coze.min.js.map

{
  "version": 3,
  "sources": ["alg.js", "cryptokey.js", "key.js", "coze.js", "canon.js"],
  "sourcesContent": ["\"use strict\";\n\n// For more documentation and notes, see the main Coze README.\n\nexport {\n\tAlgs,\n\tFamAlgs,\n\tGenAlgs,\n\tCurves,\n\tUses,\n\n\tParams,\n\tCurve,\n\tFamily,\n\tGenus,\n\tHashAlg,\n\tHashSize,\n\tSigSize,\n\tXSize,\n\tDSize,\n\tUse,\n\tCurveOrder,\n\tCurveHalfOrder,\n}\n\n/**\n@typedef {import('./typedef.js').Params}  Params\n@typedef {import('./typedef.js').Alg}     Alg\n@typedef {import('./typedef.js').Hsh}     Hsh\n@typedef {import('./typedef.js').Gen}     Gen\n@typedef {import('./typedef.js').Fam}     Fam\n@typedef {import('./typedef.js').Crv}     Crv\n@typedef {import('./typedef.js').Use}     Use\n*/\n\n/**\nAlgs holds all of the supported Coze algorithms.\n*/\nconst Algs = {\n\tUnknownAlg: \"UnknownAlg\",\n\tES224: \"ES224\",\n\tES256: \"ES256\",\n\tES384: \"ES384\",\n\tES512: \"ES512\",\n\tEd25519: \"Ed25519\",\n\tEd25519ph: \"Ed25519ph\",\n\tEd448: \"Ed448\",\n\tSHA224: \"SHA-224\",\n\tSHA256: \"SHA-256\",\n\tSHA384: \"SHA-384\",\n\tSHA512: \"SHA-512\",\n\tSHA3224: \"SHA3-224\",\n\tSHA3256: \"SHA3-256\",\n\tSHA3384: \"SHA3-384\",\n\tSHA3512: \"SHA3-512\",\n\tSHAKE128: \"SHAKE128\",\n\tSHAKE256: \"SHAKE256\",\n};\n\n/**\nFamAlgs holds all of the supported Coze Family algorithms.\n*/\nconst FamAlgs = {\n\tEC: \"EC\",\n\tSHA: \"SHA\",\n\tRSA: \"RSA\",\n};\n\n/**\nGenAlgs holds all of the supported Coze Genus algorithms.\n*/\nconst GenAlgs = {\n\tECDSA: \"ECDSA\",\n\tEdDSA: \"EdDSA\",\n\tSHA2: \"SHA2\",\n\tSHA3: \"SHA3\",\n};\n\n/**\nCurves holds all of the supported Coze curve algorithms.\n*/\nconst Curves = {\n\tP224: \"P-224\",\n\tP256: \"P-256\",\n\tP384: \"P-384\",\n\tP521: \"P-521\",\n\tCurve25519: \"Curve25519\",\n\tCurve448: \"Curve448\",\n};\n\n/**\nUses holds all of the supported Coze uses.\n*/\nconst Uses = {\n\tSig: \"sig\",\n\tEnc: \"enc\",\n\tHsh: \"hsh\",\n};\n\n/**\nParam reports all relevant values for a given `alg`.\nReturns Params object with populated values for relevant fields.\nAll functions defined in this file will throw an error when given an\nunsupported algorithm.\n@param   {Alg}      alg\n@returns {Params}\n@throws  {error}\n*/\nfunction Params(alg) {\n\t/** @type {Params} */\n\tlet p = {};\n\tp.Name = alg;\n\tp.Genus = Genus(alg);\n\tp.Family = Family(alg);\n\tp.Use = Use(alg);\n\tp.Hash = HashAlg(alg);\n\tp.HashSize = HashSize(alg);\n\tp.HashSizeB64 = Math.ceil(4 * p.HashSize / 3);\n\n\t// SigAlg parameters\n\ttry {\n\t\tp.XSize = XSize(alg);\n\t\tp.XSizeB64 = Math.ceil(4 * p.XSize / 3);\n\t\tp.DSize = DSize(alg);\n\t\tp.DSizeB64 = Math.ceil(4 * p.DSize / 3);\n\t\tp.Curve = Curve(alg);\n\t\tp.SigSize = SigSize(alg);\n\t\tp.SigSizeB64 = Math.ceil(4 * p.SigSize / 3);\n\t} catch (e) {\n\t\t// ignore error\n\t}\n\n\treturn p;\n}\n\n/**\nGenus returns the genus for an alg (ECDSA, EdDSA, SHA-2, SHA-3).\nSee notes on the Go implementation of Coze for more on genus.\n@param   {Alg}   alg\n@returns {Gen}\n@throws  {error}\n*/\nfunction Genus(alg) {\n\tswitch (alg) {\n\t\tcase Algs.ES224:\n\t\tcase Algs.ES256:\n\t\tcase Algs.ES384:\n\t\tcase Algs.ES512:\n\t\t\treturn GenAlgs.ECDSA;\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\tcase Algs.Ed448:\n\t\t\treturn GenAlgs.EdDSA;\n\t\tcase Algs.SHA224:\n\t\tcase Algs.SHA256:\n\t\tcase Algs.SHA384:\n\t\tcase Algs.SHA512:\n\t\t\treturn GenAlgs.SHA2;\n\t\tcase Algs.SHA3224:\n\t\tcase Algs.SHA3256:\n\t\tcase Algs.SHA3384:\n\t\tcase Algs.SHA3512:\n\t\tcase Algs.SHAKE128:\n\t\tcase Algs.SHAKE256:\n\t\t\treturn GenAlgs.SHA3;\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.Genus: unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nFamily returns the family for an alg (EC and SHA).\nSee notes on the Go implementation of Coze for more on family.\n@param   {Alg}     alg\n@returns {Fam}\n@throws  {error}\n*/\nfunction Family(alg) {\n\tswitch (alg) {\n\t\tcase Algs.ES224:\n\t\tcase Algs.ES256:\n\t\tcase Algs.ES384:\n\t\tcase Algs.ES512:\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\tcase Algs.Ed448:\n\t\t\treturn FamAlgs.EC;\n\t\tcase Algs.SHA224:\n\t\tcase Algs.SHA256:\n\t\tcase Algs.SHA384:\n\t\tcase Algs.SHA512:\n\t\tcase Algs.SHA3224:\n\t\tcase Algs.SHA3256:\n\t\tcase Algs.SHA3384:\n\t\tcase Algs.SHA3512:\n\t\tcase Algs.SHAKE128:\n\t\tcase Algs.SHAKE256:\n\t\t\treturn FamAlgs.SHA\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.Family:  unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nHash returns the hashing algorithm for the given algorithm.  A hash alg can\nreturn itself.\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}   alg \n@returns {Hsh}\n@throws  {error}  Unsupported algorithm.  \n*/\nfunction HashAlg(alg) {\n\tswitch (alg) {\n\t\tcase Algs.ES224:\n\t\tcase Algs.SHA224:\n\t\t\treturn Algs.SHA224;\n\t\tcase Algs.SHA256:\n\t\tcase Algs.ES256:\n\t\t\treturn Algs.SHA256;\n\t\tcase Algs.SHA384:\n\t\tcase Algs.ES384:\n\t\t\treturn Algs.SHA384;\n\t\tcase Algs.SHA512:\n\t\tcase Algs.ES512: // P-521 is not ES512/SHA-512.  The curve != the alg/hash.\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\t\treturn Algs.SHA512;\n\t\tcase Algs.SHAKE128:\n\t\t\treturn Algs.SHAKE128\n\t\tcase Algs.SHAKE256:\n\t\tcase Algs.Ed448:\n\t\t\treturn Algs.SHAKE256\n\t\tcase Algs.SHA3224:\n\t\t\treturn Algs.SHA3224\n\t\tcase Algs.SHA3256:\n\t\t\treturn Algs.SHA3256\n\t\tcase Algs.SHA3384:\n\t\t\treturn Algs.SHA3384\n\t\tcase Algs.SHA3512:\n\t\t\treturn Algs.SHA3512\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.HashAlg:  unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nHashSize returns the hashing algorithm size for the given algorithm in bytes\nE.g. 32.\n\nSHAKE128 has 128 bits of pre-collision resistance and a capacity of 256,\nalthough it has arbitrary output size. SHAKE256 has 256 bits of pre-collision\nresistance and a capacity of 512, although it has arbitrary output size.\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}     alg\n@returns {number}\n@throws  {error}\n*/\nfunction HashSize(alg) {\n\tswitch (HashAlg(alg)) {\n\t\tcase Algs.SHA224:\n\t\tcase Algs.SHA3224:\n\t\t\treturn 28;\n\t\tcase Algs.SHA256:\n\t\tcase Algs.SHA3256:\n\t\tcase Algs.SHAKE128:\n\t\t\treturn 32;\n\t\tcase Algs.SHA384:\n\t\tcase Algs.SHA3384:\n\t\t\treturn 48;\n\t\tcase Algs.SHA512:\n\t\tcase Algs.SHA3512:\n\t\tcase Algs.SHAKE256:\n\t\t\treturn 64;\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.HashSize: unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nSigSize returns the signature size for the given algorithm in bytes.\n\nCurve P-521 uses 521 bits.  This is then padded up the the nearest byte (528)\nfor R and S. 132 = (528*2)/8\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}      alg\n@returns {number}\n@throws  {error}\n*/\nfunction SigSize(alg) {\n\tswitch (alg) {\n\t\tcase Algs.ES224:\n\t\t\treturn 56\n\t\tcase Algs.ES256:\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\t\treturn 64\n\t\tcase Algs.ES384:\n\t\t\treturn 96\n\t\tcase Algs.Ed448:\n\t\t\treturn 114\n\t\tcase Algs.ES512:\n\t\t\treturn 132\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.SigSize: unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nXSize returns the signature size for the given signature algorithm in bytes.\nE.g. 64.\n\nES512 uses Curve P-521 that's 521 bits is padded up the the nearest byte\n(528) for R and S. (528*2)/8 = 132.\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}     alg\n@returns {number}\n@throws  {error}\n*/\nfunction XSize(alg) {\n\tswitch (alg) {\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\t\treturn 32\n\t\tcase Algs.ES224:\n\t\t\treturn 56\n\t\tcase Algs.Ed448:\n\t\t\treturn 57\n\t\tcase Algs.ES256:\n\t\t\treturn 64\n\t\tcase Algs.ES384:\n\t\t\treturn 96\n\t\tcase Algs.ES512:\n\t\t\treturn 132 // X and Y are 66 bytes (Rounded up for P521)\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.XSize: unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nDSize returns the signature size for the given signature algorithm in bytes.\nE.g. 64.\n\nES512 uses Curve P-521 that's 521 bits is padded up the the nearest byte\n(528). (528)/8 = 66.