@mtkruto/node 0.171.0 → 0.180.1

package/esm/deps/jsr.io/@std/crypto/1.1.0/_wasm/mod.d.ts

@@ -0,0 +1,13 @@
+export { digest, DigestContext } from "./lib/deno_std_wasm_crypto.js";
+/**
+ * All cryptographic hash/digest algorithms supported by std/crypto.
+ *
+ * For algorithms that are supported by WebCrypto, the name here will match the
+ * one used by WebCrypto. Otherwise we prefer the formatting used in the
+ * algorithm's official specification. All names are uppercase to facilitate
+ * case-insensitive comparisons required by the WebCrypto spec.
+ */
+export declare const DIGEST_ALGORITHM_NAMES: readonly ["BLAKE2B", "BLAKE2B-128", "BLAKE2B-160", "BLAKE2B-224", "BLAKE2B-256", "BLAKE2B-384", "BLAKE2S", "BLAKE3", "KECCAK-224", "KECCAK-256", "KECCAK-384", "KECCAK-512", "SHA-384", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512", "SHAKE128", "SHAKE256", "TIGER", "RIPEMD-160", "SHA-224", "SHA-256", "SHA-512", "MD4", "MD5", "SHA-1", "FNV32", "FNV32A", "FNV64", "FNV64A"];
+/** An algorithm name supported by std/crypto. */
+export type DigestAlgorithmName = typeof DIGEST_ALGORITHM_NAMES[number];
+//# sourceMappingURL=mod.d.ts.map

package/esm/deps/jsr.io/@std/crypto/1.1.0/_wasm/mod.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../../../../src/deps/jsr.io/@std/crypto/1.1.0/_wasm/mod.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAEtE;;;;;;;GAOG;AACH,eAAO,MAAM,sBAAsB,sXAmCzB,CAAC;AAEX,iDAAiD;AACjD,MAAM,MAAM,mBAAmB,GAAG,OAAO,sBAAsB,CAAC,MAAM,CAAC,CAAC"}

package/esm/deps/jsr.io/@std/crypto/1.1.0/_wasm/mod.js

@@ -0,0 +1,46 @@
+// Copyright 2018-2026 the Deno authors. MIT license.
+export { digest, DigestContext } from "./lib/deno_std_wasm_crypto.js";
+/**
+ * All cryptographic hash/digest algorithms supported by std/crypto.
+ *
+ * For algorithms that are supported by WebCrypto, the name here will match the
+ * one used by WebCrypto. Otherwise we prefer the formatting used in the
+ * algorithm's official specification. All names are uppercase to facilitate
+ * case-insensitive comparisons required by the WebCrypto spec.
+ */
+export const DIGEST_ALGORITHM_NAMES = [
+    "BLAKE2B",
+    "BLAKE2B-128",
+    "BLAKE2B-160",
+    "BLAKE2B-224",
+    "BLAKE2B-256",
+    "BLAKE2B-384",
+    "BLAKE2S",
+    "BLAKE3",
+    "KECCAK-224",
+    "KECCAK-256",
+    "KECCAK-384",
+    "KECCAK-512",
+    "SHA-384",
+    "SHA3-224",
+    "SHA3-256",
+    "SHA3-384",
+    "SHA3-512",
+    "SHAKE128",
+    "SHAKE256",
+    "TIGER",
+    // insecure (length-extendable):
+    "RIPEMD-160",
+    "SHA-224",
+    "SHA-256",
+    "SHA-512",
+    // insecure (length-extendable and collidable):
+    "MD4",
+    "MD5",
+    "SHA-1",
+    // insecure (non-cryptographic)
+    "FNV32",
+    "FNV32A",
+    "FNV64",
+    "FNV64A",
+];

