@bcts/components 1.0.0-alpha.8 → 1.0.0-beta.0

package/dist/digest-B1bpgcdz.mjs

@@ -0,0 +1,943 @@
+import { createTaggedCbor, decodeCbor, expectBytes, extractTaggedContent, tagsForValues, toByteString, validateTag } from "@bcts/dcbor";
+import { DIGEST } from "@bcts/tags";
+import { SHA256_SIZE, sha256 } from "@bcts/crypto";
+import { UR } from "@bcts/uniform-resources";
+//#region \0rolldown/runtime.js
+var __defProp = Object.defineProperty;
+var __exportAll = (all, no_symbols) => {
+	let target = {};
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
+	return target;
+};
+//#endregion
+//#region src/error.ts
+/**
+* Copyright © 2023-2026 Blockchain Commons, LLC
+* Copyright © 2025-2026 Parity Technologies
+*
+*
+* Error types for cryptographic and component operations
+*
+* Ported from bc-components-rust/src/error.rs
+*
+* This module provides a unified error handling system that matches the Rust
+* implementation's error variants with full structural parity:
+*
+* - InvalidSize: Invalid data size for the specified type
+* - InvalidData: Invalid data format or content
+* - DataTooShort: Data too short for the expected type
+* - Crypto: Cryptographic operation failed
+* - Cbor: CBOR encoding or decoding error
+* - Sskr: SSKR error
+* - Ssh: SSH key operation failed
+* - Uri: URI parsing failed
+* - Compression: Data compression/decompression failed
+* - PostQuantum: Post-quantum cryptography library error
+* - LevelMismatch: Signature level mismatch
+* - SshAgent: SSH agent operation failed
+* - Hex: Hex decoding error
+* - Utf8: UTF-8 conversion error
+* - Env: Environment variable error
+* - SshAgentClient: SSH agent client error
+* - General: General error with custom message
+*/
+/**
+* Error kind enum matching Rust's Error variants.
+*
+* This enum allows programmatic checking of error types, matching the
+* Rust enum variants exactly.
+*/
+let ErrorKind = /* @__PURE__ */ function(ErrorKind) {
+	/** Invalid data size for the specified type */
+	ErrorKind["InvalidSize"] = "InvalidSize";
+	/** Invalid data format or content */
+	ErrorKind["InvalidData"] = "InvalidData";
+	/** Data too short for the expected type */
+	ErrorKind["DataTooShort"] = "DataTooShort";
+	/** Cryptographic operation failed */
+	ErrorKind["Crypto"] = "Crypto";
+	/** CBOR encoding or decoding error */
+	ErrorKind["Cbor"] = "Cbor";
+	/** SSKR error */
+	ErrorKind["Sskr"] = "Sskr";
+	/** SSH key operation failed */
+	ErrorKind["Ssh"] = "Ssh";
+	/** URI parsing failed */
+	ErrorKind["Uri"] = "Uri";
+	/** Data compression/decompression failed */
+	ErrorKind["Compression"] = "Compression";
+	/** Post-quantum cryptography library error */
+	ErrorKind["PostQuantum"] = "PostQuantum";
+	/** Signature level mismatch */
+	ErrorKind["LevelMismatch"] = "LevelMismatch";
+	/** SSH agent operation failed */
+	ErrorKind["SshAgent"] = "SshAgent";
+	/** Hex decoding error */
+	ErrorKind["Hex"] = "Hex";
+	/** UTF-8 conversion error */
+	ErrorKind["Utf8"] = "Utf8";
+	/** Environment variable error */
+	ErrorKind["Env"] = "Env";
+	/** SSH agent client error */
+	ErrorKind["SshAgentClient"] = "SshAgentClient";
+	/** General error with custom message */
+	ErrorKind["General"] = "General";
+	return ErrorKind;
+}({});
+/**
+* Error type for cryptographic and component operations.
