From e06ec920f7a5d784e674c4c4b4e6d1da3dc7391d Mon Sep 17 00:00:00 2001
From: Piotr Russ <mail@pruss.it>
Date: Mon, 16 Nov 2020 00:10:28 +0100
Subject: api, login, auth

---
 node_modules/bcryptjs/src/bcrypt.js | 327 ++++++++++++++++++++++++++++++++++++
 1 file changed, 327 insertions(+)
 create mode 100644 node_modules/bcryptjs/src/bcrypt.js

(limited to 'node_modules/bcryptjs/src/bcrypt.js')

diff --git a/node_modules/bcryptjs/src/bcrypt.js b/node_modules/bcryptjs/src/bcrypt.js
new file mode 100644
index 0000000..77403cd
--- /dev/null
+++ b/node_modules/bcryptjs/src/bcrypt.js
@@ -0,0 +1,327 @@
+/**
+ * bcrypt namespace.
+ * @type {Object.<string,*>}
+ */
+var bcrypt = {};
+
+/**
+ * The random implementation to use as a fallback.
+ * @type {?function(number):!Array.<number>}
+ * @inner
+ */
+var randomFallback = null;
+
+/**
+ * Generates cryptographically secure random bytes.
+ * @function
+ * @param {number} len Bytes length
+ * @returns {!Array.<number>} Random bytes
+ * @throws {Error} If no random implementation is available
+ * @inner
+ */
+function random(len) {
+    /* node */ if (typeof module !== 'undefined' && module && module['exports'])
+        try {
+            return require("crypto")['randomBytes'](len);
+        } catch (e) {}
+    /* WCA */ try {
+        var a; (self['crypto']||self['msCrypto'])['getRandomValues'](a = new Uint32Array(len));
+        return Array.prototype.slice.call(a);
+    } catch (e) {}
+    /* fallback */ if (!randomFallback)
+        throw Error("Neither WebCryptoAPI nor a crypto module is available. Use bcrypt.setRandomFallback to set an alternative");
+    return randomFallback(len);
+}
+
+// Test if any secure randomness source is available
+var randomAvailable = false;
+try {
+    random(1);
+    randomAvailable = true;
+} catch (e) {}
+
+// Default fallback, if any
+randomFallback = /*? if (ISAAC) { */function(len) {
+    for (var a=[], i=0; i<len; ++i)
+        a[i] = ((0.5 + isaac() * 2.3283064365386963e-10) * 256) | 0;
+    return a;
+};/*? } else { */null;/*? }*/
+
+/**
+ * Sets the pseudo random number generator to use as a fallback if neither node's `crypto` module nor the Web Crypto
+ *  API is available. Please note: It is highly important that the PRNG used is cryptographically secure and that it
+ *  is seeded properly!
+ * @param {?function(number):!Array.<number>} random Function taking the number of bytes to generate as its
+ *  sole argument, returning the corresponding array of cryptographically secure random byte values.
+ * @see http://nodejs.org/api/crypto.html
+ * @see http://www.w3.org/TR/WebCryptoAPI/
+ */
+bcrypt.setRandomFallback = function(random) {
+    randomFallback = random;
+};
+
+/**
+ * Synchronously generates a salt.
+ * @param {number=} rounds Number of rounds to use, defaults to 10 if omitted
+ * @param {number=} seed_length Not supported.
+ * @returns {string} Resulting salt
+ * @throws {Error} If a random fallback is required but not set
+ * @expose
+ */
+bcrypt.genSaltSync = function(rounds, seed_length) {
+    rounds = rounds || GENSALT_DEFAULT_LOG2_ROUNDS;
+    if (typeof rounds !== 'number')
+        throw Error("Illegal arguments: "+(typeof rounds)+", "+(typeof seed_length));
+    if (rounds < 4)
+        rounds = 4;
+    else if (rounds > 31)
+        rounds = 31;
+    var salt = [];
+    salt.push("$2a$");
+    if (rounds < 10)
+        salt.push("0");
+    salt.push(rounds.toString());
+    salt.push('$');
+    salt.push(base64_encode(random(BCRYPT_SALT_LEN), BCRYPT_SALT_LEN)); // May throw
+    return salt.join('');
+};
+
+/**
+ * Asynchronously generates a salt.