\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}     alg\n@returns {number}\n@throws  {error}\n*/\nfunction DSize(alg) {\n\tswitch (alg) {\n\t\tcase Algs.ES224:\n\t\t\treturn 28\n\t\tcase Algs.ES256:\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\t\treturn 32\n\t\tcase Algs.ES384:\n\t\t\treturn 48\n\t\tcase Algs.Ed448:\n\t\t\treturn 57\n\t\tcase Algs.ES512:\n\t\t\treturn 66\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.DSize: unsupported algorithm: \" + alg);\n\t}\n}\n\n/**\nCurve returns the curve algorithm for the given signature algorithm.\nE.g. \"P-256\".\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}    alg \n@returns {Crv}\n@throws  {error}\n*/\nfunction Curve(alg) {\n\tswitch (alg) {\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.Curve: unsupported algorithm: \" + alg);\n\t\tcase Algs.ES224:\n\t\t\treturn Curves.P224;\n\t\tcase Algs.ES256:\n\t\t\treturn Curves.P256;\n\t\tcase Algs.ES384:\n\t\t\treturn Curves.P384;\n\t\tcase Algs.ES512: // P-521 is not ES512/SHA-512.  The curve != the alg/hash.\n\t\t\treturn Curves.P521;\n\t\tcase Algs.Ed25519:\n\t\tcase Algs.Ed25519ph:\n\t\t\treturn Curves.Curve25519;\n\t\tcase Algs.Ed448:\n\t\t\treturn Curves.Curve448;\n\t}\n}\n\n/**\nUse returns the use for the given algorithm.  Only \"sig\", \"enc\", and \"dig\"\nare currently valid.\nEncryption (\"enc\") is currently not supported in Coze.\n\nSee notes on the Go implementation of Coze for more.\n@param   {Alg}     alg \n@returns {Use}\n@throws  {error}\n*/\nfunction Use(alg) {\n\tswitch (Genus(alg)) {\n\t\tdefault:\n\t\t\tthrow new Error(\"alg.Use: unsupported algorithm: \" + alg);\n\t\tcase GenAlgs.EdDSA:\n\t\tcase GenAlgs.ECDSA:\n\t\t\treturn Uses.Sig;\n\t\tcase GenAlgs.SHA2:\n\t\tcase GenAlgs.SHA3:\n\t\t\treturn Uses.Hsh;\n\t}\n}\n\nconst order = { \n\t\"ES224\" : BigInt(\"0xFFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D\"),\n\t\"ES256\" : BigInt(\"0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551\"),\n\t\"ES384\" : BigInt(\"0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973\"),\n\t\"ES512\" : BigInt(\"0x1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409\"),\n}\n\nconst halfOrder = { \n\t\"ES224\" : order[\"ES224\"] >> BigInt(1),\n\t\"ES256\" : order[\"ES256\"] >> BigInt(1),\n\t\"ES384\" : order[\"ES384\"] >> BigInt(1),\n\t\"ES512\" : order[\"ES512\"] >> BigInt(1),\n}\n\n/**\nCurve Order returns the Curve's order.  \n@param   {Alg}     Alg \n@returns {BigInt}\n@throws  {error}\n*/\nfunction CurveOrder(alg) {\n\tswitch (alg) {\n\t\tdefault:\n\t\t\tthrow new Error(\"CurveOrder: unsupported curve: \" + alg);\n\t\tcase  \"ES224\": case \"ES256\": case \"ES384\": case \"ES512\":\n\t\t\treturn order[alg];\n\t}\n}\n\n/** \nCurve Order returns the Curve's order halved.  \n@param   {Alg}     Alg \n@returns {BigInt}\n@throws  {error}\n*/\nfunction CurveHalfOrder(alg) {\n\tswitch (alg) {\n\t\tdefault:\n\t\t\tthrow new Error(\"CurveHalfOrder: unsupported curve: \" + alg);\n\t case  \"ES224\": case \"ES256\": case \"ES384\": case \"ES512\":\n\t\t\treturn halfOrder[alg];\n\t}\n}\n", "\"use strict\";\n\nimport * as Coze from './coze.js';\nimport * as Alg from './alg.js';\nimport * as CZK from './key.js';\nimport {\n\tisEmpty\n} from './coze.js';\n\n\nexport {\n\tCryptoKey,\n\tSigToLowS,\n\tIsSigLowS,\n};\n\n/**\n@typedef {import('./typedef.js').B64}      B64\n@typedef {import('./typedef.js').Alg}      Alg\n@typedef {import('./typedef.js').Sig}      Sig\n@typedef {import('./typedef.js').Hsh}      Hsh\n@typedef {import('./typedef.js').Key}      Key\n@typedef {import('./typedef.js').Crv}      Crv\n@typedef {import('./typedef.js').Msg}      Msg\n*/\n\n\nvar CryptoKey = {\n\t/**\n\tNew returns a ECDSA CryptoKeyPair. \n\thttps://developer.mozilla.org/en-US/docs/Web/API/CryptoKeyPair\n\t@param  {Alg}           [alg=ES256] - Alg of the key to generate. (e.g. \"ES256\")\n\t@return {CryptoKeyPair}\n\t@throws {error}         Error, SyntaxError, DOMException, TypeError\n\t*/\n\tNew: async function(alg) {\n\t\tif (isEmpty(alg)) {\n\t\t\talg = Alg.Algs.ES256;\n\t\t}\n\t\t// Javascript only supports ECDSA, and doesn't support ES192 or ES224.  See\n\t\t// https://developer.mozilla.org/en-US/docs/Web/API/EcdsaParams\n\t\tswitch (alg) {\n\t\t\tcase Alg.Algs.ES256:\n\t\t\tcase Alg.Algs.ES384:\n\t\t\tcase Alg.Algs.ES512:\n\t\t\t\treturn await window.crypto.subtle.generateKey({\n\t\t\t\t\t\tname: Alg.GenAlgs.ECDSA,\n\t\t\t\t\t\tnamedCurve: Alg.Curve(alg)\n\t\t\t\t\t},\n\t\t\t\t\ttrue,\n\t\t\t\t\t[\"sign\", \"verify\"]\n\t\t\t\t);\n\t\t\tdefault:\n\t\t\t\tthrow new Error(\"CryptoKey.New: Unsupported key algorithm:\" + alg);\n\t\t}\n\t},\n\n\t/**\n\tFromCozeKey returns a Javascript CryptoKey from a Coze Key.  Only supports\n\tECDSA because of Crypto.subtle limitations.  Throws error on invalid keys.\n\thttps://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#JSON_Web_Key\n\t@param   {Key}        cozeKey          Coze key.\n\t@param   {boolean}    [public=false]   Return only a public key.\n\t@returns {CryptoKey}\n\t@throws  {error}                Error, SyntaxError, DOMException, TypeError\n\t*/\n\tFromCozeKey: async function(cozeKey, onlyPublic) {\n\t\tif (Alg.Genus(cozeKey.alg) != Alg.GenAlgs.ECDSA) {\n\t\t\tthrow new Error(\"CryptoKey.FromCozeKey: unsupported CryptoKey algorithm: \" + cozeKey.alg);\n\t\t}\n\n\t\t// Create a new JWK that can be used to create and \"import\" a CryptoKey\n\t\tvar jwk = {};\n\t\tjwk.use = Alg.Uses.Sig;\n\t\tjwk.crv = Alg.Curve(cozeKey.alg);\n\t\tjwk.kty = Alg.FamAlgs.EC;\n\n\t\tlet half = Alg.XSize(cozeKey.alg) / 2;\n\t\tlet xyab = await Coze.B64ToUint8Array(cozeKey.x);\n\t\tjwk.x = await Coze.ArrayBufferTo64ut(xyab.slice(0, half));\n\t\tjwk.y = await Coze.ArrayBufferTo64ut(xyab.slice(half));\n\n\t\t// Public CryptoKey \"crypto.subtle.importKey\" needs key use to be \"verify\"\n\t\t// even though this doesn't exist in JWK RFC or IANA registry. (2021/05/12)\n\t\t// Gawd help us.  Private CryptoKey needs key `use` to be \"sign\".\n\t\tif (isEmpty(cozeKey.d) || onlyPublic) {\n\t\t\tvar signOrVerify = \"verify\";\n\t\t} else {\n\t\t\tsignOrVerify = \"sign\";\n\t\t\tjwk.d = cozeKey.d;\n\t\t}\n\n\t\treturn await crypto.subtle.importKey(\n\t\t\t\"jwk\",\n\t\t\tjwk, {\n\t\t\t\tname: Alg.GenAlgs.ECDSA,\n\t\t\t\tnamedCurve: jwk.crv,\n\t\t\t},\n\t\t\ttrue,\n\t\t\t[signOrVerify]\n\t\t);\n\t},\n\n\t/**\n\tToPublic accepts a Javascript CryptoKey and modifies the key to remove\n\tany private components.\n\t@param   {CryptoKey} cryptoKey\n\t@returns {void}\n\t*/\n\tToPublic: async function(cryptoKey) {\n\t\tdelete cryptoKey.d; // Remove private `d` from the key.\n\t\t// Only [\"verify\"] is a valid `key_ops` value for a public CryptoKey.\n\t\t// `key_ops` must be an array.\n\t\tcryptoKey.key_ops = [\"verify\"];\n\t},\n\n\t/**\n\tCryptoKeyToCozeKey returns a Coze Key from Javascript's \"CryptoKey\" type.\n\t(https://developer.mozilla.org/en-US/docs/Web/API/CryptoKey) Coze keys are\n\tsimiliar to JOSE JWK's but has a few significant differences.\n\tSee the Coze docs for more on these differences.\n\t\n\t- Coze Byte-to-string values are always b64ut, \"RFC 4648 base64 URI Safe\n\tTruncated\".\n\t- Coze keys also use the field `alg` to denote everything about the key:\n\tit's use, hashing algorithm, curve, family, signature size, private\n\tcomponent size, public component size, etc...\n\t- A Coze key's Thumbprint's hashing algorithm must always be in alignment\n\twith the alg.  This is unlike JOSE which appears to use SHA-256 even for\n\tkeys that don't use that algorithm.\n\t\n\tThis function currently only supports ECDSA (ES256. ES384, ES512) as\n\tcrypto.subtle only supports these ECDSA algorithms. From Cryptokey,\n\t`exported` key output should is in the following form:\n\t\n\t{\n\t\"crv\": \"P-256\",\n\t\"d\": \"GwJgQIcbB29IfWO46QZwansE5XVVOg_CfafcpGk3K9I\",\n\t\"key_ops\": [\n\t\"sign\",\n\t\"verify\"\n\t],\n\t\"kty\": \"EC\",\n\t\"x\": \"bMgUwXPLFR5WPERFIdUR8f6J9znFlM4fL-TaYr7YNSo\",\n\t\"y\": \"vuU0bE-JafF1zEW_MbL-oaO0eGltDeMHIfc_bxkdCHU\",\n\t\"use\": \"sig\"\n\t}\n\t\n\tSome aspects of the Javascript exported key are in conflict with JOSE. The\n\t`delete`s below are for reference of how out of alignment the Javascript\n\trepresentation is from JOSE.  