1 | /*
|
2 | object-assign
|
3 | (c) Sindre Sorhus
|
4 | @license MIT
|
5 | */
|
6 |
|
7 | /*!
|
8 | * prr
|
9 | * (c) 2013 Rod Vagg <rod@vagg.org>
|
10 | * https://github.com/rvagg/prr
|
11 | * License: MIT
|
12 | */
|
13 |
|
14 | /*!
|
15 | * Determine if an object is a Buffer
|
16 | *
|
17 | * @author Feross Aboukhadijeh <https://feross.org>
|
18 | * @license MIT
|
19 | */
|
20 |
|
21 | /*!
|
22 | * The buffer module from node.js, for the browser.
|
23 | *
|
24 | * @author Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
|
25 | * @license MIT
|
26 | */
|
27 |
|
28 | /*!
|
29 | * The buffer module from node.js, for the browser.
|
30 | *
|
31 | * @author Feross Aboukhadijeh <http://feross.org>
|
32 | * @license MIT
|
33 | */
|
34 |
|
35 | /*!
|
36 | * aead.js - aead for bcrypto
|
37 | * Copyright (c) 2016-2019, Christopher Jeffrey (MIT License).
|
38 | * https://github.com/bcoin-org/bcrypto
|
39 | *
|
40 | * Resources:
|
41 | * https://tools.ietf.org/html/rfc7539#section-2.8
|
42 | * https://github.com/openssh/openssh-portable
|
43 | */
|
44 |
|
45 | /*!
|
46 | * assert.js - assert for bcrypto
|
47 | * Copyright (c) 2020, Christopher Jeffrey (MIT License).
|
48 | * https://github.com/bcoin-org/bcrypto
|
49 | */
|
50 |
|
51 | /*!
|
52 | * bn.js - big numbers for bcrypto
|
53 | * Copyright (c) 2017-2019, Christopher Jeffrey (MIT License).
|
54 | * https://github.com/bcoin-org/bcrypto
|
55 | */
|
56 |
|
57 | /*!
|
58 | * bn.js - big numbers for bcrypto
|
59 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
60 | * https://github.com/bcoin-org/bcrypto
|
61 | *
|
62 | * Parts of this software are based on indutny/bn.js:
|
63 | * Copyright (c) 2015, Fedor Indutny (MIT License).
|
64 | * https://github.com/indutny/bn.js
|
65 | *
|
66 | * Parts of this software are based on golang/go:
|
67 | * Copyright (c) 2009, The Go Authors. All rights reserved.
|
68 | * https://github.com/golang/go
|
69 | *
|
70 | * Parts of this software are based on openssl/openssl:
|
71 | * Copyright (c) 1998-2018, The OpenSSL Project (Apache License v2.0).
|
72 | * Copyright (c) 1995-1998, Eric A. Young, Tim J. Hudson. All rights reserved.
|
73 | * https://github.com/openssl/openssl
|
74 | *
|
75 | * Parts of this software are based on libgmp:
|
76 | * Copyright (c) 1991-1997, 1999-2014, Free Software Foundation, Inc.
|
77 | * https://gmplib.org/
|
78 | *
|
79 | * Parts of this software are based on v8/v8:
|
80 | * Copyright (c) 2017, The V8 Project Authors (BSD-Style License).
|
81 | * https://github.com/v8/v8
|
82 | *
|
83 | * Resources:
|
84 | * https://github.com/indutny/bn.js/blob/master/lib/bn.js
|
85 | * https://github.com/indutny/miller-rabin/blob/master/lib/mr.js
|
86 | * https://github.com/golang/go/blob/master/src/math/big/int.go
|
87 | * https://github.com/golang/go/blob/master/src/math/big/nat.go
|
88 | * https://github.com/golang/go/blob/master/src/math/big/prime.go
|
89 | * https://github.com/openssl/openssl/tree/master/crypto/bn
|
90 | * https://github.com/openssl/openssl/blob/master/crypto/bn/bn_kron.c
|
91 | * https://github.com/gnutls/nettle/blob/master/mini-gmp.c
|
92 | * https://github.com/v8/v8/blob/master/src/objects/bigint.cc
|
93 | */
|
94 |
|
95 | /*!
|
96 | * bytes
|
97 | * Copyright(c) 2012-2014 TJ Holowaychuk
|
98 | * Copyright(c) 2015 Jed Watson
|
99 | * MIT Licensed
|
100 | */
|
101 |
|
102 | /*!