+*
+* This class provides full structural parity with the Rust Error enum,
+* including:
+* - An `errorKind` property for programmatic error type checking
+* - Structured `errorData` for accessing error-specific fields
+* - Factory methods matching Rust's impl block
+*/
+var CryptoError = class CryptoError extends Error {
+	/** The error kind for programmatic type checking */
+	errorKind;
+	/** Structured error data matching Rust's error variants */
+	errorData;
+	constructor(message, errorData) {
+		super(message);
+		this.name = "CryptoError";
+		this.errorKind = errorData.kind;
+		this.errorData = errorData;
+		const ErrorWithStackTrace = Error;
+		if (typeof ErrorWithStackTrace.captureStackTrace === "function") ErrorWithStackTrace.captureStackTrace(this, CryptoError);
+	}
+	/**
+	* Create an invalid size error.
+	*
+	* Rust equivalent: `Error::InvalidSize { data_type, expected, actual }`
+	*
+	* @param expected - The expected size
+	* @param actual - The actual size received
+	*/
+	static invalidSize(expected, actual) {
+		return CryptoError.invalidSizeForType("data", expected, actual);
+	}
+	/**
+	* Create an invalid size error with a data type name.
+	*
+	* Rust equivalent: `Error::invalid_size(data_type, expected, actual)`
+	*
+	* @param dataType - The name of the data type
+	* @param expected - The expected size
+	* @param actual - The actual size received
+	*/
+	static invalidSizeForType(dataType, expected, actual) {
+		return new CryptoError(`invalid ${dataType} size: expected ${expected}, got ${actual}`, {
+			kind: "InvalidSize",
+			dataType,
+			expected,
+			actual
+		});
+	}
+	/**
+	* Create an invalid data error.
+	*
+	* @param message - Description of what's invalid
+	*/
+	static invalidData(message) {
+		return CryptoError.invalidDataForType("data", message);
+	}
+	/**
+	* Create an invalid data error with a data type name.
+	*
+	* Rust equivalent: `Error::invalid_data(data_type, reason)`
+	*
+	* @param dataType - The name of the data type
+	* @param reason - The reason the data is invalid
+	*/
+	static invalidDataForType(dataType, reason) {
+		return new CryptoError(`invalid ${dataType}: ${reason}`, {
+			kind: "InvalidData",
+			dataType,
+			reason
+		});
+	}
+	/**
+	* Create a data too short error.
+	*
+	* Rust equivalent: `Error::data_too_short(data_type, minimum, actual)`
+	*
+	* @param dataType - The name of the data type
+	* @param minimum - The minimum required size
+	* @param actual - The actual size received
+	*/
+	static dataTooShort(dataType, minimum, actual) {
+		return new CryptoError(`data too short: ${dataType} expected at least ${minimum}, got ${actual}`, {
+			kind: "DataTooShort",
+			dataType,
+			minimum,
+			actual
+		});
+	}
+	/**
+	* Create an invalid format error.
+	*
+	* @param message - Description of the format error
+	*/
+	static invalidFormat(message) {
+		return CryptoError.invalidDataForType("format", message);
+	}
+	/**
+	* Create an invalid input error.
+	*
+	* @param message - Description of the invalid input
+	*/
+	static invalidInput(message) {
+		return CryptoError.invalidDataForType("input", message);
+	}
+	/**
+	* Create a cryptographic operation failed error.
+	*
+	* Rust equivalent: `Error::crypto(msg)`
+	*
+	* @param message - Description of the failure
+	*/
+	static cryptoOperation(message) {
+		return CryptoError.crypto(message);
+	}
+	/**
+	* Create a crypto error.
+	*
+	* Rust equivalent: `Error::Crypto(msg)`
+	*
+	* @param message - Description of the failure
+	*/
+	static crypto(message) {
+		return new CryptoError(`cryptographic operation failed: ${message}`, {
+			kind: "Crypto",
+			message
+		});
+	}
+	/**
+	* Create a post-quantum cryptography error.
+	*
+	* Rust equivalent: `Error::post_quantum(msg)`
+	*
+	* @param message - Description of the failure
+	*/
+	static postQuantum(message) {
+		return new CryptoError(`post-quantum cryptography error: ${message}`, {
+			kind: "PostQuantum",
+			message
+		});
+	}
+	/**
+	* Create a signature level mismatch error.
