@better-update/cli 0.32.0 → 0.33.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +794 -1288
- package/dist/index.mjs.map +1 -1
- package/package.json +4 -4
package/dist/index.mjs
CHANGED
|
@@ -34,7 +34,7 @@ var __require = /* @__PURE__ */ createRequire(import.meta.url);
|
|
|
34
34
|
|
|
35
35
|
//#endregion
|
|
36
36
|
//#region package.json
|
|
37
|
-
var version = "0.
|
|
37
|
+
var version = "0.33.1";
|
|
38
38
|
|
|
39
39
|
//#endregion
|
|
40
40
|
//#region src/lib/interactive-mode.ts
|
|
@@ -925,7 +925,7 @@ var AuditLog = class extends Schema.Class("AuditLog")({
|
|
|
925
925
|
//#region ../../packages/api/src/groups/audit-logs.ts
|
|
926
926
|
var AuditLogsGroup = class extends HttpApiGroup.make("audit-logs").add(HttpApiEndpoint.get("list", "/api/audit-logs").setUrlParams(Schema.Struct({
|
|
927
927
|
projectId: Schema.optional(Schema.String),
|
|
928
|
-
resourceType: Schema.optional(
|
|
928
|
+
resourceType: Schema.optional(AuditLogResourceType),
|
|
929
929
|
from: Schema.optional(Schema.String),
|
|
930
930
|
to: Schema.optional(Schema.String),
|
|
931
931
|
...CursorPaginationParams.fields
|
|
@@ -3078,8 +3078,10 @@ const AppleSessionStoreLive = Layer.effect(AppleSessionStore, Effect.gen(functio
|
|
|
3078
3078
|
const defaultAppleUtils = {
|
|
3079
3079
|
Auth: AppleUtils.Auth,
|
|
3080
3080
|
Session: AppleUtils.Session,
|
|
3081
|
+
Teams: AppleUtils.Teams,
|
|
3081
3082
|
CookieFileCache: AppleUtils.CookieFileCache
|
|
3082
3083
|
};
|
|
3084
|
+
const TEN_CHAR_TEAM_ID = /^[A-Z0-9]{10}$/u;
|
|
3083
3085
|
var AppleAuth = class extends Context.Tag("cli/AppleAuth")() {};
|
|
3084
3086
|
const sessionFromAuthState = (state) => ({
|
|
3085
3087
|
username: state.username,
|
|
@@ -3093,11 +3095,19 @@ const sessionFromInfo = (username, info) => ({
|
|
|
3093
3095
|
teamName: info.provider.name,
|
|
3094
3096
|
providerId: info.provider.providerId
|
|
3095
3097
|
});
|
|
3096
|
-
|
|
3097
|
-
|
|
3098
|
-
|
|
3099
|
-
|
|
3100
|
-
|
|
3098
|
+
/**
|
|
3099
|
+
* Resolve the 10-char Developer Portal Team ID for a selected App Store Connect
|
|
3100
|
+
* provider. Uses the provider's `publicProviderId` directly when it already is a
|
|
3101
|
+
* Team ID; otherwise (UUID providers) looks it up from the Developer Portal team
|
|
3102
|
+
* list by name — the only field both surfaces share. Falls back to the
|
|
3103
|
+
* `publicProviderId` if no match, preserving prior behavior.
|
|
3104
|
+
*/
|
|
3105
|
+
const resolvePortalTeamId = (appleUtils, provider) => Effect.gen(function* () {
|
|
3106
|
+
if (TEN_CHAR_TEAM_ID.test(provider.publicProviderId)) return provider.publicProviderId;
|
|
3107
|
+
return (yield* Effect.tryPromise({
|
|
3108
|
+
try: async () => appleUtils.Teams.getTeamsAsync(),
|
|
3109
|
+
catch: (cause) => new AppleAuthError$1({ message: `Failed to list Apple Developer teams: ${formatCause(cause)}` })
|
|
3110
|
+
})).find((team) => team.name === provider.name)?.teamId ?? provider.publicProviderId;
|
|
3101
3111
|
});
|
|
3102
3112
|
const restoreFromCookies = (appleUtils, cookies) => Effect.tryPromise({
|
|
3103
3113
|
try: async () => appleUtils.Auth.loginWithCookiesAsync({ cookies }),
|
|
@@ -3112,10 +3122,16 @@ const restoreFromCookies = (appleUtils, cookies) => Effect.tryPromise({
|
|
|
3112
3122
|
const resolveSessionTeam = (appleUtils, state) => Effect.gen(function* () {
|
|
3113
3123
|
const { availableProviders } = state.session;
|
|
3114
3124
|
const resolution = yield* resolveProvider(appleUtils, availableProviders, state.context.providerId ?? state.session.provider.providerId);
|
|
3115
|
-
|
|
3116
|
-
const
|
|
3117
|
-
if (
|
|
3118
|
-
|
|
3125
|
+
const switched = resolution.switched && resolution.providerId !== void 0;
|
|
3126
|
+
const provider = switched ? availableProviders.find((entry) => entry.providerId === resolution.providerId) : state.session.provider;
|
|
3127
|
+
if (provider === void 0) return yield* new AppleAuthError$1({ message: `Selected provider ${String(resolution.providerId)} not in available providers list.` });
|
|
3128
|
+
const teamId = (!switched && state.context.teamId !== void 0 && TEN_CHAR_TEAM_ID.test(state.context.teamId) ? state.context.teamId : void 0) ?? (yield* resolvePortalTeamId(appleUtils, provider));
|
|
3129
|
+
return {
|
|
3130
|
+
username: state.username,
|
|
3131
|
+
teamId,
|
|
3132
|
+
teamName: provider.name,
|
|
3133
|
+
providerId: provider.providerId
|
|
3134
|
+
};
|
|
3119
3135
|
});
|
|
3120
3136
|
const loginWithCredentials = (appleUtils, credentials) => Effect.tryPromise({
|
|
3121
3137
|
try: async () => appleUtils.Auth.loginWithUserCredentialsAsync(credentials, { autoResolveProvider: true }),
|
|
@@ -5300,7 +5316,7 @@ const findAndroidArtifact = ({ projectRoot, format, flavor, buildType, minMtimeM
|
|
|
5300
5316
|
* isBytes(new Uint8Array());
|
|
5301
5317
|
* ```
|
|
5302
5318
|
*/
|
|
5303
|
-
function isBytes$
|
|
5319
|
+
function isBytes$4(a) {
|
|
5304
5320
|
return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array" && "BYTES_PER_ELEMENT" in a && a.BYTES_PER_ELEMENT === 1;
|
|
5305
5321
|
}
|
|
5306
5322
|
/**
|
|
@@ -5314,7 +5330,7 @@ function isBytes$5(a) {
|
|
|
5314
5330
|
* abool(true);
|
|
5315
5331
|
* ```
|
|
5316
5332
|
*/
|
|
5317
|
-
function abool$
|
|
5333
|
+
function abool$2(b) {
|
|
5318
5334
|
if (typeof b !== "boolean") throw new TypeError(`boolean expected, not ${b}`);
|
|
5319
5335
|
}
|
|
5320
5336
|
/**
|
|
@@ -5329,7 +5345,7 @@ function abool$3(b) {
|
|
|
5329
5345
|
* anumber(1);
|
|
5330
5346
|
* ```
|
|
5331
5347
|
*/
|
|
5332
|
-
function anumber$
|
|
5348
|
+
function anumber$4(n) {
|
|
5333
5349
|
if (typeof n !== "number") throw new TypeError("number expected, got " + typeof n);
|
|
5334
5350
|
if (!Number.isSafeInteger(n) || n < 0) throw new RangeError("positive integer expected, got " + n);
|
|
5335
5351
|
}
|
|
@@ -5349,8 +5365,8 @@ function anumber$5(n) {
|
|
|
5349
5365
|
* abytes(new Uint8Array([1, 2]), 2);
|
|
5350
5366
|
* ```
|
|
5351
5367
|
*/
|
|
5352
|
-
function abytes$
|
|
5353
|
-
const bytes = isBytes$
|
|
5368
|
+
function abytes$4(value, length, title = "") {
|
|
5369
|
+
const bytes = isBytes$4(value);
|
|
5354
5370
|
const len = value?.length;
|
|
5355
5371
|
const needsLen = length !== void 0;
|
|
5356
5372
|
if (!bytes || needsLen && len !== length) {
|
|
@@ -5376,7 +5392,7 @@ function abytes$5(value, length, title = "") {
|
|
|
5376
5392
|
* aexists({ destroyed: false, finished: false });
|
|
5377
5393
|
* ```
|
|
5378
5394
|
*/
|
|
5379
|
-
function aexists$
|
|
5395
|
+
function aexists$2(instance, checkFinished = true) {
|
|
5380
5396
|
if (instance.destroyed) throw new Error("Hash instance has been destroyed");
|
|
5381
5397
|
if (checkFinished && instance.finished) throw new Error("Hash#digest() has already been called");
|
|
5382
5398
|
}
|
|
@@ -5397,11 +5413,11 @@ function aexists$3(instance, checkFinished = true) {
|
|
|
5397
5413
|
* aoutput(new Uint8Array(16), { outputLen: 16 });
|
|
5398
5414
|
* ```
|
|
5399
5415
|
*/
|
|
5400
|
-
function aoutput$
|
|
5401
|
-
abytes$
|
|
5416
|
+
function aoutput$2(out, instance, onlyAligned = false) {
|
|
5417
|
+
abytes$4(out, void 0, "output");
|
|
5402
5418
|
const min = instance.outputLen;
|
|
5403
5419
|
if (out.length < min) throw new RangeError("digestInto() expects output buffer of length at least " + min);
|
|
5404
|
-
if (onlyAligned && !isAligned32
|
|
5420
|
+
if (onlyAligned && !isAligned32(out)) throw new Error("invalid output, must be aligned");
|
|
5405
5421
|
}
|
|
5406
5422
|
/**
|
|
5407
5423
|
* Casts a typed-array view to Uint32Array.
|
|
@@ -5415,7 +5431,7 @@ function aoutput$3(out, instance, onlyAligned = false) {
|
|
|
5415
5431
|
* u32(new Uint8Array(4));
|
|
5416
5432
|
* ```
|
|
5417
5433
|
*/
|
|
5418
|
-
function u32$
|
|
5434
|
+
function u32$2(arr) {
|
|
5419
5435
|
return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4));
|
|
5420
5436
|
}
|
|
5421
5437
|
/**
|
|
@@ -5430,7 +5446,7 @@ function u32$3(arr) {
|
|
|
5430
5446
|
* clean(bytes);
|
|
5431
5447
|
* ```
|
|
5432
5448
|
*/
|
|
5433
|
-
function clean$
|
|
5449
|
+
function clean$2(...arrays) {
|
|
5434
5450
|
for (let i = 0; i < arrays.length; i++) arrays[i].fill(0);
|
|
5435
5451
|
}
|
|
5436
5452
|
/**
|
|
@@ -5444,14 +5460,14 @@ function clean$3(...arrays) {
|
|
|
5444
5460
|
* createView(new Uint8Array(4));
|
|
5445
5461
|
* ```
|
|
5446
5462
|
*/
|
|
5447
|
-
function createView$
|
|
5463
|
+
function createView$2(arr) {
|
|
5448
5464
|
return new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
5449
5465
|
}
|
|
5450
5466
|
/**
|
|
5451
5467
|
* Whether the current platform is little-endian.
|
|
5452
5468
|
* Most are; some IBM systems are not.
|
|
5453
5469
|
*/
|
|
5454
|
-
const isLE$
|
|
5470
|
+
const isLE$2 = /* @__PURE__ */ (() => new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68)();
|
|
5455
5471
|
/**
|
|
5456
5472
|
* Reverses byte order of one 32-bit word.
|
|
5457
5473
|
* @param word - Unsigned 32-bit word to swap.
|
|
@@ -5475,7 +5491,7 @@ const byteSwap$2 = (word) => word << 24 & 4278190080 | word << 8 & 16711680 | wo
|
|
|
5475
5491
|
* swap8IfBE(0x11223344);
|
|
5476
5492
|
* ```
|
|
5477
5493
|
*/
|
|
5478
|
-
const swap8IfBE$1 = isLE$
|
|
5494
|
+
const swap8IfBE$1 = isLE$2 ? (n) => n : (n) => byteSwap$2(n) >>> 0;
|
|
5479
5495
|
/**
|
|
5480
5496
|
* Byte-swaps every word of a Uint32Array in place.
|
|
5481
5497
|
* @param arr - Uint32Array whose words should be swapped.
|
|
@@ -5502,7 +5518,7 @@ const byteSwap32$2 = (arr) => {
|
|
|
5502
5518
|
* swap32IfBE(new Uint32Array([0x11223344]));
|
|
5503
5519
|
* ```
|
|
5504
5520
|
*/
|
|
5505
|
-
const swap32IfBE$2 = isLE$
|
|
5521
|
+
const swap32IfBE$2 = isLE$2 ? (u) => u : byteSwap32$2;
|
|
5506
5522
|
/**
|
|
5507
5523
|
* Checks if two U8A use same underlying buffer and overlaps.
|
|
5508
5524
|
* This is invalid and can corrupt data.
|
|
@@ -5536,7 +5552,7 @@ function concatBytes$3(...arrays) {
|
|
|
5536
5552
|
let sum = 0;
|
|
5537
5553
|
for (let i = 0; i < arrays.length; i++) {
|
|
5538
5554
|
const a = arrays[i];
|
|
5539
|
-
abytes$
|
|
5555
|
+
abytes$4(a);
|
|
5540
5556
|
sum += a.length;
|
|
5541
5557
|
}
|
|
5542
5558
|
const res = new Uint8Array(sum);
|
|
@@ -5561,7 +5577,7 @@ function concatBytes$3(...arrays) {
|
|
|
5561
5577
|
* checkOpts({ rounds: 20 }, { rounds: 8 });
|
|
5562
5578
|
* ```
|
|
5563
5579
|
*/
|
|
5564
|
-
function checkOpts$
|
|
5580
|
+
function checkOpts$1(defaults, opts) {
|
|
5565
5581
|
if (opts == null || typeof opts !== "object") throw new Error("options must be defined");
|
|
5566
5582
|
return Object.assign(defaults, opts);
|
|
5567
5583
|
}
|
|
@@ -5577,7 +5593,7 @@ function checkOpts$2(defaults, opts) {
|
|
|
5577
5593
|
* equalBytes(new Uint8Array([1]), new Uint8Array([1]));
|
|
5578
5594
|
* ```
|
|
5579
5595
|
*/
|
|
5580
|
-
function equalBytes$
|
|
5596
|
+
function equalBytes$2(a, b) {
|
|
5581
5597
|
if (a.length !== b.length) return false;
|
|
5582
5598
|
let diff = 0;
|
|
5583
5599
|
for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i];
|
|
@@ -5613,20 +5629,20 @@ function wrapMacConstructor(keyLen, macCons, fromMsg) {
|
|
|
5613
5629
|
* @param constructor - Cipher constructor.
|
|
5614
5630
|
* @returns Wrapped constructor with validation.
|
|
5615
5631
|
*/
|
|
5616
|
-
const wrapCipher
|
|
5632
|
+
const wrapCipher = (params, constructor) => {
|
|
5617
5633
|
function wrappedCipher(key, ...args) {
|
|
5618
|
-
abytes$
|
|
5634
|
+
abytes$4(key, void 0, "key");
|
|
5619
5635
|
if (params.nonceLength !== void 0) {
|
|
5620
5636
|
const nonce = args[0];
|
|
5621
|
-
abytes$
|
|
5637
|
+
abytes$4(nonce, params.varSizeNonce ? void 0 : params.nonceLength, "nonce");
|
|
5622
5638
|
}
|
|
5623
5639
|
const tagl = params.tagLength;
|
|
5624
|
-
if (tagl && args[1] !== void 0) abytes$
|
|
5640
|
+
if (tagl && args[1] !== void 0) abytes$4(args[1], void 0, "AAD");
|
|
5625
5641
|
const cipher = constructor(key, ...args);
|
|
5626
5642
|
const checkOutput = (fnLength, output) => {
|
|
5627
5643
|
if (output !== void 0) {
|
|
5628
5644
|
if (fnLength !== 2) throw new Error("cipher output not supported");
|
|
5629
|
-
abytes$
|
|
5645
|
+
abytes$4(output, void 0, "output");
|
|
5630
5646
|
}
|
|
5631
5647
|
};
|
|
5632
5648
|
let called = false;
|
|
@@ -5634,12 +5650,12 @@ const wrapCipher$1 = (params, constructor) => {
|
|
|
5634
5650
|
encrypt(data, output) {
|
|
5635
5651
|
if (called) throw new Error("cannot encrypt() twice with same key + nonce");
|
|
5636
5652
|
called = true;
|
|
5637
|
-
abytes$
|
|
5653
|
+
abytes$4(data);
|
|
5638
5654
|
checkOutput(cipher.encrypt.length, output);
|
|
5639
5655
|
return cipher.encrypt(data, output);
|
|
5640
5656
|
},
|
|
5641
5657
|
decrypt(data, output) {
|
|
5642
|
-
abytes$
|
|
5658
|
+
abytes$4(data);
|
|
5643
5659
|
if (tagl && data.length < tagl) throw new Error("\"ciphertext\" expected length bigger than tagLength=" + tagl);
|
|
5644
5660
|
checkOutput(cipher.decrypt.length, output);
|
|
5645
5661
|
return cipher.decrypt(data, output);
|
|
@@ -5665,11 +5681,11 @@ const wrapCipher$1 = (params, constructor) => {
|
|
|
5665
5681
|
* getOutput(16, new Uint8Array(16));
|
|
5666
5682
|
* ```
|
|
5667
5683
|
*/
|
|
5668
|
-
function getOutput
|
|
5684
|
+
function getOutput(expectedLength, out, onlyAligned = true) {
|
|
5669
5685
|
if (out === void 0) return new Uint8Array(expectedLength);
|
|
5670
|
-
abytes$
|
|
5686
|
+
abytes$4(out, void 0, "output");
|
|
5671
5687
|
if (out.length !== expectedLength) throw new Error("\"output\" expected Uint8Array of length " + expectedLength + ", got: " + out.length);
|
|
5672
|
-
if (onlyAligned && !isAligned32
|
|
5688
|
+
if (onlyAligned && !isAligned32(out)) throw new Error("invalid output, must be aligned");
|
|
5673
5689
|
return out;
|
|
5674
5690
|
}
|
|
5675
5691
|
/**
|
|
@@ -5689,12 +5705,12 @@ function getOutput$1(expectedLength, out, onlyAligned = true) {
|
|
|
5689
5705
|
* u64Lengths(16, 8, true);
|
|
5690
5706
|
* ```
|
|
5691
5707
|
*/
|
|
5692
|
-
function u64Lengths
|
|
5693
|
-
anumber$
|
|
5694
|
-
anumber$
|
|
5695
|
-
abool$
|
|
5708
|
+
function u64Lengths(dataLength, aadLength, isLE) {
|
|
5709
|
+
anumber$4(dataLength);
|
|
5710
|
+
anumber$4(aadLength);
|
|
5711
|
+
abool$2(isLE);
|
|
5696
5712
|
const num = new Uint8Array(16);
|
|
5697
|
-
const view = createView$
|
|
5713
|
+
const view = createView$2(num);
|
|
5698
5714
|
view.setBigUint64(0, BigInt(aadLength), isLE);
|
|
5699
5715
|
view.setBigUint64(8, BigInt(dataLength), isLE);
|
|
5700
5716
|
return num;
|
|
@@ -5710,7 +5726,7 @@ function u64Lengths$1(dataLength, aadLength, isLE) {
|
|
|
5710
5726
|
* isAligned32(new Uint8Array(4));
|
|
5711
5727
|
* ```
|
|
5712
5728
|
*/
|
|
5713
|
-
function isAligned32
|
|
5729
|
+
function isAligned32(bytes) {
|
|
5714
5730
|
return bytes.byteOffset % 4 === 0;
|
|
5715
5731
|
}
|
|
5716
5732
|
/**
|
|
@@ -5725,8 +5741,8 @@ function isAligned32$2(bytes) {
|
|
|
5725
5741
|
* copyBytes(new Uint8Array([1, 2]));
|
|
5726
5742
|
* ```
|
|
5727
5743
|
*/
|
|
5728
|
-
function copyBytes$
|
|
5729
|
-
return Uint8Array.from(abytes$
|
|
5744
|
+
function copyBytes$3(bytes) {
|
|
5745
|
+
return Uint8Array.from(abytes$4(bytes));
|
|
5730
5746
|
}
|
|
5731
5747
|
/**
|
|
5732
5748
|
* Cryptographically secure PRNG.
|
|
@@ -5746,7 +5762,7 @@ function copyBytes$4(bytes) {
|
|
|
5746
5762
|
* ```
|
|
5747
5763
|
*/
|
|
5748
5764
|
function randomBytes$5(bytesLength = 32) {
|
|
5749
|
-
anumber$
|
|
5765
|
+
anumber$4(bytesLength);
|
|
5750
5766
|
const cr = typeof globalThis === "object" ? globalThis.crypto : null;
|
|
5751
5767
|
if (typeof cr?.getRandomValues !== "function") throw new Error("crypto.getRandomValues must be defined");
|
|
5752
5768
|
return cr.getRandomValues(new Uint8Array(bytesLength));
|
|
@@ -5783,7 +5799,7 @@ function randomBytes$5(bytesLength = 32) {
|
|
|
5783
5799
|
*/
|
|
5784
5800
|
function managedNonce(fn, randomBytes_ = randomBytes$5) {
|
|
5785
5801
|
const { nonceLength } = fn;
|
|
5786
|
-
anumber$
|
|
5802
|
+
anumber$4(nonceLength);
|
|
5787
5803
|
const addNonce = (nonce, ciphertext, plaintext) => {
|
|
5788
5804
|
const out = concatBytes$3(nonce, ciphertext);
|
|
5789
5805
|
if (!overlapBytes(plaintext, ciphertext)) ciphertext.fill(0);
|
|
@@ -5791,14 +5807,14 @@ function managedNonce(fn, randomBytes_ = randomBytes$5) {
|
|
|
5791
5807
|
};
|
|
5792
5808
|
const res = ((key, ...args) => ({
|
|
5793
5809
|
encrypt(plaintext) {
|
|
5794
|
-
abytes$
|
|
5810
|
+
abytes$4(plaintext);
|
|
5795
5811
|
const nonce = randomBytes_(nonceLength);
|
|
5796
5812
|
const encrypted = fn(key, nonce, ...args).encrypt(plaintext);
|
|
5797
5813
|
if (encrypted instanceof Promise) return encrypted.then((ct) => addNonce(nonce, ct, plaintext));
|
|
5798
5814
|
return addNonce(nonce, encrypted, plaintext);
|
|
5799
5815
|
},
|
|
5800
5816
|
decrypt(ciphertext) {
|
|
5801
|
-
abytes$
|
|
5817
|
+
abytes$4(ciphertext);
|
|
5802
5818
|
const nonce = ciphertext.subarray(0, nonceLength);
|
|
5803
5819
|
const decrypted = ciphertext.subarray(nonceLength);
|
|
5804
5820
|
return fn(key, nonce, ...args).decrypt(decrypted);
|
|
@@ -5851,9 +5867,9 @@ See {@link https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#appendi
|
|
|
5851
5867
|
|
|
5852
5868
|
* @module
|
|
5853
5869
|
*/
|
|
5854
|
-
const encodeStr
|
|
5855
|
-
const sigma16_32
|
|
5856
|
-
const sigma32_32
|
|
5870
|
+
const encodeStr = (str) => Uint8Array.from(str.split(""), (c) => c.charCodeAt(0));
|
|
5871
|
+
const sigma16_32 = /* @__PURE__ */ (() => swap32IfBE$2(u32$2(encodeStr("expand 16-byte k"))))();
|
|
5872
|
+
const sigma32_32 = /* @__PURE__ */ (() => swap32IfBE$2(u32$2(encodeStr("expand 32-byte k"))))();
|
|
5857
5873
|
/**
|
|
5858
5874
|
* Rotates a 32-bit word left.
|
|
5859
5875
|
* @param a - Input word.
|
|
@@ -5865,26 +5881,26 @@ const sigma32_32$1 = /* @__PURE__ */ (() => swap32IfBE$2(u32$3(encodeStr$1("expa
|
|
|
5865
5881
|
* rotl(0x12345678, 8);
|
|
5866
5882
|
* ```
|
|
5867
5883
|
*/
|
|
5868
|
-
function rotl$
|
|
5884
|
+
function rotl$1(a, b) {
|
|
5869
5885
|
return a << b | a >>> 32 - b;
|
|
5870
5886
|
}
|
|
5871
|
-
const BLOCK_LEN
|
|
5872
|
-
const BLOCK_LEN32
|
|
5873
|
-
const MAX_COUNTER
|
|
5874
|
-
const U32_EMPTY
|
|
5875
|
-
function runCipher
|
|
5887
|
+
const BLOCK_LEN = 64;
|
|
5888
|
+
const BLOCK_LEN32 = 16;
|
|
5889
|
+
const MAX_COUNTER = /* @__PURE__ */ (() => 2 ** 32 - 1)();
|
|
5890
|
+
const U32_EMPTY = /* @__PURE__ */ Uint32Array.of();
|
|
5891
|
+
function runCipher(core, sigma, key, nonce, data, output, counter, rounds) {
|
|
5876
5892
|
const len = data.length;
|
|
5877
|
-
const block = new Uint8Array(BLOCK_LEN
|
|
5878
|
-
const b32 = u32$
|
|
5879
|
-
const isAligned = isLE$
|
|
5880
|
-
const d32 = isAligned ? u32$
|
|
5881
|
-
const o32 = isAligned ? u32$
|
|
5882
|
-
if (!isLE$
|
|
5893
|
+
const block = new Uint8Array(BLOCK_LEN);
|
|
5894
|
+
const b32 = u32$2(block);
|
|
5895
|
+
const isAligned = isLE$2 && isAligned32(data) && isAligned32(output);
|
|
5896
|
+
const d32 = isAligned ? u32$2(data) : U32_EMPTY;
|
|
5897
|
+
const o32 = isAligned ? u32$2(output) : U32_EMPTY;
|
|
5898
|
+
if (!isLE$2) {
|
|
5883
5899
|
for (let pos = 0; pos < len; counter++) {
|
|
5884
5900
|
core(sigma, key, nonce, b32, counter, rounds);
|
|
5885
5901
|
swap32IfBE$2(b32);
|
|
5886
|
-
if (counter >= MAX_COUNTER
|
|
5887
|
-
const take = Math.min(BLOCK_LEN
|
|
5902
|
+
if (counter >= MAX_COUNTER) throw new Error("arx: counter overflow");
|
|
5903
|
+
const take = Math.min(BLOCK_LEN, len - pos);
|
|
5888
5904
|
for (let j = 0, posj; j < take; j++) {
|
|
5889
5905
|
posj = pos + j;
|
|
5890
5906
|
output[posj] = data[posj] ^ block[j];
|
|
@@ -5895,16 +5911,16 @@ function runCipher$1(core, sigma, key, nonce, data, output, counter, rounds) {
|
|
|
5895
5911
|
}
|
|
5896
5912
|
for (let pos = 0; pos < len; counter++) {
|
|
5897
5913
|
core(sigma, key, nonce, b32, counter, rounds);
|
|
5898
|
-
if (counter >= MAX_COUNTER
|
|
5899
|
-
const take = Math.min(BLOCK_LEN
|
|
5900
|
-
if (isAligned && take === BLOCK_LEN
|
|
5914
|
+
if (counter >= MAX_COUNTER) throw new Error("arx: counter overflow");
|
|
5915
|
+
const take = Math.min(BLOCK_LEN, len - pos);
|
|
5916
|
+
if (isAligned && take === BLOCK_LEN) {
|
|
5901
5917
|
const pos32 = pos / 4;
|
|
5902
5918
|
if (pos % 4 !== 0) throw new Error("arx: invalid block position");
|
|
5903
|
-
for (let j = 0, posj; j < BLOCK_LEN32
|
|
5919
|
+
for (let j = 0, posj; j < BLOCK_LEN32; j++) {
|
|
5904
5920
|
posj = pos32 + j;
|
|
5905
5921
|
o32[posj] = d32[posj] ^ b32[j];
|
|
5906
5922
|
}
|
|
5907
|
-
pos += BLOCK_LEN
|
|
5923
|
+
pos += BLOCK_LEN;
|
|
5908
5924
|
continue;
|
|
5909
5925
|
}
|
|
5910
5926
|
for (let j = 0, posj; j < take; j++) {
|
|
@@ -5922,57 +5938,57 @@ function runCipher$1(core, sigma, key, nonce, data, output, counter, rounds) {
|
|
|
5922
5938
|
* @returns Stream cipher function over byte arrays.
