lox-airplay-sender 0.1.0

package/dist/core/srp.d.ts

@@ -0,0 +1,14 @@
+declare class SRP {
+    group: number;
+    N: any;
+    g: any;
+    constructor(group: number);
+    u(A: string, B: string): any;
+    k(): string;
+    x(I: string, P: string, s: string): string;
+    S(B: string, k: string, x: string, a: string, u: string): string;
+    A(a: string): string;
+    K(I: string, P: string, s: string, a: string, B: string): string;
+    M1(I: string, P: string, s: string, a: string, B: string): string;
+}
+export default SRP;

package/dist/core/srp.js

@@ -0,0 +1,128 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const bigInt = require('big-integer');
+const sha1 = require('js-sha1');
+const memoize = require('lodash/memoize');
+const util_1 = require("../utils/util");
+// ...
+const groups = {
+    1024: {
+        N: new bigInt('EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C' +
+            '9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4' +
+            '8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29' +
+            '7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A' +
+            'FD5138FE8376435B9FC61D2FC0EB06E3', 16),
+        g: new bigInt(2)
+    },
+    2048: {
+        N: new bigInt('AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC319294' +
+            '3DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310D' +
+            'CD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FB' +
+            'D5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF74' +
+            '7359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A' +
+            '436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D' +
+            '5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E73' +
+            '03CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6' +
+            '94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F' +
+            '9E4AFF73', 16),
+        g: new bigInt(2)
+    }
+};
+// ...
+class SRP {
+    group;
+    N;
+    g;
+    constructor(group) {
+        this.group = group;
+        const groupConfig = groups[group];
+        if (!groupConfig) {
+            throw new Error(`SRP group ${group} is not supported`);
+        }
+        this.N = groupConfig.N;
+        this.g = groupConfig.g;
+        this.A = memoize(this.A.bind(this));
+        this.K = memoize(this.K.bind(this));
+    }
+    // ...
+    // Private.
+    u(A, B) {
+        const A_buf = (0, util_1.hexString2ArrayBuffer)(A);
+        const B_buf = (0, util_1.hexString2ArrayBuffer)(B);
+        const result = new Uint8Array(A_buf.byteLength + B_buf.byteLength);
+        result.set(A_buf);
+        result.set(B_buf, A_buf.byteLength);
+        return sha1(result);
+    }
+    k() {
+        const padded_g = '0'.repeat((this.group / 4) - 1) + this.g.toString(16);
+        const N_buf = (0, util_1.hexString2ArrayBuffer)(this.N.toString(16));
+        const g_buf = (0, util_1.hexString2ArrayBuffer)(padded_g);
+        const result = new Uint8Array(N_buf.byteLength + g_buf.byteLength);
+        result.set(N_buf);
+        result.set(g_buf, N_buf.byteLength);
+        return sha1(result);
+    }
+    x(I, P, s) {
+        const s_buf = (0, util_1.hexString2ArrayBuffer)(s.toLowerCase());
+        const I_P_buf = (0, util_1.hexString2ArrayBuffer)(sha1(I + ':' + P));
+        const result = new Uint8Array(s_buf.byteLength + I_P_buf.byteLength);
+        result.set(s_buf);
+        result.set(I_P_buf, s_buf.byteLength);
+        return sha1(result);
+    }
+    ;
+    S(B, k, x, a, u) {
+        const Bn = new bigInt(B, 16);
+        const kn = new bigInt(k, 16);
+        const xn = new bigInt(x, 16);
+        const an = new bigInt(a, 16);
+        const un = new bigInt(u, 16);
+        return Bn.add(this.N.multiply(kn)).subtract(this.g.modPow(xn, this.N).multiply(kn)).mod(this.N)
+            .modPow(an.add(un.multiply(xn)), this.N)
+            .toString(16);
+    }
+    // ...
+    // Public.
+    A(a) {
+        return this.g.modPow(new bigInt(a, 16), this.N).toString(16);
+    }
+    K(I, P, s, a, B) {
+        const k = this.k();
+        const x = this.x(I, P, s);
+        const u = this.u(this.A(a), B);
+        const S = this.S(B, k, x, a, u);
+        // ...
+        const S_buf = (0, util_1.hexString2ArrayBuffer)(S);
+        let hash1 = new Uint8Array(S_buf.byteLength + 4);
+        hash1.set(S_buf);
+        hash1.set([0x00, 0x00, 0x00, 0x00], S_buf.byteLength);
+        let hash2 = new Uint8Array(S_buf.byteLength + 4);
+        hash2.set(S_buf);
+        hash2.set([0x00, 0x00, 0x00, 0x01], S_buf.byteLength);
+        return sha1(hash1) + sha1(hash2);
+    }
+    M1(I, P, s, a, B) {
+        // M1 = H( H(N) ^ H(g) | H(I) | s | PAD(A) | PAD(B) | K )
+        const A = this.A(a);
+        const K = this.K(I, P, s, a, B);
+        const hN = new Uint8Array(sha1.arrayBuffer((0, util_1.hexString2ArrayBuffer)(this.N.toString(16))));
+        const hg = new Uint8Array(sha1.arrayBuffer([this.g.toString(16)]));
+        const hN_hg = new Uint8Array(20);
+        for (let i = 0; i < 20; i++) {
+            hN_hg[i] = hN[i] ^ hg[i];
+        }
+        const hI = sha1.arrayBuffer(I);
+        // ...
+        return sha1.create()
+            .update(hN_hg)
+            .update(hI)
+            .update((0, util_1.hexString2ArrayBuffer)(s))
+            .update((0, util_1.hexString2ArrayBuffer)(A))
+            .update((0, util_1.hexString2ArrayBuffer)(B))
+            .update((0, util_1.hexString2ArrayBuffer)(K))
+            .hex();
+    }
+}
+// ...
+exports.default = SRP;