+	*
+	* Rust equivalent: `Error::LevelMismatch`
+	*/
+	static levelMismatch() {
+		return new CryptoError("signature level does not match key level", { kind: "LevelMismatch" });
+	}
+	/**
+	* Create a CBOR error.
+	*
+	* Rust equivalent: `Error::Cbor(err)`
+	*
+	* @param message - Description of the CBOR error
+	*/
+	static cbor(message) {
+		return new CryptoError(`CBOR error: ${message}`, {
+			kind: "Cbor",
+			message
+		});
+	}
+	/**
+	* Create a hex decoding error.
+	*
+	* Rust equivalent: `Error::Hex(err)`
+	*
+	* @param message - Description of the hex error
+	*/
+	static hex(message) {
+		return new CryptoError(`hex decoding error: ${message}`, {
+			kind: "Hex",
+			message
+		});
+	}
+	/**
+	* Create a UTF-8 conversion error.
+	*
+	* Rust equivalent: `Error::Utf8(err)`
+	*
+	* @param message - Description of the UTF-8 error
+	*/
+	static utf8(message) {
+		return new CryptoError(`UTF-8 conversion error: ${message}`, {
+			kind: "Utf8",
+			message
+		});
+	}
+	/**
+	* Create a compression error.
+	*
+	* Rust equivalent: `Error::compression(msg)`
+	*
+	* @param message - Description of the compression error
+	*/
+	static compression(message) {
+		return new CryptoError(`compression error: ${message}`, {
+			kind: "Compression",
+			message
+		});
+	}
+	/**
+	* Create a URI parsing error.
+	*
+	* Rust equivalent: `Error::Uri(err)`
+	*
+	* @param message - Description of the URI error
+	*/
+	static uri(message) {
+		return new CryptoError(`invalid URI: ${message}`, {
+			kind: "Uri",
+			message
+		});
+	}
+	/**
+	* Create an SSKR error.
+	*
+	* Rust equivalent: `Error::Sskr(err)`
+	*
+	* @param message - Description of the SSKR error
+	*/
+	static sskr(message) {
+		return new CryptoError(`SSKR error: ${message}`, {
+			kind: "Sskr",
+			message
+		});
+	}
+	/**
+	* Create an SSH operation error.
+	*
+	* Rust equivalent: `Error::ssh(msg)`
+	*
+	* @param message - Description of the SSH error
+	*/
+	static ssh(message) {
+		return new CryptoError(`SSH operation failed: ${message}`, {
+			kind: "Ssh",
+			message
+		});
+	}
+	/**
+	* Create an SSH agent error.
+	*
+	* Rust equivalent: `Error::ssh_agent(msg)`
+	*
+	* @param message - Description of the SSH agent error
+	*/
+	static sshAgent(message) {
+		return new CryptoError(`SSH agent error: ${message}`, {
+			kind: "SshAgent",
+			message
+		});
+	}
+	/**
+	* Create an SSH agent client error.
+	*
+	* Rust equivalent: `Error::ssh_agent_client(msg)`
+	*
+	* @param message - Description of the SSH agent client error
+	*/
+	static sshAgentClient(message) {
+		return new CryptoError(`SSH agent client error: ${message}`, {
+			kind: "SshAgentClient",
+			message
+		});
+	}
+	/**
+	* Create an environment variable error.
+	*
+	* Rust equivalent: `Error::Env(err)`
+	*
+	* @param message - Description of the environment error
+	*/
+	static env(message) {
+		return new CryptoError(`environment variable error: ${message}`, {
+			kind: "Env",
+			message
+		});
+	}
+	/**
+	* Create a general error with a custom message.
+	*
+	* Rust equivalent: `Error::general(msg)` / `Error::General(msg)`
+	*
+	* @param message - The error message
+	*/
+	static general(message) {
+		return new CryptoError(message, {
+			kind: "General",
+			message
+		});
+	}
+	/**
+	* Check if this error is of a specific kind.
+	*
+	* @param kind - The error kind to check
+	*/
+	isKind(kind) {
+		return this.errorKind === kind;
+	}
+	/**
+	* Check if this is an InvalidSize error.
+	*/
+	isInvalidSize() {
+		return this.errorKind === "InvalidSize";
+	}
+	/**
+	* Check if this is an InvalidData error.
