("literal")` or a variable
+            // assigned from such a literal.
+            if ((receiver === 'aes' && method === 'NewCipher') ||
+                (receiver === 'des' && (method === 'NewCipher' || method === 'NewTripleDESCipher')) ||
+                (receiver === 'rc4' && method === 'NewCipher')) {
+                const keyDetail = detectHardcodedKeyGo(call, constProp, literalBindings);
+                if (keyDetail) {
+                    out.push({ issue: 'hardcoded-key', detail: keyDetail, api: `${receiver}.${method}` });
+                }
+            }
+            // crypto/rsa: rsa.GenerateKey(rand.Reader, bits) — issue #87 (CWE-326).
+            // Second positional arg is the key size in bits.
+            if (receiver === 'rsa' && method === 'GenerateKey') {
+                const bitsArg = call.arguments.find((a) => a.position === 1);
+                const expr = (bitsArg?.literal ?? bitsArg?.expression ?? '').trim();
+                const n = parseInt(expr, 10);
+                if (Number.isFinite(n) && n > 0 && n < 2048) {
+                    out.push({
+                        issue: 'weak-rsa-key',
+                        detail: String(n),
+                        api: 'rsa.GenerateKey',
+                    });
+                }
+            }
             return out;
         }
         return out;

package/dist/analysis/passes/weak-crypto-pass.js.map

@@ -1 +1 @@
-{"version":3,"file":"weak-crypto-pass.js","sourceRoot":"","sources":["../../../src/analysis/passes/weak-crypto-pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAKH,2DAA2D;AAC3D,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW;IACpC,KAAK,EAAE,KAAK,EAAE,MAAM;IACpB,UAAU,EAAE,IAAI;IAChB,MAAM,EAAE,MAAM,EAAE,OAAO;CACxB,CAAC,CAAC;AAEH,kFAAkF;AAClF,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IACjE,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAyC,EAAE,CAAC;IACxD,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC;IACxD,IAAI,IAAI,KAAK,KAAK;QAAE,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;IACtC,4FAA4F;IAC5F,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,KAAK;QAAE,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;IAC5D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACnB,IACE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EACtC,CAAC;QACD,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,WAAW,CAAC,IAAc,EAAE,QAAgB;IACnD,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAChE,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;IAChD,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO,OAAO,IAAI,IAAI,CAAC;AACzB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,kBAAkB,CAAC,IAAc;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,4EAA4E;IAC5E,sEAAsE;IACtE,yEAAyE;IACzE,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,OAAO,eAAe,IAAI,EAAE,CAAC;IAC/B,CAAC;IAED,0DAA0D;IAC1D,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACvD,OAAO,4BAA4B,CAAC;IACtC,CAAC;IAED,uEAAuE;IACvE,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,OAAO,4BAA4B,CAAC;IACtC,CAAC;IAED,4EAA4E;IAC5E,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;GAWG;AACH;;;;;;;;;GASG;AACH,SAAS,UAAU,CAAC,IAAc,EAAE,SAAiB;IACnD,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAC9C,IAAI,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAc;IAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,4BAA4B,CAAC;IAC9E,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,4BAA4B,CAAC;IAC5F,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,gBAAgB,CAAC;IAEpD,OAAO,IAAI,CAAC;AACd,CAAC;AAUD,uCAAuC;AACvC,MAAM,SAAS,GAAoC;IACjD,aAAa,EAAE,SAAS;IACxB,UAAU,EAAE,SAAS;IACrB,gBAAgB,EAAE,SAAS;IAC3B,WAAW,EAAE,SAAS;IACtB,eAAe,EAAE,SAAS;IAC1B,cAAc,EAAE,SAAS;CAC1B,CAAC;AAYF,MAAM,OAAO,cAAc;IAChB,IAAI,GAAG,aAAa,CAAC;IACrB,QAAQ,GAAG,UAAmB,CAAC;IAExC,GAAG,CAAC,GAAgB;QAClB,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC;QAChC,MAAM,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;QAChC,MAAM,QAAQ,GAAiC,EAAE,CAAC;QAElD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC/C,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAChC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC;gBAE1C,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;gBACvC,GAAG,CAAC,UAAU,CAAC;oBACb,EAAE,