package/dist/core/udpServers.d.ts

@@ -0,0 +1,26 @@
+import { EventEmitter } from 'node:events';
+type ControlSyncTarget = {
+    host: string;
+    controlPort: number;
+};
+/**
+ * Manages control/timing UDP sockets used by RAOP for resend requests and clock sync.
+ * Binds ports for both endpoints and emits events with socket info.
+ */
+export default class UDPServers extends EventEmitter {
+    private status;
+    private readonly control;
+    private readonly timing;
+    private readonly hosts;
+    /**
+     * Bind control + timing sockets for a host and emit `ports` when ready.
+     */
+    bind(host: string): void;
+    /** Close sockets and reset state. */
+    close(): void;
+    /**
+     * Send an RTCP sync packet to a receiver to align playback.
+     */
+    sendControlSync(seq: number, dev: ControlSyncTarget): void;
+}
+export {};

package/dist/core/udpServers.js

@@ -0,0 +1,149 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const node_dgram_1 = __importDefault(require("node:dgram"));
+const node_events_1 = require("node:events");
+const async_1 = __importDefault(require("async"));
+const config_1 = __importDefault(require("../utils/config"));
+const numUtil_1 = require("../utils/numUtil");
+const ntp_1 = __importDefault(require("../utils/ntp"));
+const UNBOUND = 0;
+const BINDING = 1;
+const BOUND = 2;
+/**
+ * Manages control/timing UDP sockets used by RAOP for resend requests and clock sync.
+ * Binds ports for both endpoints and emits events with socket info.
+ */
+class UDPServers extends node_events_1.EventEmitter {
+    status = UNBOUND;
+    control = { socket: null, port: null, name: 'control' };
+    timing = { socket: null, port: null, name: 'timing' };
+    hosts = [];
+    /**
+     * Bind control + timing sockets for a host and emit `ports` when ready.
+     */
+    bind(host) {
+        this.hosts.push(host);
+        if (this.status === BOUND) {
+            process.nextTick(() => {
+                this.emit('ports', null, this.control, this.timing);
+            });
+            return;
+        }
+        if (this.status === BINDING) {
+            return;
+        }
+        this.status = BINDING;
+        this.timing.socket = node_dgram_1.default.createSocket({ type: 'udp4', reuseAddr: true });
+        this.timing.socket.on('message', (msg, rinfo) => {
+            if (!this.hosts.includes(rinfo.address))
+                return;
+            const ts1 = msg.readUInt32BE(24);
+            const ts2 = msg.readUInt32BE(28);
+            const reply = Buffer.alloc(32);
+            reply.writeUInt16BE(0x80d3, 0);
+            reply.writeUInt16BE(0x0007, 2);
+            reply.writeUInt32BE(0x00000000, 4);
+            reply.writeUInt32BE(ts1, 8);
+            reply.writeUInt32BE(ts2, 12);
+            const ntpTime = ntp_1.default.timestamp();
+            ntpTime.copy(reply, 16);
+            ntpTime.copy(reply, 24);
+            this.timing.socket?.send(reply, 0, reply.length, rinfo.port, rinfo.address);
+        });
+        this.control.socket = node_dgram_1.default.createSocket({ type: 'udp4', reuseAddr: true });
+        this.control.socket.on('message', (msg, rinfo) => {
+            if (!this.hosts.includes(rinfo.address))
+                return;
+            const resendRequested = msg.readUInt8(1) === (0x80 | 0x55);
+            if (resendRequested) {
+                const missedSeq = msg.readUInt16BE(4);
+                const count = msg.readUInt16BE(6);