+	*/
+	isInvalidData() {
+		return this.errorKind === "InvalidData";
+	}
+	/**
+	* Check if this is a DataTooShort error.
+	*/
+	isDataTooShort() {
+		return this.errorKind === "DataTooShort";
+	}
+	/**
+	* Check if this is a Crypto error.
+	*/
+	isCrypto() {
+		return this.errorKind === "Crypto";
+	}
+	/**
+	* Check if this is a Cbor error.
+	*/
+	isCbor() {
+		return this.errorKind === "Cbor";
+	}
+	/**
+	* Check if this is an Sskr error.
+	*/
+	isSskr() {
+		return this.errorKind === "Sskr";
+	}
+	/**
+	* Check if this is an Ssh error.
+	*/
+	isSsh() {
+		return this.errorKind === "Ssh";
+	}
+	/**
+	* Check if this is a Uri error.
+	*/
+	isUri() {
+		return this.errorKind === "Uri";
+	}
+	/**
+	* Check if this is a Compression error.
+	*/
+	isCompression() {
+		return this.errorKind === "Compression";
+	}
+	/**
+	* Check if this is a PostQuantum error.
+	*/
+	isPostQuantum() {
+		return this.errorKind === "PostQuantum";
+	}
+	/**
+	* Check if this is a LevelMismatch error.
+	*/
+	isLevelMismatch() {
+		return this.errorKind === "LevelMismatch";
+	}
+	/**
+	* Check if this is an SshAgent error.
+	*/
+	isSshAgent() {
+		return this.errorKind === "SshAgent";
+	}
+	/**
+	* Check if this is a Hex error.
+	*/
+	isHex() {
+		return this.errorKind === "Hex";
+	}
+	/**
+	* Check if this is a Utf8 error.
+	*/
+	isUtf8() {
+		return this.errorKind === "Utf8";
+	}
+	/**
+	* Check if this is an Env error.
+	*/
+	isEnv() {
+		return this.errorKind === "Env";
+	}
+	/**
+	* Check if this is an SshAgentClient error.
+	*/
+	isSshAgentClient() {
+		return this.errorKind === "SshAgentClient";
+	}
+	/**
+	* Check if this is a General error.
+	*/
+	isGeneral() {
+		return this.errorKind === "General";
+	}
+};
+/**
+* Type guard to check if a result is an Error.
+*/
+function isError(result) {
+	return result instanceof Error;
+}
+/**
+* Type guard to check if a result is a CryptoError.
+*/
+function isCryptoError(result) {
+	return result instanceof CryptoError;
+}
+/**
+* Type guard to check if an error is a CryptoError of a specific kind.
+*/
+function isCryptoErrorKind(result, kind) {
+	return isCryptoError(result) && result.errorKind === kind;
+}
+//#endregion
+//#region src/utils.ts
+/**
+* Copyright © 2023-2026 Blockchain Commons, LLC
+* Copyright © 2025-2026 Parity Technologies
+*
+*
+* Utility functions for byte array conversions and comparisons.
+*
+* These functions provide cross-platform support for common byte manipulation
+* operations needed in cryptographic and encoding contexts.
+*
+* @packageDocumentation
+*/
+/**
+* Convert a Uint8Array to a lowercase hexadecimal string.
+*
+* @param data - The byte array to convert
+* @returns A lowercase hex string representation (2 characters per byte)
+*
+* @example
+* ```typescript
+* const bytes = new Uint8Array([0xde, 0xad, 0xbe, 0xef]);
+* bytesToHex(bytes); // "deadbeef"
+* ```
+*/
+function bytesToHex(data) {
+	return Array.from(data).map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+/**
+* Convert a hexadecimal string to a Uint8Array.