|
|
5923
5939
|
* @throws If the core callback, key size, counter, or output sizing is invalid. {@link Error}
|
|
5924
5940
|
*/
|
|
5925
|
-
function createCipher
|
|
5926
|
-
const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = checkOpts$
|
|
5941
|
+
function createCipher(core, opts) {
|
|
5942
|
+
const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = checkOpts$1({
|
|
5927
5943
|
allowShortKeys: false,
|
|
5928
5944
|
counterLength: 8,
|
|
5929
5945
|
counterRight: false,
|
|
5930
5946
|
rounds: 20
|
|
5931
5947
|
}, opts);
|
|
5932
5948
|
if (typeof core !== "function") throw new Error("core must be a function");
|
|
5933
|
-
anumber$
|
|
5934
|
-
anumber$
|
|
5935
|
-
abool$
|
|
5936
|
-
abool$
|
|
5949
|
+
anumber$4(counterLength);
|
|
5950
|
+
anumber$4(rounds);
|
|
5951
|
+
abool$2(counterRight);
|
|
5952
|
+
abool$2(allowShortKeys);
|
|
5937
5953
|
return (key, nonce, data, output, counter = 0) => {
|
|
5938
|
-
abytes$
|
|
5939
|
-
abytes$
|
|
5940
|
-
abytes$
|
|
5954
|
+
abytes$4(key, void 0, "key");
|
|
5955
|
+
abytes$4(nonce, void 0, "nonce");
|
|
5956
|
+
abytes$4(data, void 0, "data");
|
|
5941
5957
|
const len = data.length;
|
|
5942
|
-
output = getOutput
|
|
5943
|
-
anumber$
|
|
5944
|
-
if (counter < 0 || counter >= MAX_COUNTER
|
|
5958
|
+
output = getOutput(len, output, false);
|
|
5959
|
+
anumber$4(counter);
|
|
5960
|
+
if (counter < 0 || counter >= MAX_COUNTER) throw new Error("arx: counter overflow");
|
|
5945
5961
|
const toClean = [];
|
|
5946
5962
|
let l = key.length;
|
|
5947
5963
|
let k;
|
|
5948
5964
|
let sigma;
|
|
5949
5965
|
if (l === 32) {
|
|
5950
|
-
toClean.push(k = copyBytes$
|
|
5951
|
-
sigma = sigma32_32
|
|
5966
|
+
toClean.push(k = copyBytes$3(key));
|
|
5967
|
+
sigma = sigma32_32;
|
|
5952
5968
|
} else if (l === 16 && allowShortKeys) {
|
|
5953
5969
|
k = new Uint8Array(32);
|
|
5954
5970
|
k.set(key);
|
|
5955
5971
|
k.set(key, 16);
|
|
5956
|
-
sigma = sigma16_32
|
|
5972
|
+
sigma = sigma16_32;
|
|
5957
5973
|
toClean.push(k);
|
|
5958
5974
|
} else {
|
|
5959
|
-
abytes$
|
|
5975
|
+
abytes$4(key, 32, "arx key");
|
|
5960
5976
|
throw new Error("invalid key size");
|
|
5961
5977
|
}
|
|
5962
|
-
if (!isLE$
|
|
5963
|
-
let k32 = u32$
|
|
5978
|
+
if (!isLE$2 || !isAligned32(nonce)) toClean.push(nonce = copyBytes$3(nonce));
|
|
5979
|
+
let k32 = u32$2(k);
|
|
5964
5980
|
if (extendNonceFn) {
|
|
5965
5981
|
if (nonce.length !== 24) throw new Error(`arx: extended nonce must be 24 bytes`);
|
|
5966
5982
|
const n16 = nonce.subarray(0, 16);
|
|
5967
|
-
if (isLE$
|
|
5983
|
+
if (isLE$2) extendNonceFn(sigma, k32, u32$2(n16), k32);
|
|
5968
5984
|
else {
|
|
5969
5985
|
const sigmaRaw = swap32IfBE$2(Uint32Array.from(sigma));
|
|
5970
|
-
extendNonceFn(sigmaRaw, k32, u32$
|
|
5971
|
-
clean$
|
|
5986
|
+
extendNonceFn(sigmaRaw, k32, u32$2(n16), k32);
|
|
5987
|
+
clean$2(sigmaRaw);
|
|
5972
5988
|
swap32IfBE$2(k32);
|
|
5973
5989
|
}
|
|
5974
5990
|
nonce = nonce.subarray(16);
|
|
5975
|
-
} else if (!isLE$
|
|
5991
|
+
} else if (!isLE$2) swap32IfBE$2(k32);
|
|
5976
5992
|
const nonceNcLen = 16 - counterLength;
|
|
5977
5993
|
if (nonceNcLen !== nonce.length) throw new Error(`arx: nonce must be ${nonceNcLen} or 16 bytes`);
|
|
5978
5994
|
if (nonceNcLen !== 12) {
|
|
@@ -5981,12 +5997,12 @@ function createCipher$1(core, opts) {
|
|
|
5981
5997
|
nonce = nc;
|
|
5982
5998
|
toClean.push(nonce);
|
|
5983
5999
|
}
|
|
5984
|
-
const n32 = swap32IfBE$2(u32$
|
|
6000
|
+
const n32 = swap32IfBE$2(u32$2(nonce));
|
|
5985
6001
|
try {
|
|
5986
|
-
runCipher
|
|
6002
|
+
runCipher(core, sigma, k32, n32, data, output, counter, rounds);
|
|
5987
6003
|
return output;
|
|
5988
6004
|
} finally {
|
|
5989
|
-
clean$
|
|
6005
|
+
clean$2(...toClean);
|
|
5990
6006
|
}
|
|
5991
6007
|
};
|
|
5992
6008
|
}
|
|
@@ -6012,7 +6028,7 @@ function createCipher$1(core, opts) {
|
|
|
6012
6028
|
* Based on public-domain {@link https://github.com/floodyberry/poly1305-donna | poly1305-donna}.
|
|
6013
6029
|
* @module
|
|
6014
6030
|
*/
|
|
6015
|
-
function u8to16
|
|
6031
|
+
function u8to16(a, i) {
|
|
6016
6032
|
return a[i++] & 255 | (a[i++] & 255) << 8;
|
|
6017
6033
|
}
|
|
6018
6034
|
/**
|
|
@@ -6031,7 +6047,7 @@ function u8to16$1(a, i) {
|
|
|
6031
6047
|
* mac.digest();
|
|
6032
6048
|
* ```
|
|
6033
6049
|
*/
|
|
6034
|
-
var Poly1305
|
|
6050
|
+
var Poly1305 = class {
|
|
6035
6051
|
blockLen = 16;
|
|
6036
6052
|
outputLen = 16;
|
|
6037
6053
|
buffer = new Uint8Array(16);
|
|
@@ -6042,15 +6058,15 @@ var Poly1305$1 = class {
|
|
|
6042
6058
|
finished = false;
|
|
6043
6059
|
destroyed = false;
|
|
6044
6060
|
constructor(key) {
|
|
6045
|
-
key = copyBytes$
|
|
6046
|
-
const t0 = u8to16
|
|
6047
|
-
const t1 = u8to16
|
|
6048
|
-
const t2 = u8to16
|
|
6049
|
-
const t3 = u8to16
|
|
6050
|
-
const t4 = u8to16
|
|
6051
|
-
const t5 = u8to16
|
|
6052
|
-
const t6 = u8to16
|
|
6053
|
-
const t7 = u8to16
|
|
6061
|
+
key = copyBytes$3(abytes$4(key, 32, "key"));
|
|
6062
|
+
const t0 = u8to16(key, 0);
|
|
6063
|
+
const t1 = u8to16(key, 2);
|
|
6064
|
+
const t2 = u8to16(key, 4);
|
|
6065
|
+
const t3 = u8to16(key, 6);
|
|
6066
|
+
const t4 = u8to16(key, 8);
|
|
6067
|
+
const t5 = u8to16(key, 10);
|
|
6068
|
+
const t6 = u8to16(key, 12);
|
|
6069
|
+
const t7 = u8to16(key, 14);
|
|
6054
6070
|
this.r[0] = t0 & 8191;
|
|
6055
6071
|
this.r[1] = (t0 >>> 13 | t1 << 3) & 8191;
|
|
6056
6072
|
this.r[2] = (t1 >>> 10 | t2 << 6) & 7939;
|
|
@@ -6061,7 +6077,7 @@ var Poly1305$1 = class {
|
|
|
6061
6077
|
this.r[7] = (t5 >>> 11 | t6 << 5) & 8065;
|
|
6062
6078
|
this.r[8] = (t6 >>> 8 | t7 << 8) & 8191;
|
|
6063
6079
|
this.r[9] = t7 >>> 5 & 127;
|
|
6064
|
-
for (let i = 0; i < 8; i++) this.pad[i] = u8to16
|
|
6080
|
+
for (let i = 0; i < 8; i++) this.pad[i] = u8to16(key, 16 + 2 * i);
|
|
6065
6081
|
}
|
|
6066
6082
|
process(data, offset, isLast = false) {
|
|
6067
6083
|
const hibit = isLast ? 0 : 2048;
|
|
@@ -6076,14 +6092,14 @@ var Poly1305$1 = class {
|
|
|
6076
6092
|
const r7 = r[7];
|
|
6077
6093
|
const r8 = r[8];
|
|
6078
6094
|
const r9 = r[9];
|
|
6079
|
-
const t0 = u8to16
|
|
6080
|
-
const t1 = u8to16
|
|
6081
|
-
const t2 = u8to16
|
|
6082
|
-
const t3 = u8to16
|
|
6083
|
-
const t4 = u8to16
|
|
6084
|
-
const t5 = u8to16
|
|
6085
|
-
const t6 = u8to16
|
|
6086
|
-
const t7 = u8to16
|
|
6095
|
+
const t0 = u8to16(data, offset + 0);
|
|
6096
|
+
const t1 = u8to16(data, offset + 2);
|
|
6097
|
+
const t2 = u8to16(data, offset + 4);
|
|
6098
|
+
const t3 = u8to16(data, offset + 6);
|
|
6099
|
+
const t4 = u8to16(data, offset + 8);
|
|
6100
|
+
const t5 = u8to16(data, offset + 10);
|
|
6101
|
+
const t6 = u8to16(data, offset + 12);
|
|
6102
|
+
const t7 = u8to16(data, offset + 14);
|
|
6087
6103
|
let h0 = h[0] + (t0 & 8191);
|
|
6088
6104
|
let h1 = h[1] + ((t0 >>> 13 | t1 << 3) & 8191);
|
|
6089
6105
|
let h2 = h[2] + ((t1 >>> 10 | t2 << 6) & 8191);
|
|
@@ -6215,12 +6231,12 @@ var Poly1305$1 = class {
|
|
|
6215
6231
|
f = (h[i] + pad[i] | 0) + (f >>> 16) | 0;
|
|
6216
6232
|
h[i] = f & 65535;
|
|
6217
6233
|
}
|
|
6218
|
-
clean$
|
|
6234
|
+
clean$2(g);
|
|
6219
6235
|
}
|
|
6220
6236
|
update(data) {
|
|
6221
|
-
aexists$
|
|
6222
|
-
abytes$
|
|
6223
|
-
data = copyBytes$
|
|
6237
|
+
aexists$2(this);
|
|
6238
|
+
abytes$4(data);
|
|
6239
|
+
data = copyBytes$3(data);
|
|
6224
6240
|
const { buffer, blockLen } = this;
|
|
6225
6241
|
const len = data.length;
|
|
6226
6242
|
for (let pos = 0; pos < len;) {
|
|
@@ -6241,11 +6257,11 @@ var Poly1305$1 = class {
|
|
|
6241
6257
|
}
|
|
6242
6258
|
destroy() {
|
|
6243
6259
|
this.destroyed = true;
|
|
6244
|
-
clean$
|
|
6260
|
+
clean$2(this.h, this.r, this.buffer, this.pad);
|
|
6245
6261
|
}
|
|
6246
6262
|
digestInto(out) {
|
|
6247
|
-
aexists$
|
|
6248
|
-
aoutput$
|
|
6263
|
+
aexists$2(this);
|
|
6264
|
+
aoutput$2(out, this);
|
|
6249
6265
|
this.finished = true;
|
|
6250
6266
|
const { buffer, h } = this;
|
|
6251
6267
|
let { pos } = this;
|
|
@@ -6284,7 +6300,7 @@ var Poly1305$1 = class {
|
|
|
6284
6300
|
* poly1305(new Uint8Array(), key);
|
|
6285
6301
|
* ```
|
|
6286
6302
|
*/
|
|
6287
|
-
const poly1305
|
|
6303
|
+
const poly1305 = /* @__PURE__ */ wrapMacConstructor(32, (key) => new Poly1305(key));
|
|
6288
6304
|
|
|
6289
6305
|
//#endregion
|
|
6290
6306
|
//#region ../../node_modules/.bun/@noble+ciphers@2.2.0/node_modules/@noble/ciphers/chacha.js
|
|
@@ -6307,74 +6323,74 @@ const poly1305$1 = /* @__PURE__ */ wrapMacConstructor(32, (key) => new Poly1305$
|
|
|
6307
6323
|
* @module
|
|
6308
6324
|
*/
|
|
6309
6325
|
/** RFC 8439 §2.3 block core for `state = constants | key | counter | nonce`. */
|
|
6310
|
-
function chachaCore
|
|
6326
|
+
function chachaCore(s, k, n, out, cnt, rounds = 20) {
|
|
6311
6327
|
let y00 = s[0], y01 = s[1], y02 = s[2], y03 = s[3], y04 = k[0], y05 = k[1], y06 = k[2], y07 = k[3], y08 = k[4], y09 = k[5], y10 = k[6], y11 = k[7], y12 = cnt, y13 = n[0], y14 = n[1], y15 = n[2];
|
|
6312
6328
|
let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15;
|
|
6313
6329
|
for (let r = 0; r < rounds; r += 2) {
|
|
6314
6330
|
x00 = x00 + x04 | 0;
|
|
6315
|
-
x12 = rotl$
|
|
6331
|
+
x12 = rotl$1(x12 ^ x00, 16);
|
|
6316
6332
|
x08 = x08 + x12 | 0;
|
|
6317
|
-
x04 = rotl$
|
|
6333
|
+
x04 = rotl$1(x04 ^ x08, 12);
|
|
6318
6334
|
x00 = x00 + x04 | 0;
|
|
6319
|
-
x12 = rotl$
|
|
6335
|
+
x12 = rotl$1(x12 ^ x00, 8);
|
|
6320
6336
|
x08 = x08 + x12 | 0;
|
|
6321
|
-
x04 = rotl$
|
|
6337
|
+
x04 = rotl$1(x04 ^ x08, 7);
|
|
6322
6338
|
x01 = x01 + x05 | 0;
|
|
6323
|
-
x13 = rotl$
|
|
6339
|
+
x13 = rotl$1(x13 ^ x01, 16);
|
|
6324
6340
|
x09 = x09 + x13 | 0;
|
|
6325
|
-
x05 = rotl$
|
|
6341
|
+
x05 = rotl$1(x05 ^ x09, 12);
|
|
6326
6342
|
x01 = x01 + x05 | 0;
|
|
6327
|
-
x13 = rotl$
|
|
6343
|
+
x13 = rotl$1(x13 ^ x01, 8);
|
|
6328
6344
|
x09 = x09 + x13 | 0;
|
|
6329
|
-
x05 = rotl$
|
|
6345
|
+
x05 = rotl$1(x05 ^ x09, 7);
|
|
6330
6346
|
x02 = x02 + x06 | 0;
|
|
6331
|
-
x14 = rotl$
|
|
6347
|
+
x14 = rotl$1(x14 ^ x02, 16);
|
|
6332
6348
|
x10 = x10 + x14 | 0;
|
|
6333
|
-
x06 = rotl$
|
|
6349
|
+
x06 = rotl$1(x06 ^ x10, 12);
|
|
6334
6350
|
x02 = x02 + x06 | 0;
|
|
6335
|
-
x14 = rotl$
|
|
6351
|
+
x14 = rotl$1(x14 ^ x02, 8);
|
|
6336
6352
|
x10 = x10 + x14 | 0;
|
|
6337
|
-
x06 = rotl$
|
|
6353
|
+
x06 = rotl$1(x06 ^ x10, 7);
|
|
6338
6354
|
x03 = x03 + x07 | 0;
|
|
6339
|
-
x15 = rotl$
|
|
6355
|
+
x15 = rotl$1(x15 ^ x03, 16);
|
|
6340
6356
|
x11 = x11 + x15 | 0;
|
|
6341
|
-
x07 = rotl$
|
|
6357
|
+
x07 = rotl$1(x07 ^ x11, 12);
|
|
6342
6358
|
x03 = x03 + x07 | 0;
|
|
6343
|
-
x15 = rotl$
|
|
6359
|
+
x15 = rotl$1(x15 ^ x03, 8);
|
|
6344
6360
|
x11 = x11 + x15 | 0;
|
|
6345
|
-
x07 = rotl$
|
|
6361
|
+
x07 = rotl$1(x07 ^ x11, 7);
|
|
6346
6362
|
x00 = x00 + x05 | 0;
|
|
6347
|
-
x15 = rotl$
|
|
6363
|
+
x15 = rotl$1(x15 ^ x00, 16);
|
|
6348
6364
|
x10 = x10 + x15 | 0;
|
|
6349
|
-
x05 = rotl$
|
|
6365
|
+
x05 = rotl$1(x05 ^ x10, 12);
|
|
6350
6366
|
x00 = x00 + x05 | 0;
|
|
6351
|
-
x15 = rotl$
|
|
6367
|
+
x15 = rotl$1(x15 ^ x00, 8);
|
|
6352
6368
|
x10 = x10 + x15 | 0;
|
|
6353
|
-
x05 = rotl$
|
|
6369
|
+
x05 = rotl$1(x05 ^ x10, 7);
|
|
6354
6370
|
x01 = x01 + x06 | 0;
|
|
6355
|
-
x12 = rotl$
|
|
6371
|
+
x12 = rotl$1(x12 ^ x01, 16);
|
|
6356
6372
|
x11 = x11 + x12 | 0;
|
|
6357
|
-
x06 = rotl$
|
|
6373
|
+
x06 = rotl$1(x06 ^ x11, 12);
|
|
6358
6374
|
x01 = x01 + x06 | 0;
|
|
6359
|
-
x12 = rotl$
|
|
6375
|
+
x12 = rotl$1(x12 ^ x01, 8);
|
|
6360
6376
|
x11 = x11 + x12 | 0;
|
|
6361
|
-
x06 = rotl$
|
|
6377
|
+
x06 = rotl$1(x06 ^ x11, 7);
|
|
6362
6378
|
x02 = x02 + x07 | 0;
|
|
6363
|
-
x13 = rotl$
|
|
6379
|
+
x13 = rotl$1(x13 ^ x02, 16);
|
|
6364
6380
|
x08 = x08 + x13 | 0;
|
|
6365
|
-
x07 = rotl$
|
|
6381
|
+
x07 = rotl$1(x07 ^ x08, 12);
|
|
6366
6382
|
x02 = x02 + x07 | 0;
|
|
6367
|
-
x13 = rotl$
|
|
6383
|
+
x13 = rotl$1(x13 ^ x02, 8);
|
|
6368
6384
|
x08 = x08 + x13 | 0;
|
|
6369
|
-
x07 = rotl$
|
|
6385
|
+
x07 = rotl$1(x07 ^ x08, 7);
|
|
6370
6386
|
x03 = x03 + x04 | 0;
|
|
6371
|
-
x14 = rotl$
|
|
6387
|
+
x14 = rotl$1(x14 ^ x03, 16);
|
|
6372
6388
|
x09 = x09 + x14 | 0;
|
|
6373
|
-
x04 = rotl$
|
|
6389
|
+
x04 = rotl$1(x04 ^ x09, 12);
|
|
6374
6390
|
x03 = x03 + x04 | 0;
|
|
6375
|
-
x14 = rotl$
|
|
6391
|
+
x14 = rotl$1(x14 ^ x03, 8);
|
|
6376
6392
|
x09 = x09 + x14 | 0;
|
|
6377
|
-
x04 = rotl$
|
|
6393
|
+
x04 = rotl$1(x04 ^ x09, 7);
|
|
6378
6394
|
}
|
|
6379
6395
|
let oi = 0;
|
|
6380
6396
|
out[oi++] = y00 + x00 | 0;
|
|
@@ -6414,73 +6430,73 @@ function chachaCore$1(s, k, n, out, cnt, rounds = 20) {
|
|
|
6414
6430
|
* hchacha(sigma, key, nonce, out);
|
|
6415
6431
|
* ```
|
|
6416
6432
|
*/
|
|
6417
|
-
function hchacha
|
|
6433
|
+
function hchacha(s, k, i, out) {
|
|
6418
6434
|
let x00 = swap8IfBE$1(s[0]), x01 = swap8IfBE$1(s[1]), x02 = swap8IfBE$1(s[2]), x03 = swap8IfBE$1(s[3]), x04 = swap8IfBE$1(k[0]), x05 = swap8IfBE$1(k[1]), x06 = swap8IfBE$1(k[2]), x07 = swap8IfBE$1(k[3]), x08 = swap8IfBE$1(k[4]), x09 = swap8IfBE$1(k[5]), x10 = swap8IfBE$1(k[6]), x11 = swap8IfBE$1(k[7]), x12 = swap8IfBE$1(i[0]), x13 = swap8IfBE$1(i[1]), x14 = swap8IfBE$1(i[2]), x15 = swap8IfBE$1(i[3]);
|
|
6419
6435
|
for (let r = 0; r < 20; r += 2) {
|
|
6420
6436
|
x00 = x00 + x04 | 0;
|
|
6421
|
-
x12 = rotl$
|
|
6437
|
+
x12 = rotl$1(x12 ^ x00, 16);
|
|
6422
6438
|
x08 = x08 + x12 | 0;
|
|
6423
|
-
x04 = rotl$
|
|
6439
|
+
x04 = rotl$1(x04 ^ x08, 12);
|
|
6424
6440
|
x00 = x00 + x04 | 0;
|
|
6425
|
-
x12 = rotl$
|
|
6441
|
+
x12 = rotl$1(x12 ^ x00, 8);
|
|
6426
6442
|
x08 = x08 + x12 | 0;
|
|
6427
|
-
x04 = rotl$
|
|
6443
|
+
x04 = rotl$1(x04 ^ x08, 7);
|
|
6428
6444
|
x01 = x01 + x05 | 0;
|
|
6429
|
-
x13 = rotl$
|
|
6445
|
+
x13 = rotl$1(x13 ^ x01, 16);
|
|
6430
6446
|
x09 = x09 + x13 | 0;
|
|
6431
|
-
x05 = rotl$
|
|
6447
|
+
x05 = rotl$1(x05 ^ x09, 12);
|
|
6432
6448
|
x01 = x01 + x05 | 0;
|
|
6433
|
-
x13 = rotl$
|
|
6449
|
+
x13 = rotl$1(x13 ^ x01, 8);
|
|
6434
6450
|
x09 = x09 + x13 | 0;
|
|
6435
|
-
x05 = rotl$
|
|
6451
|
+
x05 = rotl$1(x05 ^ x09, 7);
|
|
6436
6452
|
x02 = x02 + x06 | 0;
|
|
6437
|
-
x14 = rotl$
|
|
6453
|
+
x14 = rotl$1(x14 ^ x02, 16);
|
|
6438
6454
|
x10 = x10 + x14 | 0;
|
|
6439
|
-
x06 = rotl$
|
|
6455
|
+
x06 = rotl$1(x06 ^ x10, 12);
|
|
6440
6456
|
x02 = x02 + x06 | 0;
|
|
6441
|
-
x14 = rotl$
|
|
6457
|
+
x14 = rotl$1(x14 ^ x02, 8);
|
|
6442
6458
|
x10 = x10 + x14 | 0;
|
|
6443
|
-
x06 = rotl$
|
|
6459
|
+
x06 = rotl$1(x06 ^ x10, 7);
|
|
6444
6460
|
x03 = x03 + x07 | 0;
|
|
6445
|
-
x15 = rotl$
|
|
6461
|
+
x15 = rotl$1(x15 ^ x03, 16);
|
|
6446
6462
|
x11 = x11 + x15 | 0;
|
|
6447
|
-
x07 = rotl$
|
|
6463
|
+
x07 = rotl$1(x07 ^ x11, 12);
|
|
6448
6464
|
x03 = x03 + x07 | 0;
|
|
6449
|
-
x15 = rotl$
|
|
6465
|
+
x15 = rotl$1(x15 ^ x03, 8);
|
|
6450
6466
|
x11 = x11 + x15 | 0;
|
|
6451
|
-
x07 = rotl$
|
|
6467
|
+
x07 = rotl$1(x07 ^ x11, 7);
|
|
6452
6468
|
x00 = x00 + x05 | 0;
|
|
6453
|
-
x15 = rotl$
|
|
6469
|
+
x15 = rotl$1(x15 ^ x00, 16);
|
|
6454
6470
|
x10 = x10 + x15 | 0;
|
|
6455
|
-
x05 = rotl$
|
|
6471
|
+
x05 = rotl$1(x05 ^ x10, 12);
|
|
6456
6472
|
x00 = x00 + x05 | 0;
|
|
6457
|
-
x15 = rotl$
|
|
6473
|
+
x15 = rotl$1(x15 ^ x00, 8);
|
|
6458
6474
|
x10 = x10 + x15 | 0;
|
|
6459
|
-
x05 = rotl$
|
|
6475
|
+
x05 = rotl$1(x05 ^ x10, 7);
|
|
6460
6476
|
x01 = x01 + x06 | 0;
|
|
6461
|
-
x12 = rotl$
|
|
6477
|
+
x12 = rotl$1(x12 ^ x01, 16);
|
|
6462
6478
|
x11 = x11 + x12 | 0;
|
|
6463
|
-
x06 = rotl$
|
|
6479
|
+
x06 = rotl$1(x06 ^ x11, 12);
|
|
6464
6480
|
x01 = x01 + x06 | 0;
|
|
6465
|
-
x12 = rotl$
|
|
6481
|
+
x12 = rotl$1(x12 ^ x01, 8);
|
|
6466
6482
|
x11 = x11 + x12 | 0;
|
|
6467
|
-
x06 = rotl$
|
|
6483
|
+
x06 = rotl$1(x06 ^ x11, 7);
|
|
6468
6484
|
x02 = x02 + x07 | 0;
|
|
6469
|
-
x13 = rotl$
|
|
6485
|
+
x13 = rotl$1(x13 ^ x02, 16);
|
|
6470
6486
|
x08 = x08 + x13 | 0;
|
|
6471
|
-
x07 = rotl$
|
|
6487
|
+
x07 = rotl$1(x07 ^ x08, 12);
|
|
6472
6488
|
x02 = x02 + x07 | 0;
|
|
6473
|
-
x13 = rotl$
|
|
6489
|
+
x13 = rotl$1(x13 ^ x02, 8);
|
|
6474
6490
|
x08 = x08 + x13 | 0;
|
|
6475
|
-
x07 = rotl$
|
|
6491
|
+
x07 = rotl$1(x07 ^ x08, 7);
|
|
6476
6492
|
x03 = x03 + x04 | 0;
|
|
6477
|
-
x14 = rotl$
|
|
6493
|
+
x14 = rotl$1(x14 ^ x03, 16);
|
|
6478
6494
|
x09 = x09 + x14 | 0;
|
|
6479
|
-
x04 = rotl$
|
|
6495
|
+
x04 = rotl$1(x04 ^ x09, 12);
|
|
6480
6496
|
x03 = x03 + x04 | 0;
|
|
6481
|
-
x14 = rotl$
|
|
6497
|
+
x14 = rotl$1(x14 ^ x03, 8);
|
|
6482
6498
|
x09 = x09 + x14 | 0;
|
|
6483
|
-
x04 = rotl$
|
|
6499
|
+
x04 = rotl$1(x04 ^ x09, 7);
|
|
6484
6500
|
}
|
|
6485
6501
|
let oi = 0;
|
|
6486
6502
|
out[oi++] = x00;
|
|
@@ -6494,6 +6510,31 @@ function hchacha$1(s, k, i, out) {
|
|
|
6494
6510
|
swap32IfBE$2(out);
|
|
6495
6511
|
}
|
|
6496
6512
|
/**
|
|
6513
|
+
* ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter.