+                this.emit('resendRequested', missedSeq, count);
+            }
+        });
+        if (process.platform !== 'darwin') {
+            this.control.socket.on('error', (err) => {
+                this.emit('ports', err);
+            });
+            this.timing.socket.on('error', (err) => {
+                this.emit('ports', err);
+            });
+            this.control.socket.bind(0, () => {
+                this.control.port = this.control.socket?.address().port ?? null;
+            });
+            this.timing.socket.bind(0, () => {
+                this.timing.port = this.timing.socket?.address().port ?? null;
+            });
+            const interval = setInterval(() => {
+                if (this.timing.port != null && this.control.port != null) {
+                    clearInterval(interval);
+                    this.status = BOUND;
+                    this.emit('ports', null, this.control, this.timing);
+                }
+            }, 100);
+            return;
+        }
+        const toBind = [this.control, this.timing];
+        let currentPort = config_1.default.udp_default_port;
+        async_1.default.whilst((cb) => cb(null, toBind.length > 0), (cb) => {
+            const nextPort = toBind[0];
+            nextPort.socket?.once('error', (err) => {
+                if (err.code === 'EADDRINUSE') {
+                    currentPort += 1;
+                    cb();
+                }
+                else {
+                    cb(err);
+                }
+            });
+            nextPort.socket?.once('listening', () => {
+                toBind.shift();
+                nextPort.port = currentPort;
+                currentPort += 1;
+                cb();
+            });
+            nextPort.socket?.bind(currentPort);
+        }, (err) => {
+            if (err) {
+                this.close();
+                this.emit('ports', err);
+            }
+            else {
+                this.status = BOUND;
+                this.emit('ports', null, this.control, this.timing);
+            }
+        });
+    }
+    /** Close sockets and reset state. */
+    close() {
+        try {
+            this.status = UNBOUND;
+            this.timing.socket?.close();
+            this.timing.socket = null;
+            this.control.socket?.close();
+            this.control.socket = null;
+        }
+        catch {
+            // ignore
+        }
+    }
+    /**
+     * Send an RTCP sync packet to a receiver to align playback.
+     */
+    sendControlSync(seq, dev) {
+        if (this.status !== BOUND || !this.control.socket)
+            return;
+        const packet = Buffer.alloc(20);
+        packet.writeUInt16BE(0x80d4, 0);
+        packet.writeUInt16BE(0x0007, 2);
+        packet.writeUInt32BE((0, numUtil_1.low32)(seq * config_1.default.frames_per_packet), 4);
+        const ntpTime = ntp_1.default.timestamp();
+        ntpTime.copy(packet, 8);
+        packet.writeUInt32BE((0, numUtil_1.low32)(seq * config_1.default.frames_per_packet + config_1.default.sampling_rate * 2), 16);
+        this.control.socket.send(packet, 0, packet.length, dev.controlPort, dev.host);
+    }
+}
+exports.default = UDPServers;

package/dist/esm/core/ap2_test.js

@@ -0,0 +1,8 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const number_1 = __importDefault(require("../homekit/number"));
+const u = number_1.default.UInt16toBufferBE(287);
+console.log(Buffer.concat([u.slice(1), u.slice(0, 1)]));

