@node-projects/excelforge 2.3.0 → 3.0.0

package/dist/features/Encryption.js

@@ -0,0 +1,806 @@
+const CFB_SIG = new Uint8Array([0xD0, 0xCF, 0x11, 0xE0, 0xA1, 0xB1, 0x1A, 0xE1]);
+const ENDOFCHAIN = 0xFFFFFFFE;
+const FREESECT = 0xFFFFFFFF;
+const FATSECT = 0xFFFFFFFD;
+const SECTOR_SZ = 512;
+const MINI_SZ = 64;
+const MINI_CUT = 0x1000;
+const DIR_SZ = 128;
+function setU16(buf, off, v) {
+    buf[off] = v & 0xFF;
+    buf[off + 1] = (v >> 8) & 0xFF;
+}
+function setU32(buf, off, v) {
+    buf[off] = v & 0xFF;
+    buf[off + 1] = (v >> 8) & 0xFF;
+    buf[off + 2] = (v >> 16) & 0xFF;
+    buf[off + 3] = (v >> 24) & 0xFF;
+}
+function u16(buf, off) {
+    return buf[off] | (buf[off + 1] << 8);
+}
+function u32(buf, off) {
+    return (buf[off] | (buf[off + 1] << 8) | (buf[off + 2] << 16) | (buf[off + 3] << 24)) >>> 0;
+}
+function encUtf16(name) {
+    const bytes = new Uint8Array(64);
+    const len = Math.min(name.length, 31);
+    for (let i = 0; i < len; i++) {
+        setU16(bytes, i * 2, name.charCodeAt(i));
+    }
+    setU16(bytes, len * 2, 0);
+    return { bytes, size: (len + 1) * 2 };
+}
+function buildCfb(entries) {
+    const dirCount = 1 + entries.length;
+    const allStreams = entries.map(e => e.data);
+    let miniData = new Uint8Array(0);
+    const miniBlocks = [];
+    const regularBlocks = [];
+    let miniOffset = 0;
+    for (const stream of allStreams) {
+        if (stream.length < MINI_CUT) {
+            const padLen = Math.ceil(stream.length / MINI_SZ) * MINI_SZ;
+            const newMini = new Uint8Array(miniData.length + padLen);
+            newMini.set(miniData);
+            newMini.set(stream, miniData.length);
+            miniBlocks.push({ offset: miniOffset, size: stream.length });
+            miniOffset += padLen;
+            miniData = newMini;
+        }
+        else {
+            miniBlocks.push({ offset: -1, size: stream.length });
+        }
+    }
+    const miniStreamSectors = Math.ceil(miniData.length / SECTOR_SZ);
+    const dirSectors = Math.ceil((dirCount * DIR_SZ) / SECTOR_SZ);
+    let nextSector = 1 + dirSectors + miniStreamSectors;
+    const regularStartSectors = [];
+    for (let i = 0; i < entries.length; i++) {
+        if (miniBlocks[i].offset === -1) {
+            regularStartSectors.push(nextSector);
+            const sects = Math.ceil(allStreams[i].length / SECTOR_SZ);
+            regularBlocks.push({ data: allStreams[i], startSector: nextSector });
+            nextSector += sects;
+        }
+        else {
+            regularStartSectors.push(-1);
+        }
+    }
+    const totalSectors = nextSector;
+    const fatEntries = new Uint32Array(Math.max(totalSectors, 128));
+    fatEntries.fill(FREESECT);
+    fatEntries[0] = FATSECT;
+    for (let i = 1; i < 1 + dirSectors; i++) {
+        fatEntries[i] = (i < dirSectors) ? i + 1 : ENDOFCHAIN;
+    }
+    for (let i = 1 + dirSectors; i < 1 + dirSectors + miniStreamSectors; i++) {
+        fatEntries[i] = (i < dirSectors + miniStreamSectors) ? i + 1 : ENDOFCHAIN;
+    }
+    for (const rb of regularBlocks) {
+        const sects = Math.ceil(rb.data.length / SECTOR_SZ);
+        for (let j = 0; j < sects; j++) {
+            fatEntries[rb.startSector + j] = j < sects - 1 ? rb.startSector + j + 1 : ENDOFCHAIN;
+        }
+    }
+    const miniSectorCount = Math.ceil(miniData.length / MINI_SZ);
+    const miniFat = new Uint32Array(Math.max(miniSectorCount, 128));
+    miniFat.fill(FREESECT);
+    let mIdx = 0;
+    for (let i = 0; i < entries.length; i++) {
+        if (miniBlocks[i].offset !== -1) {
+            const msectors = Math.ceil(allStreams[i].length / MINI_SZ);
+            const startMiniSector = miniBlocks[i].offset / MINI_SZ;
+            for (let j = 0; j < msectors; j++) {
+                miniFat[startMiniSector + j] = j < msectors - 1 ? startMiniSector + j + 1 : ENDOFCHAIN;
+            }
+        }
+    }
+    const miniFatSectorCount = Math.ceil(miniFat.length * 4 / SECTOR_SZ);
+    const miniFatStartSector = nextSector;
+    for (let i = 0; i < miniFatSectorCount; i++) {
+        fatEntries[miniFatStartSector + i] = i < miniFatSectorCount - 1 ? miniFatStartSector + i + 1 : ENDOFCHAIN;
+    }
+    const actualTotalSectors = miniFatStartSector + miniFatSectorCount;
