{"version":3,"sources":["webpack:///./node_modules/@hiveio/hive-js/lib/auth/ecc/src/brain_key.js","webpack:///./node_modules/@hiveio/hive-js/lib/auth/ecc/src/hash.js","webpack:///./node_modules/@hiveio/hive-js/lib/auth/ecc/src/enforce_types.js","webpack:///./node_modules/@hiveio/hive-js/lib/auth/ecc/src/ecsignature.js","webpack:///./node_modules/@hiveio/hive-js/lib/auth/ecc/src/ecdsa.js"],"names":["Object","defineProperty","exports","value","normalize","brain_key","Error","trim","split","join","_createHash2","_interopRequireDefault","_createHmac2","obj","__esModule","default","module","sha1","data","encoding","update","digest","sha256","sha512","HmacSHA256","buffer","secret","ripemd160","getName","fn","match","toString","type","Array","isArray","Buffer","isBuffer","constructor","TypeError","assert","enforceType","BigInteger","ECSignature","r","s","this","parseCompact","equal","length","i","readUInt8","compressed","signature","fromBuffer","slice","fromDER","rLen","offset","sLen","rB","sB","fromDERInteger","signum","parseScriptSignature","hashType","hashTypeMod","prototype","toCompact","writeUInt8","toBuffer","copy","toDER","rBa","toDERInteger","sBa","sequence","push","concat","unshift","toScriptSignature","hashTypeBuffer","crypto","deterministicGenerateK","curve","hash","d","checkSig","nonce","x","k","v","fill","T","compareTo","n","verifyRaw","e","Q","G","c","modInverse","u1","multiply","mod","u2","R","multiplyTwo","isInfinity","affineX","equals","recoverPubKey","strictEqual","isYOdd","add","pointFromX","nR","eNeg","negate","rInv","validate","calcPubKeyRecoveryParam","sign","N_OVER_TWO","shiftRight","subtract","verify"],"mappings":"+FAEAA,OAAOC,eAAeC,EAAS,aAAc,CACzCC,OAAO,IAEXD,EAAQE,UACR,SAAmBC,GACf,GAAyB,iBAAdA,EACP,MAAM,IAAIC,MAAM,iCAGpB,OADAD,EAAYA,EAAUE,QACLC,MAAM,kBAAkBC,KAAK,O,kCCTlD,IAEIC,EAAeC,EAFD,EAAQ,SAMtBC,EAAeD,EAFD,EAAQ,SAI1B,SAASA,EAAuBE,GAAO,OAAOA,GAAOA,EAAIC,WAAaD,EAAM,CAAEE,QAASF,GA+CvFG,EAAOd,QAAU,CACbe,KA1CJ,SAAcC,EAAMC,GAChB,OAAO,EAAIT,EAAaK,SAAS,QAAQK,OAAOF,GAAMG,OAAOF,IA0C7DG,OAnCJ,SAAgBJ,EAAMC,GAClB,OAAO,EAAIT,EAAaK,SAAS,UAAUK,OAAOF,GAAMG,OAAOF,IAmC/DI,OA5BJ,SAAgBL,EAAMC,GAClB,OAAO,EAAIT,EAAaK,SAAS,UAAUK,OAAOF,GAAMG,OAAOF,IA4B/DK,WAzBJ,SAAoBC,EAAQC,GACxB,OAAO,EAAId,EAAaG,SAAS,SAAUW,GAAQN,OAAOK,GAAQJ,UAyBlEM,UAtBJ,SAAmBT,GACf,OAAO,EAAIR,EAAaK,SAAS,UAAUK,OAAOF,GAAMG,Y,mCCzC5D,YA4CA,SAASO,EAAQC,GAEf,IAAIC,EAAQD,EAAGE,WAAWD,MAAM,oBAChC,OAAOA,EAAQA,EAAM,GAAK,KA7C5Bd,EAAOd,QAAU,SAAiB8B,EAAM7B,GAEtC,OAAQ6B,GACN,IAAK,QAED,GAAIC,MAAMC,QAAQ/B,GAAQ,OAC1B,MAGJ,IAAK,