package/esm/deps/jsr.io/@std/crypto/1.1.0/aes_gcm.d.ts

@@ -0,0 +1,76 @@
+import * as dntShim from "../../../../../_dnt.shims.js";
+import type { Uint8Array_ } from "./_types.js";
+export type { Uint8Array_ };
+/** Options for {@linkcode encryptAesGcm} and {@linkcode decryptAesGcm}. */
+export interface AesGcmOptions {
+    /** Additional authenticated data. Authenticated but not encrypted. */
+    additionalData?: dntShim.BufferSource;
+}
+/**
+ * Encrypts plaintext using AES-GCM with a random 96-bit nonce.
+ *
+ * Returns `nonce (12 bytes) || ciphertext || tag (16 bytes)`.
+ *
+ * @example Usage
+ * ```ts
+ * import { encryptAesGcm } from "@std/crypto/aes-gcm";
+ * import { assertNotEquals } from "@std/assert";
+ *
+ * const key = await crypto.subtle.generateKey(
+ *   { name: "AES-GCM", length: 256 },
+ *   false,
+ *   ["encrypt", "decrypt"],
+ * );
+ *
+ * const encrypted = await encryptAesGcm(
+ *   key,
+ *   new TextEncoder().encode("hello world"),
+ * );
+ *
+ * assertNotEquals(encrypted.length, 0);
+ * ```
+ *
+ * @param key The AES-GCM `CryptoKey` to encrypt with.
+ * @param plaintext The data to encrypt.
+ * @param options Optional additional authenticated data.
+ * @returns The concatenated nonce, ciphertext, and authentication tag.
+ *
+ * @remarks With random nonces, do not encrypt more than ~2^32 messages
+ * under the same key. Beyond this limit, nonce collision probability
+ * becomes non-negligible.
+ *
+ * @see {@link https://csrc.nist.gov/pubs/sp/800/38/d/final | NIST SP 800-38D} Section 8.3
+ */
+export declare function encryptAesGcm(key: dntShim.CryptoKey, plaintext: dntShim.BufferSource, options?: AesGcmOptions): Promise<Uint8Array_>;
+/**
+ * Decrypts data produced by {@linkcode encryptAesGcm}.
+ *
+ * Expects input in the format `nonce (12 bytes) || ciphertext || tag (16 bytes)`.
+ *
+ * @example Usage
+ * ```ts
+ * import { decryptAesGcm, encryptAesGcm } from "@std/crypto/aes-gcm";
+ * import { assertEquals } from "@std/assert";
+ *
+ * const key = await crypto.subtle.generateKey(
+ *   { name: "AES-GCM", length: 256 },
+ *   false,
+ *   ["encrypt", "decrypt"],
+ * );
+ *
+ * const plaintext = new TextEncoder().encode("hello world");
+ * const encrypted = await encryptAesGcm(key, plaintext);
+ *
+ * assertEquals(await decryptAesGcm(key, encrypted), plaintext);
+ * ```
+ *
+ * @param key The AES-GCM `CryptoKey` to decrypt with.
+ * @param data The wire-format output from {@linkcode encryptAesGcm}: nonce (12 B) || ciphertext || tag (16 B).
+ * @param options Optional additional authenticated data (must match what was used during encryption).
+ * @returns The decrypted plaintext.
+ * @throws {RangeError} If `data` is shorter than 28 bytes (12 nonce + 16 tag).
+ * @throws {DOMException} If authentication fails (wrong key, tampered data, or
+ * mismatched additional data).
+ */
+export declare function decryptAesGcm(key: dntShim.CryptoKey, data: dntShim.BufferSource, options?: AesGcmOptions): Promise<Uint8Array_>;
+//# sourceMappingURL=aes_gcm.d.ts.map

package/esm/deps/jsr.io/@std/crypto/1.1.0/aes_gcm.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes_gcm.d.ts","sourceRoot":"","sources":["../../../../../../src/deps/jsr.io/@std/crypto/1.1.0/aes_gcm.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,OAAO,MAAM,8BAA8B,CAAC;AAGxD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC/C,YAAY,EAAE,WAAW,EAAE,CAAC;AAiC5B,2EAA2E;AAC3E,MAAM,WAAW,aAAa;IAC5B,sEAAsE;IACtE,cAAc,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC;CACvC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,OAAO,CAAC,SAAS,EACtB,SAAS,EAAE,OAAO,CAAC,YAAY,EAC/B,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,WAAW,CAAC,CAqBtB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,OAAO,CAAC,SAAS,EACtB,IAAI,EAAE,OAAO,CAAC,YAAY,EAC1B,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,WAAW,CAAC,CA0BtB"}