+    const fileSize = (1 + actualTotalSectors) * SECTOR_SZ;
+    const out = new Uint8Array(fileSize);
+    out.set(CFB_SIG, 0);
+    setU16(out, 0x18, 0x003E);
+    setU16(out, 0x1A, 0x0003);
+    setU16(out, 0x1C, 0xFFFE);
+    setU16(out, 0x1E, 9);
+    setU16(out, 0x20, 6);
+    setU32(out, 0x28, dirSectors);
+    setU32(out, 0x2C, 1);
+    setU32(out, 0x30, 1);
+    setU32(out, 0x38, MINI_CUT);
+    setU32(out, 0x3C, miniFatStartSector);
+    setU32(out, 0x40, miniFatSectorCount);
+    setU32(out, 0x44, ENDOFCHAIN);
+    setU32(out, 0x48, 0);
+    for (let i = 0; i < 109; i++)
+        setU32(out, 0x4C + i * 4, FREESECT);
+    setU32(out, 0x4C, 0);
+    const fatOff = SECTOR_SZ;
+    for (let i = 0; i < 128; i++) {
+        setU32(out, fatOff + i * 4, fatEntries[i]);
+    }
+    const dirOff = SECTOR_SZ + SECTOR_SZ;
+    const root = encUtf16('Root Entry');
+    out.set(root.bytes, dirOff);
+    setU16(out, dirOff + 0x40, root.size);
+    out[dirOff + 0x42] = 5;
+    out[dirOff + 0x43] = 1;
+    setU32(out, dirOff + 0x44, FREESECT);
+    setU32(out, dirOff + 0x48, FREESECT);
+    setU32(out, dirOff + 0x4C, entries.length > 0 ? 1 : FREESECT);
+    setU32(out, dirOff + 0x74, miniStreamSectors > 0 ? 1 + dirSectors : ENDOFCHAIN);
+    setU32(out, dirOff + 0x78, miniData.length);
+    for (let i = 0; i < entries.length; i++) {
+        const eOff = dirOff + (i + 1) * DIR_SZ;
+        const eName = encUtf16(entries[i].name);
+        out.set(eName.bytes, eOff);
+        setU16(out, eOff + 0x40, eName.size);
+        out[eOff + 0x42] = 2;
+        out[eOff + 0x43] = 1;
+        setU32(out, eOff + 0x44, FREESECT);
+        setU32(out, eOff + 0x48, i + 2 < entries.length + 1 ? i + 2 : FREESECT);
+        setU32(out, eOff + 0x4C, FREESECT);
+        if (miniBlocks[i].offset !== -1) {
+            setU32(out, eOff + 0x74, miniBlocks[i].offset / MINI_SZ);
+            setU32(out, eOff + 0x78, allStreams[i].length);
+        }
+        else {
+            setU32(out, eOff + 0x74, regularStartSectors[i]);
+            setU32(out, eOff + 0x78, allStreams[i].length);
+        }
+    }
+    const miniDataOff = SECTOR_SZ + SECTOR_SZ + dirSectors * SECTOR_SZ;
+    out.set(miniData.subarray(0, Math.min(miniData.length, miniStreamSectors * SECTOR_SZ)), miniDataOff);
+    for (const rb of regularBlocks) {
+        const off = SECTOR_SZ + rb.startSector * SECTOR_SZ;
+        out.set(rb.data, off);
+    }
+    const mfOff = SECTOR_SZ + miniFatStartSector * SECTOR_SZ;
+    for (let i = 0; i < miniFat.length && i * 4 < miniFatSectorCount * SECTOR_SZ; i++) {
+        setU32(out, mfOff + i * 4, miniFat[i]);
+    }
+    return out;
+}
+function readCfb(data) {
+    for (let i = 0; i < 8; i++) {
+        if (data[i] !== CFB_SIG[i])
+            throw new Error('Not a CFB file');
+    }
+    const sectorPow = u16(data, 0x1E);
+    const sectorSize = 1 << sectorPow;
+    const miniPow = u16(data, 0x20);
+    const miniSize = 1 << miniPow;
+    const miniCutoff = u32(data, 0x38);
+    const fatSectors = u32(data, 0x2C);
+    const dirStart = u32(data, 0x30);
+    const miniFatStart = u32(data, 0x3C);
+    const sectorOff = (s) => sectorSize + s * sectorSize;
+    const fatSectorList = [];
+    for (let i = 0; i < 109; i++) {
+        const s = u32(data, 0x4C + i * 4);
+        if (s === FREESECT || s === ENDOFCHAIN)
+            break;
+        fatSectorList.push(s);
+    }
+    const fat = [];
+    for (const s of fatSectorList) {
+        const off = sectorOff(s);
+        for (let i = 0; i < sectorSize / 4; i++) {
+            fat.push(u32(data, off + i * 4));
+        }
+    }
+    const followChain = (start) => {
+        const chain = [];
+        let s = start;
+        while (s !== ENDOFCHAIN && s !== FREESECT && chain.length < 10000) {
+            chain.push(s);
+            s = fat[s] ?? ENDOFCHAIN;
+        }
+        return chain;
+    };
+    const readStream = (start, size) => {
+        const chain = followChain(start);
+        const buf = new Uint8Array(size);
+        let pos = 0;
+        for (const s of chain) {
+            const off = sectorOff(s);
+            const len = Math.min(sectorSize, size - pos);
+            buf.set(data.subarray(off, off + len), pos);
+            pos += len;
+        }
+        return buf;
+    };