+*
+* @param hex - A hex string (must have even length, case-insensitive)
+* @returns The decoded byte array
+* @throws {Error} If the hex string has odd length or contains invalid characters
+*
+* @example
+* ```typescript
+* hexToBytes("deadbeef"); // Uint8Array([0xde, 0xad, 0xbe, 0xef])
+* hexToBytes("DEADBEEF"); // Uint8Array([0xde, 0xad, 0xbe, 0xef])
+* hexToBytes("xyz"); // throws Error: Invalid hex string
+* ```
+*/
+function hexToBytes(hex) {
+	if (hex.length % 2 !== 0) throw new Error(`Hex string must have even length, got ${hex.length}`);
+	if (!/^[0-9A-Fa-f]*$/.test(hex)) throw new Error("Invalid hex string: contains non-hexadecimal characters");
+	const data = new Uint8Array(hex.length / 2);
+	for (let i = 0; i < hex.length; i += 2) data[i / 2] = parseInt(hex.substring(i, i + 2), 16);
+	return data;
+}
+/**
+* Convert a Uint8Array to a base64-encoded string.
+*
+* This function works in both browser and Node.js environments.
+* Uses btoa which is available in browsers and Node.js 16+.
+*
+* @param data - The byte array to encode
+* @returns A base64-encoded string
+*
+* @example
+* ```typescript
+* const bytes = new Uint8Array([72, 101, 108, 108, 111]); // "Hello"
+* toBase64(bytes); // "SGVsbG8="
+* ```
+*/
+function toBase64(data) {
+	let binary = "";
+	for (const byte of data) binary += String.fromCharCode(byte);
+	return btoa(binary);
+}
+/**
+* Convert a base64-encoded string to a Uint8Array.
+*
+* This function works in both browser and Node.js environments.
+* Uses atob which is available in browsers and Node.js 16+.
+*
+* @param base64 - A base64-encoded string
+* @returns The decoded byte array
+*
+* @example
+* ```typescript
+* fromBase64("SGVsbG8="); // Uint8Array([72, 101, 108, 108, 111])
+* ```
+*/
+function fromBase64(base64) {
+	const binary = atob(base64);
+	const bytes = new Uint8Array(binary.length);
+	for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
+	return bytes;
+}
+/**
+* Compare two Uint8Arrays for equality using constant-time comparison.
+*
+* This function is designed to be resistant to timing attacks by always
+* comparing all bytes regardless of where a difference is found. The
+* comparison time depends only on the length of the arrays, not on where
+* they differ.
+*
+* **Security Note**: If the arrays have different lengths, this function
+* returns `false` immediately, which does leak length information. For
+* cryptographic uses where length should also be secret, ensure both
+* arrays are the same length before comparison.
+*
+* @param a - First byte array
+* @param b - Second byte array
+* @returns `true` if both arrays have the same length and identical contents
+*
+* @example
+* ```typescript
+* const key1 = new Uint8Array([1, 2, 3, 4]);
+* const key2 = new Uint8Array([1, 2, 3, 4]);
+* const key3 = new Uint8Array([1, 2, 3, 5]);
+*
+* bytesEqual(key1, key2); // true
+* bytesEqual(key1, key3); // false
+* ```
+*/
+function bytesEqual(a, b) {
+	if (a.length !== b.length) return false;
+	let result = 0;
+	for (let i = 0; i < a.length; i++) result |= a[i] ^ b[i];
+	return result === 0;
+}
+//#endregion
+//#region src/digest.ts
+/**
+* Copyright © 2023-2026 Blockchain Commons, LLC
+* Copyright © 2025-2026 Parity Technologies
+*
+*
+* SHA-256 cryptographic digest (32 bytes)
+*
+* Ported from bc-components-rust/src/digest.rs
+*
+* A `Digest` represents the cryptographic hash of some data. In this
+* implementation, SHA-256 is used, which produces a 32-byte hash value.
+* Digests are used throughout the crate for data verification and as unique
+* identifiers derived from data.
+*
+* # CBOR Serialization
+*
+* `Digest` implements the CBOR tagged encoding interfaces, which means it can be
+* serialized to and deserialized from CBOR with a specific tag (TAG_DIGEST = 40001).
+*
+* # UR Serialization
+*
+* When serialized as a Uniform Resource (UR), a `Digest` is represented as a
+* binary blob with the type "digest".