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,IAAI,CAAC,IAAI;oBAClB,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC;oBACzB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,OAAO;oBACd,OAAO;oBACP,IAAI;oBACJ,IAAI;oBACJ,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;oBAC7B,QAAQ,EAAE,EAAE,GAAG,GAAG,EAAE,QAAQ,EAAE;iBAC/B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,CAAC;IACtB,CAAC;IAEO,YAAY,CAAC,GAA4D;QAC/E,QAAQ,GAAG,CAAC,KAAK,EAAE,CAAC;YAClB,KAAK,aAAa;gBAChB,OAAO,CACL,2BAA2B,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,cAAc;oBACjE,KAAK,GAAG,CAAC,GAAG,yDAAyD;oBACrE,gDAAgD,CACjD,CAAC;YACJ,KAAK,UAAU;gBACb,OAAO,CACL,oCAAoC,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACrE,0EAA0E;oBAC1E,iCAAiC,CAClC,CAAC;YACJ,KAAK,gBAAgB;gBACnB,OAAO,CACL,2BAA2B,GAAG,CAAC,GAAG,qBAAqB,GAAG,CAAC,MAAM,OAAO;oBACxE,iEAAiE,CAClE,CAAC;YACJ,KAAK,WAAW;gBACd,OAAO,CACL,wCAAwC,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACzE,sEAAsE;oBACtE,uCAAuC,CACxC,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO,CACL,gDAAgD,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACjF,uEAAuE;oBACvE,kEAAkE,CACnE,CAAC;YACJ,KAAK,cAAc;gBACjB,OAAO,CACL,uBAAuB,GAAG,CAAC,MAAM,sBAAsB,GAAG,CAAC,GAAG,MAAM;oBACpE,iEAAiE;oBACjE,8BAA8B,CAC/B,CAAC;YACJ;gBACE,OAAO,sBAAsB,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3D,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,KAAsB;QACrC,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,WAAW;gBACd,OAAO,CACL,6DAA6D;oBAC7D,6EAA6E;oBAC7E,6DAA6D,CAC9D,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO,CACL,8DAA8D;oBAC9D,uEAAuE,CACxE,CAAC;YACJ,KAAK,cAAc;gBACjB,OAAO,CACL,kEAAkE;oBAClE,uDAAuD,CACxD,CAAC;YACJ;gBACE,OAAO,CACL,+DAA+D;oBAC/D,oEAAoE;oBACpE,iEAAiE,CAClE,CAAC;QACN,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,IAAc,EAAE,QAAgB;QAK7C,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC;QAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;QACrC,MAAM,GAAG,GAAmE,EAAE,CAAC;QAE/E,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;YACxB,0DAA0D;YAC1D,MAAM,eAAe,GACnB,MAAM,KAAK,aAAa;gBACxB,CAAC,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;oBACrD,QAAQ,KAAK,cAAc,IAAI,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;YACtE,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAClC,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;oBACvD,MAAM,GAAG,GAAG,GAAG,QAAQ,cAAc,CAAC;oBACtC,IAAI,QAAQ;wBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC;oBACxE,IAAI,GAAG;wBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,gEAAgE;YAChE,8DAA8D;YAC9D,kEAAkE;YAClE,iCAAiC;YACjC,IAAI,MAAM,KAAK,iBAAiB,IAAI,UAAU,CAAC,IAAI,EAAE,iBAAiB,CAAC,EAAE,CAAC;gBACxE,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1C,IAAI,QAAQ,EAAE,CAAC;oBACb,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;YAED,mFAAmF;YACnF,IAAI,MAAM,KAAK,eAAe,IAAI,UAAU,CAAC,IAAI,EAAE,eAAe,CAAC,EAAE,CAAC;gBACpE,MAAM,SAAS,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;gBAC/C,IAAI,SAAS,EAAE,CAAC;oBACd,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,mBAAmB,EAAE,CAAC,CAAC;gBACpF,CAAC;YACH,CAAC;YAED,gEAAgE;YAChE,yEAAyE;YACzE,6EAA6E;YAC7E,IAAI,MAAM,KAAK,YAAY,EAAE,CAAC;gBAC5B,MAAM,KAAK,GACT,IAAI,CAAC,aAAa,KAAK,kBAAkB;oBACzC,CAAC,IAAI,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;gBAC/D,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;oBAC7D,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;oBACpE,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC7B,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;wBAC5C,GAAG,CAAC,IAAI,CAAC;4BACP,KAAK,EAAE,cAAc;4BACrB,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;4BACjB,GAAG,EAAE,6BAA6B;yBACnC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC1B,iEAAiE;YACjE,iFAAiF;YACjF,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACxC,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,QAAQ,CAAC;gBACtD,IAAI,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;gBAC9E,CAAC;gBACD,iDAAiD;gBACjD,IAAI,OAAO,KAAK,KAAK,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;oBAC1D,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;oBACjD,IAAI,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;oBAClF,CAAC;gBACH,CAAC;YACH,CAAC;YACD,2HAA2H;YAC3H,yEAAyE;YACzE,MAAM,aAAa,GAAG,QAAQ,KAAK,YAAY,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