|
103 | * chacha20.js - chacha20 for bcrypto
|
104 | * Copyright (c) 2016-2019, Christopher Jeffrey (MIT License).
|
105 | * https://github.com/bcoin-org/bcrypto
|
106 | *
|
107 | * Resources
|
108 | * https://en.wikipedia.org/wiki/Chacha20
|
109 | * https://tools.ietf.org/html/rfc7539#section-2
|
110 | * https://cr.yp.to/chacha.html
|
111 | */
|
112 |
|
113 | /*!
|
114 | * custom.js - custom inspect symbol for bcrypto
|
115 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
116 | * https://github.com/bcoin-org/bcrypto
|
117 | */
|
118 |
|
119 | /*!
|
120 | * ecdh.js - ECDH for bcrypto
|
121 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
122 | * https://github.com/bcoin-org/bcrypto
|
123 | *
|
124 | * Resources:
|
125 | * https://cr.yp.to/ecdh.html
|
126 | * https://cr.yp.to/ecdh/curve25519-20060209.pdf
|
127 | * https://tools.ietf.org/html/rfc7748
|
128 | */
|
129 |
|
130 | /*!
|
131 | * elliptic.js - elliptic curves for bcrypto
|
132 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
133 | * https://github.com/bcoin-org/bcrypto
|
134 | *
|
135 | * Parts of this software are based on indutny/elliptic:
|
136 | * Copyright (c) 2014, Fedor Indutny (MIT License).
|
137 | * https://github.com/indutny/elliptic
|
138 | *
|
139 | * Formulas from DJB and Tanja Lange [EFD].
|
140 | *
|
141 | * References:
|
142 | *
|
143 | * [GECC] Guide to Elliptic Curve Cryptography
|
144 | * D. Hankerson, A. Menezes, and S. Vanstone
|
145 | * https://tinyurl.com/guide-to-ecc
|
146 | *
|
147 | * [GLV] Faster Point Multiplication on Elliptic Curves
|
148 | * R. Gallant, R. Lambert, and S. Vanstone
|
149 | * https://link.springer.com/content/pdf/10.1007/3-540-44647-8_11.pdf
|
150 | *
|
151 | * [MONT1] Montgomery curves and the Montgomery ladder
|
152 | * Daniel J. Bernstein, Tanja Lange
|
153 | * https://eprint.iacr.org/2017/293.pdf
|
154 | *
|
155 | * [COZ] Scalar Multiplication on Elliptic Curves from Co-Z Arithmetic
|
156 | * R. Goundar, M. Joye, A. Miyaji, M. Rivain, A. Venelli
|
157 | * https://www.matthieurivain.com/files/jcen11b.pdf
|
158 | *
|
159 | * [SQUARED] Elligator Squared
|
160 | * Mehdi Tibouchi
|
161 | * https://eprint.iacr.org/2014/043.pdf
|
162 | *
|
163 | * [SEC1] SEC 1 - Standards for Efficient Cryptography Group
|
164 | * Certicom Research
|
165 | * https://www.secg.org/sec1-v2.pdf
|
166 | *
|
167 | * [SEC2] SEC 2: Recommended Elliptic Curve Domain Parameters
|
168 | * Certicom Research
|
169 | * https://www.secg.org/sec2-v2.pdf
|
170 | *
|
171 | * [SIDE1] Elliptic Curves and Side-Channel Attacks
|
172 | * Marc Joye
|
173 | * https://pdfs.semanticscholar.org/8d69/9645033e25d74fcfd4cbf07a770d2e943e14.pdf
|
174 | *
|
175 | * [BLIND] Side-Channel Analysis on Blinding Regular Scalar Multiplications
|
176 | * B. Feix, M. Roussellet, A. Venelli
|
177 | * https://eprint.iacr.org/2014/191.pdf
|
178 | *
|
179 | * [ALT] Alternative Elliptic Curve Representations
|
180 | * R. Struik
|
181 | * https://tools.ietf.org/id/draft-ietf-lwig-curve-representations-02.html
|
182 | *
|
183 | * [ARITH1] Arithmetic of Elliptic Curves
|
184 | * Christophe Doche, Tanja Lange
|
185 | * Handbook of Elliptic and Hyperelliptic Curve Cryptography
|
186 | * Page 267, Section 13 (978-1-58488-518-4)
|
187 | * https://hyperelliptic.org/HEHCC/index.html
|
188 | *
|