+    const dirChain = followChain(dirStart);
+    const dirData = new Uint8Array(dirChain.length * sectorSize);
+    dirChain.forEach((s, i) => dirData.set(data.subarray(sectorOff(s), sectorOff(s) + sectorSize), i * sectorSize));
+    const dirEntries = [];
+    for (let i = 0; i < dirData.length / DIR_SZ; i++) {
+        const off = i * DIR_SZ;
+        const nameLen = u16(dirData, off + 0x40);
+        if (nameLen === 0)
+            continue;
+        let name = '';
+        for (let j = 0; j < (nameLen - 2) / 2; j++) {
+            name += String.fromCharCode(u16(dirData, off + j * 2));
+        }
+        dirEntries.push({
+            name,
+            type: dirData[off + 0x42],
+            start: u32(dirData, off + 0x74),
+            size: u32(dirData, off + 0x78),
+            child: u32(dirData, off + 0x4C),
+        });
+    }
+    const root = dirEntries[0];
+    let miniStreamData = new Uint8Array(0);
+    if (root && root.start !== ENDOFCHAIN) {
+        miniStreamData = new Uint8Array(readStream(root.start, root.size));
+    }
+    const miniFat = [];
+    if (miniFatStart !== ENDOFCHAIN) {
+        const mfChain = followChain(miniFatStart);
+        for (const s of mfChain) {
+            const off = sectorOff(s);
+            for (let i = 0; i < sectorSize / 4; i++) {
+                miniFat.push(u32(data, off + i * 4));
+            }
+        }
+    }
+    const readMiniStream = (start, size) => {
+        const buf = new Uint8Array(size);
+        let s = start, pos = 0;
+        while (s !== ENDOFCHAIN && pos < size) {
+            const off = s * miniSize;
+            const len = Math.min(miniSize, size - pos);
+            buf.set(miniStreamData.subarray(off, off + len), pos);
+            pos += len;
+            s = miniFat[s] ?? ENDOFCHAIN;
+        }
+        return buf;
+    };
+    const result = [];
+    for (let i = 1; i < dirEntries.length; i++) {
+        const e = dirEntries[i];
+        if (e.type !== 2)
+            continue;
+        let streamData;
+        if (e.size < miniCutoff) {
+            streamData = readMiniStream(e.start, e.size);
+        }
+        else {
+            streamData = readStream(e.start, e.size);
+        }
+        result.push({ name: e.name, data: streamData });
+    }
+    return result;
+}
+function getCrypto() {
+    if (typeof globalThis.crypto !== 'undefined')
+        return globalThis.crypto;
+    throw new Error('Web Crypto API not available. Requires Node.js 18+ or a modern browser.');
+}
+function randomBytes(n) {
+    return getCrypto().getRandomValues(new Uint8Array(n));
+}
+async function sha512(data) {
+    const buf = await getCrypto().subtle.digest('SHA-512', data);
+    return new Uint8Array(buf);
+}
+async function sha1(data) {
+    const buf = await getCrypto().subtle.digest('SHA-1', data);
+    return new Uint8Array(buf);
+}
+async function hmacSha512(key, data) {
+    const cryptoKey = await getCrypto().subtle.importKey('raw', key, { name: 'HMAC', hash: 'SHA-512' }, false, ['sign']);
+    const sig = await getCrypto().subtle.sign('HMAC', cryptoKey, data);
+    return new Uint8Array(sig);
+}
+async function deriveKey(password, salt, spinCount, keyBits, blockKey) {
+    const pwBuf = new Uint8Array(password.length * 2);
+    for (let i = 0; i < password.length; i++) {
+        pwBuf[i * 2] = password.charCodeAt(i) & 0xFF;
+        pwBuf[i * 2 + 1] = (password.charCodeAt(i) >> 8) & 0xFF;
+    }
+    const h0Input = new Uint8Array(salt.length + pwBuf.length);
+    h0Input.set(salt);
+    h0Input.set(pwBuf, salt.length);
+    let hash = await sha512(h0Input);
+    for (let i = 0; i < spinCount; i++) {
+        const iterBuf = new Uint8Array(4 + hash.length);
+        iterBuf[0] = i & 0xFF;
+        iterBuf[1] = (i >> 8) & 0xFF;
+        iterBuf[2] = (i >> 16) & 0xFF;
+        iterBuf[3] = (i >> 24) & 0xFF;
+        iterBuf.set(hash, 4);
+        hash = await sha512(iterBuf);
+    }
+    const final = new Uint8Array(hash.length + blockKey.length);
+    final.set(hash);
+    final.set(blockKey, hash.length);
+    const derived = await sha512(final);
+    const keyLen = keyBits / 8;
+    if (derived.length >= keyLen)
+        return derived.subarray(0, keyLen);
+    const padded = new Uint8Array(keyLen);
+    padded.set(derived);
+    padded.fill(0x36, derived.length);