|
|
6514
|
+
* With smaller nonce, it's not safe to make it random (CSPRNG), due to collision chance.
|
|
6515
|
+
* @param key - 32-byte key.
|
|
6516
|
+
* @param nonce - 12-byte nonce.
|
|
6517
|
+
* @param data - Input bytes to xor with the keystream.
|
|
6518
|
+
* @param output - Optional destination buffer.
|
|
6519
|
+
* @param counter - Initial block counter.
|
|
6520
|
+
* @returns Encrypted or decrypted bytes.
|
|
6521
|
+
* @example
|
|
6522
|
+
* Encrypts bytes with the RFC 8439 ChaCha20 stream cipher and a fresh key/nonce.
|
|
6523
|
+
*
|
|
6524
|
+
* ```ts
|
|
6525
|
+
* import { chacha20 } from '@noble/ciphers/chacha.js';
|
|
6526
|
+
* import { randomBytes } from '@noble/ciphers/utils.js';
|
|
6527
|
+
* const key = randomBytes(32);
|
|
6528
|
+
* const nonce = randomBytes(12);
|
|
6529
|
+
* chacha20(key, nonce, new Uint8Array(4));
|
|
6530
|
+
* ```
|
|
6531
|
+
*/
|
|
6532
|
+
const chacha20 = /* @__PURE__ */ createCipher(chachaCore, {
|
|
6533
|
+
counterRight: false,
|
|
6534
|
+
counterLength: 4,
|
|
6535
|
+
allowShortKeys: false
|
|
6536
|
+
});
|
|
6537
|
+
/**
|
|
6497
6538
|
* XChaCha eXtended-nonce ChaCha. With 24-byte nonce, it's safe to make it random (CSPRNG).
|
|
6498
6539
|
* See {@link https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha | the IRTF draft}.
|
|
6499
6540
|
* The nonce/counter layout still reserves 8 counter bytes internally, but the shared public
|
|
@@ -6516,29 +6557,29 @@ function hchacha$1(s, k, i, out) {
|
|
|
6516
6557
|
* xchacha20(key, nonce, new Uint8Array(4));
|
|
6517
6558
|
* ```
|
|
6518
6559
|
*/
|
|
6519
|
-
const xchacha20
|
|
6560
|
+
const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, {
|
|
6520
6561
|
counterRight: false,
|
|
6521
6562
|
counterLength: 8,
|
|
6522
|
-
extendNonceFn: hchacha
|
|
6563
|
+
extendNonceFn: hchacha,
|
|
6523
6564
|
allowShortKeys: false
|
|
6524
6565
|
});
|
|
6525
|
-
const ZEROS16
|
|
6526
|
-
const updatePadded
|
|
6566
|
+
const ZEROS16 = /* @__PURE__ */ new Uint8Array(16);
|
|
6567
|
+
const updatePadded = (h, msg) => {
|
|
6527
6568
|
h.update(msg);
|
|
6528
6569
|
const leftover = msg.length % 16;
|
|
6529
|
-
if (leftover) h.update(ZEROS16
|
|
6530
|
-
};
|
|
6531
|
-
const ZEROS32
|
|
6532
|
-
function computeTag
|
|
6533
|
-
if (AAD !== void 0) abytes$
|
|
6534
|
-
const authKey = fn(key, nonce, ZEROS32
|
|
6535
|
-
const lengths = u64Lengths
|
|
6536
|
-
const h = poly1305
|
|
6537
|
-
if (AAD) updatePadded
|
|
6538
|
-
updatePadded
|
|
6570
|
+
if (leftover) h.update(ZEROS16.subarray(leftover));
|
|
6571
|
+
};
|
|
6572
|
+
const ZEROS32 = /* @__PURE__ */ new Uint8Array(32);
|
|
6573
|
+
function computeTag(fn, key, nonce, ciphertext, AAD) {
|
|
6574
|
+
if (AAD !== void 0) abytes$4(AAD, void 0, "AAD");
|
|
6575
|
+
const authKey = fn(key, nonce, ZEROS32);
|
|
6576
|
+
const lengths = u64Lengths(ciphertext.length, AAD ? AAD.length : 0, true);
|
|
6577
|
+
const h = poly1305.create(authKey);
|
|
6578
|
+
if (AAD) updatePadded(h, AAD);
|
|
6579
|
+
updatePadded(h, ciphertext);
|
|
6539
6580
|
h.update(lengths);
|
|
6540
6581
|
const res = h.digest();
|
|
6541
|
-
clean$
|
|
6582
|
+
clean$2(authKey, lengths);
|
|
6542
6583
|
return res;
|
|
6543
6584
|
}
|
|
6544
6585
|
/**
|
|
@@ -6548,37 +6589,63 @@ function computeTag$1(fn, key, nonce, ciphertext, AAD) {
|
|
|
6548
6589
|
* In salsa20, authKey changes position in salsa stream.
|
|
6549
6590
|
* In chacha, authKey can't be computed inside computeTag, it modifies the counter.
|
|
6550
6591
|
*/
|
|
6551
|
-
const _poly1305_aead
|
|
6592
|
+
const _poly1305_aead = (xorStream) => (key, nonce, AAD) => {
|
|
6552
6593
|
const tagLength = 16;
|
|
6553
6594
|
return {
|
|
6554
6595
|
encrypt(plaintext, output) {
|
|
6555
6596
|
const plength = plaintext.length;
|
|
6556
|
-
output = getOutput
|
|
6597
|
+
output = getOutput(plength + tagLength, output, false);
|
|
6557
6598
|
output.set(plaintext);
|
|
6558
6599
|
const oPlain = output.subarray(0, -16);
|
|
6559
6600
|
xorStream(key, nonce, oPlain, oPlain, 1);
|
|
6560
|
-
const tag = computeTag
|
|
6601
|
+
const tag = computeTag(xorStream, key, nonce, oPlain, AAD);
|
|
6561
6602
|
output.set(tag, plength);
|
|
6562
|
-
clean$
|
|
6603
|
+
clean$2(tag);
|
|
6563
6604
|
return output;
|
|
6564
6605
|
},
|
|
6565
6606
|
decrypt(ciphertext, output) {
|
|
6566
|
-
output = getOutput
|
|
6607
|
+
output = getOutput(ciphertext.length - tagLength, output, false);
|
|
6567
6608
|
const data = ciphertext.subarray(0, -16);
|
|
6568
6609
|
const passedTag = ciphertext.subarray(-16);
|
|
6569
|
-
const tag = computeTag
|
|
6570
|
-
if (!equalBytes$
|
|
6571
|
-
clean$
|
|
6610
|
+
const tag = computeTag(xorStream, key, nonce, data, AAD);
|
|
6611
|
+
if (!equalBytes$2(passedTag, tag)) {
|
|
6612
|
+
clean$2(tag);
|
|
6572
6613
|
throw new Error("invalid tag");
|
|
6573
6614
|
}
|
|
6574
6615
|
output.set(ciphertext.subarray(0, -16));
|
|
6575
6616
|
xorStream(key, nonce, output, output, 1);
|
|
6576
|
-
clean$
|
|
6617
|
+
clean$2(tag);
|
|
6577
6618
|
return output;
|
|
6578
6619
|
}
|
|
6579
6620
|
};
|
|
6580
6621
|
};
|
|
6581
6622
|
/**
|
|
6623
|
+
* ChaCha20-Poly1305 from RFC 8439.
|
|
6624
|
+
*
|
|
6625
|
+
* Unsafe to use random nonces under the same key, due to collision chance.
|
|
6626
|
+
* Prefer XChaCha instead.
|
|
6627
|
+
* @param key - 32-byte key.
|
|
6628
|
+
* @param nonce - 12-byte nonce.
|
|
6629
|
+
* @param AAD - Additional authenticated data.
|
|
6630
|
+
* @returns AEAD cipher instance.
|
|
6631
|
+
* @example
|
|
6632
|
+
* Encrypts and authenticates plaintext with a fresh key and nonce.
|
|
6633
|
+
*
|
|
6634
|
+
* ```ts
|
|
6635
|
+
* import { chacha20poly1305 } from '@noble/ciphers/chacha.js';
|
|
6636
|
+
* import { randomBytes } from '@noble/ciphers/utils.js';
|
|
6637
|
+
* const key = randomBytes(32);
|
|
6638
|
+
* const nonce = randomBytes(12);
|
|
6639
|
+
* const cipher = chacha20poly1305(key, nonce);
|
|
6640
|
+
* cipher.encrypt(new Uint8Array([1, 2, 3]));
|
|
6641
|
+
* ```
|
|
6642
|
+
*/
|
|
6643
|
+
const chacha20poly1305 = /* @__PURE__ */ wrapCipher({
|
|
6644
|
+
blockSize: 64,
|
|
6645
|
+
nonceLength: 12,
|
|
6646
|
+
tagLength: 16
|
|
6647
|
+
}, /* @__PURE__ */ _poly1305_aead(chacha20));
|
|
6648
|
+
/**
|
|
6582
6649
|
* XChaCha20-Poly1305 extended-nonce chacha.
|
|
6583
6650
|
*
|
|
6584
6651
|
* Can be safely used with random nonces (CSPRNG).
|
|
@@ -6599,11 +6666,11 @@ const _poly1305_aead$1 = (xorStream) => (key, nonce, AAD) => {
|
|
|
6599
6666
|
* cipher.encrypt(new Uint8Array([1, 2, 3]));
|
|
6600
6667
|
* ```
|
|
6601
6668
|
*/
|
|
6602
|
-
const xchacha20poly1305
|
|
6669
|
+
const xchacha20poly1305 = /* @__PURE__ */ wrapCipher({
|
|
6603
6670
|
blockSize: 64,
|
|
6604
6671
|
nonceLength: 24,
|
|
6605
6672
|
tagLength: 16
|
|
6606
|
-
}, /* @__PURE__ */ _poly1305_aead
|
|
6673
|
+
}, /* @__PURE__ */ _poly1305_aead(xchacha20));
|
|
6607
6674
|
|
|
6608
6675
|
//#endregion
|
|
6609
6676
|
//#region ../../node_modules/.bun/@noble+hashes@2.2.0/node_modules/@noble/hashes/utils.js
|
|
@@ -6617,7 +6684,7 @@ const xchacha20poly1305$1 = /* @__PURE__ */ wrapCipher$1({
|
|
|
6617
6684
|
* isBytes(new Uint8Array([1, 2, 3]));
|
|
6618
6685
|
* ```
|
|
6619
6686
|
*/
|
|
6620
|
-
function isBytes$
|
|
6687
|
+
function isBytes$3(a) {
|
|
6621
6688
|
return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array" && "BYTES_PER_ELEMENT" in a && a.BYTES_PER_ELEMENT === 1;
|
|
6622
6689
|
}
|
|
6623
6690
|
/**
|
|
@@ -6632,7 +6699,7 @@ function isBytes$4(a) {
|
|
|
6632
6699
|
* anumber(32, 'length');
|
|
6633
6700
|
* ```
|
|
6634
6701
|
*/
|
|
6635
|
-
function anumber$
|
|
6702
|
+
function anumber$3(n, title = "") {
|
|
6636
6703
|
if (typeof n !== "number") {
|
|
6637
6704
|
const prefix = title && `"${title}" `;
|
|
6638
6705
|
throw new TypeError(`${prefix}expected number, got ${typeof n}`);
|
|
@@ -6656,8 +6723,8 @@ function anumber$4(n, title = "") {
|
|
|
6656
6723
|
* abytes(new Uint8Array([1, 2, 3]));
|
|
6657
6724
|
* ```
|
|
6658
6725
|
*/
|
|
6659
|
-
function abytes$
|
|
6660
|
-
const bytes = isBytes$
|
|
6726
|
+
function abytes$3(value, length, title = "") {
|
|
6727
|
+
const bytes = isBytes$3(value);
|
|
6661
6728
|
const len = value?.length;
|
|
6662
6729
|
const needsLen = length !== void 0;
|
|
6663
6730
|
if (!bytes || needsLen && len !== length) {
|
|
@@ -6686,8 +6753,8 @@ function abytes$4(value, length, title = "") {
|
|
|
6686
6753
|
*/
|
|
6687
6754
|
function ahash$1(h) {
|
|
6688
6755
|
if (typeof h !== "function" || typeof h.create !== "function") throw new TypeError("Hash must wrapped by utils.createHasher");
|
|
6689
|
-
anumber$
|
|
6690
|
-
anumber$
|
|
6756
|
+
anumber$3(h.outputLen);
|
|
6757
|
+
anumber$3(h.blockLen);
|
|
6691
6758
|
if (h.outputLen < 1) throw new Error("\"outputLen\" must be >= 1");
|
|
6692
6759
|
if (h.blockLen < 1) throw new Error("\"blockLen\" must be >= 1");
|
|
6693
6760
|
}
|
|
@@ -6705,7 +6772,7 @@ function ahash$1(h) {
|
|
|
6705
6772
|
* aexists(hash);
|
|
6706
6773
|
* ```
|
|
6707
6774
|
*/
|
|
6708
|
-
function aexists$
|
|
6775
|
+
function aexists$1(instance, checkFinished = true) {
|
|
6709
6776
|
if (instance.destroyed) throw new Error("Hash instance has been destroyed");
|
|
6710
6777
|
if (checkFinished && instance.finished) throw new Error("Hash#digest() has already been called");
|
|
6711
6778
|
}
|
|
@@ -6725,8 +6792,8 @@ function aexists$2(instance, checkFinished = true) {
|
|
|
6725
6792
|
* aoutput(new Uint8Array(hash.outputLen), hash);
|
|
6726
6793
|
* ```
|
|
6727
6794
|
*/
|
|
6728
|
-
function aoutput$
|
|
6729
|
-
abytes$
|
|
6795
|
+
function aoutput$1(out, instance) {
|
|
6796
|
+
abytes$3(out, void 0, "digestInto() output");
|
|
6730
6797
|
const min = instance.outputLen;
|
|
6731
6798
|
if (out.length < min) throw new RangeError("\"digestInto() output\" expected to be of length >=" + min);
|
|
6732
6799
|
}
|
|
@@ -6755,7 +6822,7 @@ function u8(arr) {
|
|
|
6755
6822
|
* u32(new Uint8Array(8));
|
|
6756
6823
|
* ```
|
|
6757
6824
|
*/
|
|
6758
|
-
function u32$
|
|
6825
|
+
function u32$1(arr) {
|
|
6759
6826
|
return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4));
|
|
6760
6827
|
}
|
|
6761
6828
|
/**
|
|
@@ -6767,7 +6834,7 @@ function u32$2(arr) {
|
|
|
6767
6834
|
* clean(new Uint8Array([1, 2, 3]));
|
|
6768
6835
|
* ```
|
|
6769
6836
|
*/
|
|
6770
|
-
function clean$
|
|
6837
|
+
function clean$1(...arrays) {
|
|
6771
6838
|
for (let i = 0; i < arrays.length; i++) arrays[i].fill(0);
|
|
6772
6839
|
}
|
|
6773
6840
|
/**
|
|
@@ -6780,7 +6847,7 @@ function clean$2(...arrays) {
|
|
|
6780
6847
|
* createView(new Uint8Array(4));
|
|
6781
6848
|
* ```
|
|
6782
6849
|
*/
|
|
6783
|
-
function createView$
|
|
6850
|
+
function createView$1(arr) {
|
|
6784
6851
|
return new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
6785
6852
|
}
|
|
6786
6853
|
/**
|
|
@@ -6808,11 +6875,11 @@ function rotr$1(word, shift) {
|
|
|
6808
6875
|
* rotl(0x12345678, 8);
|
|
6809
6876
|
* ```
|
|
6810
6877
|
*/
|
|
6811
|
-
function rotl
|
|
6878
|
+
function rotl(word, shift) {
|
|
6812
6879
|
return word << shift | word >>> 32 - shift >>> 0;
|
|
6813
6880
|
}
|
|
6814
6881
|
/** Whether the current platform is little-endian. */
|
|
6815
|
-
const isLE$
|
|
6882
|
+
const isLE$1 = /* @__PURE__ */ (() => new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68)();
|
|
6816
6883
|
/**
|
|
6817
6884
|
* Byte-swap operation for uint32 values.
|
|
6818
6885
|
* @param word - source word
|
|
@@ -6836,7 +6903,7 @@ function byteSwap$1(word) {
|
|
|
6836
6903
|
* swap8IfBE(0x11223344);
|
|
6837
6904
|
* ```
|
|
6838
6905
|
*/
|
|
6839
|
-
const swap8IfBE = isLE$
|
|
6906
|
+
const swap8IfBE = isLE$1 ? (n) => n : (n) => byteSwap$1(n) >>> 0;
|
|
6840
6907
|
/**
|
|
6841
6908
|
* Byte-swaps every word of a Uint32Array in place.
|
|
6842
6909
|
* @param arr - array to mutate
|
|
@@ -6862,7 +6929,7 @@ function byteSwap32$1(arr) {
|
|
|
6862
6929
|
* swap32IfBE(new Uint32Array([0x11223344]));
|
|
6863
6930
|
* ```
|
|
6864
6931
|
*/
|
|
6865
|
-
const swap32IfBE$1 = isLE$
|
|
6932
|
+
const swap32IfBE$1 = isLE$1 ? (u) => u : byteSwap32$1;
|
|
6866
6933
|
const hasHexBuiltin$2 = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toHex === "function" && typeof Uint8Array.fromHex === "function")();
|
|
6867
6934
|
const hexes$1 = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString(16).padStart(2, "0"));
|
|
6868
6935
|
/**
|
|
@@ -6879,7 +6946,7 @@ const hexes$1 = /* @__PURE__ */ Array.from({ length: 256 }, (_, i) => i.toString
|
|
|
6879
6946
|
* ```
|
|
6880
6947
|
*/
|
|
6881
6948
|
function bytesToHex$2(bytes) {
|
|
6882
|
-
abytes$
|
|
6949
|
+
abytes$3(bytes);
|
|
6883
6950
|
if (hasHexBuiltin$2) return bytes.toHex();
|
|
6884
6951
|
let hex = "";
|
|
6885
6952
|
for (let i = 0; i < bytes.length; i++) hex += hexes$1[bytes[i]];
|
|
@@ -6965,7 +7032,7 @@ function utf8ToBytes(str) {
|
|
|
6965
7032
|
*/
|
|
6966
7033
|
function kdfInputToBytes(data, errorTitle = "") {
|
|
6967
7034
|
if (typeof data === "string") return utf8ToBytes(data);
|
|
6968
|
-
return abytes$
|
|
7035
|
+
return abytes$3(data, void 0, errorTitle);
|
|
6969
7036
|
}
|
|
6970
7037
|
/**
|
|
6971
7038
|
* Copies several Uint8Arrays into one.