If for some reason a JOSE representation is\n\trequired, the deletes are suggested.\n\t\n\t`delete exported.key_ops;`\n\t\n\tAccording to RFC 7517 Section 4.3, \"use\" is mutually exclusive with\n\tkey_ops.\n\t\n\t`delete exported[\"ext\"];`\n\t\n\t`ext` is define by the Web Cryptography API and does not appear in the\n\tcore JOSE RFC's.  It stands for \"extractable\".  Since the key is already\n\t\"extracted\" we don't care, and we're not going to burden downstream with\n\tit.  However, this may need to be added again later if the key is further\n\tmanipulated by SubtleCrypto. \n\t\n\tCoze does not use \"crv\", \"kty\", or \"use\" and instead relies solely on\n\t\"alg\". Since alg is not given, it's assumed from `crv` while `kty`is\n\tignored.\n\t\n\tWhy are we exporting to JWK?\n\t1. There's no access to the key fields without exporting. (The\n\tbrowser hides the information from Javascript.)\n\t2. The exporting formats are limited.  \n\t3. Can't export to \"raw\" because \"raw\" appears to only work on public\n\tkeys.  This may be a private key.\n\t@param   {CryptoKey}   cryptoKey \n\t@returns {Key}\n\t@throws  {error}\n\t*/\n\tToCozeKey: async function(cryptoKey) {\n\t\tlet exported = await window.crypto.subtle.exportKey(\n\t\t\t\"jwk\",\n\t\t\tcryptoKey\n\t\t);\n\n\t\tvar czk = {};\n\t\tczk.alg = await CryptoKey.algFromCrv(exported.crv);\n\t\t// Concatenate x and y, but concatenation is done at the byte level, so:\n\t\t// unencode, concatenated, and encoded. \n\t\tlet xui8 = Coze.B64ToUint8Array(exported.x);\n\t\tlet yui8 = Coze.B64ToUint8Array(exported.y);\n\t\tvar xyui8 = new Uint8Array([\n\t\t\t...xui8,\n\t\t\t...yui8,\n\t\t]);\n\t\tczk.x = Coze.ArrayBufferTo64ut(xyui8.buffer);\n\n\t\t// Only private ECDSA keys have `d`.\n\t\tif (exported.hasOwnProperty('d')) {\n\t\t\tczk.d = exported.d;\n\t\t}\n\n\t\tczk.tmb = await CZK.Thumbprint(czk);\n\t\t// console.log(\"exported: \" + JSON.stringify(exported), \"Coze Key: \" + JSON.stringify(czk)); // Debugging\n\t\treturn czk;\n\t},\n\n\t/**\n\tUses a Javascript `CryptoKey` to sign a array buffer.  Returns array buffer\n\tbytes of the signature. Returns empty buffer on error.The signing algorithm's\n\thashing algorithm is used for the digest of the payload.  Coze uses UTF-8.\n\thttps://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#JSON_Web_Key\n\thttps://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/ArrayBuffer\n\t@param   {CryptoKey}      cryptoKey\n\t@param   {ArrayBuffer}    payloadBuffer\n\t@returns {ArrayBuffer}\n\t@throws  {error}\n\t*/\n\tSignBuffer: async function(cryptoKey, arrayBuffer) {\n\t\tlet alg = await CryptoKey.algFromCrv(cryptoKey.algorithm.namedCurve);\n\t\tlet sig = await window.crypto.subtle.sign({\n\t\t\t\tname: Alg.GenAlgs.ECDSA,\n\t\t\t\thash: {\n\t\t\t\t\tname: Alg.HashAlg(alg)\n\t\t\t\t},\n\t\t\t},\n\t\t\tcryptoKey,\n\t\t\tarrayBuffer\n\t\t);\n\n\t\tsig = sigToLowSArrayBuffer(alg, sig);\n\t\treturn sig;\n\t},\n\n\n\t/**\n\tSignBufferB64 signs a buffer with a CryptoKey and returns the b64ut\n\tsignature. The input is hashed before it's signed.\n\tCoze uses UTF-8.\n\t@param   {CryptoKey}   cryptoKey       Private CryptoKey\n\t@param   {ArrayBuffer} arrayBuffer     ArrayBuffer to sign.\n\t@returns {B64}\n\t*/\n\tSignBufferB64: async function(cryptoKey, arrayBuffer) {\n\t\treturn await Coze.ArrayBufferTo64ut(await CryptoKey.SignBuffer(cryptoKey, arrayBuffer));\n\t},\n\n\t/**\n\tSignString signs a string and returns the b64ut signature.\n\tCoze uses UTF-8.\n\t@param   {CryptoKey} cryptoKey      Private key used for signing.\n\t@param   {string}    utf8           String to sign.\n\t@returns {B64}\n\t*/\n\tSignString: async function(cryptoKey, utf8) {\n\t\treturn await CryptoKey.SignBufferB64(cryptoKey, await Coze.SToArrayBuffer(utf8));\n\t},\n\n\t/**\n\tVerifyArrayBuffer verifies an ArrayBuffer msg with an ArrayBuffer sig and\n\tJavascript CryptoKey.\n\tReturns whether or not message is verified by the given key and signature.\n\t@param   {Alg}         alg\n\t@param   {CryptoKey}   cryptoKey           Javascript CryptoKey.\n\t@param   {ArrayBuffer} sig                 Signature.\n\t@param   {ArrayBuffer} msg                 Message.\n\t@returns {boolean}\n\t*/\n\tVerifyArrayBuffer: async function(alg, cryptoKey, msg, sig) {\n\t\t// Currently, CozeJS is only ECDSA.  For ECDSA, only accept low-S\n\t\t// signatures.  \n\t\tif (!(await IsSigLowS(alg, sig))) {\n\t\t\treturn false;\n\t\t}\n\n\t\t// Guarantee key is not private to appease Javascript \uD83D\uDE14:\n\t\tawait CryptoKey.ToPublic(cryptoKey);\n\t\treturn await window.crypto.subtle.verify({\n\t\t\t\tname: Alg.GenAlgs.ECDSA,\n\t\t\t\thash: {\n\t\t\t\t\tname: await CryptoKey.GetSignHashAlgoFromCryptoKey(cryptoKey)\n\t\t\t\t},\n\t\t\t},\n\t\t\tcryptoKey,\n\t\t\tsig,\n\t\t\tmsg);\n\t},\n\n\t/**\n\tVerifyMsg uses a public key to verify a string msg with a b64ut sig.\n\tReturns whether or not the signature is valid.\n\t@param   {Alg}        alg\n\t@param   {CryptoKey}  cryptoKey         Javascript CryptoKey.\n\t@param   {Msg}        msg               String that was signed.\n\t@param   {Sig}        sig               B64 signature.\n\t@returns {boolean}\n\t*/\n\tVerifyMsg: async function(alg, cryptoKey, msg, sig) {\n\t\treturn CryptoKey.VerifyArrayBuffer(alg, cryptoKey, await Coze.SToArrayBuffer(msg), await Coze.B64uToArrayBuffer(sig));\n\t},\n\n\t/**\n\tGetSignHashAlgoFromCryptoKey gets the signing hashing algorithm from the\n\tCryptoKey.\n\tReturns the name of the hashing algorithm. E.g. \"SHA-256\".\n\n\tJavascript's CryptoKey explicitly requires a signing hashing algorithm, but\n\tthe CryptoKey itself may not explicitly contain that information. For\n\texample, a ES256 key will have the curve (P-256) and the general key type\n\t(ECDSA), but the hashing algo is not explicitly stated (SHA-256), nor is\n\tthe algorithm explicitly stated (ES256).\n\n\tHowever, for some CryptoKeys, the hashing algorithm is explicitly stated.\n\tFor example, \"RsaHashedKeyGenParams\" has the field \"hash\" which explicitly\n\tdenotes what hashing algorithm was used.  As of 2021/05/26,\n\t\"EcKeyGenParams\" has no such field, so it must be assumed that certain\n\thashing algorithms are paired with certain curves.\n\n\tThe purpose of this function is to return the correct hashing digest for\n\tall CryptoKeys regardless of their form.\n\t@param   {CryptoKey} CryptoKey  CryptoKey Javascript object.\n\t@returns {Hsh}\n\t@throws  {error}                Fails if alg is not supported.\n\t*/\n\tGetSignHashAlgoFromCryptoKey: async function(cryptoKey) {\n\t\treturn Alg.HashAlg(await CryptoKey.algFromCrv(cryptoKey.algorithm.namedCurve));\n\t},\n\n\t/**\n\talgFromCrv returns a SEAlg from the given curve.\n\tFails if curve is not supported.\n\t@param   {Crv}     src    Curve type. E.g. \"P-256\".\n\t@returns {Alg}\n\t@throws  {error}\n\t*/\n\talgFromCrv: async function(crv) {\n\t\tswitch (crv) {\n\t\t\tcase Alg.Curves.P224:\n\t\t\t\tvar alg = Alg.Algs.ES224;\n\t\t\t\tbreak;\n\t\t\tcase Alg.Curves.P256:\n\t\t\t\talg = Alg.Algs.ES256\n\t\t\t\tbreak;\n\t\t\tcase Alg.Curves.P384:\n\t\t\t\talg = Alg.Algs.ES384;\n\t\t\t\tbreak;\n\t\t\tcase Alg.Curves.P521: // P-521 is not ES512/SHA-512.  The curve != the alg/hash. \n\t\t\t\talg = Alg.Algs.ES512;\n\t\t\t\tbreak;\n\t\t\tdefault:\n\t\t\t\tthrow new Error(\"CryptoKey.ToCozeKey: Unsupported key algorithm.\");\n\t\t}\n\t\treturn alg;\n\t}\n}; // End CryptoKey\n\n\n\n/** \nChecks if S is a \"low-S\".  See the Coze docs on \"Low-S\"\n@param   {Alg}        alg\n@param   {BigInt}     s\n@returns {BigInt}\n@throws  {error}\n*/\nfunction IsLowS(alg, s) {\n\tif (typeof s !== \"bigint\") {\n\t\tthrow new Error(\"IsLowS: s is not of type bigint\");\n\t}\n\treturn Alg.CurveHalfOrder(alg) > s;\n}\n\n/** \nMakes sure that s is a \"low-S\".  See the Coze docs on \"Low-S\" and the Go\npackage's \"ToLowS\" function.  \n@param   {Alg}       alg\n@param   {BigInt}    s\n@returns {BigInt}\n@throws  {error}\n*/\nfunction toLowS(alg, s) {\n\tif (typeof s !