+    return padded;
+}
+async function aesCbcEncrypt(key, iv, data) {
+    const cryptoKey = await getCrypto().subtle.importKey('raw', key, { name: 'AES-CBC' }, false, ['encrypt']);
+    const buf = await getCrypto().subtle.encrypt({ name: 'AES-CBC', iv: iv }, cryptoKey, data);
+    return new Uint8Array(buf).subarray(0, data.length);
+}
+async function aesCbcDecrypt(key, iv, data) {
+    const subtle = getCrypto().subtle;
+    const lastBlock = data.subarray(data.length - 16);
+    const pkcs7 = new Uint8Array(16).fill(16);
+    const xored = new Uint8Array(16);
+    for (let i = 0; i < 16; i++)
+        xored[i] = pkcs7[i] ^ lastBlock[i];
+    const encKey = await subtle.importKey('raw', key, { name: 'AES-CBC' }, false, ['encrypt']);
+    const fakeEnc = await subtle.encrypt({ name: 'AES-CBC', iv: new Uint8Array(16) }, encKey, xored);
+    const fakeBlock = new Uint8Array(fakeEnc).subarray(0, 16);
+    const padded = concat(data, fakeBlock);
+    const decKey = await subtle.importKey('raw', key, { name: 'AES-CBC' }, false, ['decrypt']);
+    const buf = await subtle.decrypt({ name: 'AES-CBC', iv: iv }, decKey, padded);
+    return new Uint8Array(buf);
+}
+function padToBlockSize(data, blockSize) {
+    const rem = data.length % blockSize;
+    if (rem === 0)
+        return data;
+    const padded = new Uint8Array(data.length + (blockSize - rem));
+    padded.set(data);
+    return padded;
+}
+function concat(...arrays) {
+    let len = 0;
+    for (const a of arrays)
+        len += a.length;
+    const out = new Uint8Array(len);
+    let pos = 0;
+    for (const a of arrays) {
+        out.set(a, pos);
+        pos += a.length;
+    }
+    return out;
+}
+const BLOCK_KEY_VERIFIER_INPUT = new Uint8Array([0xfe, 0xa7, 0xd2, 0x76, 0x3b, 0x4b, 0x9e, 0x79]);
+const BLOCK_KEY_VERIFIER_VALUE = new Uint8Array([0xd7, 0xaa, 0x0f, 0x6d, 0x30, 0x61, 0x34, 0x4e]);
+const BLOCK_KEY_ENCRYPTED_KEY = new Uint8Array([0x14, 0x6e, 0x0b, 0xe7, 0xab, 0xac, 0xd0, 0xd6]);
+const BLOCK_KEY_DATA_INTEGRITY1 = new Uint8Array([0x5f, 0xb2, 0xad, 0x01, 0x0c, 0xb9, 0xe1, 0xf6]);
+const BLOCK_KEY_DATA_INTEGRITY2 = new Uint8Array([0xa0, 0x67, 0x7f, 0x02, 0xb2, 0x2c, 0x84, 0x33]);
+function buildEncryptionInfoXml(keySalt, encKeyValue, encVerifierInput, encVerifierHash, encKeyValueHmac, encKeyValueHmac2, passwordSalt, spinCount) {
+    const b64 = (buf) => {
+        let s = '';
+        const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+        for (let i = 0; i < buf.length; i += 3) {
+            const b0 = buf[i], b1 = buf[i + 1] ?? 0, b2 = buf[i + 2] ?? 0;
+            const n = (b0 << 16) | (b1 << 8) | b2;
+            s += chars[(n >> 18) & 63] + chars[(n >> 12) & 63];
+            s += i + 1 < buf.length ? chars[(n >> 6) & 63] : '=';
+            s += i + 2 < buf.length ? chars[n & 63] : '=';
+        }
+        return s;
+    };
+    return `<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption"
+  xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password">
+  <keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64"
+    cipherAlgorithm="AES" cipherChaining="ChainingModeCBC"
+    hashAlgorithm="SHA512"
+    saltValue="${b64(keySalt)}"/>
+  <dataIntegrity encryptedHmacKey="${b64(encKeyValueHmac)}"
+    encryptedHmacValue="${b64(encKeyValueHmac2)}"/>
+  <keyEncryptors>
+    <keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password">
+      <p:encryptedKey spinCount="${spinCount}" saltSize="16" blockSize="16"
+        keyBits="256" hashSize="64"
+        cipherAlgorithm="AES" cipherChaining="ChainingModeCBC"
+        hashAlgorithm="SHA512"
+        saltValue="${b64(passwordSalt)}"
+        encryptedVerifierHashInput="${b64(encVerifierInput)}"
+        encryptedVerifierHashValue="${b64(encVerifierHash)}"
+        encryptedKeyValue="${b64(encKeyValue)}"/>
+    </keyEncryptor>
+  </keyEncryptors>
+</encryption>`;
+}
+function b64Decode(s) {
+    const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+    const lookup = new Uint8Array(128);
+    for (let i = 0; i < chars.length; i++)
+        lookup[chars.charCodeAt(i)] = i;
+    const clean = s.replace(/[^A-Za-z0-9+/]/g, '');
+    const pad = s.endsWith('==') ? 2 : s.endsWith('=') ? 1 : 0;
+    const rawLen = clean.length + pad;
+    const len = (rawLen / 4) * 3 - pad;