UAED,GAAqB,kBAAVA,EAAqB,OAChC,MAGJ,IAAK,SAED,GAAIgC,EAAOC,SAASjC,GAAQ,OAC5B,MAGJ,IAAK,SAED,GAAqB,iBAAVA,EAAoB,OAC/B,MAGJ,IAAK,SAED,GAAqB,iBAAVA,EAAoB,OAC/B,MAGJ,QAEI,GAAIyB,EAAQzB,EAAMkC,eAAiBT,EAAQI,GAAO,OAIxD,MAAM,IAAIM,UAAU,aAAeV,EAAQI,IAASA,GAAQ,SAAW7B,M,gECzCzE,YAEA,IAAIoC,EAAS,EAAQ,QACjBC,EAAc,EAAQ,QAEtBC,EAAa,EAAQ,QAEzB,SAASC,EAAYC,EAAGC,GACtBJ,EAAYC,EAAYE,GACxBH,EAAYC,EAAYG,GAExBC,KAAKF,EAAIA,EACTE,KAAKD,EAAIA,EAIXF,EAAYI,aAAe,SAAUrB,GACnCc,EAAOQ,MAAMtB,EAAOuB,OAAQ,GAAI,4BAChC,IAAIC,EAAIxB,EAAOyB,UAAU,GAAK,GAY9B,OATAX,EAAOQ,MAAME,EAAO,EAAJA,EAAO,+BAShB,CACLE,cATsB,EAAJF,GAUlBA,EAPFA,GAAQ,EAQNG,UAAW,IAAIV,EANTD,EAAWY,WAAW5B,EAAO6B,MAAM,EAAG,KACtCb,EAAWY,WAAW5B,EAAO6B,MAAM,QAS7CZ,EAAYa,QAAU,SAAU9B,GAC9Bc,EAAOQ,MAAMtB,EAAOyB,UAAU,GAAI,GAAM,sBACxCX,EAAOQ,MAAMtB,EAAOyB,UAAU,GAAIzB,EAAOuB,OAAS,EAAG,2BACrDT,EAAOQ,MAAMtB,EAAOyB,UAAU,GAAI,EAAM,0BAExC,IAAIM,EAAO/B,EAAOyB,UAAU,GAC5BX,EAAOiB,EAAO,EAAG,oBAEjB,IAAIC,EAAS,EAAID,EACjBjB,EAAOQ,MAAMtB,EAAOyB,UAAUO,GAAS,EAAM,8BAE7C,IAAIC,EAAOjC,EAAOyB,UAAUO,EAAS,GACrClB,EAAOmB,EAAO,EAAG,oBAEjB,IAAIC,EAAKlC,EAAO6B,MAAM,EAAGG,GACrBG,EAAKnC,EAAO6B,MAAMG,EAAS,GAC/BA,GAAU,EAAIC,EAEVF,EAAO,GAAyB,IAApBG,EAAGT,UAAU,IAC3BX,EAAyB,IAAlBoB,EAAGT,UAAU,GAAW,8BAG7BQ,EAAO,GAAyB,IAApBE,EAAGV,UAAU,IAC3BX,EAAyB,IAAlBqB,EAAGV,UAAU,GAAW,8BAGjCX,EAAOQ,MAAMU,EAAQhC,EAAOuB,OAAQ,wBACpC,IAAIL,EAAIF,EAAWoB,eAAeF,GAC9Bf,EAAIH,EAAWoB,eAAeD,GAKlC,OAHArB,EAAOI,EAAEmB,UAAY,EAAG,uBACxBvB,EAAOK,EAAEkB,UAAY,EAAG,uBAEjB,IAAIpB,EAAYC,EAAGC,IAI5BF,EAAYqB,qBAAuB,SAAUtC,GAC3C,IAAIuC,EAAWvC,EAAOyB,UAAUzB,EAAOuB,OAAS,GAC5CiB,GAAyB,IAAXD,EAIlB,OAFAzB,EAAO0B,EAAc,GAAQA,EAAc,EAAM,oBAE1C,CACLb,UAAWV,EAAYa,QAAQ9B,EAAO6B,MAAM,GAAI,IAChDU,SAAUA,IAKdtB,EAAYwB,UAAUC,UAAY,SAAUlB,EAAGE,GACzCA,IAAYF,GAAK,GACrBA,GAAK,GAEL,IAAIxB,EAAS,IAAIU,EAAO,IAMxB,OALAV,EAAO2C,WAAWnB,EAAG,GAErBJ,KAAKF,EAAE0B,SAAS,IAAIC,KAAK7C,EAAQ,GACjCoB,KAAKD,EAAEyB,SAAS,IAAIC,KAAK7C,EAAQ,IAE1BA,GAGTiB,EAAYwB,UAAUK,MAAQ,WAC5B,IAAIC,EAAM3B,KAAKF,EAAE8B,eACbC,EAAM7B,KAAKD,EAAE6B,eAEbE,EAAW,GAaf,OAVAA,EAASC,KAAK,EAAMJ,EAAIxB,SACxB2B,EAAWA,EAASE,OAAOL,IAGlBI,KAAK,EAAMF,EAAI1B,SACxB2B,EAAWA,EAASE,OAAOH,IAGlBI,QAAQ,GAAMH,EAAS3B,QAEzB,IAAIb,EAAOwC,IAGpBjC,EAAYwB,UAAUa,kBAAoB,SAAUf,GAClD,IAAIgB,EAAiB,IAAI7C,EAAO,GAGhC,OAFA6C,EAAeZ,WAAWJ,EAAU,GAE7B7B,EAAO0C,OAAO,CAAChC,KAAK0B,QAASS,KAGtChE,EAAOd,QAAUwC,I,gEC/HjB,YAEA,IAAIH,EAAS,EAAQ,QACjB0C,EAAS,EAAQ,QACjBzC,EAAc,EAAQ,QAEtBC,EAAa,EAAQ,QACrBC,EAAc,EAAQ,QAG1B,SAASwC,EAAuBC,EAAOC,EAAMC,EAAGC,EAAUC,GAExD/C,EAAY,SAAU4C,GACtB5C,EAAYC,EAAY4C,GAEpBE,IACFH,EAAOH,EAAO3D,OAAOa,EAAO0C,OAAO,CAACO,EAAM,IAAIjD,EAAOoD,OAIvDhD,EAAOQ,MAAMqC,EAAKpC,OAAQ,GAAI,wBAE9B,IAAIwC,EAAIH,EAAEhB,SAAS,IACfoB,EAAI,IAAItD,EAAO,IACfuD,EAAI,IAAIvD,EAAO,IAGnBuD,EAAEC,KAAK,GAGPF,EAAEE,KAAK,GAGPF,EAAIR,EAAOzD,WAAWW,EAAO0C,OAAO,CAACa,EAAG,IAAIvD,EAAO,CAAC,IAAKqD,EAAGJ,IAAQK,GAGpEC,EAAIT,EAAOzD,WAAWkE,EAAGD,GAGzBA,EAAIR,EAAOzD,WAAWW,EAAO0C,OAAO,CAACa,EAAG,IAAIvD,EAAO,CAAC,IAAKqD,EAAGJ,IAAQK,GAGpEC,EAAIT,EAAOzD,WAAWkE,EAAGD,GAIzBC,EAAIT,EAAOzD,WAAWkE,EAAGD,GAKzB,IAHA,IAAIG,EAAInD,EAAWY,WAAWqC,GAGvBE,EAAE9B,UAAY,GAAK8B,EAAEC,UAAUV,EAAMW,IAAM,IAAMR,EAASM,IAC/DH,EAAIR,EAAOzD,WAAWW,EAAO0C,OAAO,CAACa,EAAG,IAAIvD,EAAO,CAAC,MAAOsD,GAC3DC,EAAIT,EAAOzD,WAAWkE,EAAGD,GAIzBC,EAAIT,EAAOzD,WAAWkE,EAAGD,GAEzBG,EAAInD,EAAWY,WAAWqC,GAG5B,OAAOE,EAmCT,SAASG,EAAUZ,EAAOa,EAAG5C,EAAW6C,GACtC,IAAIH,EAAIX,EAAMW,EACVI,EAAIf,EAAMe,EAEVvD,EAAIS,EAAUT,EACdC,EAAIQ,EAAUR,EAGlB,GAAID,EAAEmB,UAAY,GAAKnB,EAAEkD,UAAUC,IAAM,EAAG,OAAO,EACnD,GAAIlD,EAAEkB,UAAY,GAAKlB,EAAEiD,UAAUC,IAAM,EAAG,OAAO,EAGnD,IAAIK,EAAIvD,EAAEwD,WAAWN,GAIjBO,EAAKL,EAAEM,SAASH,GAAGI,IAAIT,GACvBU,EAAK7D,EAAE2D,SAASH,GAAGI,IAAIT,GAGvBW,EAAIP,EAAEQ,YAAYL,EAAIJ,EAAGO,GAG7B,OAAIrB,EAAMwB,WAAWF,IAGZA,EAAEG,QAGAL,IAAIT,GAGNe,OAAOlE,GAkBlB,SAASmE,EAAc3B,EAAOa,EAAG5C,EAAWH,GAC1CV,EAAOwE,YAAgB,EAAJ9D,EAAOA,EAAG,wCAE7B,IAAI6C,EAAIX,EAAMW,EACVI,EAAIf,EAAMe,EAEVvD,EAAIS,EAAUT,EACdC,EAAIQ,EAAUR,EAElBL,EAAOI,EAAEmB,SAAW,GAAKnB,EAAEkD,UAAUC,GAAK,EAAG,mBAC7CvD,EAAOK,EAAEkB,SAAW,GAAKlB,EAAEiD,UAAUC,GAAK,EAAG,mBAG7C,IAAIkB,EAAa,EAAJ/D,EAOTuC,EAHcvC,GAAK,EAGDN,EAAEsE,IAAInB,GAAKnD,EAC7B8D,EAAItB,EAAM+B,WAAWF,EAAQxB,GAG7B2B,EAAKV,EAAEH,SAASR,GACpBvD,EAAO4C,EAAMwB,WAAWQ,GAAK,iCAG7B,IAAIC,EAAOpB,EAAEqB,SAASd,IAAIT,GAItBwB,EAAO3E,EAAEyD,WAAWN,GAEpBG,EAAIQ,EAAEC,YAAY9D,EAAGsD,EAAGkB,GAAMd,SAASgB,GAG3C,OAFAnC,EAAMoC,SAAStB,GAERA,EA2BTjF,EAAOd,QAAU,CACfsH,wBAdF,SAAiCrC,EAAOa,EAAG5C,EAAW6C,GACpD,IAAK,IAAIhD,EAAI,EAAGA,EAAI,EAAGA,IAAK,CAI1B,GAHa6D,EAAc3B,EAAOa,EAAG5C,EAAWH,GAGrC4D,OAAOZ,GAChB,OAAOhD,EAIX,MAAM,IAAI3C,MAAM,yCAKhB4E,uBAAwBA,EACxB4B,cAAeA,EACfW,KAtJF,SAActC,EAAOC,EAAMC,EAAGE,GAE5B,IAII5C,EAAGC,EAJHoD,EAAIvD,EAAWY,WAAW+B,GAC1BU,EAAIX,EAAMW,EACVI,EAAIf,EAAMe,EAkBVwB,GAfIxC,EAAuBC,EAAOC,EAAMC,GAAG,SAAUI,GAEvD,IAAIQ,EAAIC,EAAEI,SAASb,GAEnB,OAAIN,EAAMwB,WAAWV,KAGF,KADnBtD,EAAIsD,EAAEW,QAAQL,IAAIT,IACZhC,UAGa,KADnBlB,EAAI6C,EAAEW,WAAWN,GAAGQ,SAASN,EAAEiB,IAAI5B,EAAEiB,SAAS3D,KAAK4D,IAAIT,IACjDhC,YAGLyB,GAEcO,EAAE6B,WAAW,IAO9B,OAJI/E,EAAEiD,UAAU6B,GAAc,IAC5B9E,EAAIkD,EAAE8B,SAAShF,IAGV,IAAIF,EAAYC,EAAGC,IA0H1BiF,OApFF,SAAgB1C,EAAOC,EAAMhC,EAAW6C,GAItC,OAAOF,EAAUZ,EADT1C,EAAWY,WAAW+B,GACHhC,EAAW6C,IAiFtCF,UAAWA,K","file":"vendor.hiveio~5314979f.9625dc97dc931bfb2569.chunk.js","sourcesContent":["'use strict';\n\nObject.defineProperty(exports, \"__esModule\", {\n    value: true\n});\nexports.normalize = normalize;\nfunction normalize(brain_key) {\n    if (typeof brain_key !