== \"bigint\") {\n\t\tthrow new Error(\"toLowS: s is not of type bigint\");\n\t}\n\tif (!IsLowS(alg, s)) {\n\t\treturn Alg.CurveOrder(alg) - s;\n\t}\n\treturn s\n}\n\n/** \nMakes sure that S in sig is a \"low-S\" and converts if needed.  See the Coze docs\non \"low-S\"\n@param   {Alg}      alg\n@param   {Sig}      sig\n@returns {Sig}\n@throws  {error}\n*/\nasync function SigToLowS(alg, sig) {\n\tlet ab = await Coze.B64uToArrayBuffer(sig);\n\tlet lowSSigAB = await sigToLowSArrayBuffer(alg, ab);\n\t return Coze.ArrayBufferTo64ut(lowSSigAB);\n}\n\n/** SigIsLowS checks if S in sig is a \"low-S\".  See the Coze docs on \"low-S\"\n@param   {Alg}      alg\n@param   {Sig}      sig\n@returns {boolean}\n@throws  {error}\n*/\nasync function IsSigLowS(alg, sig) {\n\tlet bigIntS = await sigToS(alg, sig);\n\treturn IsLowS(alg, bigIntS);\n}\n\n/**\nReturns S from sig.  \n@param   {Alg}            alg    Return only a public key.\n@param   {ArrayBuffer}    sig    Sig ArrayBuffer from subtle crypto\n@returns {BigInt}\n@throws  {error}         Error, SyntaxError, DOMException, TypeError\n*/\nfunction sigToS(alg, sig) {\n\tlet half = Alg.SigSize(alg) / 2;\n\tlet s = sig.slice(half);\n\treturn arrayBufferToBigInt(s);\n}\n\n\n/**\nsigToLowSArrayBuffer\n@param   {Alg}            alg    Return only a public key.\n@param   {ArrayBuffer}    sig    Sig ArrayBuffer from subtle crypto\n@returns {ArrayBuffer}\n@throws  {error}         Error, SyntaxError, DOMException, TypeError\n*/\nasync function sigToLowSArrayBuffer(alg, sig) {\n\tlet half = Alg.SigSize(alg) / 2;\n\tlet r = sig.slice(0, half);\n\tlet s = sig.slice(half);\n\tlet bigIntS = arrayBufferToBigInt(s);\n\tlet bigIntNormS = toLowS(alg, bigIntS);\n\t// console.log(\"sig in:\", sig);\n\t// console.log(\"r:\", r);\n\t// console.log(\"s:\", s);\n\t// console.log(\"s hex:\", bigIntS.toString(16).toUpperCase());\n\t// console.log(\"IsLowS: \", IsLowS(alg, bigIntS));\n\t// console.log(\"Before toLowS\", bigIntS)\n\t// console.log(\"After toLowS\", bigIntNormS)\n\tlet normS = bigIntToArrayBuffer(Alg.SigSize(alg) / 2, bigIntNormS);\n\n\t// Add two ArrayBuffers, but it's Javascript so it's hard.  \uD83D\uDE14 This is just\n\t// doing `sig = r + normS`;\n\tvar tmp = new Uint8Array(r.byteLength + normS.byteLength);\n\ttmp.set(new Uint8Array(r), 0);\n\ttmp.set(new Uint8Array(normS), r.byteLength);\n\tsig = tmp.buffer;\n\treturn sig\n}\n\n/** \nConverts a Big Endian ArrayBuffer to BigInt.  \n@param   {ArrayBuffer}         buffer\n@returns {BigInt}         \n*/\nfunction arrayBufferToBigInt(buffer) {\n\tlet result = 0n;\n\tlet a = new Uint8Array(buffer)\n\tfor (let i = 0; i < a.length; i++) {\n\t\tresult = (result << 8n) + BigInt(a[i]);\n\t}\n\treturn result;\n}\n\n/** Converts a BigInt to a Big Endian ArrayBuffer.  \n@param   {size}         int    // Number of bytes to pad the ArrayBuffer \n@param   {Bigint}       bigInt \n@returns {ArrayBuffer}  buffer\n*/\nfunction bigIntToArrayBuffer(size, bigInt) {\n\tconst buffer = new ArrayBuffer(size);\n\tconst view = new DataView(buffer);\n\n\tdo {\n\t\tsize--;\n\t\tview.setUint8(size, Number(bigInt & BigInt(0xff)));\n\t\tbigInt >>= 8n;\n\t} while (size > 0);\n\treturn buffer;\n}", "\"use strict\";\n\nimport * as CTK from './cryptokey.js';\nimport * as Can from './canon.js';\nimport * as Coze from './coze.js';\nimport * as Alg from './alg.js';\nimport {\n\tisEmpty\n} from './coze.js';\n\nexport {\n\tNewKey,\n\tCorrect,\n\tValid,\n\tThumbprint,\n\tRevoke,\n\tIsRevoked,\n\n\t// RecalcX,\n\n\tTmbCanon,\n}\n\n/**\n@typedef {import('./typedef.js').Tmb}  Tmb\n@typedef {import('./typedef.js').Alg}  Alg\n@typedef {import('./typedef.js').Use}  Use\n@typedef {import('./typedef.js').Sig}  Sig\n@typedef {import('./typedef.js').Key}  Key\n */\n\n// Coze key Thumbprint Canons.\nconst TmbCanon = [\"alg\", \"x\"];\n\n/**\nNewKey returns a new Coze key.\nIf no alg is given, the returned key will be an 'ES256' key.\n@param   {Alg}     [alg=ES256] - Alg of the key to generate. (e.g. \"ES256\")\n@returns {Key}\n */\nasync function NewKey(alg) {\n\tif (isEmpty(alg)) {\n\t\talg = Alg.Algs.ES256;\n\t}\n\tif (Alg.Genus(alg) == Alg.GenAlgs.ECDSA) {\n\t\tvar keyPair = await CTK.CryptoKey.New(alg);\n\t} else {\n\t\tthrow new Error(\"Coze.NewKey: only ECDSA algs are currently supported.\");\n\t}\n\n\tlet k = await CTK.CryptoKey.ToCozeKey(keyPair.privateKey);\n\tk.iat = Math.floor(Date.now() / 1000); // To get Unix from js, divide by 1000.\n\tk.tmb = await Thumbprint(k);\n\tk.kid = \"My Cyphr.me Key.\";\n\n\treturn k;\n}\n\n/**\nThumbprint calculates and returns a B64 Coze key thumbprint. Fails on empty\n'alg' or 'x'.\n@param   {Key}   cozeKey\n@returns {Tmb}\n@throws  {error}\n */\nasync function Thumbprint(cozeKey) {\n\tif (isEmpty(cozeKey.alg) || isEmpty(cozeKey.x)) {\n\t\tthrow new Error(\"Coze.Thumbprint: alg or x is empty.\");\n\t}\n\treturn Can.CanonicalHash64(cozeKey, await Alg.HashAlg(cozeKey.alg), TmbCanon);\n};\n\n/**\nValid returns true only for a valid private Coze key.\n@param   {Key}      privateCozeKey  Private Coze key.\n@returns {boolean}\n */\nasync function Valid(privateCozeKey) {\n\tif (isEmpty(privateCozeKey.d)) {\n\t\tconsole.error(\"Coze key missing `d`\");\n\t\treturn false;\n\t}\n\ttry {\n\t\tlet msg = `7AtyaCHO2BAG06z0W1tOQlZFWbhxGgqej4k9-HWP3DE-zshRbrE-69DIfgY704_FDYez7h_rEI1WQVKhv5Hd5Q`;\n\t\tlet sig = await Coze.SignPay(msg, privateCozeKey);\n\t\treturn Coze.VerifyPay(msg, privateCozeKey, sig);\n\t} catch (e) {\n\t\t//console.debug(\"Valid error: \" + e);\n\t\treturn false;\n\t}\n}\n\n/**\nCorrect checks for the correct construction of a Coze key, but may return\ntrue on cryptographically invalid public keys.  Key must have `alg` and at\nleast one of `tmb`, `x`, and `d`. Using input information, if it is possible\nto definitively know the given key is incorrect, Correct returns false, but\nif it's plausible it's correct, Correct returns true. Correct answers the\nquestion: \"Is the given Coze key reasonable using the information provided?\".\nCorrect is useful for sanity checking public keys without signed messages,\nsanity checking `tmb` only keys, and validating private keys. Use function\n\"Verify\" instead for verifying public keys when a signed message is\navailable. Correct is considered an advanced function. Please understand it\nthoroughly before use.\n\nCorrect:\n\n1. Checks the length of `x` and/or `tmb` against `alg`.\n2. If `x` and `tmb` are present, verifies correct `tmb`.\n3. If `d` is present, verifies correct `tmb` and `x` if present, and verifies\nthe key by verifying a generated signature.\n@param   {Key}     ck\n@returns {boolean}\n */\nasync function Correct(ck) {\n\tif (typeof ck !== \"object\") {\n\t\tconsole.error(\"Correct: CozeKey must be passed in as an object.\");\n\t\treturn false;\n\t}\n\n\tif (isEmpty(ck.alg)) {\n\t\tconsole.error(\"Correct: Alg must be set\");\n\t\treturn false;\n\t}\n\n\tlet p = Alg.Params(ck.alg);\n\n\tlet isTmbEmpty = isEmpty(ck.tmb);\n\tlet isXEmpty = isEmpty(ck.x);\n\tlet isDEmpty = isEmpty(ck.d);\n\n\tif (isTmbEmpty && isXEmpty && isDEmpty) {\n\t\tconsole.error(\"Correct: At least one of [x, tmb, d] must be set\");\n\t\treturn false;\n\t}\n\n\t// tmb only key\n\tif (isXEmpty && isDEmpty) {\n\t\tif (isTmbEmpty || ck.tmb.length !== p.HashSizeB64) {\n\t\t\tconsole.error(\"Correct: Incorrect `tmb` size: \", ck.tmb.length);\n\t\t\treturn false;\n\t\t}\n\t\treturn true;\n\t}\n\n\t// d is not set\n\tif (!isXEmpty && ck.x.length !== p.XSizeB64) {\n\t\tconsole.error(\"Correct: Incorrect x size: \", ck.x.length);\n\t\treturn false;\n\t}\n\n\t// We currently do not support recalculating `x`, as subtle does not provide\n\t// the necessary API for computing the points from the private component.\n\t// https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle\n\t//\n\t// See RecalcX docs below\n\t//\n\t// If d and (x and/or tmb) is given, recompute from d and compare:\n\t// let x = RecalcX(ck);\n\n\t// If tmb is set, recompute and compare.\n\tif (!isTmbEmpty && !isXEmpty) {\n\t\tlet t = await Thumbprint(ck);\n\t\tif (ck.tmb !