+    const out = new Uint8Array(len);
+    let pos = 0;
+    for (let i = 0; i < clean.length; i += 4) {
+        const a = lookup[clean.charCodeAt(i)];
+        const b = lookup[clean.charCodeAt(i + 1)];
+        const c = lookup[clean.charCodeAt(i + 2)];
+        const d = lookup[clean.charCodeAt(i + 3)];
+        const n = (a << 18) | (b << 12) | (c << 6) | d;
+        if (pos < len)
+            out[pos++] = (n >> 16) & 0xFF;
+        if (pos < len)
+            out[pos++] = (n >> 8) & 0xFF;
+        if (pos < len)
+            out[pos++] = n & 0xFF;
+    }
+    return out;
+}
+function getAttr(xml, name) {
+    const re = new RegExp(`${name}="([^"]*)"`, 'i');
+    const m = xml.match(re);
+    return m ? m[1] : '';
+}
+function parseEncryptionInfo(xml) {
+    return {
+        keySalt: b64Decode(getAttr(xml.split('keyData')[1] ?? xml, 'saltValue')),
+        passwordSalt: b64Decode(getAttr(xml.split('encryptedKey')[1] ?? xml, 'saltValue')),
+        spinCount: parseInt(getAttr(xml, 'spinCount'), 10) || 100000,
+        keyBits: parseInt(getAttr(xml.split('encryptedKey')[1] ?? xml, 'keyBits'), 10) || 256,
+        encryptedVerifierInput: b64Decode(getAttr(xml, 'encryptedVerifierHashInput')),
+        encryptedVerifierHash: b64Decode(getAttr(xml, 'encryptedVerifierHashValue')),
+        encryptedKeyValue: b64Decode(getAttr(xml, 'encryptedKeyValue')),
+        encryptedHmacKey: b64Decode(getAttr(xml, 'encryptedHmacKey')),
+        encryptedHmacValue: b64Decode(getAttr(xml, 'encryptedHmacValue')),
+    };
+}
+function buildPrefixedUtf16(s) {
+    const byteLen = s.length * 2;
+    const padLen = (4 - (byteLen % 4)) % 4;
+    const buf = new Uint8Array(4 + byteLen + padLen);
+    setU32(buf, 0, byteLen);
+    for (let i = 0; i < s.length; i++)
+        setU16(buf, 4 + i * 2, s.charCodeAt(i));
+    return buf;
+}
+function buildDataSpacesVersion() {
+    const feature = 'Microsoft.Container.DataSpaces';
+    const strBytes = feature.length * 2;
+    const buf = new Uint8Array(4 + strBytes + 12);
+    setU32(buf, 0, strBytes);
+    for (let i = 0; i < feature.length; i++)
+        setU16(buf, 4 + i * 2, feature.charCodeAt(i));
+    const off = 4 + strBytes;
+    setU16(buf, off, 1);
+    setU16(buf, off + 2, 0);
+    setU16(buf, off + 4, 1);
+    setU16(buf, off + 6, 0);
+    setU16(buf, off + 8, 1);
+    setU16(buf, off + 10, 0);
+    return buf;
+}
+function buildDataSpaceMap() {
+    const refName = buildPrefixedUtf16('EncryptedPackage');
+    const dsName = buildPrefixedUtf16('StrongEncryptionDataSpace');
+    const entryLen = 4 + 4 + refName.length + dsName.length;
+    const buf = new Uint8Array(8 + 4 + entryLen);
+    setU32(buf, 0, 8);
+    setU32(buf, 4, 1);
+    setU32(buf, 8, entryLen);
+    let off = 12;
+    setU32(buf, off, 1);
+    off += 4;
+    setU32(buf, off, 0);
+    off += 4;
+    buf.set(refName, off);
+    off += refName.length;
+    buf.set(dsName, off);
+    return buf;
+}
+function buildStrongEncryptionDataSpace() {
+    const refName = buildPrefixedUtf16('StrongEncryptionTransform');
+    const buf = new Uint8Array(8 + refName.length);
+    setU32(buf, 0, 8);
+    setU32(buf, 4, 1);
+    buf.set(refName, 8);
+    return buf;
+}
+function buildPrimaryTransform() {
+    const id = buildPrefixedUtf16('{FF9A3F03-56EF-4613-BDD5-5A41C1D07246}');
+    const name = buildPrefixedUtf16('Microsoft.Container.EncryptionTransform');
+    const contentLen = 4 + id.length + name.length + 12;
+    const buf = new Uint8Array(4 + contentLen);
+    setU32(buf, 0, contentLen);
+    let off = 4;
+    setU32(buf, off, 1);
+    off += 4;
+    buf.set(id, off);
+    off += id.length;
+    buf.set(name, off);
+    off += name.length;
+    setU16(buf, off, 1);
+    setU16(buf, off + 2, 0);
+    off += 4;
+    setU16(buf, off, 1);
+    setU16(buf, off + 2, 0);
+    off += 4;
+    setU16(buf, off, 1);
+    setU16(buf, off + 2, 0);
+    return buf;
+}
+function buildEncryptionCfb(encryptionInfo, encryptedPackage) {
+    const versionData = buildDataSpacesVersion();
+    const dsmData = buildDataSpaceMap();
+    const sedsData = buildStrongEncryptionDataSpace();
+    const primaryData = buildPrimaryTransform();
+    const dirs = [
+        { name: 'Root Entry', type: 5, childId: 2, leftId: -1, rightId: -1, size: 0 },