;YACpF,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;gBAC/B,MAAM,UAAU,GAAG,CAAC,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;oBACtC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,cAAc,MAAM,EAAE,EAAE,CAAC,CAAC;gBACtF,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,YAAY,EAAE,CAAC;YAC3D,8DAA8D;YAC9D,IAAI,MAAM,KAAK,cAAc,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,WAAW,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC,CAAC;YAClF,CAAC;YACD,uDAAuD;YACvD,IAAI,MAAM,KAAK,gBAAgB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACzD,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAClC,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjC,kEAAkE;oBAClE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBACrC,IAAI,cAAc,GAAG,IAAI,CAAC;oBAC1B,IAAI,IAAI,KAAK,IAAI;wBAAE,cAAc,GAAG,UAAU,CAAC;oBAC/C,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,UAAU,IAAI,IAAI,KAAK,MAAM;wBAAE,cAAc,GAAG,MAAM,CAAC;oBACzF,IAAI,iBAAiB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;wBAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,uBAAuB,EAAE,CAAC,CAAC;oBAC3F,CAAC;oBACD,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;wBACnB,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,uBAAuB,EAAE,CAAC,CAAC;oBAC/E,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,qDAAqD;YACrD,IAAI,QAAQ,KAAK,KAAK,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,KAAK,oBAAoB,CAAC,EAAE,CAAC;gBACtF,MAAM,IAAI,GAAG,MAAM,KAAK,oBAAoB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;gBAC9D,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,MAAM,EAAE,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,4BAA4B;YAC5B,IAAI,QAAQ,KAAK,KAAK,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,CAAC;YAC1E,CAAC;YACD,+EAA+E;YAC/E,qEAAqE;YACrE,IAAI,CAAC,MAAM,KAAK,iBAAiB,IAAI,MAAM,KAAK,iBAAiB,CAAC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC5F,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,MAAM,EAAE,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF"}
+{"version":3,"file":"weak-crypto-pass.js","sourceRoot":"","sources":["../../../src/analysis/passes/weak-crypto-pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgDG;AAMH,2DAA2D;AAC3D,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW;IACpC,KAAK,EAAE,KAAK,EAAE,MAAM;IACpB,UAAU,EAAE,IAAI;IAChB,MAAM,EAAE,MAAM,EAAE,OAAO;CACxB,CAAC,CAAC;AAEH,kFAAkF;AAClF,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IACjE,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAC5B,MAAM,MAAM,GAAyC,EAAE,CAAC;IACxD,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC;IACxD,IAAI,IAAI,KAAK,KAAK;QAAE,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;IACtC,4FAA4F;IAC5F,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,KAAK;QAAE,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;IAC5D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACnB,IACE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EACtC,CAAC;QACD,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,WAAW,CAAC,IAAc,EAAE,QAAgB;IACnD,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAChE,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;IAChD,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IACjC,OAAO,OAAO,IAAI,IAAI,CAAC;AACzB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,kBAAkB,CAAC,IAAc;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,4EAA4E;IAC5E,sEAAsE;IACtE,yEAAyE;IACzE,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,OAAO,eAAe,IAAI,EAAE,CAAC;IAC/B,CAAC;IAED,0DAA0D;IAC1D,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACvD,OAAO,4BAA4B,CAAC;IACtC,CAAC;IAED,uEAAuE;IACvE,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,OAAO,4BAA4B,CAAC;IACtC,CAAC;IAED,4EAA4E;IAC5E,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;GAWG;AACH;;;;;;;;;GASG;AACH,SAAS,UAAU,CAAC,IAAc,EAAE,SAAiB;IACnD,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAC9C,IAAI,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,GAAG,GAAG,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1E,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAc;IAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,4BAA4B,CAAC;IAC9E,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,4BAA4B,CAAC;IAC5F,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