package/dist/esm/core/atv.js

@@ -0,0 +1,215 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto_1 = __importDefault(require("crypto"));
+const fs_1 = __importDefault(require("fs"));
+const bplist_creator_1 = __importDefault(require("bplist-creator"));
+const bplist_parser_1 = __importDefault(require("bplist-parser"));
+const srp_1 = __importDefault(require("./srp"));
+const atvAuthenticator_1 = __importDefault(require("./atvAuthenticator"));
+const http_1 = __importDefault(require("../utils/http"));
+// ...
+// Configuration.
+const loadConfig = (configFilePath) => !fs_1.default.existsSync(configFilePath) ? null : JSON.parse(fs_1.default.readFileSync(configFilePath, 'utf8'));
+const saveConfig = (configFilePath, config) => fs_1.default.writeFileSync(configFilePath, JSON.stringify(config, null, '\t'));
+// ...
+class ATV {
+    addr;
+    port;
+    httpClient;
+    auth_secret;
+    constructor(addr, port) {
+        this.addr = addr;
+        this.port = port || 7000;
+        this.httpClient = (0, http_1.default)();
+        this.auth_secret = null;
+    }
+    // ...
+    auth(configFilePath, authenticator) {
+        async function auth(owner) {
+            await owner.httpClient.connect(owner.addr, owner.port);
+            let conf = loadConfig(configFilePath);
+            const authSecret = conf && typeof conf['auth_secret'] === 'string' ? conf['auth_secret'] : null;
+            if (!authSecret) {
+                // a pairing does not exist and must be performed.
+                // ...
+                // SRP parameters. 
+                const srp = new srp_1.default(2048);
+                const I = '366B4165DD64AD3A';
+                let P;
+                let s;
+                let B;
+                let a;
+                let A;
+                let M1;
+                await owner.httpClient.request('POST', '/pair-pin-start')
+                    .then(() => authenticator())
+                    .then(pin => {
+                    P = pin;
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        user: '366B4165DD64AD3A',
+                        method: 'pin'
+                    }));
+                })
+                    .then((res) => {
+                    const { pk, salt } = bplist_parser_1.default.parseBuffer(res.body)[0];
+                    s = salt.toString('hex');
+                    B = pk.toString('hex');
+                    // SRP: Generate random auth_secret, 'a'; if pairing is successful, it'll be utilized in 
+                    // subsequent session authentication(s).
+                    a = crypto_1.default.randomBytes(32).toString('hex');
+                    // SRP: Compute A and M1. 
+                    A = srp.A(a);
+                    M1 = srp.M1(I, P, s, a, B);
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        pk: Buffer.from(A, 'hex'),
+                        proof: Buffer.from(M1, 'hex')
+                    }));
+                })
+                    .then(() => {
+                    // confirm the auth secret (a).
+                    const { epk, authTag } = atvAuthenticator_1.default.confirm(a, srp.K(I, P, s, a, B));
+                    // complete pair-setup-pin by registering the auth secret with the target device.
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        epk: Buffer.from(epk, 'hex'),
+                        authTag: Buffer.from(authTag, 'hex')
+                    }));
+                })
+                    .then(() => {
+                    // save the auth secret for subsequent session authentication(s).
+                    if (!conf) {
+                        conf = {};
+                    }
+                    conf['auth_secret'] = a;
+                    saveConfig(configFilePath, conf);
+                });
+            }
+            // ...
+            // Authenticate session with the target device using existing pairing information.
+            const verifier = atvAuthenticator_1.default.verifier(conf?.['auth_secret'] ?? '');
+            return owner.httpClient.request('POST', '/pair-verify', {
+                'Content-Type': 'application/octet-stream'
+            }, verifier.verifierBody)
+                .then((res) => {
+                const atv_pub = res.body.slice(0, 32).toString('hex');
+                const atv_data = res.body.slice(32).toString('hex');
+                const shared = atvAuthenticator_1.default.shared(verifier.v_pri, atv_pub);
+                const signed = atvAuthenticator_1.default.signed(conf?.['auth_secret'] ?? '', verifier.v_pub, atv_pub);