+        { name: '\x06DataSpaces', type: 1, childId: 5, leftId: -1, rightId: -1, size: 0 },
+        { name: 'EncryptionInfo', type: 2, childId: -1, leftId: 1, rightId: 3, data: encryptionInfo, size: encryptionInfo.length },
+        { name: 'EncryptedPackage', type: 2, childId: -1, leftId: -1, rightId: -1, data: encryptedPackage, size: encryptedPackage.length },
+        { name: 'Version', type: 2, childId: -1, leftId: -1, rightId: -1, data: versionData, size: versionData.length },
+        { name: 'DataSpaceMap', type: 2, childId: -1, leftId: 4, rightId: 6, data: dsmData, size: dsmData.length },
+        { name: 'DataSpaceInfo', type: 1, childId: 8, leftId: -1, rightId: 7, size: 0 },
+        { name: 'TransformInfo', type: 1, childId: 9, leftId: -1, rightId: -1, size: 0 },
+        { name: 'StrongEncryptionDataSpace', type: 2, childId: -1, leftId: -1, rightId: -1, data: sedsData, size: sedsData.length },
+        { name: 'StrongEncryptionTransform', type: 1, childId: 10, leftId: -1, rightId: -1, size: 0 },
+        { name: '\x06Primary', type: 2, childId: -1, leftId: -1, rightId: -1, data: primaryData, size: primaryData.length },
+    ];
+    let miniData = new Uint8Array(0);
+    let miniOffset = 0;
+    const streamInfo = [];
+    const regularStreams = [];
+    for (const d of dirs) {
+        if (!d.data) {
+            streamInfo.push({ inMini: false, miniStart: 0, regularStart: 0 });
+            continue;
+        }
+        if (d.data.length < MINI_CUT) {
+            const padLen = Math.ceil(d.data.length / MINI_SZ) * MINI_SZ;
+            const newMini = new Uint8Array(miniData.length + padLen);
+            newMini.set(miniData);
+            newMini.set(d.data, miniData.length);
+            streamInfo.push({ inMini: true, miniStart: miniOffset / MINI_SZ, regularStart: 0 });
+            miniOffset += padLen;
+            miniData = newMini;
+        }
+        else {
+            streamInfo.push({ inMini: false, miniStart: 0, regularStart: 0 });
+        }
+    }
+    const dirCount = dirs.length;
+    const dirSectors = Math.ceil((dirCount * DIR_SZ) / SECTOR_SZ);
+    const miniStreamSectors = Math.ceil(miniData.length / SECTOR_SZ);
+    let nextSector = 1 + dirSectors + miniStreamSectors;
+    for (let i = 0; i < dirs.length; i++) {
+        if (dirs[i].data && !streamInfo[i].inMini) {
+            streamInfo[i].regularStart = nextSector;
+            regularStreams.push({ data: dirs[i].data, startSector: nextSector });
+            nextSector += Math.ceil(dirs[i].data.length / SECTOR_SZ);
+        }
+    }
+    const totalSectors = nextSector + 1;
+    const fatEntries = new Uint32Array(Math.max(totalSectors + 8, 128));
+    fatEntries.fill(FREESECT);
+    fatEntries[0] = FATSECT;
+    for (let i = 1; i < 1 + dirSectors; i++)
+        fatEntries[i] = i < dirSectors ? i + 1 : ENDOFCHAIN;
+    for (let i = 1 + dirSectors; i < 1 + dirSectors + miniStreamSectors; i++)
+        fatEntries[i] = i < dirSectors + miniStreamSectors ? i + 1 : ENDOFCHAIN;
+    for (const rb of regularStreams) {
+        const sects = Math.ceil(rb.data.length / SECTOR_SZ);
+        for (let j = 0; j < sects; j++)
+            fatEntries[rb.startSector + j] = j < sects - 1 ? rb.startSector + j + 1 : ENDOFCHAIN;
+    }
+    const miniSectorCount = Math.max(Math.ceil(miniData.length / MINI_SZ), 1);
+    const miniFat = new Uint32Array(Math.max(miniSectorCount, 128));
+    miniFat.fill(FREESECT);
+    for (let i = 0; i < dirs.length; i++) {
+        if (dirs[i].data && streamInfo[i].inMini) {
+            const msects = Math.ceil(dirs[i].data.length / MINI_SZ);
+            const start = streamInfo[i].miniStart;
+            for (let j = 0; j < msects; j++)
+                miniFat[start + j] = j < msects - 1 ? start + j + 1 : ENDOFCHAIN;
+        }
+    }
+    const miniFatSector = nextSector;
+    fatEntries[miniFatSector] = ENDOFCHAIN;
+    const fileSize = (1 + miniFatSector + 1) * SECTOR_SZ;
+    const out = new Uint8Array(fileSize);
+    out.set(CFB_SIG, 0);
+    setU16(out, 0x18, 0x003E);
+    setU16(out, 0x1A, 0x0003);
+    setU16(out, 0x1C, 0xFFFE);
+    setU16(out, 0x1E, 9);
+    setU16(out, 0x20, 6);
+    setU32(out, 0x2C, 1);
+    setU32(out, 0x30, 1);
+    setU32(out, 0x38, MINI_CUT);
+    setU32(out, 0x3C, miniFatSector);