== t) {\n\t\t\tconsole.error(\"Correct: Incorrect given `tmb`: \", ck.tmb);\n\t\t\treturn false;\n\t\t}\n\t}\n\n\t// If private key, validate by signing and verifying.\n\t// `x` must also be populated, for cryptokey, since we do not have RecalcX().\n\tif (!isDEmpty && !isXEmpty) {\n\t\tlet cryptoKey = await CTK.CryptoKey.FromCozeKey(ck);\n\t\tlet mldBuffer = await Coze.SToArrayBuffer(\"Test Signing\")\n\t\tlet sig = await CTK.CryptoKey.SignBuffer(cryptoKey, mldBuffer);\n\t\tlet pubKey = await CTK.CryptoKey.FromCozeKey(ck, true);\n\t\tlet result = await CTK.CryptoKey.VerifyArrayBuffer(ck.alg, pubKey, mldBuffer, sig);\n\n\t\tif (!result) {\n\t\t\tconsole.error(\"Correct: private key invalid.\");\n\t\t\treturn false;\n\t\t}\n\t}\n\n\treturn true;\n};\n\n\n// TODO Support RecalcX if crypto.subtle provides necessary API for computing\n// https://stackoverflow.com/questions/72151096/how-to-derive-public-key-from-private-key-using-webcryptoapi/72153942#72153942\n//\n// scalar/jacobian/affinity from private component.\n// Alternatively, use noble.\n// function RecalcX(ck) {\n// \tlet x;\n// \tswitch (ck.alg) {\n// \t\tcase \"ES256\":\n// \t\tcase \"ES384\":\n// \t\tcase \"ES512\":\n// \t\t\tbreak;\n// \t\tdefault:\n// \t\t\tx = null;\n// \t}\n\n// \treturn x;\n// }\n\n\n/**\nRevoke generates a self revoke message and sets the input key as revoked.\n'rvk' will be set on given cozeKey.\n@param   {Key}       cozeKey  Private Coze key.\n@param   {string}    [msg]    Optional, human readable non programmatic reason for revoking the key.\n@returns {Coze}               Signed revoke Coze.\n@throws  {error}              Fails if cryptoKeyPrivate is nil or invalid.\n */\nasync function Revoke(cozeKey, msg) {\n\tif (isEmpty(cozeKey)) {\n\t\tthrow new Error(\"CozeKey.Revoke: Private key not set.  Cannot sign message\");\n\t}\n\n\tvar coze = {};\n\tcoze.pay = {};\n\tif (!isEmpty(msg)) { // Optional revoke message. \n\t\tcoze.pay.msg = msg;\n\t}\n\tcoze.pay.rvk = Math.round((Date.now() / 1000)); // Javascript's Date converted to Unix time.\n\n\t// SignCoze does not allow revoked keys to sign messages.  Temporarily remove\n\t// key.revoke and then set back afterward, otherwise set key with new revoke. \n\tlet prevRvk = cozeKey.rvk;\n\tdelete cozeKey.rvk;\n\tcoze = await Coze.Sign(coze, cozeKey);\n\tif (prevRvk !== undefined) {\n\t\tcozeKey.rvk = prevRvk;\n\t} else {\n\t\tcozeKey.rvk = coze.pay.rvk;\n\t}\n\n\treturn coze\n};\n\n/**\nIsRevoked returns true if a key or a coze is marked as revoked. `rvk` should\nbe an integer Unix timestamp, however this function also checks for the\nstring \"true\" as well as the bool `true`.\n\nMessages self-revoking keys must have `rvk` with an integer value greater\nthan 0.  \n@param   {Key|Coze}       cozeKey  Coze key or coze object.\n@param   {string}         [msg]    Optional reason for revoking the key.\n@returns {boolean}\n */\nfunction IsRevoked(cozeKey) {\n\tif (isEmpty(cozeKey.rvk) || !(parseInt(cozeKey.rvk) > 0)) {\n\t\treturn false;\n\t}\n\treturn true;\n};", "\"use strict\";\n\nimport * as Can from './canon.js'; // import as \"Can\" since func \"Canon\" will conflict in `coze.join.js`.\nimport * as Enum from './alg.js';\nimport * as CZK from './key.js';\nimport * as CTK from './cryptokey.js';\n\nexport {\n\tSign,\n\tSignPay,\n\tSignCozeRaw,\n\tVerify,\n\tVerifyPay,\n\tMeta,\n\n\t// Base conversion\n\tSToArrayBuffer,\n\tB64uToArrayBuffer,\n\tB64ToUint8Array,\n\tArrayBufferTo64ut,\n\n\t// Helpers\n\tisEmpty,\n\n\tPayCanon,\n}\n\n/**\n@typedef {import('./typedef.js').Alg}            Alg\n@typedef {import('./typedef.js').B64}            B64\n@typedef {import('./typedef.js').Coze}           Coze\n@typedef {import('./typedef.js').Pay}            Pay\n@typedef {import('./typedef.js').Sig}            Sig\n@typedef {import('./typedef.js').Key}            Key\n@typedef {import('./typedef.js').Can}            Can\n@typedef {import('./typedef.js').Meta}           Meta\n@typedef {import('./typedef.js').VerifiedArray}  VerifiedArray\n */\n\n// PayCanon is the standard coze.pay fields.\nconst PayCanon = [\"alg\", \"iat\", \"tmb\", \"typ\"];\n\n\n/**\nSignCoze signs in place coze.pay.  It populates/replaces alg and tmb using\nthe given private Coze key and populates/updates iat. Returns the same, but\nupdated, coze.  The optional canon is used to canonicalize pay before\nsigning.  If needing a coze without alg, tmb, or iat, use SignCozeRaw.  \n\nSignCoze, SignCozeRaw, and VerifyCoze assumes that object has no duplicate\nfields since this is disallowed in Javascript.\n@param   {Coze}      coze       Object coze.\n@param   {Key}       cozeKey    A private coze key.\n@param   {Can}       [canon]    Array for canonical keys.\n@returns {Coze}                 Coze that may have been modified from given.\n@throws  {error}                Fails on invalid key, parse error, mismatch fields.\n */\nasync function Sign(coze, cozeKey, canon) {\n\tconsole.log()\n\tif (CZK.IsRevoked(cozeKey)) {\n\t\tthrow new Error(\"SignCoze: Cannot sign with revoked key.\");\n\t}\n\n\tcoze.pay.alg = cozeKey.alg;\n\tcoze.pay.tmb = await CZK.Thumbprint(cozeKey);\n\tcoze.pay.iat = Math.round((Date.now() / 1000)); // Javascript's Date converted to Unix time.\n\n\tif (!isEmpty(canon)) {\n\t\tcoze.pay = await Can.Canonical(coze.pay, canon);\n\t}\n\n\tcoze.sig = await SignPay(JSON.stringify(coze.pay), cozeKey);\n\treturn coze;\n}\n\n\n\n/**\nSignPay signs message with private Coze key and returns b64ut sig.\n@param   {Pay}       pay      ay. e.g. `{\"alg\"...}` May also be any message.  \n@param   {Key}       cozeKey\n@returns {Sig}\n@throws  {error}     Error, SyntaxError, DOMException, TypeError\n */\nasync function SignPay(pay, cozeKey) {\n\treturn CTK.CryptoKey.SignBufferB64(\n\t\tawait CTK.CryptoKey.FromCozeKey(cozeKey),\n\t\tawait SToArrayBuffer(pay)\n\t);\n}\n\n\n\n/**\nSignCozeRaw signs in place coze.pay with a private Coze key, but unlike\nSignCoze, does not set `alg`, `tmb` or `iat`. The optional canon is used to\ncanonicalize pay before signing. \n@param   {Coze}      coze       Object coze.\n@param   {Key}       cozeKey    A private coze key.\n@param   {Can}     [canon]    Array for canonical keys.\n@returns {Coze}                 Coze with new `sig` and canonicalized `pay`.\n@throws  {error}                Fails on rvk or mismatch `alg` or `tmb`.\n */\nasync function SignCozeRaw(coze, cozeKey, canon) {\n\tif (CZK.IsRevoked(cozeKey)) {\n\t\tthrow new Error(\"SignCozeRaw: Cannot sign with revoked key.\");\n\t}\n\tif (!isEmpty(coze.pay.alg) && coze.pay.alg !== cozeKey.alg) {\n\t\tthrow new Error(\"SignCozeRaw: Coze key alg mismatch with coze.pay.alg.\");\n\t}\n\tif (!isEmpty(coze.pay.tmb) && coze.pay.tmb !== cozeKey.tmb) {\n\t\tthrow new Error(\"SignCozeRaw: Coze key tmb mismatch with coze.pay.tmb.\");\n\t}\n\n\tif (!isEmpty(canon)) {\n\t\tcoze.pay = await Can.Canonical(coze.pay, canon);\n\t}\n\tcoze.sig = await SignPay(JSON.stringify(coze.pay), cozeKey);\n\treturn coze;\n}\n\n\n/**\nVerifyCoze returns a whether or not the Coze is valid. coze.sig must be set.\nIf set, pay.alg and pay.tmb must match with cozeKey.\n@param  {Coze}     coze         Coze with signed pay. e.g. `{\"pay\":..., \"sig\":...}`\n@param  {Key}      [cozeKey]    Public Coze key for verification.\n@param  {Sig}      [sig]        Signature.\n@return {boolean}\n@throws {error}\n */\nasync function Verify(coze, cozeKey) {\n\tif (!isEmpty(coze.pay.alg) && coze.pay.alg !== cozeKey.alg) {\n\t\tthrow new Error(\"VerifyCoze: Coze key alg mismatch with coze.pay.alg.\");\n\t}\n\tif (!isEmpty(coze.pay.tmb) && coze.pay.tmb !== cozeKey.tmb) {\n\t\tthrow new Error(\"VerifyCoze: Coze key tmb mismatch with coze.pay.tmb.\");\n\t}\n\treturn VerifyPay(JSON.stringify(coze.pay), cozeKey, coze.sig);\n}\n\n\n/**\nVerifyPay verifies a `pay` with `sig` and returns whether or not the message is\nverified. Verify does no Coze checks.  If checks are needed, use\nVerify(); \n@param  {Pay}       pay        pay. e.g. `{\"alg\"...}`  May also be any message.  \n@param  {Key}       cozekey    Coze key for validation.\n@param  {Sig}       sig        Signature.