+ * @param {(number|function(Error, string=))=} rounds Number of rounds to use, defaults to 10 if omitted
+ * @param {(number|function(Error, string=))=} seed_length Not supported.
+ * @param {function(Error, string=)=} callback Callback receiving the error, if any, and the resulting salt
+ * @returns {!Promise} If `callback` has been omitted
+ * @throws {Error} If `callback` is present but not a function
+ * @expose
+ */
+bcrypt.genSalt = function(rounds, seed_length, callback) {
+    if (typeof seed_length === 'function')
+        callback = seed_length,
+        seed_length = undefined; // Not supported.
+    if (typeof rounds === 'function')
+        callback = rounds,
+        rounds = undefined;
+    if (typeof rounds === 'undefined')
+        rounds = GENSALT_DEFAULT_LOG2_ROUNDS;
+    else if (typeof rounds !== 'number')
+        throw Error("illegal arguments: "+(typeof rounds));
+
+    function _async(callback) {
+        nextTick(function() { // Pretty thin, but salting is fast enough
+            try {
+                callback(null, bcrypt.genSaltSync(rounds));
+            } catch (err) {
+                callback(err);
+            }
+        });
+    }
+
+    if (callback) {
+        if (typeof callback !== 'function')
+            throw Error("Illegal callback: "+typeof(callback));
+        _async(callback);
+    } else
+        return new Promise(function(resolve, reject) {
+            _async(function(err, res) {
+                if (err) {
+                    reject(err);
+                    return;
+                }
+                resolve(res);
+            });
+        });
+};
+
+/**
+ * Synchronously generates a hash for the given string.
+ * @param {string} s String to hash
+ * @param {(number|string)=} salt Salt length to generate or salt to use, default to 10
+ * @returns {string} Resulting hash
+ * @expose
+ */
+bcrypt.hashSync = function(s, salt) {
+    if (typeof salt === 'undefined')
+        salt = GENSALT_DEFAULT_LOG2_ROUNDS;
+    if (typeof salt === 'number')
+        salt = bcrypt.genSaltSync(salt);
+    if (typeof s !== 'string' || typeof salt !== 'string')
+        throw Error("Illegal arguments: "+(typeof s)+', '+(typeof salt));
+    return _hash(s, salt);
+};
+
+/**
+ * Asynchronously generates a hash for the given string.
+ * @param {string} s String to hash
+ * @param {number|string} salt Salt length to generate or salt to use
+ * @param {function(Error, string=)=} callback Callback receiving the error, if any, and the resulting hash
+ * @param {function(number)=} progressCallback Callback successively called with the percentage of rounds completed
+ *  (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
+ * @returns {!Promise} If `callback` has been omitted
+ * @throws {Error} If `callback` is present but not a function
+ * @expose
+ */
+bcrypt.hash = function(s, salt, callback, progressCallback) {
+
+    function _async(callback) {
+        if (typeof s === 'string' && typeof salt === 'number')
+            bcrypt.genSalt(salt, function(err, salt) {
+                _hash(s, salt, callback, progressCallback);
+            });
+        else if (typeof s === 'string' && typeof salt === 'string')
+            _hash(s, salt, callback, progressCallback);
+        else
+            nextTick(callback.bind(this, Error("Illegal arguments: "+(typeof s)+', '+(typeof salt))));
+    }
+
+    if (callback) {
+        if (typeof callback !== 'function')
+            throw Error("Illegal callback: "+typeof(callback));
+        _async(callback);
+    } else
+        return new Promise(function(resolve, reject) {
+            _async(function(err, res) {
+                if (err) {
+                    reject(err);
+                    return;
+                }
+                resolve(res);
+            });
+        });
+};
+
+/**
+ * Compares two strings of the same length in constant time.
+ * @param {string} known Must be of the correct length
+ * @param {string} unknown Must be the same length as `known`
+ * @returns {boolean}
+ * @inner
+ */
+function safeStringCompare(known, unknown) {
+    var right = 0,
+        wrong = 0;
+    for (var i=0, k=known.length; i<k; ++i) {
+        if (known.charCodeAt(i) === unknown.charCodeAt(i))
+            ++right;
+        else
+            ++wrong;
+    }
+    // Prevent removal of unused variables (never true, actually)
+    if (right < 0)
+        return false;
+    return wrong === 0;
+}
+
+/**
+ * Synchronously tests a string against a hash.