,gBAAgB,CAAC;IAEpD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAS,wBAAwB,CAC/B,IAAc,EACd,SAA0C,EAC1C,eAAoC;IAEpC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,qEAAqE;IACrE,kEAAkE;IAClE,kBAAkB;IAClB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,oDAAoD;IACpD,IAAI,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACpF,OAAO,iBAAiB,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5E,CAAC;IACD,yCAAyC;IACzC,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,OAAO,kBAAkB,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC7E,CAAC;IACD,iEAAiE;IACjE,IAAI,GAAG,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAChD,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAClE,OAAO,oCAAoC,GAAG,CAAC,QAAQ,IAAI,CAAC;QAC9D,CAAC;IACH,CAAC;IACD,kEAAkE;IAClE,kEAAkE;IAClE,6BAA6B;IAC7B,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACjB,MAAM,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,iBAAiB,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QAC5F,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,oBAAoB,CAC3B,IAAc,EACd,SAA0C,EAC1C,eAAoC;IAEpC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACzD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAC1D,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,wCAAwC;IACxC,IAAI,gDAAgD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAChE,OAAO,qBAAqB,CAAC;IAC/B,CAAC;IACD,wBAAwB;IACxB,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9C,OAAO,6BAA6B,CAAC;IACvC,CAAC;IACD,6CAA6C;IAC7C,IAAI,GAAG,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAChD,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAClE,OAAO,kCAAkC,GAAG,CAAC,QAAQ,IAAI,CAAC;QAC5D,CAAC;IACH,CAAC;IACD,mEAAmE;IACnE,8CAA8C;IAC9C,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACjB,MAAM,GAAG,GAAG,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,GAAG,EAAE,CAAC;YACR,OAAO,iBAAiB,GAAG,CAAC,QAAQ,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QAC5F,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,yBAAyB,CAAC,IAAc;IAC/C,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7B,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI;gBAAE,OAAO,CAAC,CAAC;YACtD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,0EAA0E;QAC1E,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;YACtC,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI;gBAAE,OAAO,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAS,mBAAmB,CAAC,IAAY,EAAE,QAAgB;IACzD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAkB,CAAC;IACtC,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC;IAEtB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,sEAAsE;QACtE,MAAM,EAAE,GAAG,8GAA8G,CAAC;QAC1H,IAAI,CAAyB,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACpC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtB,0EAA0E;QAC1E,iBAAiB;QACjB,MAAM,MAAM,GAAG,0GAA0G,CAAC;QAC1H,IAAI,CAAyB,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,KAAK,GAAG,6EAA6E,CAAC;QAC5F,OAAO,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,OAAO,GAAG,8DAA8D,CAAC;QAC/E,OAAO,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACzC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAUD,uCAAuC;AACvC,MAAM,SAAS,GAAoC;IACjD,aAAa,EAAE,SAAS;IACxB,UAAU,EAAE,SAAS;IACrB,gBAAgB,EAAE,SAAS;IAC3B,WAAW,EAAE,SAAS;IACtB,eAAe,EAAE,SAAS;IAC1B,cAAc,EAAE,SAAS;CAC1B,CAAC;AAYF,MAAM,OAAO,cAAc;IAChB,IAAI,GAAG,aAAa,CAAC;IACrB,QAAQ,GAAG,UAAmB,CAAC;IAExC,GAAG,CAAC,GAAgB;QAClB,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;QAChC,MAAM,QAAQ,GAAiC,EAAE,CAAC;QAElD,0EAA0E;QAC1E,4EAA4E;QAC5E,MAAM,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC,sBAAsB,CAAC;YACrD,CAAC,CAAC,GAAG,CAAC,SAAS,CAA2B,sBAAsB,CAAC;YACjE,CAAC,CAAC,IAAI,CAAC;QAET,gEAAgE;QAChE,kEAAkE;QAClE,2DAA2D;QAC3D,mEAAmE;QACnE,gEAAgE;QAChE,kEAAkE;QAClE,iDAAiD;QACjD,MAAM,eAAe,GAAG,mBAAmB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAE5D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;YAC3E,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAChC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,EAAE,CAAC,CAAC;gBAE1C,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;gBACvC,GAAG,CAAC,UAAU,CAAC;oBACb,EAAE,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE;oBAC/C,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,IAAI,CAAC,IAAI;oBAClB,