package/esm/deps/jsr.io/@std/crypto/1.1.0/aes_gcm.js

@@ -0,0 +1,132 @@
+// Copyright 2018-2026 the Deno authors. MIT license.
+// This module is browser compatible.
+import * as dntShim from "../../../../../_dnt.shims.js";
+/**
+ * High-level AES-GCM authenticated encryption with automatic nonce generation.
+ *
+ * With random nonces, do not encrypt more than ~2^32 messages under the same
+ * key. Beyond this limit, nonce collision probability becomes non-negligible.
+ *
+ * @example Usage
+ * ```ts
+ * import { encryptAesGcm, decryptAesGcm } from "@std/crypto/aes-gcm";
+ * import { assertEquals } from "@std/assert";
+ *
+ * const key = await crypto.subtle.generateKey(
+ *   { name: "AES-GCM", length: 256 },
+ *   false,
+ *   ["encrypt", "decrypt"],
+ * );
+ *
+ * const plaintext = new TextEncoder().encode("hello world");
+ * const encrypted = await encryptAesGcm(key, plaintext);
+ * const decrypted = await decryptAesGcm(key, encrypted);
+ *
+ * assertEquals(decrypted, plaintext);
+ * ```
+ *
+ * @module
+ */
+const NONCE_LENGTH = 12;
+const TAG_LENGTH = 16;
+const OVERHEAD = NONCE_LENGTH + TAG_LENGTH;
+/**
+ * Encrypts plaintext using AES-GCM with a random 96-bit nonce.
+ *
+ * Returns `nonce (12 bytes) || ciphertext || tag (16 bytes)`.
+ *
+ * @example Usage
+ * ```ts
+ * import { encryptAesGcm } from "@std/crypto/aes-gcm";
+ * import { assertNotEquals } from "@std/assert";
+ *
+ * const key = await crypto.subtle.generateKey(
+ *   { name: "AES-GCM", length: 256 },
+ *   false,
+ *   ["encrypt", "decrypt"],
+ * );
+ *
+ * const encrypted = await encryptAesGcm(
+ *   key,
+ *   new TextEncoder().encode("hello world"),
+ * );
+ *
+ * assertNotEquals(encrypted.length, 0);
+ * ```
+ *
+ * @param key The AES-GCM `CryptoKey` to encrypt with.
+ * @param plaintext The data to encrypt.
+ * @param options Optional additional authenticated data.
+ * @returns The concatenated nonce, ciphertext, and authentication tag.
+ *
+ * @remarks With random nonces, do not encrypt more than ~2^32 messages
+ * under the same key. Beyond this limit, nonce collision probability
+ * becomes non-negligible.
+ *
+ * @see {@link https://csrc.nist.gov/pubs/sp/800/38/d/final | NIST SP 800-38D} Section 8.3
+ */
+export async function encryptAesGcm(key, plaintext, options) {
+    const nonce = dntShim.crypto.getRandomValues(new Uint8Array(NONCE_LENGTH));
+    const params = {
+        name: "AES-GCM",
+        iv: nonce,
+        tagLength: TAG_LENGTH * 8,
+    };
+    if (options?.additionalData !== undefined) {
+        params.additionalData = options.additionalData;
+    }
+    const ciphertextAndTag = new Uint8Array(await dntShim.crypto.subtle.encrypt(params, key, plaintext));
+    const result = new Uint8Array(NONCE_LENGTH + ciphertextAndTag.byteLength);
+    result.set(nonce);
+    result.set(ciphertextAndTag, NONCE_LENGTH);
+    return result;
+}
+/**
+ * Decrypts data produced by {@linkcode encryptAesGcm}.
+ *
+ * Expects input in the format `nonce (12 bytes) || ciphertext || tag (16 bytes)`.
+ *
+ * @example Usage
+ * ```ts
+ * import { decryptAesGcm, encryptAesGcm } from "@std/crypto/aes-gcm";
+ * import { assertEquals } from "@std/assert";
+ *
+ * const key = await crypto.subtle.generateKey(
+ *   { name: "AES-GCM", length: 256 },
+ *   false,
+ *   ["encrypt", "decrypt"],
+ * );
+ *
+ * const plaintext = new TextEncoder().encode("hello world");
+ * const encrypted = await encryptAesGcm(key, plaintext);
+ *
+ * assertEquals(await decryptAesGcm(key, encrypted), plaintext);
+ * ```
+ *
+ * @param key The AES-GCM `CryptoKey` to decrypt with.
+ * @param data The wire-format output from {@linkcode encryptAesGcm}: nonce (12 B) || ciphertext || tag (16 B).
+ * @param options Optional additional authenticated data (must match what was used during encryption).
+ * @returns The decrypted plaintext.
+ * @throws {RangeError} If `data` is shorter than 28 bytes (12 nonce + 16 tag).
+ * @throws {DOMException} If authentication fails (wrong key, tampered data, or
+ * mismatched additional data).
+ */
+export async function decryptAesGcm(key, data, options) {
+    const bytes = ArrayBuffer.isView(data)
+        ? new Uint8Array(data.buffer, data.byteOffset, data.byteLength)
+        : new Uint8Array(data);
+    if (bytes.byteLength < OVERHEAD) {
+        throw new RangeError(`Data is too short: expected at least ${OVERHEAD} bytes, got ${bytes.byteLength}`);
+    }
+    const nonce = bytes.subarray(0, NONCE_LENGTH);
+    const ciphertextAndTag = bytes.subarray(NONCE_LENGTH);
+    const params = {
+        name: "AES-GCM",
+        iv: nonce,
+        tagLength: TAG_LENGTH * 8,
+    };
+    if (options?.additionalData !== undefined) {
+        params.additionalData = options.additionalData;
+    }
+    return new Uint8Array(await dntShim.crypto.subtle.decrypt(params, key, ciphertextAndTag));
+}

