@cj-tech-master/excelts 9.1.0 → 9.2.0

package/dist/cjs/{modules/pdf/core/crypto.js → utils/crypto.browser.js}

@@ -1,16 +1,15 @@
 "use strict";
 /**
- * Shared cryptographic primitives for PDF encryption/decryption.
+ * Cryptographic primitives — Browser version.
  *
- * Zero-dependency, pure JavaScript implementations of:
- * - AES (128/256-bit) CBC encrypt and decrypt
- * - SHA-256
- * - MD5
- * - RC4 (for reading legacy PDFs only)
+ * Uses pure JavaScript for synchronous operations (SHA-256, MD5, AES-CBC, RC4)
+ * since Web Crypto API is async-only and cannot replace synchronous call sites.
  *
- * @see FIPS 197 — AES
- * @see FIPS 180-4 — SHA-256
- * @see RFC 1321 — MD5
+ * Uses Web Crypto API for:
+ * - `randomBytes` (crypto.getRandomValues — truly random)
+ * - `rsaVerify` / `rsaSign` (SubtleCrypto — hardware-accelerated)
+ *
+ * Exports the same API as `crypto.ts` (Node.js version).
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.aesCbcEncrypt = aesCbcEncrypt;
@@ -22,11 +21,13 @@ exports.sha256 = sha256;
 exports.md5 = md5;
 exports.rc4 = rc4;
 exports.randomBytes = randomBytes;
-exports.concatArrays = concatArrays;
+exports.hashAsync = hashAsync;
+exports.hash = hash;
+exports.rsaVerify = rsaVerify;
+exports.rsaSign = rsaSign;
 // =============================================================================
 // AES S-Box & Constants
 // =============================================================================
-/** AES S-Box */
 const SBOX = new Uint8Array([
     0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
     0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
@@ -45,23 +46,19 @@ const SBOX = new Uint8Array([
     0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
     0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
 ]);
-/** Inverse S-Box for decryption */
 const INV_SBOX = new Uint8Array(256);
 /* @__PURE__ */ (() => {
     for (let i = 0; i < 256; i++) {
         INV_SBOX[SBOX[i]] = i;
     }
 })();
-/** AES round constants */
 const RCON = [0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36];
 // =============================================================================
 // AES Helpers
 // =============================================================================
-/** GF(2^8) multiplication by 2 */
 function gf2(a) {
     return a < 128 ? a << 1 : (a << 1) ^ 0x11b;
 }
-/** GF(2^8) multiplication */
 function gfMul(a, b) {
     let result = 0;
     let aa = a;
@@ -75,9 +72,6 @@ function gfMul(a, b) {
     }
     return result;
 }
-/**
- * AES key expansion. Supports AES-128 (16-byte key) and AES-256 (32-byte key).
- */
 function aesKeyExpansion(key) {
     const nk = key.length / 4;
     const nr = nk + 6;
@@ -109,50 +103,38 @@ function aesKeyExpansion(key) {
     return w;
 }
 // =============================================================================
-// AES Encrypt Block
+// AES Block Encrypt / Decrypt
 // =============================================================================
-/**
- * Encrypt a single AES block (16 bytes).
- * State layout: column-major per FIPS 197 §3.4.