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC;oBACzB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,OAAO;oBACd,OAAO;oBACP,IAAI;oBACJ,IAAI;oBACJ,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC;oBAC7B,QAAQ,EAAE,EAAE,GAAG,GAAG,EAAE,QAAQ,EAAE;iBAC/B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,CAAC;IACtB,CAAC;IAEO,YAAY,CAAC,GAA4D;QAC/E,QAAQ,GAAG,CAAC,KAAK,EAAE,CAAC;YAClB,KAAK,aAAa;gBAChB,OAAO,CACL,2BAA2B,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,cAAc;oBACjE,KAAK,GAAG,CAAC,GAAG,yDAAyD;oBACrE,gDAAgD,CACjD,CAAC;YACJ,KAAK,UAAU;gBACb,OAAO,CACL,oCAAoC,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACrE,0EAA0E;oBAC1E,iCAAiC,CAClC,CAAC;YACJ,KAAK,gBAAgB;gBACnB,OAAO,CACL,2BAA2B,GAAG,CAAC,GAAG,qBAAqB,GAAG,CAAC,MAAM,OAAO;oBACxE,iEAAiE,CAClE,CAAC;YACJ,KAAK,WAAW;gBACd,OAAO,CACL,wCAAwC,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACzE,sEAAsE;oBACtE,uCAAuC,CACxC,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO,CACL,gDAAgD,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,MAAM,OAAO;oBACjF,uEAAuE;oBACvE,kEAAkE,CACnE,CAAC;YACJ,KAAK,cAAc;gBACjB,OAAO,CACL,uBAAuB,GAAG,CAAC,MAAM,sBAAsB,GAAG,CAAC,GAAG,MAAM;oBACpE,iEAAiE;oBACjE,8BAA8B,CAC/B,CAAC;YACJ;gBACE,OAAO,sBAAsB,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC;QAC3D,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,KAAsB;QACrC,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,WAAW;gBACd,OAAO,CACL,6DAA6D;oBAC7D,6EAA6E;oBAC7E,6DAA6D,CAC9D,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO,CACL,8DAA8D;oBAC9D,uEAAuE,CACxE,CAAC;YACJ,KAAK,cAAc;gBACjB,OAAO,CACL,kEAAkE;oBAClE,uDAAuD,CACxD,CAAC;YACJ;gBACE,OAAO,CACL,+DAA+D;oBAC/D,oEAAoE;oBACpE,iEAAiE,CAClE,CAAC;QACN,CAAC;IACH,CAAC;IAEO,MAAM,CACZ,IAAc,EACd,QAAgB,EAChB,SAA0C,EAC1C,eAAoC;QAMpC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC;QAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;QACrC,MAAM,GAAG,GAAmE,EAAE,CAAC;QAE/E,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;YACxB,0DAA0D;YAC1D,MAAM,eAAe,GACnB,MAAM,KAAK,aAAa;gBACxB,CAAC,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;oBACrD,QAAQ,KAAK,cAAc,IAAI,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;YACtE,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAClC,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;oBACvD,MAAM,GAAG,GAAG,GAAG,QAAQ,cAAc,CAAC;oBACtC,IAAI,QAAQ;wBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC;oBACxE,IAAI,GAAG;wBAAE,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,gEAAgE;YAChE,8DAA8D;YAC9D,kEAAkE;YAClE,iCAAiC;YACjC,IAAI,MAAM,KAAK,iBAAiB,IAAI,UAAU,CAAC,IAAI,EAAE,iBAAiB,CAAC,EAAE,CAAC;gBACxE,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC1C,IAAI,QAAQ,EAAE,CAAC;oBACb,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;YAED,mFAAmF;YACnF,IAAI,MAAM,KAAK,eAAe,IAAI,UAAU,CAAC,IAAI,EAAE,eAAe,CAAC,EAAE,CAAC;gBACpE,MAAM,SAAS,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;gBAC/C,IAAI,SAAS,EAAE,CAAC;oBACd,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,mBAAmB,EAAE,CAAC,CAAC;gBACpF,CAAC;YACH,CAAC;YAED,gEAAgE;YAChE,yEAAyE;YACzE,6EAA6E;YAC7E,IAAI,MAAM,KAAK,YAAY,EAAE,CAAC;gBAC5B,MAAM,KAAK,GACT,IAAI,CAAC,aAAa,KAAK,kBAAkB;oBACzC,CAAC,IAAI,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;gBAC/D,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;oBAC7D,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;oBACpE,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;oBAC7B,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;wBAC5C,GAAG,CAAC,IAAI,CAAC;4BACP,KAAK,EAAE,cAAc;4BACrB,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;4BACjB,GAAG,EAAE,6BAA6B;yBACnC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC1B,iEAAiE;YACjE,iFAAiF;YACjF,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACxC,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,QAAQ,CAAC;gBACtD,IAAI,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;gBAC9E,CAAC;gBACD,iDAAiD;gBACjD,IAAI,OAAO,KAAK,KAAK,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;oBAC1D,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;oBACjD,IAAI,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAClC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;oBAClF,CAAC;gBACH,CAAC;gBACD,sEAAsE;gBACtE,sEAAsE;gBACtE,IACE,OAAO,KAAK,KAAK,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC7C,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,EAC9B,CAAC;oBACD,MAAM,SAAS,GAAG,wBAAwB,CAAC,IAAI,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;oBAC7E,IAAI,SAAS,EAAE,CAAC;wBACd,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;oBAClF,CAAC;gBACH,CAAC;YACH,CAAC;YACD,2HAA2H;YAC3H,yEAAyE;YACzE,MAAM,aAAa,GAAG,QAAQ,KAAK,YAAY,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;YACpF,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;gBAC/B,MAAM,UAAU,GAAG,CAAC,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;oBACtC,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,cAAc,MAAM,EAAE,EAAE,CAAC,CAAC;gBACtF,CAAC;gBACD,mEAAmE;gBACnE,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;oBAChB,MAAM,SAAS,GAAG,wBAAwB,CAAC,IAAI,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;oBAC7E,IAAI,SAAS,EAAE,CAAC;wBACd,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,cAAc,MAAM,EAAE,EAAE,CAAC,CAAC;oBACvF,CAAC;gBACH,CAAC;YACH,CAAC;YACD,iEAAiE;YACjE,0EAA0E;YAC1E,IAAI,MAAM,KAAK,KAAK,IAAI,CAAC,QAAQ,KAAK,OAAO,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;gBAC9E,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,EAAE,CAAC,CAAC;YACjF,CAAC;YACD,wEAAwE;YACxE,gEAAgE;YAChE,IACE,MAAM,KAAK,sBAAsB;gBACjC,CAAC,QAAQ,KAAK,KAAK,IAAI,QAAQ,KAAK,KAAK;oBACxC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EACxD,CAAC;gBACD,MAAM,CAAC,GAAG,yBAAyB,CAAC,IAAI,CAAC,CAAC;gBAC1C,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBACf,GAAG,CAAC,IAAI,CAAC;wBACP,KAAK,EAAE,cAAc;wBACrB,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;wBACjB,GAAG,EAAE,GAAG,QAAQ,uBAAuB;qBACxC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,YAAY,EAAE,CAAC;YAC3D,8DAA8D;YAC9D,IAAI,MAAM,KAAK,cAAc,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,WAAW,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gBAAgB,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC,CAAC;YAClF,CAAC;YACD,uDAAuD;YACvD,IAAI,MAAM,KAAK,gBAAgB,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACzD,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;gBAClC,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjC,kEAAkE;oBAClE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBACrC,IAAI,cAAc,GAAG,IAAI,CAAC;oBAC1B,IAAI,IAAI,KAAK,IAAI;wBAAE,cAAc,GAAG,UAAU,CAAC;oBAC/C,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,UAAU,IAAI,IAAI,KAAK,MAAM;wBAAE,cAAc,GAAG,MAAM,CAAC;oBACzF,IAAI,iBAAiB,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAC;wBAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,uBAAuB,EAAE,CAAC,CAAC;oBAC3F,CAAC;oBACD,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;wBACnB,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,uBAAuB,EAAE,CAAC,CAAC;oBAC/E,CAAC;gBACH,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,qDAAqD;YACrD,IAAI,QAAQ,KAAK,KAAK,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,KAAK,oBAAoB,CAAC,EAAE,CAAC;gBACtF,MAAM,IAAI,GAAG,MAAM,KAAK,oBAAoB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;gBAC9D,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,MAAM,EAAE,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,4BAA4B;YAC5B,IAAI,QAAQ,KAAK,KAAK,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,CAAC;YAC1E,CAAC;YACD,+EAA+E;YAC/E,qEAAqE;YACrE,IAAI,CAAC,MAAM,KAAK,iBAAiB,IAAI,MAAM,KAAK,iBAAiB,CAAC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC5F,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,MAAM,EAAE,EAAE,CAAC,CAAC;YAC3E,CAAC;YACD,yEAAyE;YACzE,sEAAsE;YACtE,gCAAgC;YAChC,IACE,CAAC,QAAQ,KAAK,KAAK,IAAI,MAAM,KAAK,WAAW,CAAC;gBAC9C,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,KAAK,oBAAoB,CAAC,CAAC;gBACnF,CAAC,QAAQ,KAAK,KAAK,IAAI,MAAM,KAAK,WAAW,CAAC,EAC9C,CAAC;gBACD,MAAM,SAAS,GAAG,oBAAoB,CAAC,IAAI,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;gBACzE,IAAI,SAAS,EAAE,CAAC;oBACd,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,GAAG,QAAQ,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;gBACxF,CAAC;YACH,CAAC;YACD,wEAAwE;YACxE,iDAAiD;YACjD,IAAI,QAAQ,KAAK,KAAK,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;gBACnD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;gBAC7D,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,IAAI,OAAO,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACpE,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBAC7B,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,CAAC;oBAC5C,GAAG,CAAC,IAAI,CAAC;wBACP,KAAK,EAAE,cAAc;wBACrB,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;wBACjB,GAAG,EAAE,iBAAiB;qBACvB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF"}