189 | * [ARITH2] The Arithmetic of Elliptic Curves, 2nd Edition
|
190 | * Joseph H. Silverman
|
191 | * http://www.pdmi.ras.ru/~lowdimma/BSD/Silverman-Arithmetic_of_EC.pdf
|
192 | *
|
193 | * [EFD] Explicit-Formulas Database
|
194 | * Daniel J. Bernstein, Tanja Lange
|
195 | * https://hyperelliptic.org/EFD/index.html
|
196 | *
|
197 | * [SAFE] SafeCurves: choosing safe curves for elliptic-curve cryptography
|
198 | * Daniel J. Bernstein
|
199 | * https://safecurves.cr.yp.to/
|
200 | *
|
201 | * [4GLV] Refinement of the Four-Dimensional GLV Method on Elliptic Curves
|
202 | * Hairong Yi, Yuqing Zhu, and Dongdai Lin
|
203 | * http://www.site.uottawa.ca/~cadams/papers/prepro/paper_19_slides.pdf
|
204 | *
|
205 | * [ICART] How to Hash into Elliptic Curves
|
206 | * Thomas Icart
|
207 | * https://eprint.iacr.org/2009/226.pdf
|
208 | *
|
209 | * [SSWU1] Efficient Indifferentiable Hashing into Ordinary Elliptic Curves
|
210 | * E. Brier, J. Coron, T. Icart, D. Madore, H. Randriam, M. Tibouchi
|
211 | * https://eprint.iacr.org/2009/340.pdf
|
212 | *
|
213 | * [SSWU2] Rational points on certain hyperelliptic curves over finite fields
|
214 | * Maciej Ulas
|
215 | * https://arxiv.org/abs/0706.1448
|
216 | *
|
217 | * [H2EC] Hashing to Elliptic Curves
|
218 | * A. Faz-Hernandez, S. Scott, N. Sullivan, R. S. Wahby, C. A. Wood
|
219 | * https://git.io/JeWz6
|
220 | * https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve
|
221 | *
|
222 | * [SVDW1] Construction of Rational Points on Elliptic Curves
|
223 | * A. Shallue, C. E. van de Woestijne
|
224 | * https://works.bepress.com/andrew_shallue/1/download/
|
225 | *
|
226 | * [SVDW2] Indifferentiable Hashing to Barreto-Naehrig Curves
|
227 | * Pierre-Alain Fouque, Mehdi Tibouchi
|
228 | * https://www.di.ens.fr/~fouque/pub/latincrypt12.pdf
|
229 | *
|
230 | * [SVDW3] Covert ECDH over secp256k1
|
231 | * Pieter Wuille
|
232 | * https://gist.github.com/sipa/29118d3fcfac69f9930d57433316c039
|
233 | *
|
234 | * [MONT2] Montgomery Curve (wikipedia)
|
235 | * https://en.wikipedia.org/wiki/Montgomery_curve
|
236 | *
|
237 | * [SIDE2] Weierstrass Elliptic Curves and Side-Channel Attacks
|
238 | * Eric Brier, Marc Joye
|
239 | * http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.2.273&rep=rep1&type=pdf
|
240 | *
|
241 | * [SIDE3] Unified Point Addition Formulae and Side-Channel Attacks
|
242 | * Douglas Stebila, Nicolas Theriault
|
243 | * https://eprint.iacr.org/2005/419.pdf
|
244 | *
|
245 | * [MONT3] Montgomery Curves and their arithmetic
|
246 | * C. Costello, B. Smith
|
247 | * https://eprint.iacr.org/2017/212.pdf
|
248 | *
|
249 | * [ELL2] Elliptic-curve points indistinguishable from uniform random strings
|
250 | * D. Bernstein, M. Hamburg, A. Krasnova, T. Lange
|
251 | * https://elligator.cr.yp.to/elligator-20130828.pdf
|
252 | *
|
253 | * [RFC7748] Elliptic Curves for Security
|
254 | * A. Langley, M. Hamburg, S. Turner
|
255 | * https://tools.ietf.org/html/rfc7748
|
256 | *
|
257 | * [TWISTED] Twisted Edwards Curves
|
258 | * D. Bernstein, P. Birkner, M. Joye, T. Lange, C. Peters
|
259 | * https://eprint.iacr.org/2008/013.pdf
|
260 | *
|
261 | * [ELL1] Injective Encodings to Elliptic Curves
|
262 | * P. Fouque, A. Joux, M. Tibouchi
|
263 | * https://eprint.iacr.org/2013/373.pdf
|
264 | *
|
265 | * [ISOGENY] Twisting Edwards curves with isogenies