\n@return {boolean}\n@throws {error}\n */\nasync function VerifyPay(pay, cozekey, sig) {\n\treturn CTK.CryptoKey.VerifyMsg(\n\t\tcozekey.alg,\n\t\tawait CTK.CryptoKey.FromCozeKey(cozekey, true),\n\t\tpay,\n\t\tsig,\n\t);\n};\n\n\n\n/**\nMeta calculates a Meta object with the fields [alg,iat,tmb,typ,can,cad,sig,czd]\nderived from the given coze. Meta always calculates `can`, `cad`, if populated\nfrom pay [alg,iat,tmb,typ] are copied, and calculates `czd` if `sig` is set. Pay\nmust be set even if it is an empty object. Either Coze.Pay.Alg or parameter alg\nmust be set. If Coze.Sig is populated, `czd` is set. The empty coze (A coze with\nan empty pay but sig is set) is legitimate input for Meta.  \n\nErrors when\n1. Pay doesn't exist. \n2. No alg is given (both coze.pay.alg and alg are empty).\n3. Pay.Alg doesn't match parameter alg if both are set.\n\nMeta does no cryptographic verification.\n@param  {Coze}      coze     coze.\n@param  {Alg}       [alg]    coze.pay.alg takes precedence.\n@return {Meta}               Meta object [alg,iat,tmb,typ,can,cad,sig,czd].\n@throws {error}              \n */\nasync function Meta(coze, alg) {\n\tif (isEmpty(coze.pay)) {\n\t\tthrow new Error(\"Meta: coze.pay must exist.\")\n\t}\n\tlet meta = {}\n\n\t// Alg check section. Assumes later call to CanonicalHas64() errors on bad or empty alg.  \n\tif (isEmpty(alg)) {\n\t\tif (isEmpty(coze.pay.alg)) {\n\t\t\tthrow new Error(\"Meta: either coze.pay.alg or parameter alg must be set.\")\n\t\t}\n\t\tmeta.alg = coze.pay.alg\n\t} else {\n\t\tmeta.alg = alg\n\t}\n\tif (!isEmpty(coze.pay.alg) && meta.alg !== coze.pay.alg) {\n\t\tthrow new Error(`Meta: coze.pay.alg (${coze.pay.alg}) and parameter alg (${alg}) do not match. `)\n\t}\n\n\tif (!isEmpty(coze.pay.iat)) {\n\t\tmeta.iat = coze.pay.iat\n\t}\n\tif (!isEmpty(coze.pay.tmb)) {\n\t\tmeta.tmb = coze.pay.tmb\n\t}\n\tif (!isEmpty(coze.pay.typ)) {\n\t\tmeta.typ = coze.pay.typ\n\t}\n\n\tmeta.can = await Can.Canon(coze.pay)\n\tmeta.cad = await Can.CanonicalHash64(coze.pay, Enum.HashAlg(meta.alg));\n\tif (!isEmpty(coze.sig)) {\n\t\tmeta.sig = coze.sig\n\t\tmeta.czd = await Can.CanonicalHash64({\n\t\t\tcad: meta.cad,\n\t\t\tsig: meta.sig\n\t\t}, Enum.HashAlg(meta.alg));\n\t}\n\n\treturn meta;\n}\n\n\n///////////////////////////////////\n// Base Conversion\n///////////////////////////////////\n\n/**\nConverts a string (UTF-8) to an ArrayBuffer.\n@param  {string}        string\n@return {ArrayBuffer}\n */\nasync function SToArrayBuffer(string) {\n\treturn new TextEncoder().encode(string).buffer; // Suppose to be always in UTF-8\n}\n\n/**\nB64uToArrayBuffer takes a b64 (truncated or not truncated, padded or not\npadded) UTF-8 string and decodes it to an ArrayBuffer.\n@param   {B64}          string \n@returns {ArrayBuffer}\n */\nfunction B64uToArrayBuffer(string) {\n\treturn B64ToUint8Array(string).buffer;\n};\n\n/**\nB64ToUint8Array takes a b64 string (truncated or not truncated, padded or not\npadded) and decodes it back into a string.\n@param   {B64}          string \n@returns {Uint8Array}\n */\nfunction B64ToUint8Array(string) {\n\t// Make sure that the encoding is canonical.  See issue \"Enforce Canonical\n\t// Base64 encoding\" https://github.com/Cyphrme/Coze/issues/18. Alternatively\n\t// to this method, we could write our own encoder as Mozilla suggests.\n\t// https://developer.mozilla.org/en-US/docs/Glossary/Base64#solution_1_%E2%80%93_escaping_the_string_before_encoding_it\n\tstring = string.replace(/-/g, '+').replace(/_/g, '/')\n\n\tlet reencode = btoa(atob(string)).replace(/=/g, '')\n\tif (reencode !== string) {\n\t\tthrow new Error('Non-canonical base64 string');\n\t}\n\n\t// atob doesn't care about the padding character '=', but does not like URI\n\t// encoding.  \n\treturn Uint8Array.from(atob(string), c => c.charCodeAt(0));\n};\n\n/**\nArrayBufferTo64ut returns a b64 string from an Array buffer.\n@param   {ArrayBuffer} buffer  Arbitrary bytes. UTF-16 is Javascript native.\n@returns {B64}\n */\nfunction ArrayBufferTo64ut(buffer) {\n\treturn btoa(String.fromCharCode.apply(null, new Uint8Array(buffer))).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\n\n///////////////////////////////////\n// Helpers - Taken from Cyphr.me\n///////////////////////////////////\n\n/**\nisEmpty is a helper function to determine if thing is empty. \n\nFunctions are considered always not empty. \n\nArrays: Only if an array has no elements it is empty.  isEmpty does not check\nelement contents.  (For item contents, do: `isEmpty(array[0])`)\n\nObjects are empty if they have no keys. (Returns len === 0 of object keys.)\n\nNaN returns true.  (NaN === NaN is always false, as NaN is never equal to\nanything. NaN is the only JavaScript value unequal to itself.)\n\nDon't use on HTMl elements. For HTML elements, use the !== equality check\n(element !== null). TODO fix this\n\nCannot use CryptoKey with this function since (len === 0) always. \n@param   {any}     thing    Thing you wish was empty.  \n@returns {boolean}          Boolean.  \n*/\nfunction isEmpty(thing) {\n\tif (typeof thing === 'function') {\n\t\treturn false\n\t}\n\n\tif (Array.isArray(thing)) {\n\t\tif (thing.length == 0) {\n\t\t\treturn true\n\t\t}\n\t}\n\n\tif (thing === Object(thing)) {\n\t\tif (Object.keys(thing).length === 0) {\n\t\t\treturn true\n\t\t}\n\t\treturn false\n\t}\n\n\tif (!isBool(thing)) {\n\t\treturn true\n\t}\n\treturn false\n}\n\n\n/**\nisBool is a helper function to determine boolean.  \n\nJavascript, instead of considering everything false except a few key words,\ndecided everything is true instead of a few key words.  Why?  Because\nJavascript.  This function inverts that assumption, so that everything can be\nconsidered false unless true. \n@param   {any}      bool   Thing that you wish was a boolean.  \n@returns {boolean}         An actual boolean.\n*/\nfunction isBool(bool) {\n\tif (\n\t\tbool === false ||\n\t\tbool === \"false\" ||\n\t\tbool === undefined ||\n\t\tbool === \"undefined\" ||\n\t\tbool === \"\" ||\n\t\tbool === 0 ||\n\t\tbool === \"0\" ||\n\t\tbool === null ||\n\t\tbool === \"null\" ||\n\t\tbool === \"NaN\" ||\n\t\tNumber.isNaN(bool) ||\n\t\tbool === Object(bool) // isObject\n\t) {\n\t\treturn false\n\t}\n\treturn true\n}", "\"use strict\";\n\nimport {\n\tisEmpty,\n\tSToArrayBuffer,\n\tArrayBufferTo64ut\n} from './coze.js';\n\nexport {\n\tCanon,\n\tCanonical,\n\tCanonicalS,\n\tCanonicalHash,\n\tCanonicalHash64,\n}\n\n/**\n@typedef {import('./typedef.js').Hsh}     Hsh\n@typedef {import('./typedef.js').Dig}     Dig\n@typedef {import('./typedef.js').Can}     Can\n */\n\n/**\nCanon returns the canon from first level object keys.\n@param   {object} obj      Object to create the canon from.\n@returns {Can}\n */\nfunction Canon(obj) {\n\treturn Object.keys(obj);\n}\n\n/**\nCanon canonicalizes the first level of \"object\" into the form of \"can\". \n\nCan may be an array or object.  If object, only the first level keys are used as\ncanon.  If given cannon is array, array is converted to object for field\ndeduplication.\n@param   {object}         object    Object to be canonicalized.\n@param   {Can|object}     [can]     Array|Object canon.\n@returns {object}                   Canonicalized object.\n@throws  {error}                    Fails on invalid canon.\n */\nasync function Canonical(object, can) {\n\tif (isEmpty(can)) {\n\t\treturn object;\n\t}\n\tlet obj = {};\n\tfor (const e of can) {\n\t\tobj[e] = object[e];\n\t}\n\treturn obj;\n}\n\n/**\nCanonicalS canonicalizes obj and returns a JSON string.\n@param   {object}   obj\n@param   {Can}      [can]\n@returns {string}\n@throws  {error}\n */\nasync function CanonicalS(obj, can) {\n\treturn JSON.stringify(await Canonical(obj, can));\n}\n\n/**\nCanonicalHash puts input into canonical form and returns the array buffer of\nthe digest.\n@param   {object}        input     Object being canonicalized.\n@param   {Hsh}           hash      Must be SubtleCrypto.digest() compatible (i.e. 'SHA-256').\n@param   {Can}           [can]     Array for canonical keys.\n@returns {ArrayBuffer}             ArrayBuffer of the digest.\n@throws  {error}                   Fails if hash is not given or invalid for SubtleCrypto.digest().\n */\nasync function CanonicalHash(input, hash, can) {\n\tif (isEmpty(hash)) {\n\t\tthrow new Error(\"Hash is not given\");\n\t}\n\treturn await crypto.subtle.digest(hash, await SToArrayBuffer(await CanonicalS(input, can)));\n}\n\n/**\nCanonicalHash64 wraps CanonicalHash to return b64ut digest. \n@param   {object}         obj\n@param   {Hsh}            hash\n@param   {Can}            [canon]\n@returns {Dig}\n@throws  {error}\n */\nasync function CanonicalHash64(obj, hash, can) {\n\treturn await ArrayBufferTo64ut(await CanonicalHash(obj, hash, can));\n}"],