|
|
@@ -6982,7 +7049,7 @@ function concatBytes$2(...arrays) {
|
|
|
6982
7049
|
let sum = 0;
|
|
6983
7050
|
for (let i = 0; i < arrays.length; i++) {
|
|
6984
7051
|
const a = arrays[i];
|
|
6985
|
-
abytes$
|
|
7052
|
+
abytes$3(a);
|
|
6986
7053
|
sum += a.length;
|
|
6987
7054
|
}
|
|
6988
7055
|
const res = new Uint8Array(sum);
|
|
@@ -7005,7 +7072,7 @@ function concatBytes$2(...arrays) {
|
|
|
7005
7072
|
* checkOpts({ dkLen: 32 }, { asyncTick: 10 });
|
|
7006
7073
|
* ```
|
|
7007
7074
|
*/
|
|
7008
|
-
function checkOpts
|
|
7075
|
+
function checkOpts(defaults, opts) {
|
|
7009
7076
|
if (opts !== void 0 && {}.toString.call(opts) !== "[object Object]") throw new TypeError("options must be object or undefined");
|
|
7010
7077
|
return Object.assign(defaults, opts);
|
|
7011
7078
|
}
|
|
@@ -7053,7 +7120,7 @@ function createHasher$1(hashCons, info = {}) {
|
|
|
7053
7120
|
* ```
|
|
7054
7121
|
*/
|
|
7055
7122
|
function randomBytes$4(bytesLength = 32) {
|
|
7056
|
-
anumber$
|
|
7123
|
+
anumber$3(bytesLength, "bytesLength");
|
|
7057
7124
|
const cr = typeof globalThis === "object" ? globalThis.crypto : null;
|
|
7058
7125
|
if (typeof cr?.getRandomValues !== "function") throw new Error("crypto.getRandomValues must be defined");
|
|
7059
7126
|
if (bytesLength > 65536) throw new RangeError(`"bytesLength" expected <= 65536, got ${bytesLength}`);
|
|
@@ -7161,17 +7228,17 @@ var HashMD$1 = class {
|
|
|
7161
7228
|
this.padOffset = padOffset;
|
|
7162
7229
|
this.isLE = isLE;
|
|
7163
7230
|
this.buffer = new Uint8Array(blockLen);
|
|
7164
|
-
this.view = createView$
|
|
7231
|
+
this.view = createView$1(this.buffer);
|
|
7165
7232
|
}
|
|
7166
7233
|
update(data) {
|
|
7167
|
-
aexists$
|
|
7168
|
-
abytes$
|
|
7234
|
+
aexists$1(this);
|
|
7235
|
+
abytes$3(data);
|
|
7169
7236
|
const { view, buffer, blockLen } = this;
|
|
7170
7237
|
const len = data.length;
|
|
7171
7238
|
for (let pos = 0; pos < len;) {
|
|
7172
7239
|
const take = Math.min(blockLen - this.pos, len - pos);
|
|
7173
7240
|
if (take === blockLen) {
|
|
7174
|
-
const dataView = createView$
|
|
7241
|
+
const dataView = createView$1(data);
|
|
7175
7242
|
for (; blockLen <= len - pos; pos += blockLen) this.process(dataView, pos);
|
|
7176
7243
|
continue;
|
|
7177
7244
|
}
|
|
@@ -7188,13 +7255,13 @@ var HashMD$1 = class {
|
|
|
7188
7255
|
return this;
|
|
7189
7256
|
}
|
|
7190
7257
|
digestInto(out) {
|
|
7191
|
-
aexists$
|
|
7192
|
-
aoutput$
|
|
7258
|
+
aexists$1(this);
|
|
7259
|
+
aoutput$1(out, this);
|
|
7193
7260
|
this.finished = true;
|
|
7194
7261
|
const { buffer, view, blockLen, isLE } = this;
|
|
7195
7262
|
let { pos } = this;
|
|
7196
7263
|
buffer[pos++] = 128;
|
|
7197
|
-
clean$
|
|
7264
|
+
clean$1(this.buffer.subarray(pos));
|
|
7198
7265
|
if (this.padOffset > blockLen - pos) {
|
|
7199
7266
|
this.process(view, 0);
|
|
7200
7267
|
pos = 0;
|
|
@@ -7202,7 +7269,7 @@ var HashMD$1 = class {
|
|
|
7202
7269
|
for (let i = pos; i < blockLen; i++) buffer[i] = 0;
|
|
7203
7270
|
view.setBigUint64(blockLen - 8, BigInt(this.length * 8), isLE);
|
|
7204
7271
|
this.process(view, 0);
|
|
7205
|
-
const oview = createView$
|
|
7272
|
+
const oview = createView$1(out);
|
|
7206
7273
|
const len = this.outputLen;
|
|
7207
7274
|
if (len % 4) throw new Error("_sha2: outputLen must be aligned to 32bit");
|
|
7208
7275
|
const outLen = len / 4;
|
|
@@ -7460,12 +7527,12 @@ var SHA2_32B$1 = class extends HashMD$1 {
|
|
|
7460
7527
|
this.set(A, B, C, D, E, F, G, H);
|
|
7461
7528
|
}
|
|
7462
7529
|
roundClean() {
|
|
7463
|
-
clean$
|
|
7530
|
+
clean$1(SHA256_W$1);
|
|
7464
7531
|
}
|
|
7465
7532
|
destroy() {
|
|
7466
7533
|
this.destroyed = true;
|
|
7467
7534
|
this.set(0, 0, 0, 0, 0, 0, 0, 0);
|
|
7468
|
-
clean$
|
|
7535
|
+
clean$1(this.buffer);
|
|
7469
7536
|
}
|
|
7470
7537
|
};
|
|
7471
7538
|
/** Internal SHA-256 hash class grounded in RFC 6234 §6.2. */
|
|
@@ -7671,11 +7738,11 @@ var SHA2_64B$1 = class extends HashMD$1 {
|
|
|
7671
7738
|
this.set(Ah, Al, Bh, Bl, Ch, Cl, Dh, Dl, Eh, El, Fh, Fl, Gh, Gl, Hh, Hl);
|
|
7672
7739
|
}
|
|
7673
7740
|
roundClean() {
|
|
7674
|
-
clean$
|
|
7741
|
+
clean$1(SHA512_W_H$1, SHA512_W_L$1);
|
|
7675
7742
|
}
|
|
7676
7743
|
destroy() {
|
|
7677
7744
|
this.destroyed = true;
|
|
7678
|
-
clean$
|
|
7745
|
+
clean$1(this.buffer);
|
|
7679
7746
|
this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
|
|
7680
7747
|
}
|
|
7681
7748
|
};
|
|
@@ -7731,7 +7798,7 @@ const sha512 = /* @__PURE__ */ createHasher$1(() => new _SHA512(), /* @__PURE__
|
|
|
7731
7798
|
|
|
7732
7799
|
//#endregion
|
|
7733
7800
|
//#region ../../packages/credentials-crypto/src/aead.ts
|
|
7734
|
-
const aead = managedNonce(xchacha20poly1305
|
|
7801
|
+
const aead = managedNonce(xchacha20poly1305);
|
|
7735
7802
|
const textEncoder$2 = new TextEncoder();
|
|
7736
7803
|
const KEY_BYTES$1 = 32;
|
|
7737
7804
|
const LENGTH_PREFIX_BYTES = 4;
|
|
@@ -8124,12 +8191,12 @@ function G2b(a, b, c, d, msg, x) {
|
|
|
8124
8191
|
BBUF[2 * d] = Dl, BBUF[2 * d + 1] = Dh;
|
|
8125
8192
|
}
|
|
8126
8193
|
function checkBlake2Opts(outputLen, opts = {}, keyLen, saltLen, persLen) {
|
|
8127
|
-
anumber$
|
|
8194
|
+
anumber$3(keyLen);
|
|
8128
8195
|
if (outputLen <= 0 || outputLen > keyLen) throw new Error("outputLen bigger than keyLen");
|
|
8129
8196
|
const { key, salt, personalization } = opts;
|
|
8130
8197
|
if (key !== void 0 && (key.length < 1 || key.length > keyLen)) throw new Error("\"key\" expected to be undefined or of length=1.." + keyLen);
|
|
8131
|
-
if (salt !== void 0) abytes$
|
|
8132
|
-
if (personalization !== void 0) abytes$
|
|
8198
|
+
if (salt !== void 0) abytes$3(salt, saltLen, "salt");
|
|
8199
|
+
if (personalization !== void 0) abytes$3(personalization, persLen, "personalization");
|
|
8133
8200
|
}
|
|
8134
8201
|
/** Internal base class for BLAKE2. */
|
|
8135
8202
|
var _BLAKE2 = class {
|
|
@@ -8143,16 +8210,16 @@ var _BLAKE2 = class {
|
|
|
8143
8210
|
outputLen;
|
|
8144
8211
|
canXOF = false;
|
|
8145
8212
|
constructor(blockLen, outputLen) {
|
|
8146
|
-
anumber$
|
|
8147
|
-
anumber$
|
|
8213
|
+
anumber$3(blockLen);
|
|
8214
|
+
anumber$3(outputLen);
|
|
8148
8215
|
this.blockLen = blockLen;
|
|
8149
8216
|
this.outputLen = outputLen;
|
|
8150
8217
|
this.buffer = new Uint8Array(blockLen);
|
|
8151
|
-
this.buffer32 = u32$
|
|
8218
|
+
this.buffer32 = u32$1(this.buffer);
|
|
8152
8219
|
}
|
|
8153
8220
|
update(data) {
|
|
8154
|
-
aexists$
|
|
8155
|
-
abytes$
|
|
8221
|
+
aexists$1(this);
|
|
8222
|
+
abytes$3(data);
|
|
8156
8223
|
const { blockLen, buffer, buffer32 } = this;
|
|
8157
8224
|
const len = data.length;
|
|
8158
8225
|
const offset = data.byteOffset;
|
|
@@ -8184,17 +8251,17 @@ var _BLAKE2 = class {
|
|
|
8184
8251
|
return this;
|
|
8185
8252
|
}
|
|
8186
8253
|
digestInto(out) {
|
|
8187
|
-
aexists$
|
|
8188
|
-
aoutput$
|
|
8254
|
+
aexists$1(this);
|
|
8255
|
+
aoutput$1(out, this);
|
|
8189
8256
|
const { pos, buffer32 } = this;
|
|
8190
8257
|
this.finished = true;
|
|
8191
|
-
clean$
|
|
8258
|
+
clean$1(this.buffer.subarray(pos));
|
|
8192
8259
|
swap32IfBE$1(buffer32);
|
|
8193
8260
|
this.compress(buffer32, 0, true);
|
|
8194
8261
|
swap32IfBE$1(buffer32);
|
|
8195
8262
|
if (out.byteOffset & 3) throw new RangeError("\"digestInto() output\" expected 4-byte aligned byteOffset, got " + out.byteOffset);
|
|
8196
8263
|
const state = this.get();
|
|
8197
|
-
const out32 = u32$
|
|
8264
|
+
const out32 = u32$1(out);
|
|
8198
8265
|
const full = Math.floor(this.outputLen / 4);
|
|
8199
8266
|
for (let i = 0; i < full; i++) out32[i] = swap8IfBE(state[i]);
|
|
8200
8267
|
const tail = this.outputLen % 4;
|
|
@@ -8251,21 +8318,21 @@ var _BLAKE2b = class extends _BLAKE2 {
|
|
|
8251
8318
|
let { key, personalization, salt } = opts;
|
|
8252
8319
|
let keyLength = 0;
|
|
8253
8320
|
if (key !== void 0) {
|
|
8254
|
-
abytes$
|
|
8321
|
+
abytes$3(key, void 0, "key");
|
|
8255
8322
|
keyLength = key.length;
|
|
8256
8323
|
}
|
|
8257
8324
|
this.v0l ^= this.outputLen | keyLength << 8 | 16842752;
|
|
8258
8325
|
if (salt !== void 0) {
|
|
8259
|
-
abytes$
|
|
8260
|
-
const slt = u32$
|
|
8326
|
+
abytes$3(salt, void 0, "salt");
|
|
8327
|
+
const slt = u32$1(salt);
|
|
8261
8328
|
this.v4l ^= swap8IfBE(slt[0]);
|
|
8262
8329
|
this.v4h ^= swap8IfBE(slt[1]);
|
|
8263
8330
|
this.v5l ^= swap8IfBE(slt[2]);
|
|
8264
8331
|
this.v5h ^= swap8IfBE(slt[3]);
|
|
8265
8332
|
}
|
|
8266
8333
|
if (personalization !== void 0) {
|
|
8267
|
-
abytes$
|
|
8268
|
-
const pers = u32$
|
|
8334
|
+
abytes$3(personalization, void 0, "personalization");
|
|
8335
|
+
const pers = u32$1(personalization);
|
|
8269
8336
|
this.v6l ^= swap8IfBE(pers[0]);
|
|
8270
8337
|
this.v6h ^= swap8IfBE(pers[1]);
|
|
8271
8338
|
this.v7l ^= swap8IfBE(pers[2]);
|
|
@@ -8362,11 +8429,11 @@ var _BLAKE2b = class extends _BLAKE2 {
|
|
|
8362
8429
|
this.v6h ^= BBUF[13] ^ BBUF[29];
|
|
8363
8430
|
this.v7l ^= BBUF[14] ^ BBUF[30];
|
|
8364
8431
|
this.v7h ^= BBUF[15] ^ BBUF[31];
|
|
8365
|
-
clean$
|
|
8432
|
+
clean$1(BBUF);
|
|
8366
8433
|
}
|
|
8367
8434
|
destroy() {
|
|
8368
8435
|
this.destroyed = true;
|
|
8369
|
-
clean$
|
|
8436
|
+
clean$1(this.buffer32);
|
|
8370
8437
|
this.set(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
|
|
8371
8438
|
}
|
|
8372
8439
|
};
|
|
@@ -8500,7 +8567,7 @@ function block(x, xPos, yPos, outPos, needXor) {
|
|
|
8500
8567
|
for (let i = 0; i < 16; i += 2) P(i, i + 1, i + 16, i + 17, i + 32, i + 33, i + 48, i + 49, i + 64, i + 65, i + 80, i + 81, i + 96, i + 97, i + 112, i + 113);
|
|
8501
8568
|
if (needXor) for (let i = 0; i < 256; i++) x[outPos + i] ^= A2_BUF[i] ^ x[xPos + i] ^ x[yPos + i];
|
|
8502
8569
|
else for (let i = 0; i < 256; i++) x[outPos + i] = A2_BUF[i] ^ x[xPos + i] ^ x[yPos + i];
|
|
8503
|
-
clean$
|
|
8570
|
+
clean$1(A2_BUF);
|
|
8504
8571
|
}
|
|
8505
8572
|
function Hp(A, dkLen) {
|
|
8506
8573
|
const A8 = u8(A);
|
|
@@ -8520,7 +8587,7 @@ function Hp(A, dkLen) {
|
|
|
8520
8587
|
out.set(V.subarray(0, 32), pos);
|
|
8521
8588
|
}
|
|
8522
8589
|
out.set(blake2b(V, { dkLen: dkLen - pos }), pos);
|
|
8523
|
-
clean$
|
|
8590
|
+
clean$1(V, T);
|
|
8524
8591
|
return out;
|
|
8525
8592
|
}
|
|
8526
8593
|
function indexAlpha(r, s, laneLen, segmentLen, index, randL, sameLane = false) {
|
|
@@ -8550,7 +8617,7 @@ function argon2Opts(opts) {
|
|
|
8550
8617
|
if (!isU32(m)) throw new Error("\"m\" must be 0..2^32");
|
|
8551
8618
|
if (!isU32(t) || t < 1) throw new Error("\"t\" (iterations) must be 1..2^32");
|
|
8552
8619
|
if (onProgress !== void 0 && typeof onProgress !== "function") throw new Error("\"progressCb\" must be a function");
|
|
8553
|
-
anumber$
|
|
8620
|
+
anumber$3(asyncTick, "asyncTick");
|
|
8554
8621
|
if (!isU32(m) || m < 8 * p) throw new Error("\"m\" (memory) must be at least 8*p bytes");
|
|
8555
8622
|
if (version !== 16 && version !== 19) throw new Error("\"version\" must be 0x10 or 0x13, got " + version);
|
|
8556
8623
|
return merged;
|
|
@@ -8602,9 +8669,9 @@ function argon2Init(password, salt, type, opts) {
|
|
|
8602
8669
|
const i = 256 * laneLen * l;
|
|
8603
8670
|
H0[17] = swap8IfBE(l);
|
|
8604
8671
|
H0[16] = swap8IfBE(0);
|
|
8605
|
-
B.set(swap32IfBE$1(u32$
|
|
8672
|
+
B.set(swap32IfBE$1(u32$1(Hp(H0, 1024))), i);
|
|
8606
8673
|
H0[16] = swap8IfBE(1);
|
|
8607
|
-
B.set(swap32IfBE$1(u32$
|
|
8674
|
+
B.set(swap32IfBE$1(u32$1(Hp(H0, 1024))), i + 256);
|
|
8608
8675
|
}
|
|
8609
8676
|
let perBlock = () => {};
|
|
8610
8677
|
if (onProgress) {
|
|
@@ -8616,7 +8683,7 @@ function argon2Init(password, salt, type, opts) {
|
|
|
8616
8683
|
if (onProgress && (!(blockCnt % callbackPer) || blockCnt === totalBlock)) onProgress(blockCnt / totalBlock);
|
|
8617
8684
|
};
|
|
8618
8685
|
}
|
|
8619
|
-
clean$
|
|
8686
|
+
clean$1(BUF, H0);
|
|
8620
8687
|
return {
|
|
8621
8688
|
type,
|
|
8622
8689
|
mP,
|
|
@@ -8636,7 +8703,7 @@ function argon2Output(B, p, laneLen, dkLen) {
|
|
|
8636
8703
|
const B_final = new Uint32Array(256);
|
|
8637
8704
|
for (let l = 0; l < p; l++) for (let j = 0; j < 256; j++) B_final[j] ^= B[256 * (laneLen * l + laneLen - 1) + j];
|
|
8638
8705
|
const res = Hp(swap32IfBE$1(B_final), dkLen);
|
|
8639
|
-
clean$
|
|
8706
|
+
clean$1(B, B_final);
|
|
8640
8707
|
return res;
|
|
8641
8708
|
}
|
|
8642
8709
|
function processBlock(B, address, l, r, s, index, laneLen, segmentLen, lanes, offset, prev, dataIndependent, needXor) {
|
|
@@ -8694,7 +8761,7 @@ function argon2(type, password, salt, opts) {
|
|
|
8694
8761
|
}
|
|
8695
8762
|
}
|
|
8696
8763
|
}
|
|
8697
|
-
clean$
|
|
8764
|
+
clean$1(address);
|
|
8698
8765
|
return argon2Output(B, p, laneLen, dkLen);
|
|
8699
8766
|
}
|
|
8700
8767
|
/**
|
|
@@ -8733,7 +8800,7 @@ var _HMAC$1 = class {
|
|
|
8733
8800
|
destroyed = false;
|
|
8734
8801
|
constructor(hash, key) {
|
|
8735
8802
|
ahash$1(hash);
|
|
8736
|
-
abytes$
|
|
8803
|
+
abytes$3(key, void 0, "key");
|
|
8737
8804
|
this.iHash = hash.create();
|
|
8738
8805
|
if (typeof this.iHash.update !== "function") throw new Error("Expected instance of class which extends utils.Hash");
|
|
8739
8806
|
this.blockLen = this.iHash.blockLen;
|
|
@@ -8746,16 +8813,16 @@ var _HMAC$1 = class {
|
|
|
8746
8813
|
this.oHash = hash.create();
|
|
8747
8814
|
for (let i = 0; i < pad.length; i++) pad[i] ^= 106;
|
|
8748
8815
|
this.oHash.update(pad);
|
|
8749
|
-
clean$
|
|
8816
|
+
clean$1(pad);
|
|
8750
8817
|
}
|
|
8751
8818
|
update(buf) {
|
|
8752
|
-
aexists$
|
|
8819
|
+
aexists$1(this);
|
|
8753
8820
|
this.iHash.update(buf);
|
|
8754
8821
|
return this;
|
|
8755
8822
|
}
|
|
8756
8823
|
digestInto(out) {
|
|
8757
|
-
aexists$
|
|
8758
|
-
aoutput$
|
|
8824
|
+
aexists$1(this);
|
|
8825
|
+
aoutput$1(out, this);
|
|
8759
8826
|
this.finished = true;
|
|
8760
8827
|
const buf = out.subarray(0, this.outputLen);
|
|
8761
8828
|
this.iHash.digestInto(buf);
|
|
@@ -8846,14 +8913,14 @@ const EMPTY_BUFFER$1 = /* @__PURE__ */ Uint8Array.of();
|
|
|
8846
8913
|
*/
|
|
8847
8914
|
function expand$1(hash, prk, info, length = 32) {
|
|
8848
8915
|
ahash$1(hash);
|
|
8849
|
-
anumber$
|
|
8850
|
-
abytes$
|
|
8916
|
+
anumber$3(length, "length");
|
|
8917
|
+
abytes$3(prk, void 0, "prk");
|
|
8851
8918
|
const olen = hash.outputLen;
|
|
8852
8919
|
if (prk.length < olen) throw new Error("\"prk\" must be at least HashLen octets");
|
|
8853
8920
|
if (length > 255 * olen) throw new Error("Length must be <= 255*HashLen");
|
|
8854
8921
|
const blocks = Math.ceil(length / olen);
|
|
8855
8922
|
if (info === void 0) info = EMPTY_BUFFER$1;
|
|
8856
|
-
else abytes$
|
|
8923
|
+
else abytes$3(info, void 0, "info");
|
|
8857
8924
|
const okm = new Uint8Array(blocks * olen);
|
|
8858
8925
|
const HMAC = hmac$1.create(hash, prk);
|
|
8859
8926
|
const HMACTmp = HMAC._cloneInto();
|
|
@@ -8866,7 +8933,7 @@ function expand$1(hash, prk, info, length = 32) {
|
|
|
8866
8933
|
}
|
|
8867
8934
|
HMAC.destroy();
|
|
8868
8935
|
HMACTmp.destroy();
|
|
8869
|
-
clean$
|
|
8936
|
+
clean$1(T, HKDF_COUNTER$1);
|
|
8870
8937
|
return okm.slice(0, length);
|
|
8871
8938
|
}
|
|
8872
8939
|
/**
|
|
@@ -8898,12 +8965,12 @@ const hkdf = (hash, ikm, salt, info, length) => expand$1(hash, extract$1(hash, i
|
|
|
8898
8965
|
//#endregion
|
|
8899
8966
|
//#region ../../node_modules/.bun/@scure+base@2.2.0/node_modules/@scure/base/index.js
|
|
8900
8967
|
/*! scure-base - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
8901
|
-
function isBytes$
|
|
8968
|
+
function isBytes$2(a) {
|
|
8902
8969
|
return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array" && "BYTES_PER_ELEMENT" in a && a.BYTES_PER_ELEMENT === 1;
|
|
8903
8970
|
}
|
|
8904
8971
|
/** Asserts something is Uint8Array. */
|
|
8905
|
-
function abytes$
|
|
8906
|
-
if (!isBytes$
|
|
8972
|
+
function abytes$2(b) {
|
|
8973
|
+
if (!isBytes$2(b)) throw new TypeError("Uint8Array expected");
|
|
8907
8974
|
}
|
|
8908
8975
|
function isArrayOf(isString, arr) {
|
|
8909
8976
|
if (!Array.isArray(arr)) return false;
|
|
@@ -8919,7 +8986,7 @@ function astr(label, input) {
|
|
|
8919
8986
|
if (typeof input !== "string") throw new TypeError(`${label}: string expected`);
|
|
8920
8987
|
return true;
|
|
8921
8988
|
}
|
|
8922
|
-
function anumber$
|
|
8989
|
+
function anumber$2(n) {
|
|
8923
8990
|
if (typeof n !== "number") throw new TypeError(`number expected, got ${typeof n}`);
|
|
8924
8991
|
if (!Number.isSafeInteger(n)) throw new RangeError(`invalid integer: ${n}`);
|
|
8925
8992
|
}
|
|
@@ -8993,7 +9060,7 @@ function join(separator = "") {
|
|
|
8993
9060
|
* @__NO_SIDE_EFFECTS__
|
|
8994
9061
|
*/
|
|
8995
9062
|
function padding(bits, chr = "=") {
|
|
8996
|
-
anumber$
|
|
9063
|
+
anumber$2(bits);
|
|
8997
9064
|
astr("padding", chr);
|
|
8998
9065
|
return {
|
|
8999
9066
|
encode(data) {
|
|
@@ -9041,7 +9108,7 @@ function convertRadix2(data, from, to, padding) {
|
|
|
9041
9108
|
const mask = powers[to] - 1;
|
|
9042
9109
|
const res = [];
|
|
9043
9110
|
for (const n of data) {
|
|
9044
|
-
anumber$
|
|
9111
|
+
anumber$2(n);
|
|
9045
9112
|
if (n >= max) throw new Error(`convertRadix2: invalid data word=${n} from=${from}`);
|
|
9046
9113
|
carry = carry << from | n;
|
|
9047
9114
|
if (pos + from > 32) throw new Error(`convertRadix2: carry overflow pos=${pos} from=${from}`);
|
|
@@ -9063,12 +9130,12 @@ function convertRadix2(data, from, to, padding) {
|
|
|
9063
9130
|
* @__NO_SIDE_EFFECTS__
|
|
9064
9131
|
*/
|
|
9065
9132
|
function radix2(bits, revPadding = false) {
|
|
9066
|
-
anumber$
|
|
9133
|
+
anumber$2(bits);
|
|
9067
9134
|
if (bits <= 0 || bits > 32) throw new RangeError("radix2: bits should be in (0..32]");
|
|
9068
9135
|
if (/* @__PURE__ */ radix2carry(8, bits) > 32 || /* @__PURE__ */ radix2carry(bits, 8) > 32) throw new RangeError("radix2: carry overflow");
|
|
9069
9136
|
return {
|
|
9070
9137
|
encode: (bytes) => {
|
|
9071
|
-
if (!isBytes$
|
|
9138
|
+
if (!isBytes$2(bytes)) throw new TypeError("radix2.encode input should be Uint8Array");
|
|
9072
9139
|
return convertRadix2(Array.from(bytes), 8, bits, !revPadding);
|
|
9073
9140
|
},
|
|
9074
9141
|
decode: (digits) => {
|
|
@@ -9190,7 +9257,7 @@ const decodeBase64Builtin = (s, isUrl) => {
|
|
|
9190
9257
|
*/
|
|
9191
9258
|
const base64 = /* @__PURE__ */ Object.freeze(hasBase64Builtin ? {
|
|
9192
9259
|
encode(b) {
|
|
9193
|
-
abytes$
|
|
9260
|
+
abytes$2(b);
|
|
9194
9261
|
return b.toBase64();
|
|
9195
9262
|
},
|
|
9196
9263
|
decode(s) {
|
|
@@ -9223,7 +9290,7 @@ const base64nopad = /* @__PURE__ */ Object.freeze(chain(radix2(6), alphabet("ABC
|
|
|
9223
9290
|
*/
|
|
9224
9291
|
const base64url = /* @__PURE__ */ Object.freeze(hasBase64Builtin ? {
|
|
9225
9292
|
encode(b) {
|
|
9226
|
-
abytes$
|
|
9293
|
+
abytes$2(b);
|
|
9227
9294
|
return b.toBase64({ alphabet: "base64url" });
|
|
9228
9295
|
},
|
|
9229
9296
|
decode(s) {
|
|
@@ -9282,7 +9349,7 @@ function genBech32(encoding) {
|
|
|
9282
9349
|
const fromWordsUnsafe = unsafeWrapper(fromWords);
|
|
9283
9350
|
function encode(prefix, words, limit = 90) {
|
|
9284
9351
|
astr("bech32.encode prefix", prefix);
|
|
9285
|
-
if (isBytes$
|
|
9352
|
+
if (isBytes$2(words)) words = Array.from(words);
|
|
9286
9353
|
anumArr("bech32.encode", words);
|
|
9287
9354
|
const plen = prefix.length;
|
|
9288
9355
|
if (plen === 0) throw new TypeError(`Invalid prefix length ${plen}`);
|
|
@@ -9362,7 +9429,7 @@ const bech32m = /* @__PURE__ */ Object.freeze(genBech32("bech32m"));
|
|
|
9362
9429
|
const hasHexBuiltin$1 = /* @__PURE__ */ (() => typeof Uint8Array.from([]).toHex === "function" && typeof Uint8Array.fromHex === "function")();
|
|
9363
9430
|
const hexBuiltin = {
|
|
9364
9431
|
encode(data) {
|
|
9365
|
-
abytes$
|
|
9432
|
+
abytes$2(data);
|
|
9366
9433
|
return data.toHex();
|
|
9367
9434
|
},
|
|
9368
9435
|
decode(s) {
|
|
@@ -9392,13 +9459,13 @@ const hex = /* @__PURE__ */ Object.freeze(hasHexBuiltin$1 ? hexBuiltin : chain(r
|
|
|
9392
9459
|
*/
|
|
9393
9460
|
function pbkdf2Init(hash, _password, _salt, _opts) {
|
|
9394
9461
|
ahash$1(hash);
|
|
9395
|
-
const { c, dkLen, asyncTick } = checkOpts
|
|
9462
|
+
const { c, dkLen, asyncTick } = checkOpts({
|
|
9396
9463
|
dkLen: 32,
|
|
9397
9464
|
asyncTick: 10
|
|
9398
9465
|
}, _opts);
|
|
9399
|
-
anumber$
|
|
9400
|
-
anumber$
|
|
9401
|
-
anumber$
|
|
9466
|
+
anumber$3(c, "c");
|
|
9467
|
+
anumber$3(dkLen, "dkLen");
|
|
9468
|
+
anumber$3(asyncTick, "asyncTick");
|
|
9402
9469
|
if (c < 1) throw new Error("iterations (c) must be >= 1");
|
|
9403
9470
|
if (dkLen < 1) throw new Error("\"dkLen\" must be >= 1");
|
|
9404
9471
|
if (dkLen > (2 ** 32 - 1) * hash.outputLen) throw new Error("derived key too long");
|
|
@@ -9419,7 +9486,7 @@ function pbkdf2Output(PRF, PRFSalt, DK, prfW, u) {
|
|
|
9419
9486
|
PRF.destroy();
|
|
9420
9487
|
PRFSalt.destroy();
|
|
9421
9488
|
if (prfW) prfW.destroy();
|
|
9422
|
-
clean$
|
|
9489
|
+
clean$1(u);
|
|
9423
9490
|
return DK;
|
|
9424
9491
|
}
|
|
9425
9492
|
/**
|
|
@@ -9444,7 +9511,7 @@ function pbkdf2(hash, password, salt, opts) {
|
|
|
9444
9511
|
const { c, dkLen, DK, PRF, PRFSalt } = pbkdf2Init(hash, password, salt, opts);
|
|
9445
9512
|
let prfW;
|
|
9446
9513
|
const arr = new Uint8Array(4);
|
|
9447
|
-
const view = createView$
|
|
9514
|
+
const view = createView$1(arr);
|
|
9448
9515
|
const u = new Uint8Array(PRF.outputLen);
|
|
9449
9516
|
for (let ti = 1, pos = 0; pos < dkLen; ti++, pos += PRF.outputLen) {
|
|
9450
9517
|
const Ti = DK.subarray(pos, pos + PRF.outputLen);
|
|
@@ -9476,38 +9543,38 @@ function XorAndSalsa(prev, pi, input, ii, out, oi) {
|
|
|
9476
9543
|
let y14 = prev[pi++] ^ input[ii++], y15 = prev[pi++] ^ input[ii++];
|
|
9477
9544
|
let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15;
|
|
9478
9545
|
for (let i = 0; i < 8; i += 2) {
|
|
9479
|
-
x04 ^= rotl
|
|
9480
|
-
x08 ^= rotl
|
|
9481
|
-
x12 ^= rotl
|
|
9482
|
-
x00 ^= rotl
|
|
9483
|
-
x09 ^= rotl
|
|
9484
|
-
x13 ^= rotl
|
|
9485
|
-
x01 ^= rotl
|
|
9486
|
-
x05 ^= rotl
|
|
9487
|
-
x14 ^= rotl
|
|
9488
|
-
x02 ^= rotl
|
|
9489
|
-
x06 ^= rotl
|
|
9490
|
-
x10 ^= rotl
|
|
9491
|
-
x03 ^= rotl
|
|
9492
|
-
x07 ^= rotl
|
|
9493
|
-
x11 ^= rotl
|
|
9494
|
-
x15 ^= rotl
|
|
9495
|
-
x01 ^= rotl
|
|
9496
|
-
x02 ^= rotl
|
|
9497
|
-
x03 ^= rotl
|
|
9498
|
-
x00 ^= rotl
|
|
9499
|
-
x06 ^= rotl
|
|
9500
|
-
x07 ^= rotl
|
|
9501
|
-
x04 ^= rotl
|
|
9502
|
-
x05 ^= rotl
|
|
9503
|
-
x11 ^= rotl
|
|
9504
|
-
x08 ^= rotl
|
|
9505
|
-
x09 ^= rotl
|
|
9506
|
-
x10 ^= rotl
|
|
9507
|
-
x12 ^= rotl
|
|
9508
|
-
x13 ^= rotl
|
|
9509
|
-
x14 ^= rotl
|
|
9510
|
-
x15 ^= rotl
|
|
9546
|
+
x04 ^= rotl(x00 + x12 | 0, 7);
|
|
9547
|
+
x08 ^= rotl(x04 + x00 | 0, 9);
|
|
9548
|
+
x12 ^= rotl(x08 + x04 | 0, 13);
|
|
9549
|
+
x00 ^= rotl(x12 + x08 | 0, 18);
|
|
9550
|
+
x09 ^= rotl(x05 + x01 | 0, 7);
|
|
9551
|
+
x13 ^= rotl(x09 + x05 | 0, 9);
|
|
9552
|
+
x01 ^= rotl(x13 + x09 | 0, 13);
|
|
9553
|
+
x05 ^= rotl(x01 + x13 | 0, 18);
|
|
9554
|
+
x14 ^= rotl(x10 + x06 | 0, 7);
|
|
9555
|
+
x02 ^= rotl(x14 + x10 | 0, 9);
|
|
9556
|
+
x06 ^= rotl(x02 + x14 | 0, 13);
|
|
9557
|
+
x10 ^= rotl(x06 + x02 | 0, 18);
|
|
9558
|
+
x03 ^= rotl(x15 + x11 | 0, 7);
|
|
9559
|
+
x07 ^= rotl(x03 + x15 | 0, 9);
|
|
9560
|
+
x11 ^= rotl(x07 + x03 | 0, 13);
|
|
9561
|
+
x15 ^= rotl(x11 + x07 | 0, 18);
|
|
9562
|
+
x01 ^= rotl(x00 + x03 | 0, 7);
|
|
9563
|
+
x02 ^= rotl(x01 + x00 | 0, 9);
|
|
9564
|
+
x03 ^= rotl(x02 + x01 | 0, 13);
|
|
9565
|
+
x00 ^= rotl(x03 + x02 | 0, 18);
|
|
9566
|
+
x06 ^= rotl(x05 + x04 | 0, 7);
|
|
9567
|
+
x07 ^= rotl(x06 + x05 | 0, 9);
|
|
9568
|
+
x04 ^= rotl(x07 + x06 | 0, 13);
|
|
9569
|
+
x05 ^= rotl(x04 + x07 | 0, 18);
|
|
9570
|
+
x11 ^= rotl(x10 + x09 | 0, 7);
|
|
9571
|
+
x08 ^= rotl(x11 + x10 | 0, 9);
|
|
9572
|
+
x09 ^= rotl(x08 + x11 | 0, 13);
|
|
9573
|
+
x10 ^= rotl(x09 + x08 | 0, 18);
|
|
9574
|
+
x12 ^= rotl(x15 + x14 | 0, 7);
|
|
9575
|
+
x13 ^= rotl(x12 + x15 | 0, 9);
|
|
9576
|
+
x14 ^= rotl(x13 + x12 | 0, 13);
|
|
9577
|
+
x15 ^= rotl(x14 + x13 | 0, 18);
|
|
9511
9578
|
}
|
|
9512
9579
|
out[oi++] = y00 + x00 | 0;
|
|
9513
9580
|
out[oi++] = y01 + x01 | 0;
|
|
@@ -9537,17 +9604,17 @@ function BlockMix(input, ii, out, oi, r) {
|
|
|
9537
9604
|
}
|
|
9538
9605
|
}
|
|
9539
9606
|
function scryptInit(password, salt, _opts) {
|
|
9540
|
-
const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = checkOpts
|
|
9607
|
+
const { N, r, p, dkLen, asyncTick, maxmem, onProgress } = checkOpts({
|
|
9541
9608
|
dkLen: 32,
|
|
9542
9609
|
asyncTick: 10,
|
|
9543
9610
|
maxmem: 1024 ** 3 + 1024
|
|
9544
9611
|
}, _opts);
|
|
9545
|
-
anumber$
|
|
9546
|
-
anumber$
|
|
9547
|
-
anumber$
|
|
9548
|
-
anumber$
|
|
9549
|
-
anumber$
|
|
9550
|
-
anumber$
|
|
9612
|
+
anumber$3(N, "N");
|
|
9613
|
+
anumber$3(r, "r");
|
|
9614
|
+
anumber$3(p, "p");
|
|
9615
|
+
anumber$3(dkLen, "dkLen");
|
|
9616
|
+
anumber$3(asyncTick, "asyncTick");
|
|
9617
|
+
anumber$3(maxmem, "maxmem");
|
|
9551
9618
|
if (onProgress !== void 0 && typeof onProgress !== "function") throw new Error("progressCb must be a function");
|
|
9552
9619
|
const blockSize = 128 * r;
|
|
9553
9620
|
const blockSize32 = blockSize / 4;
|
|
@@ -9561,9 +9628,9 @@ function scryptInit(password, salt, _opts) {
|
|
|
9561
9628
|
c: 1,
|
|
9562
9629
|
dkLen: blockSize * p
|
|
9563
9630
|
});
|
|
9564
|
-
const B32 = u32$
|
|
9565
|
-
const V = u32$
|
|
9566
|
-
const tmp = u32$
|
|
9631
|
+
const B32 = u32$1(B);
|
|
9632
|
+
const V = u32$1(new Uint8Array(blockSize * N));
|
|
9633
|
+
const tmp = u32$1(new Uint8Array(blockSize));
|
|
9567
9634
|
let blockMixCb = () => {};
|
|
9568
9635
|
if (onProgress) {
|
|
9569
9636
|
const totalBlockMix = 2 * N * p;
|
|
@@ -9593,7 +9660,7 @@ function scryptOutput(password, dkLen, B, V, tmp) {
|
|
|
9593
9660
|
c: 1,
|
|
9594
9661
|
dkLen
|
|
9595
9662
|
});
|
|
9596
|
-
clean$
|
|
9663
|
+
clean$1(B, V, tmp);
|
|
9597
9664
|
return res;
|
|
9598
9665
|
}
|
|
9599
9666
|
/**
|
|
@@ -9630,846 +9697,9 @@ function scrypt(password, salt, opts) {
|
|
|
9630
9697
|
blockMixCb();
|
|
9631
9698
|
}
|
|
9632
9699
|
}
|
|
9633
|
-
swap32IfBE$1(B32);
|
|
9634
|
-
return scryptOutput(password, dkLen, B, V, tmp);
|
|
9635
|
-
}
|
|
9636
|
-
|
|
9637
|
-
//#endregion
|
|
9638
|
-
//#region ../../node_modules/.bun/@noble+ciphers@2.1.1/node_modules/@noble/ciphers/utils.js
|
|
9639
|
-
/**
|
|
9640
|
-
* Utilities for hex, bytes, CSPRNG.