- */
 function aesEncryptBlock(block, roundKeys) {
     const nr = roundKeys.length / 4 - 1;
     const state = new Uint8Array(16);
     state.set(block);
-    // Initial AddRoundKey
     for (let c = 0; c < 4; c++) {
         for (let r = 0; r < 4; r++) {
             state[4 * c + r] ^= roundKeys[c][r];
         }
     }
-    // Rounds 1 to nr-1
     for (let round = 1; round < nr; round++) {
-        // SubBytes
         for (let i = 0; i < 16; i++) {
             state[i] = SBOX[state[i]];
         }
-        // ShiftRows: row r shifts left by r
         let tmp;
-        // Row 1: shift left by 1
         tmp = state[1];
         state[1] = state[5];
         state[5] = state[9];
         state[9] = state[13];
         state[13] = tmp;
-        // Row 2: shift left by 2
         tmp = state[2];
         state[2] = state[10];
         state[10] = tmp;
         tmp = state[6];
         state[6] = state[14];
         state[14] = tmp;
-        // Row 3: shift left by 3
         tmp = state[15];
         state[15] = state[11];
         state[11] = state[7];
         state[7] = state[3];
         state[3] = tmp;
-        // MixColumns
         for (let c = 0; c < 4; c++) {
             const s0 = state[4 * c];
             const s1 = state[4 * c + 1];
@@ -163,7 +145,6 @@ function aesEncryptBlock(block, roundKeys) {
             state[4 * c + 2] = s0 ^ s1 ^ gf2(s2) ^ gf2(s3) ^ s3;
             state[4 * c + 3] = gf2(s0) ^ s0 ^ s1 ^ s2 ^ gf2(s3);
         }
-        // AddRoundKey
         const keyOffset = round * 4;
         for (let c = 0; c < 4; c++) {
             for (let r = 0; r < 4; r++) {
@@ -171,7 +152,6 @@ function aesEncryptBlock(block, roundKeys) {
             }
         }
     }
-    // Final round (no MixColumns)
     for (let i = 0; i < 16; i++) {
         state[i] = SBOX[state[i]];
     }
@@ -199,25 +179,16 @@ function aesEncryptBlock(block, roundKeys) {
     }
     return state;
 }
-// =============================================================================
-// AES Decrypt Block
-// =============================================================================
-/**
- * Decrypt a single AES block (16 bytes).
- */
 function aesDecryptBlock(block, roundKeys) {
     const nr = roundKeys.length / 4 - 1;
     const state = new Uint8Array(16);
     state.set(block);
-    // Initial AddRoundKey
     for (let c = 0; c < 4; c++) {
         for (let r = 0; r < 4; r++) {
             state[4 * c + r] ^= roundKeys[nr * 4 + c][r];
         }
     }
-    // Rounds nr-1 down to 1
     for (let round = nr - 1; round >= 1; round--) {
-        // InvShiftRows
         let tmp;
         tmp = state[13];
         state[13] = state[9];
@@ -235,18 +206,15 @@ function aesDecryptBlock(block, roundKeys) {
         state[7] = state[11];
         state[11] = state[15];
         state[15] = tmp;
-        // InvSubBytes
         for (let i = 0; i < 16; i++) {
             state[i] = INV_SBOX[state[i]];
         }
-        // AddRoundKey
         const keyOffset = round * 4;
         for (let c = 0; c < 4; c++) {
             for (let r = 0; r < 4; r++) {
                 state[4 * c + r] ^= roundKeys[keyOffset + c][r];
             }
         }
-        // InvMixColumns
         for (let c = 0; c < 4; c++) {
             const s0 = state[4 * c];
             const s1 = state[4 * c + 1];
@@ -258,7 +226,6 @@ function aesDecryptBlock(block, roundKeys) {
             state[4 * c + 3] = gfMul(s0, 11) ^ gfMul(s1, 13) ^ gfMul(s2, 9) ^ gfMul(s3, 14);
         }
     }
-    // Final round (no InvMixColumns)
     let tmp2;
     tmp2 = state[13];
     state[13] = state[9];
@@ -289,12 +256,7 @@ function aesDecryptBlock(block, roundKeys) {
 // =============================================================================
 // AES-CBC Public API
 // =============================================================================
-/**
- * AES-CBC encryption with PKCS#7 padding.
- * Supports AES-128 (16-byte key) and AES-256 (32-byte key).