== 'string') {\n        throw new Error(\"string required for brain_key\");\n    }\n    brain_key = brain_key.trim();\n    return brain_key.split(/[\\t\\n\\v\\f\\r ]+/).join(' ');\n}","'use strict';\n\nvar _createHash = require('create-hash');\n\nvar _createHash2 = _interopRequireDefault(_createHash);\n\nvar _createHmac = require('create-hmac');\n\nvar _createHmac2 = _interopRequireDefault(_createHmac);\n\nfunction _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }\n\n/** @arg {string|Buffer} data\n    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'\n    @return {string|Buffer} - Buffer when digest is null, or string\n*/\nfunction sha1(data, encoding) {\n    return (0, _createHash2.default)('sha1').update(data).digest(encoding);\n}\n\n/** @arg {string|Buffer} data\n    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'\n    @return {string|Buffer} - Buffer when digest is null, or string\n*/\nfunction sha256(data, encoding) {\n    return (0, _createHash2.default)('sha256').update(data).digest(encoding);\n}\n\n/** @arg {string|Buffer} data\n    @arg {string} [digest = null] - 'hex', 'binary' or 'base64'\n    @return {string|Buffer} - Buffer when digest is null, or string\n*/\nfunction sha512(data, encoding) {\n    return (0, _createHash2.default)('sha512').update(data).digest(encoding);\n}\n\nfunction HmacSHA256(buffer, secret) {\n    return (0, _createHmac2.default)('sha256', secret).update(buffer).digest();\n}\n\nfunction ripemd160(data) {\n    return (0, _createHash2.default)('rmd160').update(data).digest();\n}\n\n// function hash160(buffer) {\n//   return ripemd160(sha256(buffer))\n// }\n// \n// function hash256(buffer) {\n//   return sha256(sha256(buffer))\n// }\n\n// \n// function HmacSHA512(buffer, secret) {\n//   return crypto.createHmac('sha512', secret).update(buffer).digest()\n// }\n\nmodule.exports = {\n    sha1: sha1,\n    sha256: sha256,\n    sha512: sha512,\n    HmacSHA256: HmacSHA256,\n    ripemd160: ripemd160\n    // hash160: hash160,\n    // hash256: hash256,\n    // HmacSHA512: HmacSHA512\n};","'use strict';\n\nmodule.exports = function enforce(type, value) {\n  // Copied from https://github.com/bitcoinjs/bitcoinjs-lib\n  switch (type) {\n    case 