|
266 | * Mike Hamburg
|
267 | * https://www.shiftleft.org/papers/isogeny/isogeny.pdf
|
268 | *
|
269 | * [RFC8032] Edwards-Curve Digital Signature Algorithm (EdDSA)
|
270 | * S. Josefsson, SJD AB, I. Liusvaara
|
271 | * https://tools.ietf.org/html/rfc8032
|
272 | *
|
273 | * [TIMING] Remote Timing Attacks are Still Practical
|
274 | * B. Brumley, N. Tuveri
|
275 | * https://eprint.iacr.org/2011/232.pdf
|
276 | *
|
277 | * [SCHNORR] Schnorr Signatures for secp256k1
|
278 | * Pieter Wuille
|
279 | * https://github.com/sipa/bips/blob/d194620/bip-schnorr.mediawiki
|
280 | *
|
281 | * [BIP340] Schnorr Signatures for secp256k1
|
282 | * Pieter Wuille, Jonas Nick, Tim Ruffing
|
283 | * https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki
|
284 | *
|
285 | * [JCEN12] Efficient Software Implementation of Public-Key Cryptography
|
286 | * on Sensor Networks Using the MSP430X Microcontroller
|
287 | * C. P. L. Gouvea, L. B. Oliveira, J. Lopez
|
288 | * http://conradoplg.cryptoland.net/files/2010/12/jcen12.pdf
|
289 | *
|
290 | * [FIPS186] Federal Information Processing Standards Publication
|
291 | * National Institute of Standards and Technology
|
292 | * https://tinyurl.com/fips-186-3
|
293 | *
|
294 | * [RFC5639] Elliptic Curve Cryptography (ECC) Brainpool
|
295 | * Standard Curves and Curve Generation
|
296 | * M. Lochter, BSI, J. Merkle
|
297 | * https://tools.ietf.org/html/rfc5639
|
298 | *
|
299 | * [TWISTEQ] Twisted Edwards & Short Weierstrass Equivalence
|
300 | * Christopher Jeffrey
|
301 | * https://gist.github.com/chjj/16ba7fa08d64e8dda269a9fe5b2a8bbc
|
302 | *
|
303 | * [ECPM] Elliptic Curve Point Multiplication (wikipedia)
|
304 | * https://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication
|
305 | */
|
306 |
|
307 | /*!
|
308 | * hkdf.js - hkdf for bcrypto
|
309 | * Copyright (c) 2014-2019, Christopher Jeffrey (MIT License).
|
310 | * https://github.com/bcoin-org/bcrypto
|
311 | *
|
312 | * Resources:
|
313 | * https://en.wikipedia.org/wiki/HKDF
|
314 | * https://tools.ietf.org/html/rfc5869
|
315 | */
|
316 |
|
317 | /*!
|
318 | * hmac.js - hmac for bcrypto
|
319 | * Copyright (c) 2016-2019, Christopher Jeffrey (MIT License).
|
320 | * https://github.com/bcoin-org/bcrypto
|
321 | *
|
322 | * Parts of this software are based on indutny/hash.js:
|
323 | * Copyright (c) 2014, Fedor Indutny (MIT License).
|
324 | * https://github.com/indutny/hash.js
|
325 | *
|
326 | * Resources:
|
327 | * https://en.wikipedia.org/wiki/HMAC
|
328 | * https://tools.ietf.org/html/rfc2104
|
329 | * https://github.com/indutny/hash.js/blob/master/lib/hash/hmac.js
|
330 | */
|
331 |
|
332 | /*!
|
333 | * poly1305.js - poly1305 for bcrypto
|
334 | * Copyright (c) 2016-2019, Christopher Jeffrey (MIT License).
|
335 | * https://github.com/bcoin-org/bcrypto
|
336 | *
|
337 | * Parts of this software are based on floodyberry/poly1305-donna:
|
338 | * Placed into the public domain by Andrew Moon.
|
339 | * https://github.com/floodyberry/poly1305-donna
|
340 | *
|
341 | * Resources:
|
342 | * https://en.wikipedia.org/wiki/Poly1305
|
343 | * https://cr.yp.to/mac.html
|
344 | * https://tools.ietf.org/html/rfc7539#section-2.5
|
345 | * https://github.com/floodyberry/poly1305-donna/blob/master/poly1305-donna-16.h
|
346 | */
|
347 |
|
348 | /*!