  "mappings": "AAsCA,IAAMA,EAAO,CACZ,WAAY,aACZ,MAAO,QACP,MAAO,QACP,MAAO,QACP,MAAO,QACP,QAAS,UACT,UAAW,YACX,MAAO,QACP,OAAQ,UACR,OAAQ,UACR,OAAQ,UACR,OAAQ,UACR,QAAS,WACT,QAAS,WACT,QAAS,WACT,QAAS,WACT,SAAU,WACV,SAAU,UACX,EAKMC,EAAU,CACf,GAAI,KACJ,IAAK,MACL,IAAK,KACN,EAKMC,EAAU,CACf,MAAO,QACP,MAAO,QACP,KAAM,OACN,KAAM,MACP,EAKMC,EAAS,CACd,KAAM,QACN,KAAM,QACN,KAAM,QACN,KAAM,QACN,WAAY,aACZ,SAAU,UACX,EAKMC,EAAO,CACZ,IAAK,MACL,IAAK,MACL,IAAK,KACN,EAWA,SAASC,EAAOC,EAAK,CAEpB,IAAIC,EAAI,CAAC,EACTA,EAAE,KAAOD,EACTC,EAAE,MAAQC,EAAMF,CAAG,EACnBC,EAAE,OAASE,EAAOH,CAAG,EACrBC,EAAE,IAAMG,EAAIJ,CAAG,EACfC,EAAE,KAAOI,EAAQL,CAAG,EACpBC,EAAE,SAAWK,EAASN,CAAG,EACzBC,EAAE,YAAc,KAAK,KAAK,EAAIA,EAAE,SAAW,CAAC,EAG5C,GAAI,CACHA,EAAE,MAAQM,EAAMP,CAAG,EACnBC,EAAE,SAAW,KAAK,KAAK,EAAIA,EAAE,MAAQ,CAAC,EACtCA,EAAE,MAAQO,EAAMR,CAAG,EACnBC,EAAE,SAAW,KAAK,KAAK,EAAIA,EAAE,MAAQ,CAAC,EACtCA,EAAE,MAAQQ,EAAMT,CAAG,EACnBC,EAAE,QAAUS,EAAQV,CAAG,EACvBC,EAAE,WAAa,KAAK,KAAK,EAAIA,EAAE,QAAU,CAAC,CAC3C,MAAE,CAEF,CAEA,OAAOA,CACR,CASA,SAASC,EAAMF,EAAK,CACnB,OAAQA,EAAK,CACZ,KAAKN,EAAK,MACV,KAAKA,EAAK,MACV,KAAKA,EAAK,MACV,KAAKA,EAAK,MACT,OAAOE,EAAQ,MAChB,KAAKF,EAAK,QACV,KAAKA,EAAK,UACV,KAAKA,EAAK,MACT,OAAOE,EAAQ,MAChB,KAAKF,EAAK,OACV,KAAKA,EAAK,OACV,KAAKA,EAAK,OACV,KAAKA,EAAK,OACT,OAAOE,EAAQ,KAChB,KAAKF,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,SACV,KAAKA,EAAK,SACT,OAAOE,EAAQ,KAChB,QACC,MAAM,IAAI,MAAM,qCAAuCI,CAAG,CAC5D,CACD,CASA,SAASG,EAAOH,EAAK,CACpB,OAAQA,EAAK,CACZ,KAAKN,EAAK,MACV,KAAKA,EAAK,MACV,KAAKA,EAAK,MACV,KAAKA,EAAK,MACV,KAAKA,EAAK,QACV,KAAKA,EAAK,UACV,KAAKA,EAAK,MACT,OAAOC,EAAQ,GAChB,KAAKD,EAAK,OACV,KAAKA,EAAK,OACV,KAAKA,EAAK,OACV,KAAKA,EAAK,OACV,KAAKA,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,QACV,KAAKA,EAAK,SACV,KAAKA,EAAK,SACT,OAAOC,EAAQ,IAChB,QACC,MAAM,IAAI,MAAM,uCAAyCK,CAAG,CAC9D,CACD,CAUA,SAASK,EAAQL,EAAK,CACrB,OAAQA,EAAK,CACZ,KAAKN,EAAK,MACV,KAAKA,EAAK,OACT,OAAOA,EAAK,OACb,KAAKA,EAAK,OACV,KAAKA,EAAK,MACT,OAAOA,EAAK,OACb,KAAKA,EAAK,OACV,KAAKA,EAAK,MACT,OAAOA,EAAK,OACb,KAAKA,EAAK,OACV,KAAKA,EAAK,MACV,KAAKA,EAAK,QACV,KAAKA,EAAK,UACT,OAAOA,EAAK,OACb,KAAKA,EAAK,SACT,OAAOA,EAAK,SACb,KAAKA,EAAK,SACV,KAAKA,EAAK,MACT,OAAOA,EAAK,SACb,KAAKA,EAAK,QACT,OAAOA,EAAK,QACb,KAAKA,EAAK,QACT,OAAOA,EAAK,QACb,KAAKA,EAAK,QACT,OAAOA,EAAK,QACb,KAAKA,EAAK,QACT,OAAOA,EAAK,QACb,QACC,MAAM,IAAI,MAAM,wCAA0CM,CAAG,CAC/D,CACD,CAeA,SAASM,EAASN,EAAK,CACtB,OAAQK,EAAQL,CAAG,EAAG,CACrB,KAAKN,EAAK,OACV,KAAKA,EAAK,QACT,MAAO,IACR,KAAKA,EAAK,OACV,KAAKA,EAAK,QACV,KAAKA,EAAK,SACT,MAAO,IACR,KAAKA,EAAK,OACV,KAAKA,EAAK,QACT,MAAO,IACR,KAAKA,EAAK,OACV,KAAKA,EAAK,QACV,KAAKA,EAAK,SACT,MAAO,IACR,QACC,MAAM,IAAI,MAAM,wCAA0CM,CAAG,CAC/D,CACD,CAaA,SAASU,EAAQV,EAAK,CACrB,OAAQA,EAAK,CACZ,KAAKN,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACV,KAAKA,EAAK,QACV,KAAKA,EAAK,UACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,KACR,KAAKA,EAAK,MACT,MAAO,KACR,QACC,MAAM,IAAI,MAAM,uCAAyCM,CAAG,CAC9D,CACD,CAcA,SAASO,EAAMP,EAAK,CACnB,OAAQA,EAAK,CACZ,KAAKN,EAAK,QACV,KAAKA,EAAK,UACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,KACR,QACC,MAAM,IAAI,MAAM,qCAAuCM,CAAG,CAC5D,CACD,CAcA,SAASQ,EAAMR,EAAK,CACnB,OAAQA,EAAK,CACZ,KAAKN,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACV,KAAKA,EAAK,QACV,KAAKA,EAAK,UACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,KAAKA,EAAK,MACT,MAAO,IACR,QACC,MAAM,IAAI,MAAM,qCAAuCM,CAAG,CAC5D,CACD,CAWA,SAASS,EAAMT,EAAK,CACnB,OAAQA,EAAK,CACZ,QACC,MAAM,IAAI,MAAM,qCAAuCA,CAAG,EAC3D,KAAKN,EAAK,MACT,OAAOG,EAAO,KACf,KAAKH,EAAK,MACT,OAAOG,EAAO,KACf,KAAKH,EAAK,MACT,OAAOG,EAAO,KACf,KAAKH,EAAK,MACT,OAAOG,EAAO,KACf,KAAKH,EAAK,QACV,KAAKA,EAAK,UACT,OAAOG,EAAO,WACf,KAAKH,EAAK,MACT,OAAOG,EAAO,QAChB,CACD,CAYA,SAASO,EAAIJ,EAAK,CACjB,OAAQE,EAAMF,CAAG,EAAG,CACnB,QACC,MAAM,IAAI,MAAM,mCAAqCA,CAAG,EACzD,KAAKJ,EAAQ,MACb,KAAKA,EAAQ,MACZ,OAAOE,EAAK,IACb,KAAKF,EAAQ,KACb,KAAKA,EAAQ,KACZ,OAAOE,EAAK,GACd,CACD,CAEA,IAAMa,EAAQ,CACb,MAAU,OAAO,4DAA4D,EAC7E,MAAU,OAAO,oEAAoE,EACrF,MAAU,OAAO,oGAAoG,EACrH,MAAU,OAAO,uIAAuI,CACzJ,EAEMC,EAAY,CACjB,MAAUD,EAAM,OAAY,OAAO,CAAC,EACpC,MAAUA,EAAM,OAAY,OAAO,CAAC,EACpC,MAAUA,EAAM,OAAY,OAAO,CAAC,EACpC,MAAUA,EAAM,OAAY,OAAO,CAAC,CACrC,EAQA,SAASE,EAAWb,EAAK,CACxB,OAAQA,EAAK,CACZ,QACC,MAAM,IAAI,MAAM,kCAAoCA,CAAG,EACxD,IAAM,QAAS,IAAK,QAAS,IAAK,QAAS,IAAK,QAC/C,OAAOW,EAAMX,EACf,CACD,CAQA,SAASc,EAAed,EAAK,CAC5B,OAAQA,EAAK,CACZ,QACC,MAAM,IAAI,MAAM,sCAAwCA,CAAG,EAC5D,IAAM,QAAS,IAAK,QAAS,IAAK,QAAS,IAAK,QAC/C,OAAOY,EAAUZ,EACnB,CACD,CCvbA,IAAIe,EAAY,CAQf,IAAK,eAAeC,EAAK,CAMxB,OALIC,EAAQD,CAAG,IACdA,EAAUE,EAAK,OAIRF,EAAK,CACZ,KAASE,EAAK,MACd,KAASA,EAAK,MACd,KAASA,EAAK,MACb,OAAO,MAAM,OAAO,OAAO,OAAO,YAAY,CAC5C,KAAUC,EAAQ,MAClB,WAAgBC,EAAMJ,CAAG,CAC1B,EACA,GACA,CAAC,OAAQ,QAAQ,CAClB,EACD,QACC,MAAM,IAAI,MAAM,4CAA8CA,CAAG,CACnE,CACD,EAWA,YAAa,eAAeK,EAASC,EAAY,CAChD,GAAQC,EAAMF,EAAQ,GAAG,GAASF,EAAQ,MACzC,MAAM,IAAI,MAAM,2DAA6DE,EAAQ,GAAG,EAIzF,IAAIG,EAAM,CAAC,EACXA,EAAI,IAAUC,EAAK,IACnBD,EAAI,IAAUJ,EAAMC,EAAQ,GAAG,EAC/BG,EAAI,IAAUE,EAAQ,GAEtB,IAAIC,EAAWC,EAAMP,EAAQ,GAAG,EAAI,EAChCQ,EAAO,MAAWC,EAAgBT,EAAQ,CAAC,EAO/C,GANAG,EAAI,EAAI,MAAWO,EAAkBF,EAAK,MAAM,EAAGF,CAAI,CAAC,EACxDH,EAAI,EAAI,MAAWO,EAAkBF,EAAK,MAAMF,CAAI,CAAC,EAKjDV,EAAQI,EAAQ,CAAC,GAAKC,EACzB,IAAIU,EAAe,cAEnBA,EAAe,OACfR,EAAI,EAAIH,EAAQ,EAGjB,OAAO,MAAM,OAAO,OAAO,UAC1B,MACAG,EAAK,CACJ,KAAUL,EAAQ,MAClB,WAAYK,EAAI,GACjB,EACA,GACA,CAACQ,CAAY,CACd,CACD,EAQA,SAAU,eAAeC,EAAW,CACnC,OAAOA,EAAU,EAGjBA,EAAU,QAAU,CAAC,QAAQ,CAC9B,EAkEA,UAAW,eAAeA,EAAW,CACpC,IAAIC,EAAW,MAAM,OAAO,OAAO,OAAO,UACzC,MACAD,CACD,EAEA,IAAIE,EAAM,CAAC,EACXA,EAAI,IAAM,MAAMpB,EAAU,WAAWmB,EAAS,GAAG,EAGjD,IAAIE,EAAYN,EAAgBI,EAAS,CAAC,EACtCG,EAAYP,EAAgBI,EAAS,CAAC,EAC1C,IAAII,EAAQ,IAAI,WAAW,CAC1B,GAAGF,EACH,GAAGC,CACJ,CAAC,EACD,OAAAF,EAAI,EAASJ,EAAkBO,EAAM,MAAM,EAGvCJ,EAAS,eAAe,GAAG,IAC9BC,EAAI,EAAID,EAAS,GAGlBC,EAAI,IAAM,MAAUI,EAAWJ,CAAG,EAE3BA,CACR,EAaA,WAAY,eAAeF,EAAWO,EAAa,CAClD,IAAIxB,EAAM,MAAMD,EAAU,WAAWkB,EAAU,UAAU,UAAU,EAC/DQ,EAAM,MAAM,OAAO,OAAO,OAAO,KAAK,CACxC,KAAUtB,EAAQ,MAClB,KAAM,CACL,KAAUuB,EAAQ1B,CAAG,CACtB,CACD,EACAiB,EACAO,CACD,EAEA,OAAAC,EAAME,EAAqB3B,EAAKyB,CAAG,EAC5BA,CACR,EAWA,cAAe,eAAeR,EAAWO,EAAa,CACrD,OAAO,MAAWT,EAAkB,MAAMhB,EAAU,WAAWkB,EAAWO,CAAW,CAAC,CACvF,EASA,WAAY,eAAeP,EAAWW,EAAM,CAC3C,OAAO,MAAM7B,EAAU,cAAckB,EAAW,MAAWY,EAAeD,CAAI,CAAC,CAChF,EAYA,kBAAmB,eAAe5B,EAAKiB,EAAWa,EAAKL,EAAK,CAG3D,OAAM,MAAMM,EAAU/B,EAAKyB,CAAG,GAK9B,MAAM1B,EAAU,SAASkB,CAAS,EAC3B,MAAM,OAAO,OAAO,OAAO,OAAO,CACvC,KAAUd,EAAQ,MAClB,KAAM,CACL,KAAM,MAAMJ,EAAU,6BAA6BkB,CAAS,CAC7D,CACD,EACAA,EACAQ,EACAK,CAAG,GAbI,EAcT,EAWA,UAAW,eAAe9B,EAAKiB,EAAWa,EAAKL,EAAK,CACnD,OAAO1B,EAAU,kBAAkBC,EAAKiB,EAAW,MAAWY,EAAeC,CAAG,EAAG,MAAWE,EAAkBP,CAAG,CAAC,CACrH,EAyBA,6BAA8B,eAAeR,EAAW,CACvD,OAAWS,EAAQ,MAAM3B,EAAU,WAAWkB,EAAU,UAAU,UAAU,CAAC,CAC9E,EASA,WAAY,eAAegB,EAAK,CAC/B,OAAQA,EAAK,CACZ,KAASC,EAAO,KACf,IAAIlC,EAAUE,EAAK,MACnB,MACD,KAASgC,EAAO,KACflC,EAAUE,EAAK,MACf,MACD,KAASgC,EAAO,KACflC,EAAUE,EAAK,MACf,MACD,KAASgC,EAAO,KACflC,EAAUE,EAAK,MACf,MACD,QACC,MAAM,IAAI,MAAM,iDAAiD,CACnE,CACA,OAAOF,CACR,CACD,EAWA,SAASmC,EAAOnC,EAAKoC,EAAG,CACvB,GAAI,OAAOA,GAAM,SAChB,MAAM,IAAI,MAAM,iCAAiC,EAElD,OAAWC,EAAerC,CAAG,EAAIoC,CAClC,CAUA,SAASE,EAAOtC,EAAKoC,EAAG,CACvB,GAAI,OAAOA,GAAM,SAChB,MAAM,IAAI,MAAM,iCAAiC,EAElD,OAAKD,EAAOnC,EAAKoC,CAAC,EAGXA,EAFKG,EAAWvC,CAAG,EAAIoC,CAG/B,CAUA,eAAeI,GAAUxC,EAAKyB,EAAK,CAClC,IAAIgB,EAAK,MAAWT,EAAkBP,CAAG,EACrCiB,EAAY,MAAMf,EAAqB3B,EAAKyC,CAAE,EACjD,OAAY1B,EAAkB2B,CAAS,CACzC,CAQA,eAAeX,EAAU/B,EAAKyB,EAAK,CAClC,IAAIkB,EAAU,MAAMC,EAAO5C,EAAKyB,CAAG,EACnC,OAAOU,EAAOnC,EAAK2C,CAAO,CAC3B,CASA,SAASC,EAAO5C,EAAKyB,EAAK,CACzB,IAAId,EAAWkC,EAAQ7C,CAAG,EAAI,EAC1BoC,EAAIX,EAAI,MAAMd,CAAI,EACtB,OAAOmC,EAAoBV,CAAC,CAC7B,CAUA,eAAeT,EAAqB3B,EAAKyB,EAAK,CAC7C,IAAId,EAAWkC,EAAQ7C,CAAG,EAAI,EAC1B+C,EAAItB,EAAI,MAAM,EAAGd,CAAI,EACrByB,EAAIX,EAAI,MAAMd,CAAI