package/esm/deps/jsr.io/@std/crypto/1.1.0/crypto.d.ts

@@ -0,0 +1,149 @@
+/**
+ * Extensions to the
+ * {@link https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API | Web Crypto API}
+ * supporting additional encryption APIs, but also delegating to the built-in
+ * APIs when possible.
+ *
+ * Provides additional digest algorithms that are not part of the WebCrypto
+ * standard as well as a `subtle.digest` and `subtle.digestSync` methods.
+ *
+ * The {@linkcode KeyStack} export implements the {@linkcode KeyRing} interface
+ * for managing rotatable keys for signing data to prevent tampering, like with
+ * HTTP cookies.
+ *
+ * ## Supported algorithms
+ *
+ * Here is a list of supported algorithms. If the algorithm name in WebCrypto
+ * and Wasm/Rust is the same, this library prefers to use the implementation
+ * provided by WebCrypto.
+ *
+ * Length-adjustable algorithms support the
+ * {@linkcode DigestAlgorithmObject.length} option.
+ *
+ * WebCrypto:
+ * - `SHA-384`
+ * - `SHA-256` (length-extendable)
+ * - `SHA-512` (length-extendable)
+ *
+ * Wasm/Rust:
+ * - `BLAKE2B`
+ * - `BLAKE2B-128`
+ * - `BLAKE2B-160`
+ * - `BLAKE2B-224`
+ * - `BLAKE2B-256`
+ * - `BLAKE2B-384`
+ * - `BLAKE2S`
+ * - `BLAKE3` (length-adjustable)
+ * - `KECCAK-224`
+ * - `KECCAK-256`
+ * - `KECCAK-384`
+ * - `KECCAK-512`
+ * - `SHA-384`
+ * - `SHA3-224`
+ * - `SHA3-256`
+ * - `SHA3-384`
+ * - `SHA3-512`
+ * - `SHAKE128` (length-adjustable)
+ * - `SHAKE256` (length-adjustable)
+ * - `TIGER`
+ * - `RIPEMD-160` (length-extendable)
+ * - `SHA-224` (length-extendable)
+ * - `SHA-256` (length-extendable)
+ * - `SHA-512` (length-extendable)
+ * - `MD4` (length-extendable and collidable)
+ * - `MD5` (length-extendable and collidable)
+ * - `SHA-1` (length-extendable and collidable)
+ * - `FNV32` (non-cryptographic)
+ * - `FNV32A` (non-cryptographic)
+ * - `FNV64` (non-cryptographic)
+ * - `FNV64A` (non-cryptographic)
+ *
+ * @example
+ * ```ts
+ * import { crypto } from "@std/crypto";
+ *
+ * // This will delegate to the runtime's WebCrypto implementation.
+ * console.log(
+ *   new Uint8Array(
+ *     await crypto.subtle.digest(
+ *       "SHA-384",
+ *       new TextEncoder().encode("hello world"),
+ *     ),
+ *   ),
+ * );
+ *
+ * // This will use a bundled Wasm/Rust implementation.
+ * console.log(
+ *   new Uint8Array(
+ *     await crypto.subtle.digest(
+ *       "BLAKE3",
+ *       new TextEncoder().encode("hello world"),
+ *     ),
+ *   ),
+ * );
+ * ```
+ *
+ * @example Convert hash to a string
+ *
+ * ```ts
+ * import {
+ *   crypto,
+ * } from "@std/crypto";
+ * import { encodeHex } from "@std/encoding/hex"
+ * import { encodeBase64 } from "@std/encoding/base64"
+ *
+ * const hash = await crypto.subtle.digest(
+ *   "SHA-384",
+ *   new TextEncoder().encode("You hear that Mr. Anderson?"),
+ * );
+ *
+ * // Hex encoding
+ * console.log(encodeHex(hash));
+ *
+ * // Or with base64 encoding
+ * console.log(encodeBase64(hash));
+ * ```
+ *
+ * @module
+ */
+import * as dntShim from "../../../../../_dnt.shims.js";
+import { DIGEST_ALGORITHM_NAMES, type DigestAlgorithmName } from "./_wasm/mod.js";
+export { DIGEST_ALGORITHM_NAMES, type DigestAlgorithmName };
+/** Extensions to the web standard `SubtleCrypto` interface. */
+export interface StdSubtleCrypto extends dntShim.SubtleCrypto {
+    /**
+     * Returns a new `Promise` object that will digest `data` using the specified
+     * `AlgorithmIdentifier`.
+     */
+    digest(algorithm: DigestAlgorithm, data: dntShim.BufferSource | AsyncIterable<dntShim.BufferSource> | Iterable<dntShim.BufferSource>): Promise<ArrayBuffer>;
+    /**
+     * Returns a ArrayBuffer with the result of digesting `data` using the
+     * specified `AlgorithmIdentifier`.
+     */
+    digestSync(algorithm: DigestAlgorithm, data: dntShim.BufferSource | Iterable<dntShim.BufferSource>): ArrayBuffer;
+}
+/** Extensions to the Web {@linkcode Crypto} interface. */
+export interface StdCrypto extends dntShim.Crypto {
+    /** Extension to the {@linkcode crypto.SubtleCrypto} interface. */
+    readonly subtle: StdSubtleCrypto;
+}
+/**
+ * A wrapper for WebCrypto which adds support for additional non-standard
+ * algorithms, but delegates to the runtime WebCrypto implementation whenever
+ * possible.
+ */
+declare const stdCrypto: StdCrypto;
+/** Extended digest algorithm objects. */
+export type DigestAlgorithmObject = {
+    name: DigestAlgorithmName;
+    length?: number;
+};
+/**
+ * Extended digest algorithms accepted by {@linkcode stdCrypto.subtle.digest}.
+ *
+ * The `length` option will be ignored for
+ * {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#algorithm | Web Standard algorithms}.
+ */
+export type DigestAlgorithm = DigestAlgorithmName | DigestAlgorithmObject;
+export { stdCrypto as crypto };
+//# sourceMappingURL=crypto.d.ts.map