+*
+* @example
+* ```typescript
+* import { Digest } from '@bcts/components';
+*
+* // Create a digest from a string
+* const data = new TextEncoder().encode("hello world");
+* const digest = Digest.fromImage(data);
+*
+* // Validate that the digest matches the original data
+* console.log(digest.validate(data)); // true
+*
+* // Create a digest from a hex string
+* const hexString = "b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9";
+* const digest2 = Digest.fromHex(hexString);
+*
+* // Retrieve the digest as hex
+* console.log(digest2.hex()); // b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
+* ```
+*/
+var digest_exports = /* @__PURE__ */ __exportAll({ Digest: () => Digest });
+var Digest = class Digest {
+	static DIGEST_SIZE = SHA256_SIZE;
+	_data;
+	constructor(data) {
+		if (data.length !== Digest.DIGEST_SIZE) throw CryptoError.invalidSize(Digest.DIGEST_SIZE, data.length);
+		this._data = new Uint8Array(data);
+	}
+	/**
+	* Get the digest data.
+	*/
+	data() {
+		return this._data;
+	}
+	/**
+	* Create a Digest from a 32-byte array.
+	*/
+	static fromData(data) {
+		return new Digest(new Uint8Array(data));
+	}
+	/**
+	* Create a Digest from data, validating the length.
+	* Alias for fromData for compatibility with Rust API.
+	*/
+	static fromDataRef(data) {
+		return Digest.fromData(data);
+	}
+	/**
+	* Create a Digest from hex string.
+	*
+	* @throws Error if the hex string is not exactly 64 characters.
+	*/
+	static fromHex(hex) {
+		return new Digest(hexToBytes(hex));
+	}
+	/**
+	* Compute SHA-256 digest of data (called "image" in Rust).
+	*
+	* @param image - The data to hash
+	*/
+	static fromImage(image) {
+		const hashData = sha256(image);
+		return new Digest(new Uint8Array(hashData));
+	}
+	/**
+	* Compute SHA-256 digest from multiple data parts.
+	*
+	* The parts are concatenated and then hashed.
+	*
+	* @param imageParts - Array of byte arrays to concatenate and hash
+	*/
+	static fromImageParts(imageParts) {
+		const totalLength = imageParts.reduce((sum, part) => sum + part.length, 0);
+		const buf = new Uint8Array(totalLength);
+		let offset = 0;
+		for (const part of imageParts) {
+			buf.set(part, offset);
+			offset += part.length;
+		}
+		return Digest.fromImage(buf);
+	}
+	/**
+	* Compute SHA-256 digest from an array of Digests.
+	*
+	* The digest bytes are concatenated and then hashed.
+	*
+	* @param digests - Array of Digests to combine
+	*/
+	static fromDigests(digests) {
+		const buf = new Uint8Array(digests.length * Digest.DIGEST_SIZE);
+		let offset = 0;
+		for (const digest of digests) {
+			buf.set(digest._data, offset);
+			offset += Digest.DIGEST_SIZE;
+		}
+		return Digest.fromImage(buf);
+	}
+	/**
+	* Compute SHA-256 digest of data (legacy alias for fromImage).
+	* @deprecated Use fromImage instead
+	*/
+	static hash(data) {
+		return Digest.fromImage(data);
+	}
+	/**
+	* Get the raw digest bytes as a copy.
+	*/
+	toData() {
+		return new Uint8Array(this._data);
+	}
+	/**
+	* Get a reference to the raw digest bytes.
+	*/
+	asBytes() {
+		return this._data;
+	}
+	/**
+	* Get hex string representation.
+	*/
+	hex() {
+		return bytesToHex(this._data);
+	}
+	/**
+	* Get hex string representation (alias for hex()).
+	*/
+	toHex() {
+		return this.hex();
+	}
+	/**
+	* Get base64 representation.
+	*/
+	toBase64() {
+		return toBase64(this._data);
+	}
+	/**
+	* Get the first four bytes of the digest as a hexadecimal string.
+	* Useful for short descriptions.
+	*/
+	shortDescription() {
+		return bytesToHex(this._data.slice(0, 4));
+	}
+	/**
+	* Validate the digest against the given image.
+	*
+	* The image is hashed with SHA-256 and compared to this digest.
+	* @returns `true` if the digest matches the image.
+	*/
+	validate(image) {
+		return this.equals(Digest.fromImage(image));
+	}
+	/**
+	* Compare with another Digest.