'Array':\n      {\n        if (Array.isArray(value)) return;\n        break;\n      }\n\n    case 'Boolean':\n      {\n        if (typeof value === 'boolean') return;\n        break;\n      }\n\n    case 'Buffer':\n      {\n        if (Buffer.isBuffer(value)) return;\n        break;\n      }\n\n    case 'Number':\n      {\n        if (typeof value === 'number') return;\n        break;\n      }\n\n    case 'String':\n      {\n        if (typeof value === 'string') return;\n        break;\n      }\n\n    default:\n      {\n        if (getName(value.constructor) === getName(type)) return;\n      }\n  }\n\n  throw new TypeError('Expected ' + (getName(type) || type) + ', got ' + value);\n};\n\nfunction getName(fn) {\n  // Why not fn.name: https://kangax.github.io/compat-table/es6/#function_name_property\n  var match = fn.toString().match(/function (.*?)\\(/);\n  return match ? match[1] : null;\n}","'use strict';\n\nvar assert = require('assert'); // from https://github.com/bitcoinjs/bitcoinjs-lib\nvar enforceType = require('./enforce_types');\n\nvar BigInteger = require('bigi');\n\nfunction ECSignature(r, s) {\n  enforceType(BigInteger, r);\n  enforceType(BigInteger, s);\n\n  this.r = r;\n  this.s = s;\n}\n\n// Import operations\nECSignature.parseCompact = function (buffer) {\n  assert.equal(buffer.length, 65, 'Invalid signature length');\n  var i = buffer.readUInt8(0) - 27;\n\n  // At most 3 bits\n  assert.equal(i, i & 7, 'Invalid signature parameter');\n  var compressed = !!(i & 4);\n\n  // Recovery param only\n  i = i & 3;\n\n  var r = BigInteger.fromBuffer(buffer.slice(1, 33));\n  var s = BigInteger.fromBuffer(buffer.slice(33));\n\n  return {\n    compressed: compressed,\n    i: i,\n    signature: new ECSignature(r, s)\n  };\n};\n\nECSignature.fromDER = function (buffer) {\n  assert.equal(buffer.readUInt8(0), 0x30, 'Not a DER sequence');\n  assert.equal(buffer.readUInt8(1), buffer.length - 2, 'Invalid sequence length');\n  assert.equal(buffer.readUInt8(2), 0x02, 'Expected a DER integer');\n\n  var rLen = buffer.readUInt8(3);\n  assert(rLen > 0, 'R length is zero');\n\n  var offset = 4 + rLen;\n  assert.equal(buffer.readUInt8(offset), 0x02, 'Expected a DER integer (2)');\n\n  var sLen = buffer.readUInt8(offset + 1);\n  assert(sLen > 0, 'S length is zero');\n\n  var rB = buffer.slice(4, offset);\n  var sB = buffer.slice(offset + 2);\n  offset += 2 + sLen;\n\n  if (rLen > 1 && rB.readUInt8(0) === 0x00) {\n    assert(rB.readUInt8(1) & 0x80, 'R value excessively padded');\n  }\n\n  if (sLen > 1 && sB.readUInt8(0) === 0x00) {\n    assert(sB.readUInt8(1) & 0x80, 'S value excessively padded');\n  }\n\n  assert.equal(offset, buffer.length, 'Invalid DER encoding');\n  var r = BigInteger.fromDERInteger(rB);\n  var s = BigInteger.fromDERInteger(sB);\n\n  assert(r.signum() >= 0, 'R value is negative');\n  assert(s.signum() >= 0, 'S value is negative');\n\n  return new ECSignature(r, s);\n};\n\n// FIXME: 0x00, 0x04, 0x80 are SIGHASH_* boundary constants, importing Transaction causes a circular dependency\nECSignature.parseScriptSignature = function (buffer) {\n  var hashType = buffer.readUInt8(buffer.length - 1);\n  var hashTypeMod = hashType & ~0x80;\n\n  assert(hashTypeMod > 0x00 && hashTypeMod < 0x04, 'Invalid hashType');\n\n  return {\n    signature: ECSignature.fromDER(buffer.slice(0, -1)),\n    hashType: hashType\n  };\n};\n\n// Export operations\nECSignature.prototype.toCompact = function (i, compressed) {\n  if (compressed) i += 4;\n  i += 27;\n\n  var buffer = new Buffer(65);\n  buffer.writeUInt8(i, 0);\n\n  this.r.toBuffer(32).copy(buffer, 1);\n  this.s.toBuffer(32).copy(buffer, 33);\n\n  return buffer;\n};\n\nECSignature.prototype.toDER = function () {\n  var rBa = this.r.toDERInteger();\n  var sBa = this.s.toDERInteger();\n\n  var sequence = [];\n\n  // INTEGER\n  sequence.push(0x02, rBa.length);\n  sequence = sequence.concat(rBa);\n\n  // INTEGER\n  sequence.push(0x02, sBa.length);\n  sequence = sequence.concat(sBa);\n\n  // SEQUENCE\n  sequence.unshift(0x30, sequence.length);\n\n  return new Buffer(sequence);\n};\n\nECSignature.prototype.toScriptSignature = function (hashType) {\n  var hashTypeBuffer = new Buffer(1);\n  hashTypeBuffer.writeUInt8(hashType, 0);\n\n  return Buffer.concat([this.toDER(), hashTypeBuffer]);\n};\n\nmodule.exports = ECSignature;","'use strict';\n\nvar assert = require('assert'); // from github.com/bitcoinjs/bitcoinjs-lib from github.com/cryptocoinjs/ecdsa\nvar crypto = require('./hash');\nvar enforceType = require('./enforce_types');\n\nvar BigInteger = require('bigi');\nvar ECSignature = require('./ecsignature');\n\n// https://tools.ietf.org/html/rfc6979#section-3.2\nfunction deterministicGenerateK(curve, hash, d, checkSig, nonce) {\n\n  enforceType('Buffer', hash);\n  enforceType(BigInteger, d);\n\n  if (nonce) {\n    hash = crypto.sha256(Buffer.concat([hash, new Buffer(nonce)]));\n  }\n\n  // sanity check\n  assert.equal(hash.length, 32, 'Hash must be 256 bit');\n\n  var x = d.toBuffer(32);\n  var k = new Buffer(32);\n  var v = new Buffer(32);\n\n  // Step B\n  v.fill(1);\n\n  // Step C\n  k.fill(0);\n\n  // Step D\n  k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([0]), x, hash]), k);\n\n  // Step E\n  v = crypto.HmacSHA256(v, k);\n\n  // Step F\n  k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([1]), x, hash]), k);\n\n  // Step G\n  v = crypto.HmacSHA256(v, k);\n\n  // Step H1/H2a, ignored as tlen === qlen (256 bit)\n  // Step H2b\n  v = crypto.HmacSHA256(v, k);\n\n  var T = BigInteger.fromBuffer(v);\n\n  // Step H3, repeat until T is within the interval [1, n - 1]\n  while (T.signum() <= 0 || T.compareTo(curve.n) >= 0 || !checkSig(T)) {\n    k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([0])]), k);\n    v = crypto.HmacSHA256(v, k);\n\n    // Step H1/H2a, again, ignored as tlen === qlen (256 bit)\n    // Step H2b again\n    v = crypto.HmacSHA256(v, k);\n\n    T = BigInteger.fromBuffer(v);\n  }\n\n  return T;\n}\n\nfunction sign(curve, hash, d, nonce) {\n\n  var e = BigInteger.fromBuffer(hash);\n  var n = curve.n;\n  var G = curve.G;\n\n  var r, s;\n  var k = deterministicGenerateK(curve, hash, d, function (k) {\n    // find canonically valid signature\n    var Q = G.multiply(k);\n\n    if (curve.isInfinity(Q)) return false;\n\n    r = Q.affineX.mod(n);\n    if (r.signum() === 0) return false;\n\n    s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n);\n    if (s.signum() === 0) return false;\n\n    return true;\n  }, nonce);\n\n  var N_OVER_TWO = n.shiftRight(1);\n\n  // enforce low S values, see bip62: 'low s values in signatures'\n  if (s.compareTo(N_OVER_TWO) > 0) {\n    s = n.subtract(s);\n  }\n\n  return new ECSignature(r, s);\n}\n\nfunction verifyRaw(curve, e, signature, Q) {\n  var n = curve.n;\n  var G = curve.G;\n\n  var r = signature.r;\n  var s = signature.s;\n\n  // 1.4.1 Enforce r and s are both integers in the interval [1, n − 1]\n  if (r.signum() <= 0 || r.compareTo(n) >= 0) return false;\n  if (s.signum() <= 0 || s.compareTo(n) >= 0) return false;\n\n  // c = s^-1 mod n\n  var c = s.modInverse(n);\n\n  // 1.4.4 Compute u1 = es^−1 mod n\n  //               u2 = rs^−1 mod n\n  var u1 = e.multiply(c).mod(n);\n  var u2 = r.multiply(c).mod(n);\n\n  // 1.4.5 Compute R = (xR, yR) = u1G + u2Q\n  var R = G.multiplyTwo(u1, Q, u2);\n\n  // 1.4.5 (cont.) Enforce R is not at infinity\n  if (curve.isInfinity(R)) return false;\n\n  // 1.4.6 Convert the field element R.x to an integer\n  var xR = R.affineX;\n\n  // 1.4.7 Set v = xR mod n\n  var v = xR.mod(n);\n\n  // 1.4.8 If v = r, output \"valid\", and if v != r, output \"invalid\"\n  return v.equals(r);\n}\n\nfunction verify(curve, hash, signature, Q) {\n  // 1.4.2 H = Hash(M), already done by the user\n  // 1.4.3 e = H\n  var e = BigInteger.fromBuffer(hash);\n  return verifyRaw(curve, e, signature, Q);\n}\n\n/**\n  * Recover a public key from a signature.