+ * @param {string} s String to compare
+ * @param {string} hash Hash to test against
+ * @returns {boolean} true if matching, otherwise false
+ * @throws {Error} If an argument is illegal
+ * @expose
+ */
+bcrypt.compareSync = function(s, hash) {
+    if (typeof s !== "string" || typeof hash !== "string")
+        throw Error("Illegal arguments: "+(typeof s)+', '+(typeof hash));
+    if (hash.length !== 60)
+        return false;
+    return safeStringCompare(bcrypt.hashSync(s, hash.substr(0, hash.length-31)), hash);
+};
+
+/**
+ * Asynchronously compares the given data against the given hash.
+ * @param {string} s Data to compare
+ * @param {string} hash Data to be compared to
+ * @param {function(Error, boolean)=} callback Callback receiving the error, if any, otherwise the result
+ * @param {function(number)=} progressCallback Callback successively called with the percentage of rounds completed
+ *  (0.0 - 1.0), maximally once per `MAX_EXECUTION_TIME = 100` ms.
+ * @returns {!Promise} If `callback` has been omitted
+ * @throws {Error} If `callback` is present but not a function
+ * @expose
+ */
+bcrypt.compare = function(s, hash, callback, progressCallback) {
+
+    function _async(callback) {
+        if (typeof s !== "string" || typeof hash !== "string") {
+            nextTick(callback.bind(this, Error("Illegal arguments: "+(typeof s)+', '+(typeof hash))));
+            return;
+        }
+        if (hash.length !== 60) {
+            nextTick(callback.bind(this, null, false));
+            return;
+        }
+        bcrypt.hash(s, hash.substr(0, 29), function(err, comp) {
+            if (err)
+                callback(err);
+            else
+                callback(null, safeStringCompare(comp, hash));
+        }, progressCallback);
+    }
+
+    if (callback) {
+        if (typeof callback !== 'function')
+            throw Error("Illegal callback: "+typeof(callback));
+        _async(callback);
+    } else
+        return new Promise(function(resolve, reject) {
+            _async(function(err, res) {
+                if (err) {
+                    reject(err);
+                    return;
+                }
+                resolve(res);
+            });
+        });
+};
+
+/**
+ * Gets the number of rounds used to encrypt the specified hash.
+ * @param {string} hash Hash to extract the used number of rounds from
+ * @returns {number} Number of rounds used
+ * @throws {Error} If `hash` is not a string
+ * @expose
+ */
+bcrypt.getRounds = function(hash) {
+    if (typeof hash !== "string")
+        throw Error("Illegal arguments: "+(typeof hash));
+    return parseInt(hash.split("$")[2], 10);
+};
+
+/**
+ * Gets the salt portion from a hash. Does not validate the hash.
+ * @param {string} hash Hash to extract the salt from
+ * @returns {string} Extracted salt part
+ * @throws {Error} If `hash` is not a string or otherwise invalid
+ * @expose
+ */
+bcrypt.getSalt = function(hash) {
+    if (typeof hash !== 'string')
+        throw Error("Illegal arguments: "+(typeof hash));
+    if (hash.length !== 60)
+        throw Error("Illegal hash length: "+hash.length+" != 60");
+    return hash.substring(0, 29);
+};
+
+//? include("bcrypt/util.js");
+
+//? include("bcrypt/impl.js");
+
+/**
+ * Encodes a byte array to base64 with up to len bytes of input, using the custom bcrypt alphabet.
+ * @function
+ * @param {!Array.<number>} b Byte array
+ * @param {number} len Maximum input length
+ * @returns {string}
+ * @expose
+ */
+bcrypt.encodeBase64 = base64_encode;
+
+/**
+ * Decodes a base64 encoded string to up to len bytes of output, using the custom bcrypt alphabet.
+ * @function
+ * @param {string} s String to decode
+ * @param {number} len Maximum output length
+ * @returns {!Array.<number>}
+ * @expose
+ */
+bcrypt.decodeBase64 = base64_decode;
-- 
cgit v1.2.3