+                const signature = Buffer.from(Buffer.from([0x00, 0x00, 0x00, 0x00]).toString('hex') +
+                    atvAuthenticator_1.default.signature(shared, atv_data, signed), 'hex');
+                return owner.httpClient.request('POST', '/pair-verify', {
+                    'Content-Type': 'application/octet-stream'
+                }, signature);
+            });
+        }
+        return auth(this);
+    }
+    authSecret() {
+        return this.auth_secret;
+    }
+    authSimple(authenticator) {
+        async function auth(owner) {
+            await owner.httpClient.connect(owner.addr, owner.port);
+            const conf = null;
+            if (!conf || !conf['auth_secret']) {
+                // a pairing does not exist and must be performed.
+                // ...
+                // SRP parameters. 
+                const srp = new srp_1.default(2048);
+                const I = '366B4165DD64AD3A';
+                let P;
+                let s;
+                let B;
+                let a;
+                let A;
+                let M1;
+                await owner.httpClient.request('POST', '/pair-pin-start')
+                    .then(() => authenticator())
+                    .then(pin => {
+                    P = pin;
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        user: '366B4165DD64AD3A',
+                        method: 'pin'
+                    }));
+                })
+                    .then((res) => {
+                    const { pk, salt } = bplist_parser_1.default.parseBuffer(res.body)[0];
+                    s = salt.toString('hex');
+                    B = pk.toString('hex');
+                    // SRP: Generate random auth_secret, 'a'; if pairing is successful, it'll be utilized in 
+                    // subsequent session authentication(s).
+                    a = crypto_1.default.randomBytes(32).toString('hex');
+                    // SRP: Compute A and M1. 
+                    A = srp.A(a);
+                    M1 = srp.M1(I, P, s, a, B);
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        pk: Buffer.from(A, 'hex'),
+                        proof: Buffer.from(M1, 'hex')
+                    }));
+                }).then(() => {
+                    // confirm the auth secret (a).
+                    const { epk, authTag } = atvAuthenticator_1.default.confirm(a, srp.K(I, P, s, a, B));
+                    // complete pair-setup-pin by registering the auth secret with the target device.
+                    return owner.httpClient.request('POST', '/pair-setup-pin', {
+                        'Content-Type': 'application/x-apple-binary-plist'
+                    }, (0, bplist_creator_1.default)({
+                        epk: Buffer.from(epk, 'hex'),
+                        authTag: Buffer.from(authTag, 'hex')
+                    }));
+                })
+                    .then(() => {
+                    // save the auth secret for subsequent session authentication(s).
+                    owner.auth_secret = a;
+                });
+            }
+        }
+        return auth(this);
+    }
+    verifySimple(secret) {
+        // ...
+        // Authenticate session with the target device using existing pairing information.
+        const verifier = atvAuthenticator_1.default.verifier(secret);
+        return this.httpClient.request('POST', '/pair-verify', {
+            'Content-Type': 'application/octet-stream',
+        }, verifier.verifierBody)
+            .then((res) => {
+            const atv_pub = res.body.slice(0, 32).toString('hex');
+            const atv_data = res.body.slice(32).toString('hex');
+            const shared = atvAuthenticator_1.default.shared(verifier.v_pri, atv_pub);
+            const signed = atvAuthenticator_1.default.signed(secret, verifier.v_pub, atv_pub);
+            const signature = Buffer.from(Buffer.from([0x00, 0x00, 0x00, 0x00]).toString('hex') +
+                atvAuthenticator_1.default.signature(shared, atv_data, signed), 'hex');
+            return this.httpClient.request('POST', '/pair-verify', {
+                'Content-Type': 'application/octet-stream',
+            }, signature);
+        });
+    }
+    play(videoUrl) {
+        return this.httpClient.request('POST', '/play', {
+            'Content-Type': 'application/x-apple-binary-plist'
+        }, (0, bplist_creator_1.default)({
+            'Content-Location': videoUrl,
+            'Start-Location': 0
+        }));
+    }
+    stop() {
+        return this.httpClient.request('POST', '/stop');
+    }
+    close() {
+        this.httpClient.close();
+    }
+}
+// ...
+exports.default = ATV;