- */
 function aesCbcEncrypt(plaintext, key, iv) {
-    // PKCS#7 padding
     const padLen = 16 - (plaintext.length % 16);
     const padded = new Uint8Array(plaintext.length + padLen);
     padded.set(plaintext);
@@ -306,7 +268,6 @@ function aesCbcEncrypt(plaintext, key, iv) {
     const output = new Uint8Array(padded.length);
     let prevBlock = iv;
     for (let b = 0; b < numBlocks; b++) {
-        // XOR plaintext block with previous ciphertext (or IV)
         const block = new Uint8Array(16);
         for (let i = 0; i < 16; i++) {
             block[i] = padded[b * 16 + i] ^ prevBlock[i];
@@ -317,10 +278,6 @@ function aesCbcEncrypt(plaintext, key, iv) {
     }
     return output;
 }
-/**
- * AES-CBC decryption with PKCS#7 padding removal.
- * Supports AES-128 (16-byte key) and AES-256 (32-byte key).
- */
 function aesCbcDecrypt(ciphertext, key, iv) {
     const roundKeys = aesKeyExpansion(key);
     const numBlocks = ciphertext.length / 16;
@@ -334,7 +291,6 @@ function aesCbcDecrypt(ciphertext, key, iv) {
         }
         prevBlock = block;
     }
-    // Remove PKCS#7 padding
     if (output.length > 0) {
         const padLen = output[output.length - 1];
         if (padLen > 0 && padLen <= 16) {
@@ -352,10 +308,6 @@ function aesCbcDecrypt(ciphertext, key, iv) {
     }
     return output;
 }
-/**
- * AES-CBC decryption WITHOUT PKCS#7 padding removal.
- * Used for key derivation in V=5 where the output length is known.
- */
 function aesCbcDecryptRaw(ciphertext, key, iv) {
     const roundKeys = aesKeyExpansion(key);
     const numBlocks = ciphertext.length / 16;
@@ -371,13 +323,6 @@ function aesCbcDecryptRaw(ciphertext, key, iv) {
     }
     return output;
 }
-/**
- * AES-CBC encryption WITHOUT PKCS#7 padding.
- * Used when the plaintext is already block-aligned (e.g., encrypting
- * the 32-byte file encryption key in V=5).
- *
- * @throws if plaintext length is not a multiple of 16.
- */
 function aesCbcEncryptRaw(plaintext, key, iv) {
     if (plaintext.length % 16 !== 0) {
         throw new Error("aesCbcEncryptRaw: plaintext length must be a multiple of 16");
@@ -397,10 +342,6 @@ function aesCbcEncryptRaw(plaintext, key, iv) {
     }
     return output;
 }
-/**
- * AES-ECB encryption of a single 16-byte block (no padding, no IV).
- * Used for the /Perms value in V=5 encryption.
- */
 function aesEcbEncrypt(block, key) {
     const roundKeys = aesKeyExpansion(key);
     return aesEncryptBlock(block, roundKeys);
@@ -408,11 +349,9 @@ function aesEcbEncrypt(block, key) {
 // =============================================================================
 // SHA-256
 // =============================================================================
-/** SHA-256 initial hash values */
 const SHA256_H = new Uint32Array([
     0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
 ]);
-/** SHA-256 round constants */
 const SHA256_K = new Uint32Array([
     0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
     0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
@@ -426,10 +365,6 @@ const SHA256_K = new Uint32Array([
 function rotr32(x, n) {
     return ((x >>> n) | (x << (32 - n))) >>> 0;
 }
-/**
- * SHA-256 hash function.
- * @returns 32-byte digest
- */
 function sha256(input) {
     const msgLen = input.length;
     const paddedLen = Math.ceil((msgLen + 9) / 64) * 64;
@@ -504,7 +439,7 @@ function sha256(input) {
     return result;
 }
 // =============================================================================
-// MD5 (for legacy PDF reading)
+// MD5
 // =============================================================================
 function rotl(x, n) {
     return ((x << n) | (x >>> (32 - n))) >>> 0;
@@ -524,10 +459,6 @@ const MD5_K = new Uint32Array([
     0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039, 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
     0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1, 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391
 ]);
-/**
- * MD5 hash function (RFC 1321).