|
349 | * random.js - random for bcrypto
|
350 | * Copyright (c) 2017-2019, Christopher Jeffrey (MIT License).
|
351 | * https://github.com/bcoin-org/bcrypto
|
352 | */
|
353 |
|
354 | /*!
|
355 | * random.js - random number generator for bcrypto
|
356 | * Copyright (c) 2014-2019, Christopher Jeffrey (MIT License).
|
357 | * https://github.com/bcoin-org/bcrypto
|
358 | *
|
359 | * Resources:
|
360 | * https://wiki.openssl.org/index.php/Random_Numbers
|
361 | * https://csrc.nist.gov/projects/random-bit-generation/
|
362 | * http://www.pcg-random.org/posts/bounded-rands.html
|
363 | * https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues
|
364 | */
|
365 |
|
366 | /*!
|
367 | * sha256.js - SHA256 implementation for bcrypto
|
368 | * Copyright (c) 2016-2019, Christopher Jeffrey (MIT License).
|
369 | * https://github.com/bcoin-org/bcrypto
|
370 | *
|
371 | * Parts of this software are based on indutny/hash.js:
|
372 | * Copyright (c) 2014, Fedor Indutny (MIT License).
|
373 | * https://github.com/indutny/hash.js
|
374 | *
|
375 | * Resources:
|
376 | * https://en.wikipedia.org/wiki/SHA-2
|
377 | * https://tools.ietf.org/html/rfc4634
|
378 | * https://github.com/indutny/hash.js/blob/master/lib/hash/sha/256.js
|
379 | */
|
380 |
|
381 | /*!
|
382 | * util.js - encoding utils for javascript
|
383 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
384 | * https://github.com/bcoin-org/bcrypto
|
385 | */
|
386 |
|
387 | /*!
|
388 | * x25519.js - x25519 for bcrypto
|
389 | * Copyright (c) 2018-2019, Christopher Jeffrey (MIT License).
|
390 | * https://github.com/bcoin-org/bcrypto
|
391 | *
|
392 | * Resources:
|
393 | * https://en.wikipedia.org/wiki/Curve25519
|
394 | * https://cr.yp.to/ecdh/curve25519-20060209.pdf
|
395 | * https://tools.ietf.org/html/rfc7748#section-5
|
396 | */
|
397 |
|
398 | /*! *****************************************************************************
|
399 | Copyright (c) Microsoft Corporation. All rights reserved.
|
400 | Licensed under the Apache License, Version 2.0 (the "License"); you may not use
|
401 | this file except in compliance with the License. You may obtain a copy of the
|
402 | License at http://www.apache.org/licenses/LICENSE-2.0
|
403 |
|
404 | THIS CODE IS PROVIDED ON AN *AS IS* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
405 | KIND, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED
|
406 | WARRANTIES OR CONDITIONS OF TITLE, FITNESS FOR A PARTICULAR PURPOSE,
|
407 | MERCHANTABLITY OR NON-INFRINGEMENT.
|
408 |
|
409 | See the Apache Version 2.0 License for specific language governing permissions
|
410 | and limitations under the License.
|
411 | ***************************************************************************** */
|
412 |
|
413 | /*! https://mths.be/punycode v1.4.1 by @mathias */
|
414 |
|
415 | /*! https://mths.be/utf8js v2.1.2 by @mathias */
|
416 |
|
417 | /*! queue-microtask. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
|
418 |
|
419 | /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
|
420 |
|
421 | /*! simple-peer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
|
422 |
|
423 | /**
|
424 | * Timestamp for 64-bit time_t, nanosecond precision and strftime
|
425 | *
|
426 | * @author Yusuke Kawasaki
|
427 | * @license MIT
|
428 | * @see https://github.com/kawanet/timestamp-nano
|
429 | */
|
430 |
|
431 | /**
|
432 | * [js-sha3]{@link https://github.com/emn178/js-sha3}
|
433 | *
|
434 | * @version 0.8.0
|
435 | * @author Chen, Yi-Cyuan [emn178@gmail.com]
|
436 | * @copyright Chen, Yi-Cyuan 2015-2018
|
437 | * @license MIT
|
438 | */
|
439 |
|
440 | //! stable.js 0.1.8, https://github.com/Two-Screen/stable
|
441 |
|
442 | //! © 2018 Angry Bytes and contributors. MIT licensed.
|