package/dist/esm/core/atvAuthenticator.js

@@ -0,0 +1,134 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const elliptic = require('elliptic');
+const crypto_1 = __importDefault(require("crypto"));
+const ed = __importStar(require("@noble/ed25519"));
+const util_1 = require("../utils/util");
+// ...
+// Note: All functions expect parameters to be hex strings.
+function pair_setup_aes_key(K) {
+    return crypto_1.default.createHash('sha512')
+        .update('Pair-Setup-AES-Key')
+        .update((0, util_1.hexString2ArrayBuffer)(K))
+        .digest('hex')
+        .substring(0, 32);
+}
+function pair_setup_aes_iv(K) {
+    let ab = crypto_1.default.createHash('sha512')
+        .update('Pair-Setup-AES-IV')
+        .update((0, util_1.hexString2ArrayBuffer)(K))
+        .digest();
+    ab = ab.slice(0, 16);
+    ab[ab.length - 1] += 0x01;
+    return (0, util_1.buf2hex)(ab);
+}
+function pair_verify_aes_key(shared) {
+    return (0, util_1.buf2hex)(crypto_1.default.createHash('sha512')
+        .update('Pair-Verify-AES-Key')
+        .update((0, util_1.hexString2ArrayBuffer)(shared))
+        .digest()
+        .slice(0, 16));
+}
+function pair_verify_aes_iv(shared) {
+    return (0, util_1.buf2hex)(crypto_1.default.createHash('sha512')
+        .update('Pair-Verify-AES-IV')
+        .update((0, util_1.hexString2ArrayBuffer)(shared))
+        .digest()
+        .slice(0, 16));
+}
+// ...
+// Public.
+function a_pub(a) {
+    return elliptic.utils.toHex(new elliptic.eddsa('ed25519').keyFromSecret(a).getPublic());
+}
+function confirm(a, K) {
+    const key = pair_setup_aes_key(K);
+    const iv = pair_setup_aes_iv(K);
+    const cipher = crypto_1.default.createCipheriv('aes-128-gcm', (0, util_1.hexString2ArrayBuffer)(key), (0, util_1.hexString2ArrayBuffer)(iv));
+    const encrypted = Buffer.concat([
+        cipher.update((0, util_1.hexString2ArrayBuffer)(a_pub(a))),
+        cipher.final(),
+    ]);
+    return {
+        epk: encrypted.toString('hex'),
+        authTag: (0, util_1.buf2hex)(cipher.getAuthTag()),
+    };
+}
+function verifier(a) {
+    const privateKey = Buffer.from(ed.utils.randomPrivateKey());
+    const publicKey = Buffer.from(ed.curve25519.scalarMultBase(privateKey));
+    const v_pri = (0, util_1.buf2hex)(privateKey);
+    const v_pub = (0, util_1.buf2hex)(publicKey);
+    const header = Buffer.from([0x01, 0x00, 0x00, 0x00]);
+    const a_pub_buf = Buffer.from(a_pub(a), 'hex');
+    return {
+        verifierBody: Buffer.concat([header, publicKey, a_pub_buf], header.byteLength + publicKey.byteLength + a_pub_buf.byteLength),
+        v_pri,
+        v_pub
+    };
+}
+function shared(v_pri, atv_pub) {
+    return (0, util_1.buf2hex)(Buffer.from(ed.curve25519.scalarMult((0, util_1.hexString2ArrayBuffer)(v_pri), (0, util_1.hexString2ArrayBuffer)(atv_pub))));
+}
+function signed(a, v_pub, atv_pub) {
+    const key = new elliptic.eddsa('ed25519').keyFromSecret(a);
+    return key.sign(v_pub + atv_pub).toHex();
+}
+function signature(shared, atv_data, signed) {
+    const cipher = crypto_1.default.createCipheriv('aes-128-ctr', (0, util_1.hexString2ArrayBuffer)(pair_verify_aes_key(shared)), (0, util_1.hexString2ArrayBuffer)(pair_verify_aes_iv(shared)));
+    // discard the result of encrypting atv_data.
+    cipher.update((0, util_1.hexString2ArrayBuffer)(atv_data));
+    const encrypted = Buffer.concat([
+        cipher.update(Buffer.from(signed, 'hex')),
+        cipher.final(),
+    ]);
+    return encrypted.toString('hex');
+}
+exports.default = {
+    pair_setup_aes_key,
+    pair_setup_aes_iv,
+    pair_verify_aes_key,
+    pair_verify_aes_iv,
+    a_pub,
+    confirm,
+    verifier,
+    shared,
+    signed,
+    signature,
+};