- * @returns 16-byte digest
- */
 function md5(input) {
     const msgLen = input.length;
     const bitLen = msgLen * 8;
@@ -590,11 +521,11 @@ function md5(input) {
     return digest;
 }
 // =============================================================================
-// RC4 (for legacy PDF reading only)
+// RC4 (legacy)
 // =============================================================================
 /**
  * RC4 stream cipher.
- * @deprecated Only used for reading legacy encrypted PDFs. Writer uses AES-256.
+ * @deprecated Only used for reading legacy encrypted PDFs.
  */
 function rc4(key, data) {
     const s = new Uint8Array(256);
@@ -618,32 +549,94 @@ function rc4(key, data) {
     return result;
 }
 // =============================================================================
-// Random bytes (for IV generation)
+// Random bytes
 // =============================================================================
 /**
- * Generate pseudo-random bytes.
- * Uses Math.random — adequate for PDF IVs but not cryptographically secure.
+ * Generate cryptographically secure random bytes.
+ * Uses crypto.getRandomValues (available in all modern browsers).
  */
 function randomBytes(length) {
     const bytes = new Uint8Array(length);
-    for (let i = 0; i < length; i++) {
-        bytes[i] = (Math.random() * 256) | 0;
-    }
+    globalThis.crypto.getRandomValues(bytes);
     return bytes;
 }
+// =============================================================================
+// Generic hash (async in browser — Web Crypto API)
+// =============================================================================
+/**
+ * Compute a hash digest using Web Crypto API.
+ *
+ * NOTE: In the browser, this is async. The Node.js version is sync.
+ * For callers that need sync hashing, use `sha256()` or `md5()` directly.
+ *
+ * @param algorithm - Hash algorithm name (e.g., "SHA-256", "SHA-512", "SHA-1").
+ * @param data - Data to hash
+ * @returns The digest bytes
+ */
+async function hashAsync(algorithm, data) {
+    const buf = await globalThis.crypto.subtle.digest(normalizeAlgorithmForWebCrypto(algorithm), data.buffer.slice(data.byteOffset, data.byteOffset + data.byteLength));
+    return new Uint8Array(buf);
+}
+/**
+ * Normalize a hash algorithm name to the format Web Crypto API expects.
+ * Accepts: "sha256", "SHA-256", "sha-256", "SHA256" → "SHA-256"
+ */
+function normalizeAlgorithmForWebCrypto(algorithm) {
+    const lower = algorithm.toLowerCase().replace(/-/g, "");
+    switch (lower) {
+        case "sha1":
+            return "SHA-1";
+        case "sha256":
+            return "SHA-256";
+        case "sha384":
+            return "SHA-384";
+        case "sha512":
+            return "SHA-512";
+        default:
+            // Pass through for any other algorithm — let Web Crypto validate
+            return algorithm;
+    }
+}
 /**
- * Concatenate multiple Uint8Arrays.
+ * Compute a hash digest synchronously (pure JS — SHA-256 and MD5 only).
+ *
+ * @param algorithm - "SHA-256" or "MD5" (case-insensitive, hyphens optional)
+ * @param data - Data to hash
+ * @returns The digest bytes
+ * @throws If algorithm is not SHA-256 or MD5
  */
-function concatArrays(...arrays) {
-    let totalLen = 0;
-    for (const arr of arrays) {
-        totalLen += arr.length;
+function hash(algorithm, data) {
+    const algo = algorithm.toLowerCase().replace(/-/g, "");
+    if (algo === "sha256") {
+        return sha256(data);
     }
-    const result = new Uint8Array(totalLen);
-    let offset = 0;
-    for (const arr of arrays) {
-        result.set(arr, offset);
-        offset += arr.length;
+    if (algo === "md5") {
+        return md5(data);
     }
-    return result;
+    throw new Error(`hash: unsupported algorithm "${algorithm}" in browser sync mode. Use hashAsync() for other algorithms.`);
+}
+// =============================================================================
+// RSA signature operations (async — Web Crypto API)
+// =============================================================================
+/**
+ * Verify an RSA PKCS#1 v1.5 signature.