,EAClBgC,EAAUG,EAAoBV,CAAC,EAC/BY,EAAcV,EAAOtC,EAAK2C,CAAO,EAQjCM,EAAQC,EAAwBL,EAAQ7C,CAAG,EAAI,EAAGgD,CAAW,EAIjE,IAAIG,EAAM,IAAI,WAAWJ,EAAE,WAAaE,EAAM,UAAU,EACxD,OAAAE,EAAI,IAAI,IAAI,WAAWJ,CAAC,EAAG,CAAC,EAC5BI,EAAI,IAAI,IAAI,WAAWF,CAAK,EAAGF,EAAE,UAAU,EAC3CtB,EAAM0B,EAAI,OACH1B,CACR,CAOA,SAASqB,EAAoBM,EAAQ,CACpC,IAAIC,EAAS,GACT,EAAI,IAAI,WAAWD,CAAM,EAC7B,QAASE,EAAI,EAAGA,EAAI,EAAE,OAAQA,IAC7BD,GAAUA,GAAU,IAAM,OAAO,EAAEC,EAAE,EAEtC,OAAOD,CACR,CAOA,SAASH,EAAoBK,EAAMC,EAAQ,CAC1C,IAAMJ,EAAS,IAAI,YAAYG,CAAI,EAC7BE,EAAO,IAAI,SAASL,CAAM,EAEhC,GACCG,IACAE,EAAK,SAASF,EAAM,OAAOC,EAAS,OAAO,GAAI,CAAC,CAAC,EACjDA,IAAW,SACHD,EAAO,GAChB,OAAOH,CACR,CC1cA,IAAMM,GAAW,CAAC,MAAO,GAAG,EAQ5B,eAAeC,GAAOC,EAAK,CAI1B,GAHIC,EAAQD,CAAG,IACdA,EAAUE,EAAK,OAERC,EAAMH,CAAG,GAASI,EAAQ,MACjC,IAAIC,EAAU,MAAUC,EAAU,IAAIN,CAAG,MAEzC,OAAM,IAAI,MAAM,uDAAuD,EAGxE,IAAIO,EAAI,MAAUD,EAAU,UAAUD,EAAQ,UAAU,EACxD,OAAAE,EAAE,IAAM,KAAK,MAAM,KAAK,IAAI,EAAI,GAAI,EACpCA,EAAE,IAAM,MAAMC,EAAWD,CAAC,EAC1BA,EAAE,IAAM,mBAEDA,CACR,CASA,eAAeC,EAAWC,EAAS,CAClC,GAAIR,EAAQQ,EAAQ,GAAG,GAAKR,EAAQQ,EAAQ,CAAC,EAC5C,MAAM,IAAI,MAAM,qCAAqC,EAEtD,OAAWC,EAAgBD,EAAS,MAAUE,EAAQF,EAAQ,GAAG,EAAGX,EAAQ,CAC7E,CAOA,eAAec,GAAMC,EAAgB,CACpC,GAAIZ,EAAQY,EAAe,CAAC,EAC3B,eAAQ,MAAM,sBAAsB,EAC7B,GAER,GAAI,CACH,IAAIC,EAAM,yFACNC,EAAM,MAAWC,EAAQF,EAAKD,CAAc,EAChD,OAAYI,EAAUH,EAAKD,EAAgBE,CAAG,CAC/C,MAAE,CAED,MAAO,EACR,CACD,CAwBA,eAAeG,GAAQC,EAAI,CAC1B,GAAI,OAAOA,GAAO,SACjB,eAAQ,MAAM,kDAAkD,EACzD,GAGR,GAAIlB,EAAQkB,EAAG,GAAG,EACjB,eAAQ,MAAM,0BAA0B,EACjC,GAGR,IAAIC,EAAQC,EAAOF,EAAG,GAAG,EAErBG,EAAarB,EAAQkB,EAAG,GAAG,EAC3BI,EAAWtB,EAAQkB,EAAG,CAAC,EACvBK,EAAWvB,EAAQkB,EAAG,CAAC,EAE3B,GAAIG,GAAcC,GAAYC,EAC7B,eAAQ,MAAM,kDAAkD,EACzD,GAIR,GAAID,GAAYC,EACf,OAAIF,GAAcH,EAAG,IAAI,SAAWC,EAAE,aACrC,QAAQ,MAAM,kCAAmCD,EAAG,IAAI,MAAM,EACvD,IAED,GAIR,GAAI,CAACI,GAAYJ,EAAG,EAAE,SAAWC,EAAE,SAClC,eAAQ,MAAM,8BAA+BD,EAAG,EAAE,MAAM,EACjD,GAaR,GAAI,CAACG,GAAc,CAACC,EAAU,CAC7B,IAAIE,EAAI,MAAMjB,EAAWW,CAAE,EAC3B,GAAIA,EAAG,MAAQM,EACd,eAAQ,MAAM,mCAAoCN,EAAG,GAAG,EACjD,EAET,CAIA,GAAI,CAACK,GAAY,CAACD,EAAU,CAC3B,IAAIG,EAAY,MAAUpB,EAAU,YAAYa,CAAE,EAC9CQ,EAAY,MAAWC,EAAe,cAAc,EACpDb,EAAM,MAAUT,EAAU,WAAWoB,EAAWC,CAAS,EACzDE,EAAS,MAAUvB,EAAU,YAAYa,EAAI,EAAI,EAGrD,GAAI,CAFS,MAAUb,EAAU,kBAAkBa,EAAG,IAAKU,EAAQF,EAAWZ,CAAG,EAGhF,eAAQ,MAAM,+BAA+B,EACtC,EAET,CAEA,MAAO,EACR,CA+BA,eAAee,GAAOrB,EAASK,EAAK,CACnC,GAAIb,EAAQQ,CAAO,EAClB,MAAM,IAAI,MAAM,2DAA2D,EAG5E,IAAIsB,EAAO,CAAC,EACZA,EAAK,IAAM,CAAC,EACP9B,EAAQa,CAAG,IACfiB,EAAK,IAAI,IAAMjB,GAEhBiB,EAAK,IAAI,IAAM,KAAK,MAAO,KAAK,IAAI,EAAI,GAAK,EAI7C,IAAIC,EAAUvB,EAAQ,IACtB,cAAOA,EAAQ,IACfsB,EAAO,MAAWE,EAAKF,EAAMtB,CAAO,EAChCuB,IAAY,OACfvB,EAAQ,IAAMuB,EAEdvB,EAAQ,IAAMsB,EAAK,IAAI,IAGjBA,CACR,CAaA,SAASG,EAAUzB,EAAS,CAC3B,MAAI,EAAAR,EAAQQ,EAAQ,GAAG,GAAK,EAAE,SAASA,EAAQ,GAAG,EAAI,GAIvD,CC1NA,IAAM0B,GAAW,CAAC,MAAO,MAAO,MAAO,KAAK,EAiB5C,eAAeC,EAAKC,EAAMC,EAASC,EAAO,CAEzC,GADA,QAAQ,IAAI,EACJC,EAAUF,CAAO,EACxB,MAAM,IAAI,MAAM,yCAAyC,EAG1D,OAAAD,EAAK,IAAI,IAAMC,EAAQ,IACvBD,EAAK,IAAI,IAAM,MAAUI,EAAWH,CAAO,EAC3CD,EAAK,IAAI,IAAM,KAAK,MAAO,KAAK,IAAI,EAAI,GAAK,EAExCK,EAAQH,CAAK,IACjBF,EAAK,IAAM,MAAUM,EAAUN,EAAK,IAAKE,CAAK,GAG/CF,EAAK,IAAM,MAAMO,EAAQ,KAAK,UAAUP,EAAK,GAAG,EAAGC,CAAO,EACnDD,CACR,CAWA,eAAeO,EAAQC,EAAKP,EAAS,CACpC,OAAWQ,EAAU,cACpB,MAAUA,EAAU,YAAYR,CAAO,EACvC,MAAMS,EAAeF,CAAG,CACzB,CACD,CAcA,eAAeG,GAAYX,EAAMC,EAASC,EAAO,CAChD,GAAQC,EAAUF,CAAO,EACxB,MAAM,IAAI,MAAM,4CAA4C,EAE7D,GAAI,CAACI,EAAQL,EAAK,IAAI,GAAG,GAAKA,EAAK,IAAI,MAAQC,EAAQ,IACtD,MAAM,IAAI,MAAM,uDAAuD,EAExE,GAAI,CAACI,EAAQL,EAAK,IAAI,GAAG,GAAKA,EAAK,IAAI,MAAQC,EAAQ,IACtD,MAAM,IAAI,MAAM,uDAAuD,EAGxE,OAAKI,EAAQH,CAAK,IACjBF,EAAK,IAAM,MAAUM,EAAUN,EAAK,IAAKE,CAAK,GAE/CF,EAAK,IAAM,MAAMO,EAAQ,KAAK,UAAUP,EAAK,GAAG,EAAGC,CAAO,EACnDD,CACR,CAYA,eAAeY,GAAOZ,EAAMC,EAAS,CACpC,GAAI,CAACI,EAAQL,EAAK,IAAI,GAAG,GAAKA,EAAK,IAAI,MAAQC,EAAQ,IACtD,MAAM,IAAI,MAAM,sDAAsD,EAEvE,GAAI,CAACI,EAAQL,EAAK,IAAI,GAAG,GAAKA,EAAK,IAAI,MAAQC,EAAQ,IACtD,MAAM,IAAI,MAAM,sDAAsD,EAEvE,OAAOY,EAAU,KAAK,UAAUb,EAAK,GAAG,EAAGC,EAASD,EAAK,GAAG,CAC7D,CAaA,eAAea,EAAUL,EAAKM,EAASC,EAAK,CAC3C,OAAWN,EAAU,UACpBK,EAAQ,IACR,MAAUL,EAAU,YAAYK,EAAS,EAAI,EAC7CN,EACAO,CACD,CACD,CAuBA,eAAeC,GAAKhB,EAAMiB,EAAK,CAC9B,GAAIZ,EAAQL,EAAK,GAAG,EACnB,MAAM,IAAI,MAAM,4BAA4B,EAE7C,IAAIkB,EAAO,CAAC,EAGZ,GAAIb,EAAQY,CAAG,EAAG,CACjB,GAAIZ,EAAQL,EAAK,IAAI,GAAG,EACvB,MAAM,IAAI,MAAM,yDAAyD,EAE1EkB,EAAK,IAAMlB,EAAK,IAAI,GACrB,MACCkB,EAAK,IAAMD,EAEZ,GAAI,CAACZ,EAAQL,EAAK,IAAI,GAAG,GAAKkB,EAAK,MAAQlB,EAAK,IAAI,IACnD,MAAM,IAAI,MAAM,uBAAuBA,EAAK,IAAI,2BAA2BiB,mBAAqB,EAGjG,OAAKZ,EAAQL,EAAK,IAAI,GAAG,IACxBkB,EAAK,IAAMlB,EAAK,IAAI,KAEhBK,EAAQL,EAAK,IAAI,GAAG,IACxBkB,EAAK,IAAMlB,EAAK,IAAI,KAEhBK,EAAQL,EAAK,IAAI,GAAG,IACxBkB,EAAK,IAAMlB,EAAK,IAAI,KAGrBkB,EAAK,IAAM,MAAUC,EAAMnB,EAAK,GAAG,EACnCkB,EAAK,IAAM,MAAUE,EAAgBpB,EAAK,IAAUqB,EAAQH,EAAK,GAAG,CAAC,EAChEb,EAAQL,EAAK,GAAG,IACpBkB,EAAK,IAAMlB,EAAK,IAChBkB,EAAK,IAAM,MAAUE,EAAgB,CACpC,IAAKF,EAAK,IACV,IAAKA,EAAK,GACX,EAAQG,EAAQH,EAAK,GAAG,CAAC,GAGnBA,CACR,CAYA,eAAeR,EAAeY,EAAQ,CACrC,OAAO,IAAI,YAAY,EAAE,OAAOA,CAAM,EAAE,MACzC,CAQA,SAASC,EAAkBD,EAAQ,CAClC,OAAOE,EAAgBF,CAAM,EAAE,MAChC,CAQA,SAASE,EAAgBF,EAAQ,CAQhC,GAHAA,EAASA,EAAO,QAAQ,KAAM,GAAG,EAAE,QAAQ,KAAM,GAAG,EAErC,KAAK,KAAKA,CAAM,CAAC,EAAE,QAAQ,KAAM,EAAE,IACjCA,EAChB,MAAM,IAAI,MAAM,6BAA6B,EAK9C,OAAO,WAAW,KAAK,KAAKA,CAAM,EAAGG,GAAKA,EAAE,WAAW,CAAC,CAAC,CAC1D,CAOA,SAASC,EAAkBC,EAAQ,CAClC,OAAO,KAAK,OAAO,aAAa,MAAM,KAAM,IAAI,WAAWA,CAAM,CAAC,CAAC,EAAE,QAAQ,MAAO,GAAG,EAAE,QAAQ,MAAO,GAAG,EAAE,QAAQ,KAAM,EAAE,CAC9H,CA2BA,SAAStB,EAAQuB,EAAO,CACvB,OAAI,OAAOA,GAAU,WACb,GAGJ,MAAM,QAAQA,CAAK,GAClBA,EAAM,QAAU,EACZ,GAILA,IAAU,OAAOA,CAAK,EACrB,OAAO,KAAKA,CAAK,EAAE,SAAW,EAM9B,CAAAC,GAAOD,CAAK,CAIlB,CAaA,SAASC,GAAOC,EAAM,CACrB,MACC,EAAAA,IAAS,IACTA,IAAS,SACTA,IAAS,QACTA,IAAS,aACTA,IAAS,IACTA,IAAS,GACTA,IAAS,KACTA,IAAS,MACTA,IAAS,QACTA,IAAS,OACT,OAAO,MAAMA,CAAI,GACjBA,IAAS,OAAOA,CAAI,EAKtB,CC3UA,SAASC,EAAMC,EAAK,CACnB,OAAO,OAAO,KAAKA,CAAG,CACvB,CAaA,eAAeC,EAAUC,EAAQC,EAAK,CACrC,GAAIC,EAAQD,CAAG,EACd,OAAOD,EAER,IAAIF,EAAM,CAAC,EACX,QAAWK,KAAKF,EACfH,EAAIK,GAAKH,EAAOG,GAEjB,OAAOL,CACR,CASA,eAAeM,GAAWN,EAAKG,EAAK,CACnC,OAAO,KAAK,UAAU,MAAMF,EAAUD,EAAKG,CAAG,CAAC,CAChD,CAWA,eAAeI,GAAcC,EAAOC,EAAMN,EAAK,CAC9C,GAAIC,EAAQK,CAAI,EACf,MAAM,IAAI,MAAM,mBAAmB,EAEpC,OAAO,MAAM,OAAO,OAAO,OAAOA,EAAM,MAAMC,EAAe,MAAMJ,GAAWE,EAAOL,CAAG,CAAC,CAAC,CAC3F,CAUA,eAAeQ,EAAgBX,EAAKS,EAAMN,EAAK,CAC9C,OAAO,MAAMS,EAAkB,MAAML,GAAcP,EAAKS,EAAMN,CAAG,CAAC,CACnE",
  "names": ["Algs", "FamAlgs", "GenAlgs", "Curves", "Uses", "Params", "alg", "p", "Genus", "Family", "Use", "HashAlg", "HashSize", "XSize", "DSize", "Curve", "SigSize", "order", "halfOrder", "CurveOrder", "CurveHalfOrder", "CryptoKey", "alg", "isEmpty", "Algs", "GenAlgs", "Curve", "cozeKey", "onlyPublic", "Genus", "jwk", "Uses", "FamAlgs", "half", "XSize", "xyab", "B64ToUint8Array", "ArrayBufferTo64ut", "signOrVerify", "cryptoKey", "exported", "czk", "xui8", "yui8", "xyui8", "Thumbprint", "arrayBuffer", "sig", "HashAlg", "sigToLowSArrayBuffer", "utf8", "SToArrayBuffer", "msg", "IsSigLowS", "B64uToArrayBuffer", "crv", "Curves", "IsLowS", "s", "CurveHalfOrder", "toLowS", "CurveOrder", "SigToLowS", "ab", "lowSSigAB", "bigIntS", "sigToS", "SigSize", "arrayBufferToBigInt", "r", "bigIntNormS", "normS", "bigIntToArrayBuffer", "tmp", "buffer", "result", "i", "size", "bigInt", "view", "TmbCanon", "NewKey", "alg", "isEmpty", "Algs", "Genus", "GenAlgs", "keyPair", "CryptoKey", "k", "Thumbprint", "cozeKey", "CanonicalHash64", "HashAlg", "Valid", "privateCozeKey", "msg", "sig", "SignPay", "VerifyPay", "Correct", "ck", "p", "Params", "isTmbEmpty", "isXEmpty", "isDEmpty", "t", "cryptoKey", "mldBuffer", "SToArrayBuffer", "pubKey", "Revoke", "coze", "prevRvk", "Sign", "IsRevoked", "PayCanon", "Sign", "coze", "cozeKey", "canon", "IsRevoked", "Thumbprint", "isEmpty", "Canonical", "SignPay", "pay", "CryptoKey", "SToArrayBuffer", "SignCozeRaw", "Verify", "VerifyPay", "cozekey", "sig", "Meta", "alg", "meta", "Canon", "CanonicalHash64", "HashAlg", "string", "B64uToArrayBuffer", "B64ToUint8Array", "c", "ArrayBufferTo64ut", "buffer", "thing", "isBool", "bool", "Canon", "obj", "Canonical", "object", "can", "isEmpty", "e", "CanonicalS", "CanonicalHash", "input", "hash", "SToArrayBuffer", "CanonicalHash64", "ArrayBufferTo64ut"]
}