package/esm/deps/jsr.io/@std/crypto/1.1.0/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../../../../src/deps/jsr.io/@std/crypto/1.1.0/crypto.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2GG;AACH,OAAO,KAAK,OAAO,MAAM,8BAA8B,CAAC;AAExD,OAAO,EAEL,sBAAsB,EACtB,KAAK,mBAAmB,EAEzB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EAAE,sBAAsB,EAAE,KAAK,mBAAmB,EAAE,CAAC;AA6C5D,+DAA+D;AAC/D,MAAM,WAAW,eAAgB,SAAQ,OAAO,CAAC,YAAY;IAC3D;;;OAGG;IACH,MAAM,CACJ,SAAS,EAAE,eAAe,EAC1B,IAAI,EAAE,OAAO,CAAC,YAAY,GAAG,aAAa,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,GAChG,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;OAGG;IACH,UAAU,CACR,SAAS,EAAE,eAAe,EAC1B,IAAI,EAAE,OAAO,CAAC,YAAY,GAAG,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,GAC1D,WAAW,CAAC;CAChB;AAED,0DAA0D;AAC1D,MAAM,WAAW,SAAU,SAAQ,OAAO,CAAC,MAAM;IAC/C,kEAAkE;IAClE,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC;CAClC;AAED;;;;GAIG;AACH,QAAA,MAAM,SAAS,EAAE,SA6Ff,CAAC;AAyBH,yCAAyC;AACzC,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,EAAE,mBAAmB,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,eAAe,GAAG,mBAAmB,GAAG,qBAAqB,CAAC;AAuB1E,OAAO,EAAE,SAAS,IAAI,MAAM,EAAE,CAAC"}