+ *
+ * @param publicKeyDer - DER-encoded SubjectPublicKeyInfo
+ * @param signature - The signature bytes
+ * @param data - The signed data (will be hashed with SHA-256)
+ */
+async function rsaVerify(publicKeyDer, signature, data) {
+    const key = await globalThis.crypto.subtle.importKey("spki", publicKeyDer.buffer.slice(publicKeyDer.byteOffset, publicKeyDer.byteOffset + publicKeyDer.byteLength), { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, false, ["verify"]);
+    return globalThis.crypto.subtle.verify("RSASSA-PKCS1-v1_5", key, signature.buffer.slice(signature.byteOffset, signature.byteOffset + signature.byteLength), data.buffer.slice(data.byteOffset, data.byteOffset + data.byteLength));
+}
+/**
+ * Create an RSA PKCS#1 v1.5 signature.
+ *
+ * @param privateKeyDer - DER-encoded PKCS#8 private key
+ * @param data - The data to sign (will be hashed with SHA-256)
+ */
+async function rsaSign(privateKeyDer, data) {
+    const key = await globalThis.crypto.subtle.importKey("pkcs8", privateKeyDer.buffer.slice(privateKeyDer.byteOffset, privateKeyDer.byteOffset + privateKeyDer.byteLength), { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, false, ["sign"]);
+    const sig = await globalThis.crypto.subtle.sign("RSASSA-PKCS1-v1_5", key, data.buffer.slice(data.byteOffset, data.byteOffset + data.byteLength));
+    return new Uint8Array(sig);
 }

package/dist/cjs/utils/crypto.js

@@ -0,0 +1,228 @@
+"use strict";
+/**
+ * Cryptographic primitives — Node.js version.
+ *
+ * Uses `node:crypto` for maximum performance where possible.
+ * Pure JS fallbacks for operations where `node:crypto` would be inconvenient
+ * (e.g., AES-CBC with specific PDF padding semantics).
+ *
+ * The browser counterpart (`crypto.browser.ts`) provides the same API using
+ * pure JS implementations for synchronous ops and Web Crypto for async ops.
+ *
+ * Shared by: PDF (encryption/decryption), Archive (via re-export if needed),
+ * and digital signature infrastructure.
+ *
+ * @see FIPS 197 — AES
+ * @see FIPS 180-4 — SHA-256
+ * @see RFC 1321 — MD5
+ * @see RFC 2104 — HMAC
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sha256 = sha256;
+exports.hmacSha256 = hmacSha256;
+exports.md5 = md5;
+exports.aesCbcEncrypt = aesCbcEncrypt;
+exports.aesCbcDecrypt = aesCbcDecrypt;
+exports.aesCbcDecryptRaw = aesCbcDecryptRaw;
+exports.aesCbcEncryptRaw = aesCbcEncryptRaw;
+exports.aesEcbEncrypt = aesEcbEncrypt;
+exports.rc4 = rc4;
+exports.randomBytes = randomBytes;
+exports.hash = hash;
+exports.hashAsync = hashAsync;
+exports.rsaVerify = rsaVerify;
+exports.rsaSign = rsaSign;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+// =============================================================================
+// SHA-256
+// =============================================================================
+/**
+ * SHA-256 hash function.
+ * @returns 32-byte digest
+ */
+function sha256(input) {
+    return new Uint8Array(node_crypto_1.default.createHash("sha256").update(input).digest());
+}
+// =============================================================================
+// Generic hash
+// =============================================================================
+/**
+ * HMAC-SHA256 (RFC 2104).