|
|
9641
|
-
* @module
|
|
9642
|
-
*/
|
|
9643
|
-
/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */
|
|
9644
|
-
/** Checks if something is Uint8Array. Be careful: nodejs Buffer will return true. */
|
|
9645
|
-
function isBytes$2(a) {
|
|
9646
|
-
return a instanceof Uint8Array || ArrayBuffer.isView(a) && a.constructor.name === "Uint8Array";
|
|
9647
|
-
}
|
|
9648
|
-
/** Asserts something is boolean. */
|
|
9649
|
-
function abool$2(b) {
|
|
9650
|
-
if (typeof b !== "boolean") throw new Error(`boolean expected, not ${b}`);
|
|
9651
|
-
}
|
|
9652
|
-
/** Asserts something is positive integer. */
|
|
9653
|
-
function anumber$2(n) {
|
|
9654
|
-
if (!Number.isSafeInteger(n) || n < 0) throw new Error("positive integer expected, got " + n);
|
|
9655
|
-
}
|
|
9656
|
-
/** Asserts something is Uint8Array. */
|
|
9657
|
-
function abytes$2(value, length, title = "") {
|
|
9658
|
-
const bytes = isBytes$2(value);
|
|
9659
|
-
const len = value?.length;
|
|
9660
|
-
const needsLen = length !== void 0;
|
|
9661
|
-
if (!bytes || needsLen && len !== length) {
|
|
9662
|
-
const prefix = title && `"${title}" `;
|
|
9663
|
-
const ofLen = needsLen ? ` of length ${length}` : "";
|
|
9664
|
-
const got = bytes ? `length=${len}` : `type=${typeof value}`;
|
|
9665
|
-
throw new Error(prefix + "expected Uint8Array" + ofLen + ", got " + got);
|
|
9666
|
-
}
|
|
9667
|
-
return value;
|
|
9668
|
-
}
|
|
9669
|
-
/** Asserts a hash instance has not been destroyed / finished */
|
|
9670
|
-
function aexists$1(instance, checkFinished = true) {
|
|
9671
|
-
if (instance.destroyed) throw new Error("Hash instance has been destroyed");
|
|
9672
|
-
if (checkFinished && instance.finished) throw new Error("Hash#digest() has already been called");
|
|
9673
|
-
}
|
|
9674
|
-
/** Asserts output is properly-sized byte array */
|
|
9675
|
-
function aoutput$1(out, instance) {
|
|
9676
|
-
abytes$2(out, void 0, "output");
|
|
9677
|
-
const min = instance.outputLen;
|
|
9678
|
-
if (out.length < min) throw new Error("digestInto() expects output buffer of length at least " + min);
|
|
9679
|
-
}
|
|
9680
|
-
/** Cast u8 / u16 / u32 to u32. */
|
|
9681
|
-
function u32$1(arr) {
|
|
9682
|
-
return new Uint32Array(arr.buffer, arr.byteOffset, Math.floor(arr.byteLength / 4));
|
|
9683
|
-
}
|
|
9684
|
-
/** Zeroize a byte array. Warning: JS provides no guarantees. */
|
|
9685
|
-
function clean$1(...arrays) {
|
|
9686
|
-
for (let i = 0; i < arrays.length; i++) arrays[i].fill(0);
|
|
9687
|
-
}
|
|
9688
|
-
/** Create DataView of an array for easy byte-level manipulation. */
|
|
9689
|
-
function createView$1(arr) {
|
|
9690
|
-
return new DataView(arr.buffer, arr.byteOffset, arr.byteLength);
|
|
9691
|
-
}
|
|
9692
|
-
/** Is current platform little-endian? Most are. Big-Endian platform: IBM */
|
|
9693
|
-
const isLE$1 = /* @__PURE__ */ (() => new Uint8Array(new Uint32Array([287454020]).buffer)[0] === 68)();
|
|
9694
|
-
function checkOpts(defaults, opts) {
|
|
9695
|
-
if (opts == null || typeof opts !== "object") throw new Error("options must be defined");
|
|
9696
|
-
return Object.assign(defaults, opts);
|
|
9697
|
-
}
|
|
9698
|
-
/** Compares 2 uint8array-s in kinda constant time. */
|
|
9699
|
-
function equalBytes$2(a, b) {
|
|
9700
|
-
if (a.length !== b.length) return false;
|
|
9701
|
-
let diff = 0;
|
|
9702
|
-
for (let i = 0; i < a.length; i++) diff |= a[i] ^ b[i];
|
|
9703
|
-
return diff === 0;
|
|
9704
|
-
}
|
|
9705
|
-
/**
|
|
9706
|
-
* Wraps a cipher: validates args, ensures encrypt() can only be called once.
|
|
9707
|
-
* @__NO_SIDE_EFFECTS__
|
|
9708
|
-
*/
|
|
9709
|
-
const wrapCipher = (params, constructor) => {
|
|
9710
|
-
function wrappedCipher(key, ...args) {
|
|
9711
|
-
abytes$2(key, void 0, "key");
|
|
9712
|
-
if (!isLE$1) throw new Error("Non little-endian hardware is not yet supported");
|
|
9713
|
-
if (params.nonceLength !== void 0) {
|
|
9714
|
-
const nonce = args[0];
|
|
9715
|
-
abytes$2(nonce, params.varSizeNonce ? void 0 : params.nonceLength, "nonce");
|
|
9716
|
-
}
|
|
9717
|
-
const tagl = params.tagLength;
|
|
9718
|
-
if (tagl && args[1] !== void 0) abytes$2(args[1], void 0, "AAD");
|
|
9719
|
-
const cipher = constructor(key, ...args);
|
|
9720
|
-
const checkOutput = (fnLength, output) => {
|
|
9721
|
-
if (output !== void 0) {
|
|
9722
|
-
if (fnLength !== 2) throw new Error("cipher output not supported");
|
|
9723
|
-
abytes$2(output, void 0, "output");
|
|
9724
|
-
}
|
|
9725
|
-
};
|
|
9726
|
-
let called = false;
|
|
9727
|
-
return {
|
|
9728
|
-
encrypt(data, output) {
|
|
9729
|
-
if (called) throw new Error("cannot encrypt() twice with same key + nonce");
|
|
9730
|
-
called = true;
|
|
9731
|
-
abytes$2(data);
|
|
9732
|
-
checkOutput(cipher.encrypt.length, output);
|
|
9733
|
-
return cipher.encrypt(data, output);
|
|
9734
|
-
},
|
|
9735
|
-
decrypt(data, output) {
|
|
9736
|
-
abytes$2(data);
|
|
9737
|
-
if (tagl && data.length < tagl) throw new Error("\"ciphertext\" expected length bigger than tagLength=" + tagl);
|
|
9738
|
-
checkOutput(cipher.decrypt.length, output);
|
|
9739
|
-
return cipher.decrypt(data, output);
|
|
9740
|
-
}
|
|
9741
|
-
};
|
|
9742
|
-
}
|
|
9743
|
-
Object.assign(wrappedCipher, params);
|
|
9744
|
-
return wrappedCipher;
|
|
9745
|
-
};
|
|
9746
|
-
/**
|
|
9747
|
-
* By default, returns u8a of length.
|
|
9748
|
-
* When out is available, it checks it for validity and uses it.
|
|
9749
|
-
*/
|
|
9750
|
-
function getOutput(expectedLength, out, onlyAligned = true) {
|
|
9751
|
-
if (out === void 0) return new Uint8Array(expectedLength);
|
|
9752
|
-
if (out.length !== expectedLength) throw new Error("\"output\" expected Uint8Array of length " + expectedLength + ", got: " + out.length);
|
|
9753
|
-
if (onlyAligned && !isAligned32$1(out)) throw new Error("invalid output, must be aligned");
|
|
9754
|
-
return out;
|
|
9755
|
-
}
|
|
9756
|
-
function u64Lengths(dataLength, aadLength, isLE) {
|
|
9757
|
-
abool$2(isLE);
|
|
9758
|
-
const num = new Uint8Array(16);
|
|
9759
|
-
const view = createView$1(num);
|
|
9760
|
-
view.setBigUint64(0, BigInt(aadLength), isLE);
|
|
9761
|
-
view.setBigUint64(8, BigInt(dataLength), isLE);
|
|
9762
|
-
return num;
|
|
9763
|
-
}
|
|
9764
|
-
function isAligned32$1(bytes) {
|
|
9765
|
-
return bytes.byteOffset % 4 === 0;
|
|
9766
|
-
}
|
|
9767
|
-
function copyBytes$3(bytes) {
|
|
9768
|
-
return Uint8Array.from(bytes);
|
|
9769
|
-
}
|
|
9770
|
-
|
|
9771
|
-
//#endregion
|
|
9772
|
-
//#region ../../node_modules/.bun/@noble+ciphers@2.1.1/node_modules/@noble/ciphers/_arx.js
|
|
9773
|
-
/**
|
|
9774
|
-
* Basic utils for ARX (add-rotate-xor) salsa and chacha ciphers.
|
|
9775
|
-
|
|
9776
|
-
RFC8439 requires multi-step cipher stream, where
|
|
9777
|
-
authKey starts with counter: 0, actual msg with counter: 1.
|
|
9778
|
-
|
|
9779
|
-
For this, we need a way to re-use nonce / counter:
|
|
9780
|
-
|
|
9781
|
-
const counter = new Uint8Array(4);
|
|
9782
|
-
chacha(..., counter, ...); // counter is now 1
|
|
9783
|
-
chacha(..., counter, ...); // counter is now 2
|
|
9784
|
-
|
|
9785
|
-
This is complicated:
|
|
9786
|
-
|
|
9787
|
-
- 32-bit counters are enough, no need for 64-bit: max ArrayBuffer size in JS is 4GB
|
|
9788
|
-
- Original papers don't allow mutating counters
|
|
9789
|
-
- Counter overflow is undefined [^1]
|
|
9790
|
-
- Idea A: allow providing (nonce | counter) instead of just nonce, re-use it
|
|
9791
|
-
- Caveat: Cannot be re-used through all cases:
|
|
9792
|
-
- * chacha has (counter | nonce)
|
|
9793
|
-
- * xchacha has (nonce16 | counter | nonce16)
|
|
9794
|
-
- Idea B: separate nonce / counter and provide separate API for counter re-use
|
|
9795
|
-
- Caveat: there are different counter sizes depending on an algorithm.
|
|
9796
|
-
- salsa & chacha also differ in structures of key & sigma:
|
|
9797
|
-
salsa20: s[0] | k(4) | s[1] | nonce(2) | cnt(2) | s[2] | k(4) | s[3]
|
|
9798
|
-
chacha: s(4) | k(8) | cnt(1) | nonce(3)
|
|
9799
|
-
chacha20orig: s(4) | k(8) | cnt(2) | nonce(2)
|
|
9800
|
-
- Idea C: helper method such as `setSalsaState(key, nonce, sigma, data)`
|
|
9801
|
-
- Caveat: we can't re-use counter array
|
|
9802
|
-
|
|
9803
|
-
xchacha [^2] uses the subkey and remaining 8 byte nonce with ChaCha20 as normal
|
|
9804
|
-
(prefixed by 4 NUL bytes, since [RFC8439] specifies a 12-byte nonce).
|
|
9805
|
-
|
|
9806
|
-
[^1]: https://mailarchive.ietf.org/arch/msg/cfrg/gsOnTJzcbgG6OqD8Sc0GO5aR_tU/
|
|
9807
|
-
[^2]: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha#appendix-A.2
|
|
9808
|
-
|
|
9809
|
-
* @module
|
|
9810
|
-
*/
|
|
9811
|
-
const encodeStr = (str) => Uint8Array.from(str.split(""), (c) => c.charCodeAt(0));
|
|
9812
|
-
const sigma16 = encodeStr("expand 16-byte k");
|
|
9813
|
-
const sigma32 = encodeStr("expand 32-byte k");
|
|
9814
|
-
const sigma16_32 = u32$1(sigma16);
|
|
9815
|
-
const sigma32_32 = u32$1(sigma32);
|
|
9816
|
-
/** Rotate left. */
|
|
9817
|
-
function rotl(a, b) {
|
|
9818
|
-
return a << b | a >>> 32 - b;
|
|
9819
|
-
}
|
|
9820
|
-
function isAligned32(b) {
|
|
9821
|
-
return b.byteOffset % 4 === 0;
|
|
9822
|
-
}
|
|
9823
|
-
const BLOCK_LEN = 64;
|
|
9824
|
-
const BLOCK_LEN32 = 16;
|
|
9825
|
-
const MAX_COUNTER = 2 ** 32 - 1;
|
|
9826
|
-
const U32_EMPTY = Uint32Array.of();
|
|
9827
|
-
function runCipher(core, sigma, key, nonce, data, output, counter, rounds) {
|
|
9828
|
-
const len = data.length;
|
|
9829
|
-
const block = new Uint8Array(BLOCK_LEN);
|
|
9830
|
-
const b32 = u32$1(block);
|
|
9831
|
-
const isAligned = isAligned32(data) && isAligned32(output);
|
|
9832
|
-
const d32 = isAligned ? u32$1(data) : U32_EMPTY;
|
|
9833
|
-
const o32 = isAligned ? u32$1(output) : U32_EMPTY;
|
|
9834
|
-
for (let pos = 0; pos < len; counter++) {
|
|
9835
|
-
core(sigma, key, nonce, b32, counter, rounds);
|
|
9836
|
-
if (counter >= MAX_COUNTER) throw new Error("arx: counter overflow");
|
|
9837
|
-
const take = Math.min(BLOCK_LEN, len - pos);
|
|
9838
|
-
if (isAligned && take === BLOCK_LEN) {
|
|
9839
|
-
const pos32 = pos / 4;
|
|
9840
|
-
if (pos % 4 !== 0) throw new Error("arx: invalid block position");
|
|
9841
|
-
for (let j = 0, posj; j < BLOCK_LEN32; j++) {
|
|
9842
|
-
posj = pos32 + j;
|
|
9843
|
-
o32[posj] = d32[posj] ^ b32[j];
|
|
9844
|
-
}
|
|
9845
|
-
pos += BLOCK_LEN;
|
|
9846
|
-
continue;
|
|
9847
|
-
}
|
|
9848
|
-
for (let j = 0, posj; j < take; j++) {
|
|
9849
|
-
posj = pos + j;
|
|
9850
|
-
output[posj] = data[posj] ^ block[j];
|
|
9851
|
-
}
|
|
9852
|
-
pos += take;
|
|
9853
|
-
}
|
|
9854
|
-
}
|
|
9855
|
-
/** Creates ARX-like (ChaCha, Salsa) cipher stream from core function. */
|
|
9856
|
-
function createCipher(core, opts) {
|
|
9857
|
-
const { allowShortKeys, extendNonceFn, counterLength, counterRight, rounds } = checkOpts({
|
|
9858
|
-
allowShortKeys: false,
|
|
9859
|
-
counterLength: 8,
|
|
9860
|
-
counterRight: false,
|
|
9861
|
-
rounds: 20
|
|
9862
|
-
}, opts);
|
|
9863
|
-
if (typeof core !== "function") throw new Error("core must be a function");
|
|
9864
|
-
anumber$2(counterLength);
|
|
9865
|
-
anumber$2(rounds);
|
|
9866
|
-
abool$2(counterRight);
|
|
9867
|
-
abool$2(allowShortKeys);
|
|
9868
|
-
return (key, nonce, data, output, counter = 0) => {
|
|
9869
|
-
abytes$2(key, void 0, "key");
|
|
9870
|
-
abytes$2(nonce, void 0, "nonce");
|
|
9871
|
-
abytes$2(data, void 0, "data");
|
|
9872
|
-
const len = data.length;
|
|
9873
|
-
if (output === void 0) output = new Uint8Array(len);
|
|
9874
|
-
abytes$2(output, void 0, "output");
|
|
9875
|
-
anumber$2(counter);
|
|
9876
|
-
if (counter < 0 || counter >= MAX_COUNTER) throw new Error("arx: counter overflow");
|
|
9877
|
-
if (output.length < len) throw new Error(`arx: output (${output.length}) is shorter than data (${len})`);
|
|
9878
|
-
const toClean = [];
|
|
9879
|
-
let l = key.length;
|
|
9880
|
-
let k;
|
|
9881
|
-
let sigma;
|
|
9882
|
-
if (l === 32) {
|
|
9883
|
-
toClean.push(k = copyBytes$3(key));
|
|
9884
|
-
sigma = sigma32_32;
|
|
9885
|
-
} else if (l === 16 && allowShortKeys) {
|
|
9886
|
-
k = new Uint8Array(32);
|
|
9887
|
-
k.set(key);
|
|
9888
|
-
k.set(key, 16);
|
|
9889
|
-
sigma = sigma16_32;
|
|
9890
|
-
toClean.push(k);
|
|
9891
|
-
} else {
|
|
9892
|
-
abytes$2(key, 32, "arx key");
|
|
9893
|
-
throw new Error("invalid key size");
|
|
9894
|
-
}
|
|
9895
|
-
if (!isAligned32(nonce)) toClean.push(nonce = copyBytes$3(nonce));
|
|
9896
|
-
const k32 = u32$1(k);
|
|
9897
|
-
if (extendNonceFn) {
|
|
9898
|
-
if (nonce.length !== 24) throw new Error(`arx: extended nonce must be 24 bytes`);
|
|
9899
|
-
extendNonceFn(sigma, k32, u32$1(nonce.subarray(0, 16)), k32);
|
|
9900
|
-
nonce = nonce.subarray(16);
|
|
9901
|
-
}
|
|
9902
|
-
const nonceNcLen = 16 - counterLength;
|
|
9903
|
-
if (nonceNcLen !== nonce.length) throw new Error(`arx: nonce must be ${nonceNcLen} or 16 bytes`);
|
|
9904
|
-
if (nonceNcLen !== 12) {
|
|
9905
|
-
const nc = new Uint8Array(12);
|
|
9906
|
-
nc.set(nonce, counterRight ? 0 : 12 - nonce.length);
|
|
9907
|
-
nonce = nc;
|
|
9908
|
-
toClean.push(nonce);
|
|
9909
|
-
}
|
|
9910
|
-
const n32 = u32$1(nonce);
|
|
9911
|
-
runCipher(core, sigma, k32, n32, data, output, counter, rounds);
|
|
9912
|
-
clean$1(...toClean);
|
|
9913
|
-
return output;
|
|
9914
|
-
};
|
|
9915
|
-
}
|
|
9916
|
-
|
|
9917
|
-
//#endregion
|
|
9918
|
-
//#region ../../node_modules/.bun/@noble+ciphers@2.1.1/node_modules/@noble/ciphers/_poly1305.js
|
|
9919
|
-
/**
|
|
9920
|
-
* Poly1305 ([PDF](https://cr.yp.to/mac/poly1305-20050329.pdf),
|
|
9921
|
-
* [wiki](https://en.wikipedia.org/wiki/Poly1305))
|
|
9922
|
-
* is a fast and parallel secret-key message-authentication code suitable for
|
|
9923
|
-
* a wide variety of applications. It was standardized in
|
|
9924
|
-
* [RFC 8439](https://www.rfc-editor.org/rfc/rfc8439) and is now used in TLS 1.3.
|
|
9925
|
-
*
|
|
9926
|
-
* Polynomial MACs are not perfect for every situation:
|
|
9927
|
-
* they lack Random Key Robustness: the MAC can be forged, and can't be used in PAKE schemes.
|
|
9928
|
-
* See [invisible salamanders attack](https://keymaterial.net/2020/09/07/invisible-salamanders-in-aes-gcm-siv/).
|
|
9929
|
-
* To combat invisible salamanders, `hash(key)` can be included in ciphertext,
|
|
9930
|
-
* however, this would violate ciphertext indistinguishability:
|
|
9931
|
-
* an attacker would know which key was used - so `HKDF(key, i)`
|
|
9932
|
-
* could be used instead.
|
|
9933
|
-
*
|
|
9934
|
-
* Check out [original website](https://cr.yp.to/mac.html).
|
|
9935
|
-
* Based on Public Domain [poly1305-donna](https://github.com/floodyberry/poly1305-donna).