package/dist/browser/circle-ir.js

@@ -27485,6 +27485,102 @@ function detectHardcodedKeyJava(call) {
   if (/^"[^"]*"$/.test(expr)) return `literal string`;
   return null;
 }
+function detectHardcodedKeyPython(call, constProp, literalBindings) {
+  const arg = call.arguments.find((a) => a.position === 0);
+  if (!arg) return null;
+  const expr = (arg.expression ?? arg.literal ?? "").trim();
+  if (!expr) return null;
+  if (/^[bB][rR]?["'][^"']*["']$/.test(expr) || /^[rR][bB]["'][^"']*["']$/.test(expr)) {
+    return `literal bytes ${expr.slice(0, 24)}${expr.length > 24 ? "\u2026" : ""}`;
+  }
+  if (/^["'][^"']*["']$/.test(expr)) {
+    return `literal string ${expr.slice(0, 24)}${expr.length > 24 ? "\u2026" : ""}`;
+  }
+  if (arg.variable && constProp) {
+    const sym = constProp.symbols.get(arg.variable);
+    if (sym && sym.type === "string" && typeof sym.value === "string") {
+      return `constant-propagated bytes from \`${arg.variable}\``;
+    }
+  }
+  if (arg.variable) {
+    const lit = literalBindings.get(arg.variable);
+    if (lit) {
+      return `literal-bound ${arg.variable} = ${lit.slice(0, 24)}${lit.length > 24 ? "\u2026" : ""}`;
+    }
+  }
+  return null;
+}
+function detectHardcodedKeyGo(call, constProp, literalBindings) {
+  const arg = call.arguments.find((a) => a.position === 0);
+  if (!arg) return null;
+  const expr = (arg.literal ?? arg.expression ?? "").trim();
+  if (!expr) return null;
+  if (/^\[\s*\]\s*byte\s*\(\s*["'`][^"'`]*["'`]\s*\)$/.test(expr)) {
+    return `literal []byte("\u2026")`;
+  }
+  if (/^\[\s*\]\s*byte\s*\{[^}]*\}$/.test(expr)) {
+    return `literal []byte{\u2026} composite`;
+  }
+  if (arg.variable && constProp) {
+    const sym = constProp.symbols.get(arg.variable);
+    if (sym && sym.type === "string" && typeof sym.value === "string") {
+      return `constant-propagated key from \`${arg.variable}\``;
+    }
+  }
+  if (arg.variable) {
+    const lit = literalBindings.get(arg.variable);
+    if (lit) {
+      return `literal-bound ${arg.variable} = ${lit.slice(0, 24)}${lit.length > 24 ? "\u2026" : ""}`;
+    }
+  }
+  return null;
+}
+function parseWeakRsaKeySizePython(call) {
+  for (const arg of call.arguments) {
+    const expr = (arg.expression ?? "").trim();
+    const lit = (arg.literal ?? "").trim();
+    const m = expr.match(/^key_size\s*=\s*(-?\d+)\s*$/);
+    if (m && m[1]) {
+      const n = parseInt(m[1], 10);
+      if (Number.isFinite(n) && n > 0 && n < 2048) return n;
+      return null;
+    }
+    if (/^key_size\s*=/.test(expr) && lit) {
+      const n = parseInt(lit, 10);
+      if (Number.isFinite(n) && n > 0 && n < 2048) return n;
+    }
+  }
+  return null;
+}
+function scanLiteralBindings(code, language) {
+  const out2 = /* @__PURE__ */ new Map();
+  if (!code) return out2;
+  if (language === "python") {
+    const re = /^[ \t]*([A-Za-z_][A-Za-z0-9_]*)\s*=\s*(b[rR]?["'][^"']*["']|[rR]?b["'][^"']*["']|["'][^"']*["'])\s*(?:$|#)/gm;
+    let m;
+    while ((m = re.exec(code)) !== null) {
+      if (m[1] && m[2]) out2.set(m[1], m[2]);
+    }
+    return out2;
+  }
+  if (language === "go") {
+    const reByte = /^[ \t]*(?:var\s+)?([A-Za-z_][A-Za-z0-9_]*)\s*(?::=|=)\s*(\[\s*\]\s*byte\s*\(\s*["'`][^"'`]*["'`]\s*\))/gm;
+    let m;
+    while ((m = reByte.exec(code)) !== null) {
+      if (m[1] && m[2]) out2.set(m[1], m[2]);
+    }
+    const reStr = /^[ \t]*(?:var|const)\s+([A-Za-z_][A-Za-z0-9_]*)\s*=\s*(["'`][^"'`]*["'`])/gm;
+    while ((m = reStr.exec(code)) !== null) {
+      if (m[1] && m[2]) out2.set(m[1], m[2]);
+    }
+    const reShort = /^[ \t]*([A-Za-z_][A-Za-z0-9_]*)\s*:=\s*(["'`][^"'`]*["'`])/gm;
+    while ((m = reShort.exec(code)) !== null) {
+      if (m[1] && m[2]) out2.set(m[1], m[2]);
+    }
+    return out2;
+  }
+  return out2;
+}
 var ISSUE_CWE = {
   "weak-cipher": "CWE-327",
   "ecb-mode": "CWE-327",
@@ -27497,11 +27593,13 @@ var WeakCryptoPass = class {
   name = "weak-crypto";
   category = "security";
   run(ctx) {