+	*/
+	equals(other) {
+		if (this._data.length !== other._data.length) return false;
+		for (let i = 0; i < this._data.length; i++) if (this._data[i] !== other._data[i]) return false;
+		return true;
+	}
+	/**
+	* Compare digests lexicographically.
+	*/
+	compare(other) {
+		for (let i = 0; i < this._data.length; i++) {
+			const a = this._data[i];
+			const b = other._data[i];
+			if (a < b) return -1;
+			if (a > b) return 1;
+		}
+		return 0;
+	}
+	/**
+	* Get string representation.
+	*/
+	toString() {
+		return `Digest(${this.hex()})`;
+	}
+	/**
+	* A Digest is its own digest provider - returns itself.
+	*/
+	digest() {
+		return this;
+	}
+	/**
+	* Returns the CBOR tags associated with Digest.
+	*/
+	cborTags() {
+		return tagsForValues([DIGEST.value]);
+	}
+	/**
+	* Returns the untagged CBOR encoding (as a byte string).
+	*/
+	untaggedCbor() {
+		return toByteString(this._data);
+	}
+	/**
+	* Returns the tagged CBOR encoding.
+	*/
+	taggedCbor() {
+		return createTaggedCbor(this);
+	}
+	/**
+	* Returns the tagged value in CBOR binary representation.
+	*/
+	taggedCborData() {
+		return this.taggedCbor().toData();
+	}
+	/**
+	* Creates a Digest by decoding it from untagged CBOR.
+	*/
+	fromUntaggedCbor(cbor) {
+		const data = expectBytes(cbor);
+		return Digest.fromData(data);
+	}
+	/**
+	* Creates a Digest by decoding it from tagged CBOR.
+	*/
+	fromTaggedCbor(cbor) {
+		validateTag(cbor, this.cborTags());
+		const content = extractTaggedContent(cbor);
+		return this.fromUntaggedCbor(content);
+	}
+	/**
+	* Static method to decode from tagged CBOR.
+	*/
+	static fromTaggedCbor(cbor) {
+		return new Digest(new Uint8Array(Digest.DIGEST_SIZE)).fromTaggedCbor(cbor);
+	}
+	/**
+	* Static method to decode from tagged CBOR binary data.
+	*/
+	static fromTaggedCborData(data) {
+		const cbor = decodeCbor(data);
+		return Digest.fromTaggedCbor(cbor);
+	}
+	/**
+	* Static method to decode from untagged CBOR binary data.
+	*/
+	static fromUntaggedCborData(data) {
+		const bytes = expectBytes(decodeCbor(data));
+		return Digest.fromData(bytes);
+	}
+	/**
+	* Returns the UR representation of the Digest.
+	* Note: URs use untagged CBOR since the type is conveyed by the UR type itself.
+	*/
+	ur() {
+		return UR.new("digest", this.untaggedCbor());
+	}
+	/**
+	* Returns the UR string representation.
+	*/
+	urString() {
+		return this.ur().string();
+	}
+	/**
+	* Creates a Digest from a UR.
+	*/
+	static fromUR(ur) {
+		ur.checkType("digest");
+		return new Digest(new Uint8Array(Digest.DIGEST_SIZE)).fromUntaggedCbor(ur.cbor());
+	}
+	/**
+	* Creates a Digest from a UR string.
+	*/
+	static fromURString(urString) {
+		const ur = UR.fromURString(urString);
+		return Digest.fromUR(ur);
+	}
+	/**
+	* Validate the given data against the digest, if any.
+	*
+	* Returns `true` if the digest is `undefined` or if the digest matches the
+	* image's digest. Returns `false` if the digest does not match.
+	*/
+	static validateOpt(image, digest) {
+		if (digest === void 0) return true;
+		return digest.validate(image);
+	}
+};
+//#endregion
+export { fromBase64 as a, CryptoError as c, isCryptoErrorKind as d, isError as f, bytesToHex as i, ErrorKind as l, digest_exports as n, hexToBytes as o, bytesEqual as r, toBase64 as s, Digest as t, isCryptoError as u };
+
+//# sourceMappingURL=digest-B1bpgcdz.mjs.map