|
|
9936
|
-
* @module
|
|
9937
|
-
*/
|
|
9938
|
-
function u8to16(a, i) {
|
|
9939
|
-
return a[i++] & 255 | (a[i++] & 255) << 8;
|
|
9940
|
-
}
|
|
9941
|
-
/** Poly1305 class. Prefer poly1305() function instead. */
|
|
9942
|
-
var Poly1305 = class {
|
|
9943
|
-
blockLen = 16;
|
|
9944
|
-
outputLen = 16;
|
|
9945
|
-
buffer = new Uint8Array(16);
|
|
9946
|
-
r = new Uint16Array(10);
|
|
9947
|
-
h = new Uint16Array(10);
|
|
9948
|
-
pad = new Uint16Array(8);
|
|
9949
|
-
pos = 0;
|
|
9950
|
-
finished = false;
|
|
9951
|
-
constructor(key) {
|
|
9952
|
-
key = copyBytes$3(abytes$2(key, 32, "key"));
|
|
9953
|
-
const t0 = u8to16(key, 0);
|
|
9954
|
-
const t1 = u8to16(key, 2);
|
|
9955
|
-
const t2 = u8to16(key, 4);
|
|
9956
|
-
const t3 = u8to16(key, 6);
|
|
9957
|
-
const t4 = u8to16(key, 8);
|
|
9958
|
-
const t5 = u8to16(key, 10);
|
|
9959
|
-
const t6 = u8to16(key, 12);
|
|
9960
|
-
const t7 = u8to16(key, 14);
|
|
9961
|
-
this.r[0] = t0 & 8191;
|
|
9962
|
-
this.r[1] = (t0 >>> 13 | t1 << 3) & 8191;
|
|
9963
|
-
this.r[2] = (t1 >>> 10 | t2 << 6) & 7939;
|
|
9964
|
-
this.r[3] = (t2 >>> 7 | t3 << 9) & 8191;
|
|
9965
|
-
this.r[4] = (t3 >>> 4 | t4 << 12) & 255;
|
|
9966
|
-
this.r[5] = t4 >>> 1 & 8190;
|
|
9967
|
-
this.r[6] = (t4 >>> 14 | t5 << 2) & 8191;
|
|
9968
|
-
this.r[7] = (t5 >>> 11 | t6 << 5) & 8065;
|
|
9969
|
-
this.r[8] = (t6 >>> 8 | t7 << 8) & 8191;
|
|
9970
|
-
this.r[9] = t7 >>> 5 & 127;
|
|
9971
|
-
for (let i = 0; i < 8; i++) this.pad[i] = u8to16(key, 16 + 2 * i);
|
|
9972
|
-
}
|
|
9973
|
-
process(data, offset, isLast = false) {
|
|
9974
|
-
const hibit = isLast ? 0 : 2048;
|
|
9975
|
-
const { h, r } = this;
|
|
9976
|
-
const r0 = r[0];
|
|
9977
|
-
const r1 = r[1];
|
|
9978
|
-
const r2 = r[2];
|
|
9979
|
-
const r3 = r[3];
|
|
9980
|
-
const r4 = r[4];
|
|
9981
|
-
const r5 = r[5];
|
|
9982
|
-
const r6 = r[6];
|
|
9983
|
-
const r7 = r[7];
|
|
9984
|
-
const r8 = r[8];
|
|
9985
|
-
const r9 = r[9];
|
|
9986
|
-
const t0 = u8to16(data, offset + 0);
|
|
9987
|
-
const t1 = u8to16(data, offset + 2);
|
|
9988
|
-
const t2 = u8to16(data, offset + 4);
|
|
9989
|
-
const t3 = u8to16(data, offset + 6);
|
|
9990
|
-
const t4 = u8to16(data, offset + 8);
|
|
9991
|
-
const t5 = u8to16(data, offset + 10);
|
|
9992
|
-
const t6 = u8to16(data, offset + 12);
|
|
9993
|
-
const t7 = u8to16(data, offset + 14);
|
|
9994
|
-
let h0 = h[0] + (t0 & 8191);
|
|
9995
|
-
let h1 = h[1] + ((t0 >>> 13 | t1 << 3) & 8191);
|
|
9996
|
-
let h2 = h[2] + ((t1 >>> 10 | t2 << 6) & 8191);
|
|
9997
|
-
let h3 = h[3] + ((t2 >>> 7 | t3 << 9) & 8191);
|
|
9998
|
-
let h4 = h[4] + ((t3 >>> 4 | t4 << 12) & 8191);
|
|
9999
|
-
let h5 = h[5] + (t4 >>> 1 & 8191);
|
|
10000
|
-
let h6 = h[6] + ((t4 >>> 14 | t5 << 2) & 8191);
|
|
10001
|
-
let h7 = h[7] + ((t5 >>> 11 | t6 << 5) & 8191);
|
|
10002
|
-
let h8 = h[8] + ((t6 >>> 8 | t7 << 8) & 8191);
|
|
10003
|
-
let h9 = h[9] + (t7 >>> 5 | hibit);
|
|
10004
|
-
let c = 0;
|
|
10005
|
-
let d0 = c + h0 * r0 + h1 * (5 * r9) + h2 * (5 * r8) + h3 * (5 * r7) + h4 * (5 * r6);
|
|
10006
|
-
c = d0 >>> 13;
|
|
10007
|
-
d0 &= 8191;
|
|
10008
|
-
d0 += h5 * (5 * r5) + h6 * (5 * r4) + h7 * (5 * r3) + h8 * (5 * r2) + h9 * (5 * r1);
|
|
10009
|
-
c += d0 >>> 13;
|
|
10010
|
-
d0 &= 8191;
|
|
10011
|
-
let d1 = c + h0 * r1 + h1 * r0 + h2 * (5 * r9) + h3 * (5 * r8) + h4 * (5 * r7);
|
|
10012
|
-
c = d1 >>> 13;
|
|
10013
|
-
d1 &= 8191;
|
|
10014
|
-
d1 += h5 * (5 * r6) + h6 * (5 * r5) + h7 * (5 * r4) + h8 * (5 * r3) + h9 * (5 * r2);
|
|
10015
|
-
c += d1 >>> 13;
|
|
10016
|
-
d1 &= 8191;
|
|
10017
|
-
let d2 = c + h0 * r2 + h1 * r1 + h2 * r0 + h3 * (5 * r9) + h4 * (5 * r8);
|
|
10018
|
-
c = d2 >>> 13;
|
|
10019
|
-
d2 &= 8191;
|
|
10020
|
-
d2 += h5 * (5 * r7) + h6 * (5 * r6) + h7 * (5 * r5) + h8 * (5 * r4) + h9 * (5 * r3);
|
|
10021
|
-
c += d2 >>> 13;
|
|
10022
|
-
d2 &= 8191;
|
|
10023
|
-
let d3 = c + h0 * r3 + h1 * r2 + h2 * r1 + h3 * r0 + h4 * (5 * r9);
|
|
10024
|
-
c = d3 >>> 13;
|
|
10025
|
-
d3 &= 8191;
|
|
10026
|
-
d3 += h5 * (5 * r8) + h6 * (5 * r7) + h7 * (5 * r6) + h8 * (5 * r5) + h9 * (5 * r4);
|
|
10027
|
-
c += d3 >>> 13;
|
|
10028
|
-
d3 &= 8191;
|
|
10029
|
-
let d4 = c + h0 * r4 + h1 * r3 + h2 * r2 + h3 * r1 + h4 * r0;
|
|
10030
|
-
c = d4 >>> 13;
|
|
10031
|
-
d4 &= 8191;
|
|
10032
|
-
d4 += h5 * (5 * r9) + h6 * (5 * r8) + h7 * (5 * r7) + h8 * (5 * r6) + h9 * (5 * r5);
|
|
10033
|
-
c += d4 >>> 13;
|
|
10034
|
-
d4 &= 8191;
|
|
10035
|
-
let d5 = c + h0 * r5 + h1 * r4 + h2 * r3 + h3 * r2 + h4 * r1;
|
|
10036
|
-
c = d5 >>> 13;
|
|
10037
|
-
d5 &= 8191;
|
|
10038
|
-
d5 += h5 * r0 + h6 * (5 * r9) + h7 * (5 * r8) + h8 * (5 * r7) + h9 * (5 * r6);
|
|
10039
|
-
c += d5 >>> 13;
|
|
10040
|
-
d5 &= 8191;
|
|
10041
|
-
let d6 = c + h0 * r6 + h1 * r5 + h2 * r4 + h3 * r3 + h4 * r2;
|
|
10042
|
-
c = d6 >>> 13;
|
|
10043
|
-
d6 &= 8191;
|
|
10044
|
-
d6 += h5 * r1 + h6 * r0 + h7 * (5 * r9) + h8 * (5 * r8) + h9 * (5 * r7);
|
|
10045
|
-
c += d6 >>> 13;
|
|
10046
|
-
d6 &= 8191;
|
|
10047
|
-
let d7 = c + h0 * r7 + h1 * r6 + h2 * r5 + h3 * r4 + h4 * r3;
|
|
10048
|
-
c = d7 >>> 13;
|
|
10049
|
-
d7 &= 8191;
|
|
10050
|
-
d7 += h5 * r2 + h6 * r1 + h7 * r0 + h8 * (5 * r9) + h9 * (5 * r8);
|
|
10051
|
-
c += d7 >>> 13;
|
|
10052
|
-
d7 &= 8191;
|
|
10053
|
-
let d8 = c + h0 * r8 + h1 * r7 + h2 * r6 + h3 * r5 + h4 * r4;
|
|
10054
|
-
c = d8 >>> 13;
|
|
10055
|
-
d8 &= 8191;
|
|
10056
|
-
d8 += h5 * r3 + h6 * r2 + h7 * r1 + h8 * r0 + h9 * (5 * r9);
|
|
10057
|
-
c += d8 >>> 13;
|
|
10058
|
-
d8 &= 8191;
|
|
10059
|
-
let d9 = c + h0 * r9 + h1 * r8 + h2 * r7 + h3 * r6 + h4 * r5;
|
|
10060
|
-
c = d9 >>> 13;
|
|
10061
|
-
d9 &= 8191;
|
|
10062
|
-
d9 += h5 * r4 + h6 * r3 + h7 * r2 + h8 * r1 + h9 * r0;
|
|
10063
|
-
c += d9 >>> 13;
|
|
10064
|
-
d9 &= 8191;
|
|
10065
|
-
c = (c << 2) + c | 0;
|
|
10066
|
-
c = c + d0 | 0;
|
|
10067
|
-
d0 = c & 8191;
|
|
10068
|
-
c = c >>> 13;
|
|
10069
|
-
d1 += c;
|
|
10070
|
-
h[0] = d0;
|
|
10071
|
-
h[1] = d1;
|
|
10072
|
-
h[2] = d2;
|
|
10073
|
-
h[3] = d3;
|
|
10074
|
-
h[4] = d4;
|
|
10075
|
-
h[5] = d5;
|
|
10076
|
-
h[6] = d6;
|
|
10077
|
-
h[7] = d7;
|
|
10078
|
-
h[8] = d8;
|
|
10079
|
-
h[9] = d9;
|
|
10080
|
-
}
|
|
10081
|
-
finalize() {
|
|
10082
|
-
const { h, pad } = this;
|
|
10083
|
-
const g = new Uint16Array(10);
|
|
10084
|
-
let c = h[1] >>> 13;
|
|
10085
|
-
h[1] &= 8191;
|
|
10086
|
-
for (let i = 2; i < 10; i++) {
|
|
10087
|
-
h[i] += c;
|
|
10088
|
-
c = h[i] >>> 13;
|
|
10089
|
-
h[i] &= 8191;
|
|
10090
|
-
}
|
|
10091
|
-
h[0] += c * 5;
|
|
10092
|
-
c = h[0] >>> 13;
|
|
10093
|
-
h[0] &= 8191;
|
|
10094
|
-
h[1] += c;
|
|
10095
|
-
c = h[1] >>> 13;
|
|
10096
|
-
h[1] &= 8191;
|
|
10097
|
-
h[2] += c;
|
|
10098
|
-
g[0] = h[0] + 5;
|
|
10099
|
-
c = g[0] >>> 13;
|
|
10100
|
-
g[0] &= 8191;
|
|
10101
|
-
for (let i = 1; i < 10; i++) {
|
|
10102
|
-
g[i] = h[i] + c;
|
|
10103
|
-
c = g[i] >>> 13;
|
|
10104
|
-
g[i] &= 8191;
|
|
10105
|
-
}
|
|
10106
|
-
g[9] -= 8192;
|
|
10107
|
-
let mask = (c ^ 1) - 1;
|
|
10108
|
-
for (let i = 0; i < 10; i++) g[i] &= mask;
|
|
10109
|
-
mask = ~mask;
|
|
10110
|
-
for (let i = 0; i < 10; i++) h[i] = h[i] & mask | g[i];
|
|
10111
|
-
h[0] = (h[0] | h[1] << 13) & 65535;
|
|
10112
|
-
h[1] = (h[1] >>> 3 | h[2] << 10) & 65535;
|
|
10113
|
-
h[2] = (h[2] >>> 6 | h[3] << 7) & 65535;
|
|
10114
|
-
h[3] = (h[3] >>> 9 | h[4] << 4) & 65535;
|
|
10115
|
-
h[4] = (h[4] >>> 12 | h[5] << 1 | h[6] << 14) & 65535;
|
|
10116
|
-
h[5] = (h[6] >>> 2 | h[7] << 11) & 65535;
|
|
10117
|
-
h[6] = (h[7] >>> 5 | h[8] << 8) & 65535;
|
|
10118
|
-
h[7] = (h[8] >>> 8 | h[9] << 5) & 65535;
|
|
10119
|
-
let f = h[0] + pad[0];
|
|
10120
|
-
h[0] = f & 65535;
|
|
10121
|
-
for (let i = 1; i < 8; i++) {
|
|
10122
|
-
f = (h[i] + pad[i] | 0) + (f >>> 16) | 0;
|
|
10123
|
-
h[i] = f & 65535;
|
|
10124
|
-
}
|
|
10125
|
-
clean$1(g);
|
|
10126
|
-
}
|
|
10127
|
-
update(data) {
|
|
10128
|
-
aexists$1(this);
|
|
10129
|
-
abytes$2(data);
|
|
10130
|
-
data = copyBytes$3(data);
|
|
10131
|
-
const { buffer, blockLen } = this;
|
|
10132
|
-
const len = data.length;
|
|
10133
|
-
for (let pos = 0; pos < len;) {
|
|
10134
|
-
const take = Math.min(blockLen - this.pos, len - pos);
|
|
10135
|
-
if (take === blockLen) {
|
|
10136
|
-
for (; blockLen <= len - pos; pos += blockLen) this.process(data, pos);
|
|
10137
|
-
continue;
|
|
10138
|
-
}
|
|
10139
|
-
buffer.set(data.subarray(pos, pos + take), this.pos);
|
|
10140
|
-
this.pos += take;
|
|
10141
|
-
pos += take;
|
|
10142
|
-
if (this.pos === blockLen) {
|
|
10143
|
-
this.process(buffer, 0, false);
|
|
10144
|
-
this.pos = 0;
|
|
10145
|
-
}
|
|
10146
|
-
}
|
|
10147
|
-
return this;
|
|
10148
|
-
}
|
|
10149
|
-
destroy() {
|
|
10150
|
-
clean$1(this.h, this.r, this.buffer, this.pad);
|
|
10151
|
-
}
|
|
10152
|
-
digestInto(out) {
|
|
10153
|
-
aexists$1(this);
|
|
10154
|
-
aoutput$1(out, this);
|
|
10155
|
-
this.finished = true;
|
|
10156
|
-
const { buffer, h } = this;
|
|
10157
|
-
let { pos } = this;
|
|
10158
|
-
if (pos) {
|
|
10159
|
-
buffer[pos++] = 1;
|
|
10160
|
-
for (; pos < 16; pos++) buffer[pos] = 0;
|
|
10161
|
-
this.process(buffer, 0, true);
|
|
10162
|
-
}
|
|
10163
|
-
this.finalize();
|
|
10164
|
-
let opos = 0;
|
|
10165
|
-
for (let i = 0; i < 8; i++) {
|
|
10166
|
-
out[opos++] = h[i] >>> 0;
|
|
10167
|
-
out[opos++] = h[i] >>> 8;
|
|
10168
|
-
}
|
|
10169
|
-
return out;
|
|
10170
|
-
}
|
|
10171
|
-
digest() {
|
|
10172
|
-
const { buffer, outputLen } = this;
|
|
10173
|
-
this.digestInto(buffer);
|
|
10174
|
-
const res = buffer.slice(0, outputLen);
|
|
10175
|
-
this.destroy();
|
|
10176
|
-
return res;
|
|
10177
|
-
}
|
|
10178
|
-
};
|
|
10179
|
-
function wrapConstructorWithKey(hashCons) {
|
|
10180
|
-
const hashC = (msg, key) => hashCons(key).update(msg).digest();
|
|
10181
|
-
const tmp = hashCons(new Uint8Array(32));
|
|
10182
|
-
hashC.outputLen = tmp.outputLen;
|
|
10183
|
-
hashC.blockLen = tmp.blockLen;
|
|
10184
|
-
hashC.create = (key) => hashCons(key);
|
|
10185
|
-
return hashC;
|
|
10186
|
-
}
|
|
10187
|
-
/** Poly1305 MAC from RFC 8439. */
|
|
10188
|
-
const poly1305 = (() => wrapConstructorWithKey((key) => new Poly1305(key)))();
|
|
10189
|
-
|
|
10190
|
-
//#endregion
|
|
10191
|
-
//#region ../../node_modules/.bun/@noble+ciphers@2.1.1/node_modules/@noble/ciphers/chacha.js
|
|
10192
|
-
/**
|
|
10193
|
-
* ChaCha stream cipher, released
|
|
10194
|
-
* in 2008. Developed after Salsa20, ChaCha aims to increase diffusion per round.
|
|
10195
|
-
* It was standardized in [RFC 8439](https://www.rfc-editor.org/rfc/rfc8439) and
|
|
10196
|
-
* is now used in TLS 1.3.
|
|
10197
|
-
*
|
|
10198
|
-
* [XChaCha20](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha)
|
|
10199
|
-
* extended-nonce variant is also provided. Similar to XSalsa, it's safe to use with
|
|
10200
|
-
* randomly-generated nonces.
|
|
10201
|
-
*
|
|
10202
|
-
* Check out [PDF](http://cr.yp.to/chacha/chacha-20080128.pdf) and
|
|
10203
|
-
* [wiki](https://en.wikipedia.org/wiki/Salsa20) and
|
|
10204
|
-
* [website](https://cr.yp.to/chacha.html).
|
|
10205
|
-
*
|
|
10206
|
-
* @module
|
|
10207
|
-
*/
|
|
10208
|
-
/** Identical to `chachaCore_small`. Unused. */
|
|
10209
|
-
function chachaCore(s, k, n, out, cnt, rounds = 20) {
|
|
10210
|
-
let y00 = s[0], y01 = s[1], y02 = s[2], y03 = s[3], y04 = k[0], y05 = k[1], y06 = k[2], y07 = k[3], y08 = k[4], y09 = k[5], y10 = k[6], y11 = k[7], y12 = cnt, y13 = n[0], y14 = n[1], y15 = n[2];
|
|
10211
|
-
let x00 = y00, x01 = y01, x02 = y02, x03 = y03, x04 = y04, x05 = y05, x06 = y06, x07 = y07, x08 = y08, x09 = y09, x10 = y10, x11 = y11, x12 = y12, x13 = y13, x14 = y14, x15 = y15;
|
|
10212
|
-
for (let r = 0; r < rounds; r += 2) {
|
|
10213
|
-
x00 = x00 + x04 | 0;
|
|
10214
|
-
x12 = rotl(x12 ^ x00, 16);
|
|
10215
|
-
x08 = x08 + x12 | 0;
|
|
10216
|
-
x04 = rotl(x04 ^ x08, 12);
|
|
10217
|
-
x00 = x00 + x04 | 0;
|
|
10218
|
-
x12 = rotl(x12 ^ x00, 8);
|
|
10219
|
-
x08 = x08 + x12 | 0;
|
|
10220
|
-
x04 = rotl(x04 ^ x08, 7);
|
|
10221
|
-
x01 = x01 + x05 | 0;
|
|
10222
|
-
x13 = rotl(x13 ^ x01, 16);
|
|
10223
|
-
x09 = x09 + x13 | 0;
|
|
10224
|
-
x05 = rotl(x05 ^ x09, 12);
|
|
10225
|
-
x01 = x01 + x05 | 0;
|
|
10226
|
-
x13 = rotl(x13 ^ x01, 8);
|
|
10227
|
-
x09 = x09 + x13 | 0;
|
|
10228
|
-
x05 = rotl(x05 ^ x09, 7);
|
|
10229
|
-
x02 = x02 + x06 | 0;
|
|
10230
|
-
x14 = rotl(x14 ^ x02, 16);
|
|
10231
|
-
x10 = x10 + x14 | 0;
|
|
10232
|
-
x06 = rotl(x06 ^ x10, 12);
|
|
10233
|
-
x02 = x02 + x06 | 0;
|
|
10234
|
-
x14 = rotl(x14 ^ x02, 8);
|
|
10235
|
-
x10 = x10 + x14 | 0;
|
|
10236
|
-
x06 = rotl(x06 ^ x10, 7);
|
|
10237
|
-
x03 = x03 + x07 | 0;
|
|
10238
|
-
x15 = rotl(x15 ^ x03, 16);
|
|
10239
|
-
x11 = x11 + x15 | 0;
|
|
10240
|
-
x07 = rotl(x07 ^ x11, 12);
|
|
10241
|
-
x03 = x03 + x07 | 0;
|
|
10242
|
-
x15 = rotl(x15 ^ x03, 8);
|
|
10243
|
-
x11 = x11 + x15 | 0;
|
|
10244
|
-
x07 = rotl(x07 ^ x11, 7);
|
|
10245
|
-
x00 = x00 + x05 | 0;
|
|
10246
|
-
x15 = rotl(x15 ^ x00, 16);
|
|
10247
|
-
x10 = x10 + x15 | 0;
|
|
10248
|
-
x05 = rotl(x05 ^ x10, 12);
|
|
10249
|
-
x00 = x00 + x05 | 0;
|
|
10250
|
-
x15 = rotl(x15 ^ x00, 8);
|
|
10251
|
-
x10 = x10 + x15 | 0;
|
|
10252
|
-
x05 = rotl(x05 ^ x10, 7);
|
|
10253
|
-
x01 = x01 + x06 | 0;
|
|
10254
|
-
x12 = rotl(x12 ^ x01, 16);
|
|
10255
|
-
x11 = x11 + x12 | 0;
|
|
10256
|
-
x06 = rotl(x06 ^ x11, 12);
|
|
10257
|
-
x01 = x01 + x06 | 0;
|
|
10258
|
-
x12 = rotl(x12 ^ x01, 8);
|
|
10259
|
-
x11 = x11 + x12 | 0;
|
|
10260
|
-
x06 = rotl(x06 ^ x11, 7);
|
|
10261
|
-
x02 = x02 + x07 | 0;
|
|
10262
|
-
x13 = rotl(x13 ^ x02, 16);
|
|
10263
|
-
x08 = x08 + x13 | 0;
|
|
10264
|
-
x07 = rotl(x07 ^ x08, 12);
|
|
10265
|
-
x02 = x02 + x07 | 0;
|
|
10266
|
-
x13 = rotl(x13 ^ x02, 8);
|
|
10267
|
-
x08 = x08 + x13 | 0;
|
|
10268
|
-
x07 = rotl(x07 ^ x08, 7);
|
|
10269
|
-
x03 = x03 + x04 | 0;
|
|
10270
|
-
x14 = rotl(x14 ^ x03, 16);
|
|
10271
|
-
x09 = x09 + x14 | 0;
|
|
10272
|
-
x04 = rotl(x04 ^ x09, 12);
|
|
10273
|
-
x03 = x03 + x04 | 0;
|
|
10274
|
-
x14 = rotl(x14 ^ x03, 8);
|
|
10275
|
-
x09 = x09 + x14 | 0;
|
|
10276
|
-
x04 = rotl(x04 ^ x09, 7);
|
|
10277
|
-
}
|
|
10278
|
-
let oi = 0;
|
|
10279
|
-
out[oi++] = y00 + x00 | 0;
|
|
10280
|
-
out[oi++] = y01 + x01 | 0;
|
|
10281
|
-
out[oi++] = y02 + x02 | 0;
|
|
10282
|
-
out[oi++] = y03 + x03 | 0;
|
|
10283
|
-
out[oi++] = y04 + x04 | 0;
|
|
10284
|
-
out[oi++] = y05 + x05 | 0;
|
|
10285
|
-
out[oi++] = y06 + x06 | 0;
|
|
10286
|
-
out[oi++] = y07 + x07 | 0;
|
|
10287
|
-
out[oi++] = y08 + x08 | 0;
|
|
10288
|
-
out[oi++] = y09 + x09 | 0;
|
|
10289
|
-
out[oi++] = y10 + x10 | 0;
|
|
10290
|
-
out[oi++] = y11 + x11 | 0;
|
|
10291
|
-
out[oi++] = y12 + x12 | 0;
|
|
10292
|
-
out[oi++] = y13 + x13 | 0;
|
|
10293
|
-
out[oi++] = y14 + x14 | 0;
|
|
10294
|
-
out[oi++] = y15 + x15 | 0;
|
|
10295
|
-
}
|
|
10296
|
-
/**
|
|
10297
|
-
* hchacha hashes key and nonce into key' and nonce' for xchacha20.
|
|
10298
|
-
* Identical to `hchacha_small`.
|
|
10299
|
-
* Need to find a way to merge it with `chachaCore` without 25% performance hit.
|
|
10300
|
-
*/
|
|
10301
|
-
function hchacha(s, k, i, out) {
|
|
10302
|
-
let x00 = s[0], x01 = s[1], x02 = s[2], x03 = s[3], x04 = k[0], x05 = k[1], x06 = k[2], x07 = k[3], x08 = k[4], x09 = k[5], x10 = k[6], x11 = k[7], x12 = i[0], x13 = i[1], x14 = i[2], x15 = i[3];
|
|
10303
|
-
for (let r = 0; r < 20; r += 2) {
|
|
10304
|
-
x00 = x00 + x04 | 0;
|
|
10305
|
-
x12 = rotl(x12 ^ x00, 16);
|
|
10306
|
-
x08 = x08 + x12 | 0;
|
|
10307
|
-
x04 = rotl(x04 ^ x08, 12);
|
|
10308
|
-
x00 = x00 + x04 | 0;
|
|
10309
|
-
x12 = rotl(x12 ^ x00, 8);
|
|
10310
|
-
x08 = x08 + x12 | 0;
|
|
10311
|
-
x04 = rotl(x04 ^ x08, 7);
|
|
10312
|
-
x01 = x01 + x05 | 0;
|
|
10313
|
-
x13 = rotl(x13 ^ x01, 16);
|
|
10314
|
-
x09 = x09 + x13 | 0;
|
|
10315
|
-
x05 = rotl(x05 ^ x09, 12);
|
|
10316
|
-
x01 = x01 + x05 | 0;
|
|
10317
|
-
x13 = rotl(x13 ^ x01, 8);
|
|
10318
|
-
x09 = x09 + x13 | 0;
|
|
10319
|
-
x05 = rotl(x05 ^ x09, 7);
|
|
10320
|
-
x02 = x02 + x06 | 0;
|
|
10321
|
-
x14 = rotl(x14 ^ x02, 16);
|
|
10322
|
-
x10 = x10 + x14 | 0;
|
|
10323
|
-
x06 = rotl(x06 ^ x10, 12);
|
|
10324
|
-
x02 = x02 + x06 | 0;
|
|
10325
|
-
x14 = rotl(x14 ^ x02, 8);
|
|
10326
|
-
x10 = x10 + x14 | 0;
|
|
10327
|
-
x06 = rotl(x06 ^ x10, 7);
|
|
10328
|
-
x03 = x03 + x07 | 0;
|
|
10329
|
-
x15 = rotl(x15 ^ x03, 16);
|
|
10330
|
-
x11 = x11 + x15 | 0;
|
|
10331
|
-
x07 = rotl(x07 ^ x11, 12);
|
|
10332
|
-
x03 = x03 + x07 | 0;
|
|
10333
|
-
x15 = rotl(x15 ^ x03, 8);
|
|
10334
|
-
x11 = x11 + x15 | 0;
|
|
10335
|
-
x07 = rotl(x07 ^ x11, 7);
|
|
10336
|
-
x00 = x00 + x05 | 0;
|
|
10337
|
-
x15 = rotl(x15 ^ x00, 16);
|
|
10338
|
-
x10 = x10 + x15 | 0;
|
|
10339
|
-
x05 = rotl(x05 ^ x10, 12);
|
|
10340
|
-
x00 = x00 + x05 | 0;
|
|
10341
|
-
x15 = rotl(x15 ^ x00, 8);
|
|
10342
|
-
x10 = x10 + x15 | 0;
|
|
10343
|
-
x05 = rotl(x05 ^ x10, 7);
|
|
10344
|
-
x01 = x01 + x06 | 0;
|
|
10345
|
-
x12 = rotl(x12 ^ x01, 16);
|
|
10346
|
-
x11 = x11 + x12 | 0;
|
|
10347
|
-
x06 = rotl(x06 ^ x11, 12);
|
|
10348
|
-
x01 = x01 + x06 | 0;
|
|
10349
|
-
x12 = rotl(x12 ^ x01, 8);
|
|
10350
|
-
x11 = x11 + x12 | 0;
|
|
10351
|
-
x06 = rotl(x06 ^ x11, 7);
|
|
10352
|
-
x02 = x02 + x07 | 0;
|
|
10353
|
-
x13 = rotl(x13 ^ x02, 16);
|
|
10354
|
-
x08 = x08 + x13 | 0;
|
|
10355
|
-
x07 = rotl(x07 ^ x08, 12);
|
|
10356
|
-
x02 = x02 + x07 | 0;
|
|
10357
|
-
x13 = rotl(x13 ^ x02, 8);
|
|
10358
|
-
x08 = x08 + x13 | 0;
|
|
10359
|
-
x07 = rotl(x07 ^ x08, 7);
|
|
10360
|
-
x03 = x03 + x04 | 0;
|
|
10361
|
-
x14 = rotl(x14 ^ x03, 16);
|
|
10362
|
-
x09 = x09 + x14 | 0;
|
|
10363
|
-
x04 = rotl(x04 ^ x09, 12);
|
|
10364
|
-
x03 = x03 + x04 | 0;
|
|
10365
|
-
x14 = rotl(x14 ^ x03, 8);
|
|
10366
|
-
x09 = x09 + x14 | 0;
|
|
10367
|
-
x04 = rotl(x04 ^ x09, 7);
|
|
10368
|
-
}
|
|
10369
|
-
let oi = 0;
|
|
10370
|
-
out[oi++] = x00;
|
|
10371
|
-
out[oi++] = x01;
|
|
10372
|
-
out[oi++] = x02;
|
|
10373
|
-
out[oi++] = x03;
|
|
10374
|
-
out[oi++] = x12;
|
|
10375
|
-
out[oi++] = x13;
|
|
10376
|
-
out[oi++] = x14;
|
|
10377
|
-
out[oi++] = x15;
|
|
10378
|
-
}
|
|
10379
|
-
/**
|
|
10380
|
-
* ChaCha stream cipher. Conforms to RFC 8439 (IETF, TLS). 12-byte nonce, 4-byte counter.