+    setU32(out, 0x40, 1);
+    setU32(out, 0x44, ENDOFCHAIN);
+    setU32(out, 0x48, 0);
+    for (let i = 0; i < 109; i++)
+        setU32(out, 0x4C + i * 4, FREESECT);
+    setU32(out, 0x4C, 0);
+    const fatOff = SECTOR_SZ;
+    for (let i = 0; i < 128; i++)
+        setU32(out, fatOff + i * 4, fatEntries[i]);
+    const dirOff = SECTOR_SZ * 2;
+    for (let i = 0; i < dirs.length; i++) {
+        const d = dirs[i];
+        const eOff = dirOff + i * DIR_SZ;
+        const eName = encUtf16(d.name);
+        out.set(eName.bytes, eOff);
+        setU16(out, eOff + 0x40, eName.size);
+        out[eOff + 0x42] = d.type;
+        out[eOff + 0x43] = 1;
+        setU32(out, eOff + 0x44, d.leftId >= 0 ? d.leftId : FREESECT);
+        setU32(out, eOff + 0x48, d.rightId >= 0 ? d.rightId : FREESECT);
+        setU32(out, eOff + 0x4C, d.childId >= 0 ? d.childId : FREESECT);
+        if (d.type === 5) {
+            setU32(out, eOff + 0x74, miniStreamSectors > 0 ? 1 + dirSectors : ENDOFCHAIN);
+            setU32(out, eOff + 0x78, miniData.length);
+        }
+        else if (d.data) {
+            if (streamInfo[i].inMini) {
+                setU32(out, eOff + 0x74, streamInfo[i].miniStart);
+            }
+            else {
+                setU32(out, eOff + 0x74, streamInfo[i].regularStart);
+            }
+            setU32(out, eOff + 0x78, d.data.length);
+        }
+        else {
+            setU32(out, eOff + 0x74, ENDOFCHAIN);
+            setU32(out, eOff + 0x78, 0);
+        }
+    }
+    const miniOff = SECTOR_SZ * (1 + 1 + dirSectors);
+    out.set(miniData, miniOff);
+    for (const rb of regularStreams)
+        out.set(rb.data, SECTOR_SZ * (1 + rb.startSector));
+    const mfOff = SECTOR_SZ * (1 + miniFatSector);
+    for (let i = 0; i < 128; i++)
+        setU32(out, mfOff + i * 4, miniFat[i]);
+    return out;
+}
+export async function encryptWorkbook(xlsxData, password, options) {
+    const spinCount = options?.spinCount ?? 100000;
+    const keySalt = randomBytes(16);
+    const passwordSalt = randomBytes(16);
+    const verifierInput = randomBytes(16);
+    const keyDerived = await deriveKey(password, passwordSalt, spinCount, 256, BLOCK_KEY_ENCRYPTED_KEY);
+    const dataKey = randomBytes(32);
+    const encKeyValue = await aesCbcEncrypt(keyDerived, passwordSalt, padToBlockSize(dataKey, 16));
+    const verifierKey = await deriveKey(password, passwordSalt, spinCount, 256, BLOCK_KEY_VERIFIER_INPUT);
+    const encVerifierInput = await aesCbcEncrypt(verifierKey, passwordSalt, padToBlockSize(verifierInput, 16));
+    const verifierHash = await sha512(verifierInput);
+    const verifierHashKey = await deriveKey(password, passwordSalt, spinCount, 256, BLOCK_KEY_VERIFIER_VALUE);
+    const encVerifierHash = await aesCbcEncrypt(verifierHashKey, passwordSalt, padToBlockSize(verifierHash, 16));
+    const packageData = xlsxData;
+    const segmentSize = 4096;
+    const encryptedSegments = [];
+    for (let offset = 0; offset < packageData.length; offset += segmentSize) {
+        const segment = packageData.subarray(offset, Math.min(offset + segmentSize, packageData.length));
+        const paddedSegment = padToBlockSize(segment, 16);
+        const segIdx = offset / segmentSize;
+        const segIdxBuf = new Uint8Array(4);
+        segIdxBuf[0] = segIdx & 0xFF;
+        segIdxBuf[1] = (segIdx >> 8) & 0xFF;
+        segIdxBuf[2] = (segIdx >> 16) & 0xFF;
+        segIdxBuf[3] = (segIdx >> 24) & 0xFF;
+        const segIvHash = await sha512(concat(keySalt, segIdxBuf));
+        const segIv = segIvHash.subarray(0, 16);
+        const encSegment = await aesCbcEncrypt(dataKey, segIv, paddedSegment);
+        encryptedSegments.push(encSegment);
+    }
+    const encryptedData = concat(...encryptedSegments);
+    const streamSizeHeader = new Uint8Array(8);
+    setU32(streamSizeHeader, 0, xlsxData.length);
+    const encryptedPackage = concat(streamSizeHeader, encryptedData);
+    const hmacKey = randomBytes(64);
+    const hmacKeyIv = (await sha512(concat(keySalt, BLOCK_KEY_DATA_INTEGRITY1))).subarray(0, 16);
+    const encHmacKey = await aesCbcEncrypt(dataKey, hmacKeyIv, padToBlockSize(hmacKey, 16));
+    const hmacValue = await hmacSha512(hmacKey, encryptedPackage);
+    const hmacValueIv = (await sha512(concat(keySalt, BLOCK_KEY_DATA_INTEGRITY2))).subarray(0, 16);