+ * @returns 32-byte MAC
+ */
+function hmacSha256(key, message) {
+    return new Uint8Array(node_crypto_1.default.createHmac("sha256", key).update(message).digest());
+}
+// =============================================================================
+// MD5
+// =============================================================================
+/**
+ * MD5 hash function (RFC 1321).
+ * @returns 16-byte digest
+ */
+function md5(input) {
+    return new Uint8Array(node_crypto_1.default.createHash("md5").update(input).digest());
+}
+// =============================================================================
+// AES-CBC
+// =============================================================================
+/**
+ * AES-CBC encryption with PKCS#7 padding.
+ * Supports AES-128 (16-byte key) and AES-256 (32-byte key).
+ */
+function aesCbcEncrypt(plaintext, key, iv) {
+    const algo = key.length === 16 ? "aes-128-cbc" : "aes-256-cbc";
+    const cipher = node_crypto_1.default.createCipheriv(algo, key, iv);
+    return new Uint8Array(Buffer.concat([cipher.update(plaintext), cipher.final()]));
+}
+/**
+ * AES-CBC decryption with PKCS#7 padding removal.
+ * Supports AES-128 (16-byte key) and AES-256 (32-byte key).
+ */
+function aesCbcDecrypt(ciphertext, key, iv) {
+    const algo = key.length === 16 ? "aes-128-cbc" : "aes-256-cbc";
+    const decipher = node_crypto_1.default.createDecipheriv(algo, key, iv);
+    try {
+        return new Uint8Array(Buffer.concat([decipher.update(ciphertext), decipher.final()]));
+    }
+    catch {
+        // Invalid padding — return raw decrypted data without padding removal
+        // (matches pure JS behavior for NIST test vectors and PDF key derivation)
+        const decipher2 = node_crypto_1.default.createDecipheriv(algo, key, iv);
+        decipher2.setAutoPadding(false);
+        return new Uint8Array(Buffer.concat([decipher2.update(ciphertext), decipher2.final()]));
+    }
+}
+/**
+ * AES-CBC decryption WITHOUT PKCS#7 padding removal.
+ * Used for key derivation where the output length is known.
+ */
+function aesCbcDecryptRaw(ciphertext, key, iv) {
+    const algo = key.length === 16 ? "aes-128-cbc" : "aes-256-cbc";
+    const decipher = node_crypto_1.default.createDecipheriv(algo, key, iv);
+    decipher.setAutoPadding(false);
+    return new Uint8Array(Buffer.concat([decipher.update(ciphertext), decipher.final()]));
+}
+/**
+ * AES-CBC encryption WITHOUT PKCS#7 padding.
+ * Used when the plaintext is already block-aligned.
+ *
+ * @throws if plaintext length is not a multiple of 16.
+ */
+function aesCbcEncryptRaw(plaintext, key, iv) {
+    if (plaintext.length % 16 !== 0) {
+        throw new Error("aesCbcEncryptRaw: plaintext length must be a multiple of 16");
+    }
+    const algo = key.length === 16 ? "aes-128-cbc" : "aes-256-cbc";
+    const cipher = node_crypto_1.default.createCipheriv(algo, key, iv);
+    cipher.setAutoPadding(false);
+    return new Uint8Array(Buffer.concat([cipher.update(plaintext), cipher.final()]));
+}
+/**
+ * AES-ECB encryption of a single 16-byte block (no padding, no IV).
+ */
+function aesEcbEncrypt(block, key) {
+    const algo = key.length === 16 ? "aes-128-ecb" : "aes-256-ecb";
+    const cipher = node_crypto_1.default.createCipheriv(algo, key, null);
+    cipher.setAutoPadding(false);
+    return new Uint8Array(Buffer.concat([cipher.update(block), cipher.final()]));
+}
+// =============================================================================
+// RC4 (legacy)
+// =============================================================================
+/**
+ * RC4 stream cipher.