|
|
10381
|
-
* With smaller nonce, it's not safe to make it random (CSPRNG), due to collision chance.
|
|
10382
|
-
*/
|
|
10383
|
-
const chacha20 = /* @__PURE__ */ createCipher(chachaCore, {
|
|
10384
|
-
counterRight: false,
|
|
10385
|
-
counterLength: 4,
|
|
10386
|
-
allowShortKeys: false
|
|
10387
|
-
});
|
|
10388
|
-
/**
|
|
10389
|
-
* XChaCha eXtended-nonce ChaCha. With 24-byte nonce, it's safe to make it random (CSPRNG).
|
|
10390
|
-
* See [IRTF draft](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha).
|
|
10391
|
-
*/
|
|
10392
|
-
const xchacha20 = /* @__PURE__ */ createCipher(chachaCore, {
|
|
10393
|
-
counterRight: false,
|
|
10394
|
-
counterLength: 8,
|
|
10395
|
-
extendNonceFn: hchacha,
|
|
10396
|
-
allowShortKeys: false
|
|
10397
|
-
});
|
|
10398
|
-
const ZEROS16 = /* @__PURE__ */ new Uint8Array(16);
|
|
10399
|
-
const updatePadded = (h, msg) => {
|
|
10400
|
-
h.update(msg);
|
|
10401
|
-
const leftover = msg.length % 16;
|
|
10402
|
-
if (leftover) h.update(ZEROS16.subarray(leftover));
|
|
10403
|
-
};
|
|
10404
|
-
const ZEROS32 = /* @__PURE__ */ new Uint8Array(32);
|
|
10405
|
-
function computeTag(fn, key, nonce, ciphertext, AAD) {
|
|
10406
|
-
if (AAD !== void 0) abytes$2(AAD, void 0, "AAD");
|
|
10407
|
-
const authKey = fn(key, nonce, ZEROS32);
|
|
10408
|
-
const lengths = u64Lengths(ciphertext.length, AAD ? AAD.length : 0, true);
|
|
10409
|
-
const h = poly1305.create(authKey);
|
|
10410
|
-
if (AAD) updatePadded(h, AAD);
|
|
10411
|
-
updatePadded(h, ciphertext);
|
|
10412
|
-
h.update(lengths);
|
|
10413
|
-
const res = h.digest();
|
|
10414
|
-
clean$1(authKey, lengths);
|
|
10415
|
-
return res;
|
|
10416
|
-
}
|
|
10417
|
-
/**
|
|
10418
|
-
* AEAD algorithm from RFC 8439.
|
|
10419
|
-
* Salsa20 and chacha (RFC 8439) use poly1305 differently.
|
|
10420
|
-
* We could have composed them, but it's hard because of authKey:
|
|
10421
|
-
* In salsa20, authKey changes position in salsa stream.
|
|
10422
|
-
* In chacha, authKey can't be computed inside computeTag, it modifies the counter.
|
|
10423
|
-
*/
|
|
10424
|
-
const _poly1305_aead = (xorStream) => (key, nonce, AAD) => {
|
|
10425
|
-
const tagLength = 16;
|
|
10426
|
-
return {
|
|
10427
|
-
encrypt(plaintext, output) {
|
|
10428
|
-
const plength = plaintext.length;
|
|
10429
|
-
output = getOutput(plength + tagLength, output, false);
|
|
10430
|
-
output.set(plaintext);
|
|
10431
|
-
const oPlain = output.subarray(0, -16);
|
|
10432
|
-
xorStream(key, nonce, oPlain, oPlain, 1);
|
|
10433
|
-
const tag = computeTag(xorStream, key, nonce, oPlain, AAD);
|
|
10434
|
-
output.set(tag, plength);
|
|
10435
|
-
clean$1(tag);
|
|
10436
|
-
return output;
|
|
10437
|
-
},
|
|
10438
|
-
decrypt(ciphertext, output) {
|
|
10439
|
-
output = getOutput(ciphertext.length - tagLength, output, false);
|
|
10440
|
-
const data = ciphertext.subarray(0, -16);
|
|
10441
|
-
const passedTag = ciphertext.subarray(-16);
|
|
10442
|
-
const tag = computeTag(xorStream, key, nonce, data, AAD);
|
|
10443
|
-
if (!equalBytes$2(passedTag, tag)) throw new Error("invalid tag");
|
|
10444
|
-
output.set(ciphertext.subarray(0, -16));
|
|
10445
|
-
xorStream(key, nonce, output, output, 1);
|
|
10446
|
-
clean$1(tag);
|
|
10447
|
-
return output;
|
|
10448
|
-
}
|
|
10449
|
-
};
|
|
10450
|
-
};
|
|
10451
|
-
/**
|
|
10452
|
-
* ChaCha20-Poly1305 from RFC 8439.
|
|
10453
|
-
*
|
|
10454
|
-
* Unsafe to use random nonces under the same key, due to collision chance.
|
|
10455
|
-
* Prefer XChaCha instead.
|
|
10456
|
-
*/
|
|
10457
|
-
const chacha20poly1305 = /* @__PURE__ */ wrapCipher({
|
|
10458
|
-
blockSize: 64,
|
|
10459
|
-
nonceLength: 12,
|
|
10460
|
-
tagLength: 16
|
|
10461
|
-
}, _poly1305_aead(chacha20));
|
|
10462
|
-
/**
|
|
10463
|
-
* XChaCha20-Poly1305 extended-nonce chacha.
|
|
10464
|
-
*
|
|
10465
|
-
* Can be safely used with random nonces (CSPRNG).
|
|
10466
|
-
* See [IRTF draft](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha).
|
|
10467
|
-
*/
|
|
10468
|
-
const xchacha20poly1305 = /* @__PURE__ */ wrapCipher({
|
|
10469
|
-
blockSize: 64,
|
|
10470
|
-
nonceLength: 24,
|
|
10471
|
-
tagLength: 16
|
|
10472
|
-
}, _poly1305_aead(xchacha20));
|
|
9700
|
+
swap32IfBE$1(B32);
|
|
9701
|
+
return scryptOutput(password, dkLen, B, V, tmp);
|
|
9702
|
+
}
|
|
10473
9703
|
|
|
10474
9704
|
//#endregion
|
|
10475
9705
|
//#region ../../node_modules/.bun/@noble+hashes@2.0.1/node_modules/@noble/hashes/utils.js
|
|
@@ -14445,7 +13675,7 @@ const MLKEM768P256 = ml_kem768_p256;
|
|
|
14445
13675
|
* abytes(new Uint8Array(1));
|
|
14446
13676
|
* ```
|
|
14447
13677
|
*/
|
|
14448
|
-
const abytes = (value, length, title) => abytes$
|
|
13678
|
+
const abytes = (value, length, title) => abytes$3(value, length, title);
|
|
14449
13679
|
/**
|
|
14450
13680
|
* Validates that a value is a non-negative safe integer.
|
|
14451
13681
|
* @param n - Value to validate.
|
|
@@ -14457,7 +13687,7 @@ const abytes = (value, length, title) => abytes$4(value, length, title);
|
|
|
14457
13687
|
* anumber(1);
|
|
14458
13688
|
* ```
|
|
14459
13689
|
*/
|
|
14460
|
-
const anumber = anumber$
|
|
13690
|
+
const anumber = anumber$3;
|
|
14461
13691
|
/**
|
|
14462
13692
|
* Encodes bytes as lowercase hex.
|
|
14463
13693
|
* @param bytes - Bytes to encode.
|
|
@@ -14505,7 +13735,7 @@ const hexToBytes = (hex) => hexToBytes$2(hex);
|
|
|
14505
13735
|
* isBytes(new Uint8Array(1));
|
|
14506
13736
|
* ```
|
|
14507
13737
|
*/
|
|
14508
|
-
const isBytes = isBytes$
|
|
13738
|
+
const isBytes = isBytes$3;
|
|
14509
13739
|
/**
|
|
14510
13740
|
* Reads random bytes from the platform CSPRNG.
|
|
14511
13741
|
* @param bytesLength - Number of random bytes to read.
|
|
@@ -14645,7 +13875,7 @@ function bytesToNumberBE(bytes) {
|
|
|
14645
13875
|
* ```
|
|
14646
13876
|
*/
|
|
14647
13877
|
function bytesToNumberLE(bytes) {
|
|
14648
|
-
return hexToNumber(bytesToHex$2(copyBytes(abytes$
|
|
13878
|
+
return hexToNumber(bytesToHex$2(copyBytes(abytes$3(bytes)).reverse()));
|
|
14649
13879
|
}
|
|
14650
13880
|
/**
|
|
14651
13881
|
* Encodes a bigint into fixed-length big-endian bytes.
|
|
@@ -14661,7 +13891,7 @@ function bytesToNumberLE(bytes) {
|
|
|
14661
13891
|
* ```
|
|
14662
13892
|
*/
|
|
14663
13893
|
function numberToBytesBE(n, len) {
|
|
14664
|
-
anumber$
|
|
13894
|
+
anumber$3(len);
|
|
14665
13895
|
if (len === 0) throw new RangeError("zero length");
|
|
14666
13896
|
n = abignumber(n);
|
|
14667
13897
|
const hex = n.toString(16);
|
|
@@ -14833,8 +14063,8 @@ const bitMask = (n) => (_1n$6 << BigInt(n)) - _1n$6;
|
|
|
14833
14063
|
* ```
|
|
14834
14064
|
*/
|
|
14835
14065
|
function createHmacDrbg(hashLen, qByteLen, hmacFn) {
|
|
14836
|
-
anumber$
|
|
14837
|
-
anumber$
|
|
14066
|
+
anumber$3(hashLen, "hashLen");
|
|
14067
|
+
anumber$3(qByteLen, "qByteLen");
|
|
14838
14068
|
if (typeof hmacFn !== "function") throw new TypeError("hmacFn must be a function");
|
|
14839
14069
|
const u8n = (len) => new Uint8Array(len);
|
|
14840
14070
|
const NULL = Uint8Array.of();
|
|
@@ -17689,7 +16919,7 @@ var _RistrettoPoint = class _RistrettoPoint extends PrimeEdwardsPoint {
|
|
|
17689
16919
|
return new _RistrettoPoint(ep);
|
|
17690
16920
|
}
|
|
17691
16921
|
static fromBytes(bytes) {
|
|
17692
|
-
abytes$
|
|
16922
|
+
abytes$3(bytes, 32);
|
|
17693
16923
|
const { a, d } = ed25519_CURVE;
|
|
17694
16924
|
const P = ed25519_CURVE_p;
|
|
17695
16925
|
const mod = (n) => Fp.create(n);
|
|
@@ -17813,7 +17043,7 @@ const ristretto255_hasher = Object.freeze({
|
|
|
17813
17043
|
* `hash_to_ristretto255` function defined in RFC 9380.
|
|
17814
17044
|
*/
|
|
17815
17045
|
deriveToCurve(bytes) {
|
|
17816
|
-
abytes$
|
|
17046
|
+
abytes$3(bytes, 64);
|
|
17817
17047
|
const R1 = calcElligatorRistrettoMap(bytes255ToNumberLE(bytes.subarray(0, 32)));
|
|
17818
17048
|
const R2 = calcElligatorRistrettoMap(bytes255ToNumberLE(bytes.subarray(32, 64)));
|
|
17819
17049
|
return new _RistrettoPoint(R1.add(R2));
|
|
@@ -20755,6 +19985,7 @@ const DISTRIBUTION_TO_CERTIFICATE_TYPE = {
|
|
|
20755
19985
|
DEVELOPMENT: AppleUtils.CertificateType.IOS_DEVELOPMENT
|
|
20756
19986
|
};
|
|
20757
19987
|
var AppleIdGenerateFailedError = class extends Data.TaggedError("AppleIdGenerateFailedError") {};
|
|
19988
|
+
var ApnsKeyLimitError = class extends Data.TaggedError("ApnsKeyLimitError") {};
|
|
20758
19989
|
const CERT_LIMIT_PATTERN = /already have a current.*certificate|pending certificate request/iu;
|
|
20759
19990
|
const messageOf = (cause) => cause instanceof Error ? cause.message : String(cause);
|
|
20760
19991
|
const wrap = (step, run) => Effect.tryPromise({
|
|
@@ -20899,6 +20130,86 @@ const generateAndUploadProvisioningProfileViaAppleId = (api, input) => Effect.ge
|
|
|
20899
20130
|
developerPortalIdentifier: created.developerPortalIdentifier
|
|
20900
20131
|
};
|
|
20901
20132
|
});
|
|
20133
|
+
const APNS_SERVICE_ID = "U27F4V844T";
|
|
20134
|
+
const APNS_KEY_LIMIT_PATTERN = /maximum allowed number of .*keys/iu;
|
|
20135
|
+
const wrapKeyCreate = (run) => Effect.tryPromise({
|
|
20136
|
+
try: run,
|
|
20137
|
+
catch: (cause) => {
|
|
20138
|
+
const message = messageOf(cause);
|
|
20139
|
+
return cause instanceof AppleUtils.Keys.MaxKeysCreatedError || APNS_KEY_LIMIT_PATTERN.test(message) ? new ApnsKeyLimitError({ message }) : new AppleIdGenerateFailedError({
|
|
20140
|
+
step: "apple-create-key",
|
|
20141
|
+
message
|
|
20142
|
+
});
|
|
20143
|
+
}
|
|
20144
|
+
});
|
|
20145
|
+
const writeRescueP8 = (keyId, p8Pem) => Effect.gen(function* () {
|
|
20146
|
+
const fs = yield* FileSystem.FileSystem;
|
|
20147
|
+
const filePath = `AuthKey_${keyId}.p8`;
|
|
20148
|
+
yield* fs.writeFileString(filePath, p8Pem, { mode: 384 });
|
|
20149
|
+
return filePath;
|
|
20150
|
+
});
|
|
20151
|
+
const generateAndUploadApnsKeyViaAppleId = (api, input) => Effect.gen(function* () {
|
|
20152
|
+
const ctx = input.context;
|
|
20153
|
+
const key = yield* wrapKeyCreate(async () => AppleUtils.Keys.createKeyAsync(ctx, {
|
|
20154
|
+
name: input.name,
|
|
20155
|
+
isApns: true
|
|
20156
|
+
}));
|
|
20157
|
+
const p8Pem = yield* wrap("apple-download-key", async () => AppleUtils.Keys.downloadKeyAsync(ctx, { id: key.id }));
|
|
20158
|
+
const metadata = {
|
|
20159
|
+
keyId: key.id,
|
|
20160
|
+
appleTeamIdentifier: input.appleTeamIdentifier
|
|
20161
|
+
};
|
|
20162
|
+
return {
|
|
20163
|
+
id: (yield* Effect.gen(function* () {
|
|
20164
|
+
const envelope = yield* sealForUpload({
|
|
20165
|
+
session: yield* openVaultSessionInteractive(api),
|
|
20166
|
+
credentialType: "push-key",
|
|
20167
|
+
metadata,
|
|
20168
|
+
secret: { p8Pem }
|
|
20169
|
+
});
|
|
20170
|
+
return yield* api.applePushKeys.upload({ payload: {
|
|
20171
|
+
...toUploadEnvelope(envelope),
|
|
20172
|
+
...metadata
|
|
20173
|
+
} });
|
|
20174
|
+
}).pipe(Effect.catchAll((cause) => Effect.gen(function* () {
|
|
20175
|
+
const rescuePath = yield* writeRescueP8(key.id, p8Pem).pipe(Effect.catchAll(() => Effect.succeed(null)));
|
|
20176
|
+
const where = rescuePath === null ? "could not be saved locally and is now unrecoverable" : `was saved to ${rescuePath} — re-import with \`credentials generate push-key --p8 ${rescuePath} --key-id ${key.id} --apple-team-id ${input.appleTeamIdentifier}\``;
|
|
20177
|
+
return yield* new AppleIdGenerateFailedError({
|
|
20178
|
+
step: "store-apns-key",
|
|
20179
|
+
message: `Created APNs key ${key.id} on Apple but failed to store it (${messageOf(cause)}). The downloaded .p8 ${where}.`
|
|
20180
|
+
});
|
|
20181
|
+
})))).id,
|
|
20182
|
+
keyId: key.id,
|
|
20183
|
+
appleTeamIdentifier: input.appleTeamIdentifier,
|
|
20184
|
+
name: key.name
|
|
20185
|
+
};
|
|
20186
|
+
});
|
|
20187
|
+
const listApnsKeysViaAppleId = (ctx) => Effect.gen(function* () {
|
|
20188
|
+
const keys = yield* wrap("apple-list-keys", async () => AppleUtils.Keys.getKeysAsync(ctx));
|
|
20189
|
+
return (yield* Effect.forEach(keys, (key) => wrap("apple-get-key-info", async () => AppleUtils.Keys.getKeyInfoAsync(ctx, { id: key.id })), { concurrency: 4 })).filter((info) => info.services.some((service) => service.id === APNS_SERVICE_ID)).map((info) => ({
|
|
20190
|
+
developerPortalKeyId: info.id,
|
|
20191
|
+
name: info.name,
|
|
20192
|
+
canRevoke: info.canRevoke
|
|
20193
|
+
}));
|
|
20194
|
+
});
|
|
20195
|
+
const revokeApnsKeyViaAppleId = (ctx, developerPortalKeyId) => wrap("apple-revoke-key", async () => AppleUtils.Keys.revokeKeyAsync(ctx, { id: developerPortalKeyId }));
|
|
20196
|
+
/**
|
|
20197
|
+
* Revoke an APNs key on Apple and (optionally) delete the stored copy. Only keys
|
|
20198
|
+
* still present on the portal are revoked — one already gone upstream is treated
|
|
20199
|
+
* as `revokedOnApple: false` and still deleted locally, so cleanup never wedges.
|
|
20200
|
+
* Shared by the `revoke push-key` command and the interactive wizard.
|
|
20201
|
+
*/
|
|
20202
|
+
const revokeLocalApnsKey = (api, input) => Effect.gen(function* () {
|
|
20203
|
+
const present = (yield* listApnsKeysViaAppleId(input.context)).some((entry) => entry.developerPortalKeyId === input.keyId);
|
|
20204
|
+
if (present) yield* revokeApnsKeyViaAppleId(input.context, input.keyId);
|
|
20205
|
+
if (!input.keepLocal) yield* api.applePushKeys.delete({ path: { id: input.pushKeyId } });
|
|
20206
|
+
return {
|
|
20207
|
+
localId: input.pushKeyId,
|
|
20208
|
+
keyId: input.keyId,
|
|
20209
|
+
revokedOnApple: present,
|
|
20210
|
+
deletedLocally: !input.keepLocal
|
|
20211
|
+
};
|
|
20212
|
+
});
|
|
20902
20213
|
|
|
20903
20214
|
//#endregion
|
|
20904
20215
|
//#region src/lib/ios-bundle-config-upsert.ts
|
|
@@ -20971,6 +20282,36 @@ const interactiveAppleIdCertLimitRecover = (ctx) => Effect.gen(function* () {
|
|
|
20971
20282
|
yield* Effect.forEach(toRevoke, (id) => revokeDistributionCertViaAppleId(ctx, id), { concurrency: "inherit" });
|
|
20972
20283
|
yield* Console.log(`Revoked ${toRevoke.length} certificate(s); retrying generation...`);
|
|
20973
20284
|
});
|
|
20285
|
+
const defaultApnsKeyName = () => `better-update APNs (${(/* @__PURE__ */ new Date()).toISOString().slice(0, 10)})`;
|
|
20286
|
+
const apnsKeyLimitRecover = (ctx) => Effect.gen(function* () {
|
|
20287
|
+
yield* Console.log("");
|
|
20288
|
+
yield* Console.log("Apple reports the APNs key limit was hit (max 2 keys per team).");
|
|
20289
|
+
const revocable = (yield* listApnsKeysViaAppleId(ctx)).filter((entry) => entry.canRevoke);
|
|
20290
|
+
if (revocable.length === 0) return yield* new CredentialValidationError({ message: "Apple says the APNs key limit is hit but no revocable keys were returned." });
|
|
20291
|
+
const toRevoke = yield* promptMultiSelect("Select one or more APNs keys to revoke before retrying", revocable.map((entry) => ({
|
|
20292
|
+
value: entry.developerPortalKeyId,
|
|
20293
|
+
label: `${entry.name} (${entry.developerPortalKeyId})`
|
|
20294
|
+
})), { required: true });
|
|
20295
|
+
yield* Effect.forEach(toRevoke, (id) => revokeApnsKeyViaAppleId(ctx, id), { concurrency: "inherit" });
|
|
20296
|
+
yield* Console.log(`Revoked ${toRevoke.length} key(s); retrying creation...`);
|
|
20297
|
+
});
|
|
20298
|
+
/**
|
|
20299
|
+
* Log in with Apple ID, create a fresh APNs `.p8` on the portal, download it, and
|
|
20300
|
+
* upload it end-to-end encrypted — recovering interactively from the key limit.
|
|
20301
|
+
* Returns the stored credential; callers render their own success output. Shared
|
|
20302
|
+
* by the `generate push-key` command and the interactive wizard.
|
|
20303
|
+
*/
|
|
20304
|
+
const createApnsKeyViaAppleId = (api, name) => Effect.gen(function* () {
|
|
20305
|
+
const auth = yield* AppleAuth;
|
|
20306
|
+
const session = yield* auth.ensureLoggedIn();
|
|
20307
|
+
const ctx = auth.buildRequestContext(session);
|
|
20308
|
+
const generate = generateAndUploadApnsKeyViaAppleId(api, {
|
|
20309
|
+
context: ctx,
|
|
20310
|
+
appleTeamIdentifier: session.teamId,
|
|
20311
|
+
name
|
|
20312
|
+
});
|
|
20313
|
+
return yield* generate.pipe(Effect.catchTag("ApnsKeyLimitError", () => apnsKeyLimitRecover(ctx).pipe(Effect.flatMap(() => generate))));
|
|
20314
|
+
});
|
|
20974
20315
|
const generateDistributionCertViaAppleIdInteractive = (api, ctx) => Effect.gen(function* () {
|
|
20975
20316
|
yield* Console.log("Generating distribution certificate via Apple ID...");
|
|
20976
20317
|
const generate = generateAndUploadDistributionCertificateViaAppleId(api, { context: ctx });
|
|
@@ -26992,6 +26333,39 @@ const revokeIosDistributionCert = (ctx) => Effect.gen(function* () {
|
|
|
26992
26333
|
["Deleted locally", result.deletedLocally ? "yes" : "no (kept)"]
|
|
26993
26334
|
]);
|
|
26994
26335
|
});
|
|
26336
|
+
const revokeIosPushKey = (ctx) => Effect.gen(function* () {
|
|
26337
|
+
const { items } = yield* ctx.api.applePushKeys.list();
|
|
26338
|
+
if (items.length === 0) return yield* new MissingCredentialsError({
|
|
26339
|
+
message: "No APNs push keys in this account.",
|
|
26340
|
+
hint: "Run 'Add a new push key' to create one first."
|
|
26341
|
+
});
|
|
26342
|
+
const localId = yield* promptSelect("Select a push key to revoke", items.map((key) => ({
|
|
26343
|
+
value: key.id,
|
|
26344
|
+
label: `${key.keyId} (team ${key.appleTeamId})`
|
|
26345
|
+
})));
|
|
26346
|
+
const target = items.find((entry) => entry.id === localId);
|
|
26347
|
+
if (target === void 0) return yield* new MissingCredentialsError({
|
|
26348
|
+
message: `Selected push key ${localId} not found.`,
|
|
26349
|
+
hint: "Re-run and pick again."