-    const { graph, language } = ctx;
+    const { graph, language, code } = ctx;
     const file = graph.ir.meta.file;
     const findings = [];
+    const constProp = ctx.hasResult("constant-propagation") ? ctx.getResult("constant-propagation") : null;
+    const literalBindings = scanLiteralBindings(code, language);
     for (const call of graph.ir.calls) {
-      const detections = this.detect(call, language);
+      const detections = this.detect(call, language, constProp, literalBindings);
       for (const det of detections) {
         const line = call.location.line;
         findings.push({ line, language, ...det });
@@ -27554,7 +27652,7 @@ var WeakCryptoPass = class {
         return "Use AES-GCM (authenticated) or ChaCha20-Poly1305. Avoid DES, 3DES, RC2, RC4, Blowfish, and ECB mode. For asymmetric encryption use RSA-OAEP with \u22652048-bit keys or modern curve-based schemes.";
     }
   }
-  detect(call, language) {
+  detect(call, language, constProp, literalBindings) {
     const method = call.method_name;
     const receiver = call.receiver ?? "";
     const out2 = [];
@@ -27612,6 +27710,12 @@ var WeakCryptoPass = class {
             out2.push({ issue: "ecb-mode", detail: "AES.MODE_ECB", api: `${receiver}.new` });
           }
         }
+        if (lastSeg === "aes" || lastSeg.endsWith(".aes") || WEAK_CIPHER_BASES.has(lastSeg)) {
+          const keyDetail = detectHardcodedKeyPython(call, constProp, literalBindings);
+          if (keyDetail) {
+            out2.push({ issue: "hardcoded-key", detail: keyDetail, api: `${receiver}.new` });
+          }
+        }
       }
       const isHazmatAlgos = receiver === "algorithms" || receiver.endsWith(".algorithms");
       if (isHazmatAlgos) {
@@ -27620,6 +27724,25 @@ var WeakCryptoPass = class {
         if (WEAK_CIPHER_BASES.has(normalized)) {
           out2.push({ issue: "weak-cipher", detail: normalized, api: `algorithms.${method}` });
         }
+        if (m === "aes") {
+          const keyDetail = detectHardcodedKeyPython(call, constProp, literalBindings);
+          if (keyDetail) {
+            out2.push({ issue: "hardcoded-key", detail: keyDetail, api: `algorithms.${method}` });
+          }
+        }
+      }
+      if (method === "ECB" && (receiver === "modes" || receiver.endsWith(".modes"))) {
+        out2.push({ issue: "ecb-mode", detail: "modes.ECB()", api: `${receiver}.ECB` });
+      }
+      if (method === "generate_private_key" && (receiver === "rsa" || receiver === "dsa" || receiver.endsWith(".rsa") || receiver.endsWith(".dsa"))) {
+        const n = parseWeakRsaKeySizePython(call);
+        if (n !== null) {
+          out2.push({
+            issue: "weak-rsa-key",
+            detail: String(n),
+            api: `${receiver}.generate_private_key`
+          });
+        }
       }
       return out2;
     }
@@ -27659,6 +27782,24 @@ var WeakCryptoPass = class {
       if ((method === "NewECBEncrypter" || method === "NewECBDecrypter") && receiver === "cipher") {
         out2.push({ issue: "ecb-mode", detail: method, api: `cipher.${method}` });
       }
+      if (receiver === "aes" && method === "NewCipher" || receiver === "des" && (method === "NewCipher" || method === "NewTripleDESCipher") || receiver === "rc4" && method === "NewCipher") {
+        const keyDetail = detectHardcodedKeyGo(call, constProp, literalBindings);
+        if (keyDetail) {
+          out2.push({ issue: "hardcoded-key", detail: keyDetail, api: `${receiver}.${method}` });
+        }
+      }
+      if (receiver === "rsa" && method === "GenerateKey") {
+        const bitsArg = call.arguments.find((a) => a.position === 1);
+        const expr = (bitsArg?.literal ?? bitsArg?.expression ?? "").trim();
+        const n = parseInt(expr, 10);
+        if (Number.isFinite(n) && n > 0 && n < 2048) {
+          out2.push({
+            issue: "weak-rsa-key",
+            detail: String(n),
+            api: "rsa.GenerateKey"
+          });
+        }
+      }
       return out2;
     }
     return out2;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "circle-ir",
-  "version": "3.55.0",
+  "version": "3.56.0",
   "description": "High-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis",
   "main": "dist/index.js",
   "module": "dist/index.js",