\n  *\n  * See SEC 1: Elliptic Curve Cryptography, section 4.1.6, \"Public\n  * Key Recovery Operation\".\n  *\n  * http://www.secg.org/download/aid-780/sec1-v2.pdf\n  */\nfunction recoverPubKey(curve, e, signature, i) {\n  assert.strictEqual(i & 3, i, 'Recovery param is more than two bits');\n\n  var n = curve.n;\n  var G = curve.G;\n\n  var r = signature.r;\n  var s = signature.s;\n\n  assert(r.signum() > 0 && r.compareTo(n) < 0, 'Invalid r value');\n  assert(s.signum() > 0 && s.compareTo(n) < 0, 'Invalid s value');\n\n  // A set LSB signifies that the y-coordinate is odd\n  var isYOdd = i & 1;\n\n  // The more significant bit specifies whether we should use the\n  // first or second candidate key.\n  var isSecondKey = i >> 1;\n\n  // 1.1 Let x = r + jn\n  var x = isSecondKey ? r.add(n) : r;\n  var R = curve.pointFromX(isYOdd, x);\n\n  // 1.4 Check that nR is at infinity\n  var nR = R.multiply(n);\n  assert(curve.isInfinity(nR), 'nR is not a valid curve point');\n\n  // Compute -e from e\n  var eNeg = e.negate().mod(n);\n\n  // 1.6.1 Compute Q = r^-1 (sR -  eG)\n  //               Q = r^-1 (sR + -eG)\n  var rInv = r.modInverse(n);\n\n  var Q = R.multiplyTwo(s, G, eNeg).multiply(rInv);\n  curve.validate(Q);\n\n  return Q;\n}\n\n/**\n  * Calculate pubkey extraction parameter.\n  *\n  * When extracting a pubkey from a signature, we have to\n  * distinguish four different cases. Rather than putting this\n  * burden on the verifier, Bitcoin includes a 2-bit value with the\n  * signature.\n  *\n  * This function simply tries all four cases and returns the value\n  * that resulted in a successful pubkey recovery.\n  */\nfunction calcPubKeyRecoveryParam(curve, e, signature, Q) {\n  for (var i = 0; i < 4; i++) {\n    var Qprime = recoverPubKey(curve, e, signature, i);\n\n    // 1.6.2 Verify Q\n    if (Qprime.equals(Q)) {\n      return i;\n    }\n  }\n\n  throw new Error('Unable to find valid recovery factor');\n}\n\nmodule.exports = {\n  calcPubKeyRecoveryParam: calcPubKeyRecoveryParam,\n  deterministicGenerateK: deterministicGenerateK,\n  recoverPubKey: recoverPubKey,\n  sign: sign,\n  verify: verify,\n  verifyRaw: verifyRaw\n};"],"sourceRoot":""}