|
|
26350
|
+
});
|
|
26351
|
+
const keepLocal = yield* promptConfirm("Keep the key in this account after revoking?", { initialValue: false });
|
|
26352
|
+
const auth = yield* AppleAuth;
|
|
26353
|
+
const session = yield* auth.ensureLoggedIn();
|
|
26354
|
+
yield* Console.log("Logging in to Apple and revoking the push key...");
|
|
26355
|
+
const result = yield* revokeLocalApnsKey(ctx.api, {
|
|
26356
|
+
context: auth.buildRequestContext(session),
|
|
26357
|
+
pushKeyId: target.id,
|
|
26358
|
+
keyId: target.keyId,
|
|
26359
|
+
keepLocal
|
|
26360
|
+
});
|
|
26361
|
+
yield* Console.log("Revoke complete.");
|
|
26362
|
+
yield* printKeyValue([
|
|
26363
|
+
["Local ID", result.localId],
|
|
26364
|
+
["Key ID", result.keyId],
|
|
26365
|
+
["Revoked on Apple", result.revokedOnApple ? "yes" : "no (not present on portal)"],
|
|
26366
|
+
["Deleted locally", result.deletedLocally ? "yes" : "no (kept)"]
|
|
26367
|
+
]);
|
|
26368
|
+
});
|
|
26995
26369
|
|
|
26996
26370
|
//#endregion
|
|
26997
26371
|
//#region src/application/credentials-manager-ios.ts
|
|
@@ -27056,8 +26430,26 @@ const generateNewIosDistributionCert = (ctx) => Effect.gen(function* () {
|
|
|
27056
26430
|
["Apple team", created.appleTeamIdentifier]
|
|
27057
26431
|
]);
|
|
27058
26432
|
});
|
|
26433
|
+
const promptPushKeyMethod = () => promptSelect("How do you want to provide the APNs auth key?", [{
|
|
26434
|
+
value: "apple-id",
|
|
26435
|
+
label: "Create a new key by logging in with your Apple ID (recommended)"
|
|
26436
|
+
}, {
|
|
26437
|
+
value: "upload",
|
|
26438
|
+
label: "Upload a .p8 you already downloaded from the Apple portal"
|
|
26439
|
+
}]);
|
|
27059
26440
|
const addIosPushKey = (ctx) => Effect.gen(function* () {
|
|
27060
|
-
yield*
|
|
26441
|
+
if ((yield* promptPushKeyMethod()) === "apple-id") {
|
|
26442
|
+
const created = yield* createApnsKeyViaAppleId(ctx.api, defaultApnsKeyName());
|
|
26443
|
+
yield* Console.log("APNs push key created and registered.");
|
|
26444
|
+
yield* printKeyValue([
|
|
26445
|
+
["ID", created.id],
|
|
26446
|
+
["Key ID", created.keyId],
|
|
26447
|
+
["Apple team", created.appleTeamIdentifier],
|
|
26448
|
+
["Name", created.name]
|
|
26449
|
+
]);
|
|
26450
|
+
return;
|
|
26451
|
+
}
|
|
26452
|
+
yield* printHuman("Apple does not expose APNs key creation via the public ASC API.");
|
|
27061
26453
|
yield* printHuman(`Create one here, download .p8, then return: ${APPLE_PUSH_KEY_PORTAL_URL$1}`);
|
|
27062
26454
|
const keyId = (yield* promptText("APNs key ID (10 uppercase alphanumeric)")).trim().toUpperCase();
|
|
27063
26455
|
if (!APPLE_TEN_CHARS.test(keyId)) return yield* new CredentialValidationError({ message: `Push key ID "${keyId}" must be 10 uppercase alphanumeric characters.` });
|
|
@@ -27119,7 +26511,12 @@ const setupProjectPushNotifications = (ctx) => Effect.gen(function* () {
|
|
|
27119
26511
|
yield* Console.log(`Push notifications set up: key ${pushKeyId} bound to ${config.bundleIdentifier} (${config.distributionType}).`);
|
|
27120
26512
|
});
|
|
27121
26513
|
const createNewPushKeyForBundle = (ctx, fallbackTeamId) => Effect.gen(function* () {
|
|
27122
|
-
yield*
|
|
26514
|
+
if ((yield* promptPushKeyMethod()) === "apple-id") {
|
|
26515
|
+
const created = yield* createApnsKeyViaAppleId(ctx.api, defaultApnsKeyName());
|
|
26516
|
+
yield* Console.log(`APNs push key ${created.keyId} created.`);
|
|
26517
|
+
return created.id;
|
|
26518
|
+
}
|
|
26519
|
+
yield* printHuman("Apple does not expose APNs key creation via the public ASC API.");
|
|
27123
26520
|
yield* printHuman(`Create one here, download .p8, then return: ${APPLE_PUSH_KEY_PORTAL_URL$1}`);
|
|
27124
26521
|
const rawKeyId = (yield* promptText("APNs key ID (10 uppercase alphanumeric)")).trim().toUpperCase();
|
|
27125
26522
|
if (!APPLE_TEN_CHARS.test(rawKeyId)) return yield* new CredentialValidationError({ message: `Push key ID "${rawKeyId}" must be 10 uppercase alphanumeric characters.` });
|
|
@@ -27206,9 +26603,13 @@ const iosPushKeysMenu = (ctx) => Effect.gen(function* () {
|
|
|
27206
26603
|
value: "bind",
|
|
27207
26604
|
label: "Use an existing push key"
|
|
27208
26605
|
},
|
|
26606
|
+
{
|
|
26607
|
+
value: "revoke",
|
|
26608
|
+
label: "Revoke a push key (Apple Developer Portal)"
|
|
26609
|
+
},
|
|
27209
26610
|
{
|
|
27210
26611
|
value: "remove",
|
|
27211
|
-
label: "Remove a push key"
|
|
26612
|
+
label: "Remove a push key (local only)"
|
|
27212
26613
|
},
|
|
27213
26614
|
{
|
|
27214
26615
|
value: BACK,
|
|
@@ -27219,6 +26620,7 @@ const iosPushKeysMenu = (ctx) => Effect.gen(function* () {
|
|
|
27219
26620
|
if (choice === "setup") yield* safely("set up push notifications", setupProjectPushNotifications(ctx));
|
|
27220
26621
|
else if (choice === "add") yield* safely("add push key", addIosPushKey(ctx));
|
|
27221
26622
|
else if (choice === "bind") yield* safely("bind push key", bindIosPushKey(ctx));
|
|
26623
|
+
else if (choice === "revoke") yield* safely("revoke push key", revokeIosPushKey(ctx));
|
|
27222
26624
|
else if (choice === "remove") yield* safely("remove push key", pickAndDelete(ctx, "push-key", "APNs push key"));
|
|
27223
26625
|
yield* iosPushKeysMenu(ctx);
|
|
27224
26626
|
});
|
|
@@ -28193,6 +27595,129 @@ const downloadCommand = defineCommand({
|
|
|
28193
27595
|
}), { json: "value" })
|
|
28194
27596
|
});
|
|
28195
27597
|
|
|
27598
|
+
//#endregion
|
|
27599
|
+
//#region src/commands/credentials/generate-push-key.ts
|
|
27600
|
+
const PUSH_KEY_EXIT_EXTRAS = {
|
|
27601
|
+
CredentialValidationError: 2,
|
|
27602
|
+
AppleIdGenerateFailedError: 6,
|
|
27603
|
+
ApnsKeyLimitError: 6,
|
|
27604
|
+
AppleAuthError: 4,
|
|
27605
|
+
InteractiveProhibitedError: 4
|
|
27606
|
+
};
|
|
27607
|
+
const APPLE_PUSH_KEY_PORTAL_URL = "https://developer.apple.com/account/resources/authkeys/list";
|
|
27608
|
+
const KEY_ID_PATTERN = /^[A-Z0-9]{10}$/u;
|
|
27609
|
+
const APPLE_TEAM_ID_PATTERN = /^[A-Z0-9]{10}$/u;
|
|
27610
|
+
const resolveAppleTeamFromAscKey = (api, ascApiKeyId) => Effect.gen(function* () {
|
|
27611
|
+
if (ascApiKeyId === void 0) return;
|
|
27612
|
+
const teamId = (yield* api.ascApiKeys.list()).items.find((entry) => entry.id === ascApiKeyId)?.appleTeamId;
|
|
27613
|
+
return typeof teamId === "string" ? teamId : void 0;
|
|
27614
|
+
});
|
|
27615
|
+
const validateKeyId = (value) => KEY_ID_PATTERN.test(value) ? Effect.succeed(value) : Effect.fail(new CredentialValidationError({ message: `Push key ID "${value}" must be 10 uppercase alphanumeric characters.` }));
|
|
27616
|
+
const validateAppleTeamId = (value) => APPLE_TEAM_ID_PATTERN.test(value) ? Effect.succeed(value) : Effect.fail(new CredentialValidationError({ message: `Apple Team ID "${value}" must be 10 uppercase alphanumeric characters.` }));
|
|
27617
|
+
const resolvePushKeyInput = (api, args) => Effect.gen(function* () {
|
|
27618
|
+
const derivedTeamId = yield* resolveAppleTeamFromAscKey(api, args["asc-key-id"]);
|
|
27619
|
+
const keyId = yield* validateKeyId((args["key-id"] ?? (yield* promptText("APNs key ID (10 uppercase alphanumeric)"))).trim().toUpperCase());
|
|
27620
|
+
const appleTeamIdentifier = yield* validateAppleTeamId((args["apple-team-id"] ?? derivedTeamId ?? (yield* promptText("Apple Team identifier (10 uppercase alphanumeric)"))).trim().toUpperCase());
|
|
27621
|
+
const p8Path = args.p8 ?? (yield* promptText("Path to the AuthKey_XXXXXXXXXX.p8 file you downloaded"));
|
|
27622
|
+
if (p8Path.trim().length === 0) return yield* new CredentialValidationError({ message: "Missing --p8 path" });
|
|
27623
|
+
return {
|
|
27624
|
+
keyId,
|
|
27625
|
+
appleTeamIdentifier,
|
|
27626
|
+
p8Path,
|
|
27627
|
+
name: args.name ?? keyId
|
|
27628
|
+
};
|
|
27629
|
+
});
|
|
27630
|
+
const resolvePushKeyMethod = (args) => Effect.gen(function* () {
|
|
27631
|
+
if (args.p8 !== void 0 && args.p8.trim().length > 0) return "upload";
|
|
27632
|
+
if (args.method === "upload" || args.method === "apple-id") return args.method;
|
|
27633
|
+
return yield* promptSelect("How do you want to provide the APNs auth key?", [{
|
|
27634
|
+
value: "apple-id",
|
|
27635
|
+
label: "Create a new key by logging in with your Apple ID (recommended)"
|
|
27636
|
+
}, {
|
|
27637
|
+
value: "upload",
|
|
27638
|
+
label: "Upload a .p8 you already downloaded from the Apple portal"
|
|
27639
|
+
}]);
|
|
27640
|
+
});
|
|
27641
|
+
const uploadPushKeyFromFile = (api, args) => Effect.gen(function* () {
|
|
27642
|
+
if (args["skip-portal-hint"] !== true) {
|
|
27643
|
+
yield* printHuman("Apple does not expose APNs key creation via the public ASC API.");
|
|
27644
|
+
yield* printHuman("Create the key here, download the .p8, then come back:");
|
|
27645
|
+
yield* printHuman(` ${APPLE_PUSH_KEY_PORTAL_URL}`);
|
|
27646
|
+
yield* printHuman("");
|
|
27647
|
+
}
|
|
27648
|
+
const resolved = yield* resolvePushKeyInput(api, args);
|
|
27649
|
+
yield* printHuman("Uploading APNs auth key...");
|
|
27650
|
+
const credential = yield* uploadCredential(api, {
|
|
27651
|
+
platform: "ios",
|
|
27652
|
+
type: "push-key",
|
|
27653
|
+
name: resolved.name,
|
|
27654
|
+
filePath: resolved.p8Path,
|
|
27655
|
+
keyId: resolved.keyId,
|
|
27656
|
+
appleTeamIdentifier: resolved.appleTeamIdentifier
|
|
27657
|
+
});
|
|
27658
|
+
yield* printHuman("APNs push key registered.");
|
|
27659
|
+
yield* printHumanKeyValue([
|
|
27660
|
+
["ID", credential.id],
|
|
27661
|
+
["Key ID", resolved.keyId],
|
|
27662
|
+
["Apple team", resolved.appleTeamIdentifier]
|
|
27663
|
+
]);
|
|
27664
|
+
return credential;
|
|
27665
|
+
});
|
|
27666
|
+
const pushKeyCommand$1 = defineCommand({
|
|
27667
|
+
meta: {
|
|
27668
|
+
name: "push-key",
|
|
27669
|
+
description: "Create an APNs auth key (.p8) by logging in with your Apple ID, or upload one you downloaded; the key is end-to-end encrypted before upload"
|
|
27670
|
+
},
|
|
27671
|
+
args: {
|
|
27672
|
+
method: {
|
|
27673
|
+
type: "enum",
|
|
27674
|
+
options: ["apple-id", "upload"],
|
|
27675
|
+
description: "How to obtain the key: 'apple-id' (create via login) or 'upload' (provide --p8)"
|
|
27676
|
+
},
|
|
27677
|
+
"key-id": {
|
|
27678
|
+
type: "string",
|
|
27679
|
+
description: "APNs key ID — upload only (10 uppercase alphanumeric)"
|
|
27680
|
+
},
|
|
27681
|
+
"apple-team-id": {
|
|
27682
|
+
type: "string",
|
|
27683
|
+
description: "Apple Team identifier — upload only"
|
|
27684
|
+
},
|
|
27685
|
+
p8: {
|
|
27686
|
+
type: "string",
|
|
27687
|
+
description: "Path to the AuthKey_XXXXXXXXXX.p8 file (forces upload)"
|
|
27688
|
+
},
|
|
27689
|
+
"asc-key-id": {
|
|
27690
|
+
type: "string",
|
|
27691
|
+
description: "ASC API key ID to derive --apple-team-id automatically (upload only)"
|
|
27692
|
+
},
|
|
27693
|
+
name: {
|
|
27694
|
+
type: "string",
|
|
27695
|
+
description: "Display name (Apple ID: key name; upload: defaults to key ID)"
|
|
27696
|
+
},
|
|
27697
|
+
"skip-portal-hint": {
|
|
27698
|
+
type: "boolean",
|
|
27699
|
+
description: "Skip the Apple Developer portal URL hint (upload only)"
|
|
27700
|
+
}
|
|
27701
|
+
},
|
|
27702
|
+
run: async ({ args }) => runEffect(Effect.gen(function* () {
|
|
27703
|
+
const api = yield* apiClient;
|
|
27704
|
+
if ((yield* resolvePushKeyMethod(args)) === "upload") return yield* uploadPushKeyFromFile(api, args);
|
|
27705
|
+
yield* printHuman("Creating an APNs auth key via your Apple ID...");
|
|
27706
|
+
const created = yield* createApnsKeyViaAppleId(api, args.name ?? defaultApnsKeyName());
|
|
27707
|
+
yield* printHuman("APNs push key created and registered.");
|
|
27708
|
+
yield* printHumanKeyValue([
|
|
27709
|
+
["ID", created.id],
|
|
27710
|
+
["Key ID", created.keyId],
|
|
27711
|
+
["Apple team", created.appleTeamIdentifier],
|
|
27712
|
+
["Name", created.name]
|
|
27713
|
+
]);
|
|
27714
|
+
return created;
|
|
27715
|
+
}), {
|
|
27716
|
+
exits: PUSH_KEY_EXIT_EXTRAS,
|
|
27717
|
+
json: "value"
|
|
27718
|
+
})
|
|
27719
|
+
});
|
|
27720
|
+
|
|
28196
27721
|
//#endregion
|
|
28197
27722
|
//#region src/commands/credentials/generate.ts
|
|
28198
27723
|
const GENERATE_EXIT_EXTRAS = {
|
|
@@ -28401,90 +27926,6 @@ const parseDeviceIds = (raw) => {
|
|
|
28401
27926
|
const ids = raw.split(",").map((id) => id.trim()).filter((id) => id.length > 0);
|
|
28402
27927
|
return ids.length === 0 ? void 0 : ids;
|
|
28403
27928
|
};
|
|
28404
|
-
const APPLE_PUSH_KEY_PORTAL_URL = "https://developer.apple.com/account/resources/authkeys/list";
|
|
28405
|
-
const KEY_ID_PATTERN = /^[A-Z0-9]{10}$/u;
|
|
28406
|
-
const APPLE_TEAM_ID_PATTERN = /^[A-Z0-9]{10}$/u;
|
|
28407
|
-
const resolveAppleTeamFromAscKey = (api, ascApiKeyId) => Effect.gen(function* () {
|
|
28408
|
-
if (ascApiKeyId === void 0) return;
|
|
28409
|
-
const teamId = (yield* api.ascApiKeys.list()).items.find((entry) => entry.id === ascApiKeyId)?.appleTeamId;
|
|
28410
|
-
return typeof teamId === "string" ? teamId : void 0;
|
|
28411
|
-
});
|
|
28412
|
-
const validateKeyId = (value) => KEY_ID_PATTERN.test(value) ? Effect.succeed(value) : Effect.fail(new CredentialValidationError({ message: `Push key ID "${value}" must be 10 uppercase alphanumeric characters.` }));
|
|
28413
|
-
const validateAppleTeamId = (value) => APPLE_TEAM_ID_PATTERN.test(value) ? Effect.succeed(value) : Effect.fail(new CredentialValidationError({ message: `Apple Team ID "${value}" must be 10 uppercase alphanumeric characters.` }));
|
|
28414
|
-
const pushKeyCommand = defineCommand({
|
|
28415
|
-
meta: {
|
|
28416
|
-
name: "push-key",
|
|
28417
|
-
description: "Register an APNs auth key (.p8) — guides you through creating one in the Apple Developer portal, then uploads it"
|
|
28418
|
-
},
|
|
28419
|
-
args: {
|
|
28420
|
-
"key-id": {
|
|
28421
|
-
type: "string",
|
|
28422
|
-
description: "APNs key ID (10 uppercase alphanumeric)"
|
|
28423
|
-
},
|
|
28424
|
-
"apple-team-id": {
|
|
28425
|
-
type: "string",
|
|
28426
|
-
description: "Apple Team identifier"
|
|
28427
|
-
},
|
|
28428
|
-
p8: {
|
|
28429
|
-
type: "string",
|
|
28430
|
-
description: "Path to the AuthKey_XXXXXXXXXX.p8 file"
|
|
28431
|
-
},
|
|
28432
|
-
"asc-key-id": {
|
|
28433
|
-
type: "string",
|
|
28434
|
-
description: "ASC API key ID to derive --apple-team-id automatically"
|
|
28435
|
-
},
|
|
28436
|
-
name: {
|
|
28437
|
-
type: "string",
|
|
28438
|
-
description: "Display name (defaults to the key ID)"
|
|
28439
|
-
},
|
|
28440
|
-
"skip-portal-hint": {
|
|
28441
|
-
type: "boolean",
|
|
28442
|
-
description: "Skip the Apple Developer portal URL hint (already created the key)"
|
|
28443
|
-
}
|
|
28444
|
-
},
|
|
28445
|
-
run: async ({ args }) => runEffect(Effect.gen(function* () {
|
|
28446
|
-
const api = yield* apiClient;
|
|
28447
|
-
if (args["skip-portal-hint"] !== true) {
|
|
28448
|
-
yield* printHuman("Apple does not expose APNs key creation via the public ASC API.");
|
|
28449
|
-
yield* printHuman("Create the key here, download the .p8, then come back:");
|
|
28450
|
-
yield* printHuman(` ${APPLE_PUSH_KEY_PORTAL_URL}`);
|
|
28451
|
-
yield* printHuman("");
|
|
28452
|
-
}
|
|
28453
|
-
const resolved = yield* resolvePushKeyInput(api, args);
|
|
28454
|
-
yield* printHuman("Uploading APNs auth key...");
|
|
28455
|
-
const credential = yield* uploadCredential(api, {
|
|
28456
|
-
platform: "ios",
|
|
28457
|
-
type: "push-key",
|
|
28458
|
-
name: resolved.name,
|
|
28459
|
-
filePath: resolved.p8Path,
|
|
28460
|
-
keyId: resolved.keyId,
|
|
28461
|
-
appleTeamIdentifier: resolved.appleTeamIdentifier
|
|
28462
|
-
});
|
|
28463
|
-
yield* printHuman("APNs push key registered.");
|
|
28464
|
-
yield* printHumanKeyValue([
|
|
28465
|
-
["ID", credential.id],
|
|
28466
|
-
["Key ID", resolved.keyId],
|
|
28467
|
-
["Apple team", resolved.appleTeamIdentifier]
|
|
28468
|
-
]);
|
|
28469
|
-
return credential;
|
|
28470
|
-
}), {
|
|
28471
|
-
exits: GENERATE_EXIT_EXTRAS,
|
|
28472
|
-
json: "value"
|
|
28473
|
-
})
|
|
28474
|
-
});
|
|
28475
|
-
const resolvePushKeyInput = (api, args) => Effect.gen(function* () {
|
|
28476
|
-
const derivedTeamId = yield* resolveAppleTeamFromAscKey(api, args["asc-key-id"]);
|
|
28477
|
-
const keyId = yield* validateKeyId((args["key-id"] ?? (yield* promptText("APNs key ID (10 uppercase alphanumeric)"))).trim().toUpperCase());
|
|
28478
|
-
const appleTeamIdentifier = yield* validateAppleTeamId((args["apple-team-id"] ?? derivedTeamId ?? (yield* promptText("Apple Team identifier (10 uppercase alphanumeric)"))).trim().toUpperCase());
|
|
28479
|
-
const p8Path = args.p8 ?? (yield* promptText("Path to the AuthKey_XXXXXXXXXX.p8 file you downloaded"));
|
|
28480
|
-
if (p8Path.trim().length === 0) return yield* new CredentialValidationError({ message: "Missing --p8 path" });
|
|
28481
|
-
return {
|
|
28482
|
-
keyId,
|
|
28483
|
-
appleTeamIdentifier,
|
|
28484
|
-
p8Path,
|
|
28485
|
-
name: args.name ?? keyId
|
|
28486
|
-
};
|
|
28487
|
-
});
|
|
28488
27929
|
const GSA_FIREBASE_URL = "https://console.firebase.google.com/project/_/settings/serviceaccounts/adminsdk";
|
|
28489
27930
|
const GSA_GCP_URL = "https://console.cloud.google.com/iam-admin/serviceaccounts";
|
|
28490
27931
|
const gsaKeyCommand = defineCommand({
|
|
@@ -28551,7 +27992,7 @@ const generateCommand$1 = defineCommand({
|
|
|
28551
27992
|
keystore: keystoreCommand,
|
|
28552
27993
|
"distribution-certificate": distributionCertificateCommand$1,
|
|
28553
27994
|
"provisioning-profile": provisioningProfileCommand,
|
|
28554
|
-
"push-key": pushKeyCommand,
|
|
27995
|
+
"push-key": pushKeyCommand$1,
|
|
28555
27996
|
"gsa-key": gsaKeyCommand
|
|
28556
27997
|
}
|
|
28557
27998
|
});
|
|
@@ -28956,7 +28397,10 @@ const resolveType = (raw, available) => Effect.gen(function* () {
|
|
|
28956
28397
|
//#region src/commands/credentials/revoke.ts
|
|
28957
28398
|
const REVOKE_EXIT_EXTRAS = {
|
|
28958
28399
|
CredentialValidationError: 2,
|
|
28959
|
-
GenerateFailedError: 6
|
|
28400
|
+
GenerateFailedError: 6,
|
|
28401
|
+
AppleIdGenerateFailedError: 6,
|
|
28402
|
+
AppleAuthError: 4,
|
|
28403
|
+
InteractiveProhibitedError: 4
|
|
28960
28404
|
};
|
|
28961
28405
|
const resolveAscKeyId = (api, raw) => Effect.gen(function* () {
|
|
28962
28406
|
if (raw !== void 0 && raw.length > 0) return raw;
|
|
@@ -29011,12 +28455,74 @@ const distributionCertificateCommand = defineCommand({
|
|
|
29011
28455
|
json: "value"
|
|
29012
28456
|
})
|
|
29013
28457
|
});
|
|
28458
|
+
const resolvePushKeyTarget = (api, idArg) => Effect.gen(function* () {
|
|
28459
|
+
const { items } = yield* api.applePushKeys.list();
|
|
28460
|
+
if (items.length === 0) return yield* new CredentialValidationError({ message: "No APNs push keys stored. Nothing to revoke." });
|
|
28461
|
+
if (idArg !== void 0 && idArg.length > 0) {
|
|
28462
|
+
const match = items.find((entry) => entry.id === idArg);
|
|
28463
|
+
if (match === void 0) return yield* new CredentialValidationError({ message: `Push key ${idArg} not found.` });
|
|
28464
|
+
return match;
|
|
28465
|
+
}
|
|
28466
|
+
if (items.length === 1) {
|
|
28467
|
+
const [only] = items;
|
|
28468
|
+
if (only !== void 0) return only;
|
|
28469
|
+
}
|
|
28470
|
+
const chosen = yield* promptSelect("Select a push key to revoke", items.map((entry) => ({
|
|
28471
|
+
value: entry.id,
|
|
28472
|
+
label: `${entry.keyId} (team ${entry.appleTeamId})`
|
|
28473
|
+
})));
|
|
28474
|
+
const match = items.find((entry) => entry.id === chosen);
|
|
28475
|
+
if (match === void 0) return yield* new CredentialValidationError({ message: `Selected push key ${chosen} not found after listing.` });
|
|
28476
|
+
return match;
|
|
28477
|
+
});
|
|
28478
|
+
const pushKeyCommand = defineCommand({
|
|
28479
|
+
meta: {
|
|
28480
|
+
name: "push-key",
|
|
28481
|
+
description: "Revoke an APNs auth key on the Apple Developer Portal (via Apple ID login) and delete it from this account"
|
|
28482
|
+
},
|
|
28483
|
+
args: {
|
|
28484
|
+
id: {
|
|
28485
|
+
type: "string",
|
|
28486
|
+
description: "Local push key ID (prompts if omitted)"
|
|
28487
|
+
},
|
|
28488
|
+
"keep-local": {
|
|
28489
|
+
type: "boolean",
|
|
28490
|
+
description: "Revoke on Apple but keep the credential in this account"
|
|
28491
|
+
}
|
|
28492
|
+
},
|
|
28493
|
+
run: async ({ args }) => runEffect(Effect.gen(function* () {
|
|
28494
|
+
const api = yield* apiClient;
|
|
28495
|
+
const target = yield* resolvePushKeyTarget(api, args.id);
|
|
28496
|
+
const auth = yield* AppleAuth;
|
|
28497
|
+
const session = yield* auth.ensureLoggedIn();
|
|
28498
|
+
const result = yield* revokeLocalApnsKey(api, {
|
|
28499
|
+
context: auth.buildRequestContext(session),
|
|
28500
|
+
pushKeyId: target.id,
|
|
28501
|
+
keyId: target.keyId,
|
|
28502
|
+
keepLocal: args["keep-local"] ?? false
|
|
28503
|
+
});
|
|
28504
|
+
yield* printHuman("APNs push key revoke complete.");
|
|
28505
|
+
yield* printHumanKeyValue([
|
|
28506
|
+
["Local ID", result.localId],
|
|
28507
|
+
["Key ID", result.keyId],
|
|
28508
|
+
["Revoked on Apple", result.revokedOnApple ? "yes" : "no (not present on portal)"],
|
|
28509
|
+
["Deleted locally", result.deletedLocally ? "yes" : "no (--keep-local)"]
|
|
28510
|
+
]);
|
|
28511
|
+
return result;
|
|
28512
|
+
}), {
|
|
28513
|
+
exits: REVOKE_EXIT_EXTRAS,
|
|
28514
|
+
json: "value"
|
|
28515
|
+
})
|
|
28516
|
+
});
|
|
29014
28517
|
const revokeCommand = defineCommand({
|
|
29015
28518
|
meta: {
|
|
29016
28519
|
name: "revoke",
|
|
29017
28520
|
description: "Revoke credentials on the upstream provider"
|
|
29018
28521
|
},
|
|
29019
|
-
subCommands: {
|
|
28522
|
+
subCommands: {
|
|
28523
|
+
"distribution-certificate": distributionCertificateCommand,
|
|
28524
|
+
"push-key": pushKeyCommand
|
|
28525
|
+
}
|
|
29020
28526
|
});
|
|
29021
28527
|
|
|
29022
28528
|
//#endregion
|