+ * @deprecated Only used for reading legacy encrypted PDFs.
+ */
+function rc4(key, data) {
+    // Node's crypto doesn't expose RC4 in modern versions, use pure JS
+    const s = new Uint8Array(256);
+    for (let i = 0; i < 256; i++) {
+        s[i] = i;
+    }
+    let j = 0;
+    for (let i = 0; i < 256; i++) {
+        j = (j + s[i] + key[i % key.length]) & 0xff;
+        [s[i], s[j]] = [s[j], s[i]];
+    }
+    const result = new Uint8Array(data.length);
+    let ii = 0;
+    let jj = 0;
+    for (let k = 0; k < data.length; k++) {
+        ii = (ii + 1) & 0xff;
+        jj = (jj + s[ii]) & 0xff;
+        [s[ii], s[jj]] = [s[jj], s[ii]];
+        result[k] = data[k] ^ s[(s[ii] + s[jj]) & 0xff];
+    }
+    return result;
+}
+// =============================================================================
+// Random bytes
+// =============================================================================
+/**
+ * Generate cryptographically secure random bytes.
+ */
+function randomBytes(length) {
+    return new Uint8Array(node_crypto_1.default.randomBytes(length));
+}
+// =============================================================================
+// Generic hash
+// =============================================================================
+/**
+ * Compute a hash digest using any algorithm supported by the platform.
+ *
+ * @param algorithm - Hash algorithm name (e.g., "SHA-256", "SHA-512", "SHA-1", "MD5").
+ *   Normalized internally: hyphens removed, lowercased.
+ * @param data - Data to hash
+ * @returns The digest bytes
+ */
+function hash(algorithm, data) {
+    const algo = algorithm.toLowerCase().replace(/-/g, "");
+    return new Uint8Array(node_crypto_1.default.createHash(algo).update(data).digest());
+}
+/**
+ * Async version of `hash()` — same behavior, but returns a Promise for API
+ * parity with the browser version.
+ */
+async function hashAsync(algorithm, data) {
+    return hash(algorithm, data);
+}
+// =============================================================================
+// RSA signature operations (async — for digital signatures)
+// =============================================================================
+/**
+ * Verify an RSA PKCS#1 v1.5 signature.
+ *
+ * @param publicKeyDer - DER-encoded SubjectPublicKeyInfo
+ * @param signature - The signature bytes
+ * @param data - The signed data (will be hashed with SHA-256)
+ */
+async function rsaVerify(publicKeyDer, signature, data) {
+    const key = node_crypto_1.default.createPublicKey({
+        key: Buffer.from(publicKeyDer),
+        format: "der",
+        type: "spki"
+    });
+    const verifier = node_crypto_1.default.createVerify("SHA256");
+    verifier.update(data);
+    return verifier.verify(key, signature);
+}
+/**
+ * Create an RSA PKCS#1 v1.5 signature.
+ *
+ * @param privateKeyDer - DER-encoded PKCS#8 private key
+ * @param data - The data to sign (will be hashed with SHA-256)
+ */
+async function rsaSign(privateKeyDer, data) {
+    const key = node_crypto_1.default.createPrivateKey({
+        key: Buffer.from(privateKeyDer),
+        format: "der",
+        type: "pkcs8"
+    });
+    const signer = node_crypto_1.default.createSign("SHA256");
+    signer.update(data);
+    return new Uint8Array(signer.sign(key));
+}

package/dist/esm/modules/archive/compression/crc32.js

@@ -45,7 +45,7 @@ export function ensureZlibSync() {
         return;
     }
     try {
-        // eslint-disable-next-line @typescript-eslint/no-require-imports
+        // oxlint-disable-next-line typescript/no-require-imports
         _zlib = require("zlib");
         _zlibInitStarted = true;
     }