+    const encHmacValue = await aesCbcEncrypt(dataKey, hmacValueIv, padToBlockSize(hmacValue, 16));
+    const xmlStr = buildEncryptionInfoXml(keySalt, encKeyValue, encVerifierInput, encVerifierHash, encHmacKey, encHmacValue, passwordSalt, spinCount);
+    const xmlBytes = new TextEncoder().encode(xmlStr);
+    const infoHeader = new Uint8Array(8);
+    setU16(infoHeader, 0, 4);
+    setU16(infoHeader, 2, 4);
+    setU32(infoHeader, 4, 0x00040);
+    const encryptionInfo = concat(infoHeader, xmlBytes);
+    return buildEncryptionCfb(encryptionInfo, encryptedPackage);
+}
+export async function decryptWorkbook(encryptedData, password) {
+    const streams = readCfb(encryptedData);
+    const infoStream = streams.find(s => s.name === 'EncryptionInfo');
+    const pkgStream = streams.find(s => s.name === 'EncryptedPackage');
+    if (!infoStream || !pkgStream)
+        throw new Error('Not an encrypted Office file');
+    const xmlBytes = infoStream.data.subarray(8);
+    const xmlStr = new TextDecoder().decode(xmlBytes);
+    const params = parseEncryptionInfo(xmlStr);
+    const keyDerived = await deriveKey(password, params.passwordSalt, params.spinCount, params.keyBits, BLOCK_KEY_ENCRYPTED_KEY);
+    let dataKey;
+    try {
+        dataKey = await aesCbcDecrypt(keyDerived, params.passwordSalt, params.encryptedKeyValue);
+        dataKey = dataKey.subarray(0, params.keyBits / 8);
+    }
+    catch {
+        throw new Error('Incorrect password');
+    }
+    const verifierKey = await deriveKey(password, params.passwordSalt, params.spinCount, params.keyBits, BLOCK_KEY_VERIFIER_INPUT);
+    let verifierInput;
+    try {
+        verifierInput = await aesCbcDecrypt(verifierKey, params.passwordSalt, params.encryptedVerifierInput);
+        verifierInput = verifierInput.subarray(0, 16);
+    }
+    catch {
+        throw new Error('Incorrect password');
+    }
+    const verifierHashKey = await deriveKey(password, params.passwordSalt, params.spinCount, params.keyBits, BLOCK_KEY_VERIFIER_VALUE);
+    try {
+        const decVerifierHash = await aesCbcDecrypt(verifierHashKey, params.passwordSalt, params.encryptedVerifierHash);
+        const expectedHash = await sha512(verifierInput);
+        for (let i = 0; i < 64; i++) {
+            if (decVerifierHash[i] !== expectedHash[i])
+                throw new Error('Incorrect password');
+        }
+    }
+    catch (e) {
+        if (e.message === 'Incorrect password')
+            throw e;
+        throw new Error('Incorrect password');
+    }
+    const keySalt = params.keySalt;
+    const streamSize = u32(pkgStream.data, 0);
+    const encryptedPackage = pkgStream.data.subarray(8);
+    const segmentSize = 4096;
+    const decryptedSegments = [];
+    for (let offset = 0; offset < encryptedPackage.length; offset += segmentSize) {
+        let segEnd = offset + segmentSize;
+        if (segEnd > encryptedPackage.length)
+            segEnd = encryptedPackage.length;
+        const encSegLen = Math.ceil((segEnd - offset) / 16) * 16;
+        const encSegment = encryptedPackage.subarray(offset, offset + encSegLen);
+        const segIdx = offset / segmentSize;
+        const segIdxBuf = new Uint8Array(4);
+        segIdxBuf[0] = segIdx & 0xFF;
+        segIdxBuf[1] = (segIdx >> 8) & 0xFF;
+        segIdxBuf[2] = (segIdx >> 16) & 0xFF;
+        segIdxBuf[3] = (segIdx >> 24) & 0xFF;
+        const segIvHash = await sha512(concat(keySalt, segIdxBuf));
+        const segIv = segIvHash.subarray(0, 16);
+        try {
+            const decSegment = await aesCbcDecrypt(dataKey, segIv, encSegment);
+            decryptedSegments.push(decSegment);
+        }
+        catch {
+            throw new Error('Decryption failed — data may be corrupted');
+        }
+    }
+    const decryptedData = concat(...decryptedSegments);
+    return decryptedData.subarray(0, streamSize);
+}
+export function isEncrypted(data) {
+    if (data.length < 8)
+        return false;
+    for (let i = 0; i < 8; i++) {
+        if (data[i] !== CFB_SIG[i])
+            return false;
+    }
+    try {
+        const streams = readCfb(data);
+        return streams.some(s => s.name === 'EncryptionInfo');
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=Encryption.js.map