@peculiar/certificates-viewer 4.7.1-alpha.1 → 4.7.1-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (163) hide show
  1. package/components/attribute-certificate-viewer.js +2 -2
  2. package/components/attribute.js +1 -1
  3. package/components/certificate-chain-viewer.js +1 -1
  4. package/components/certificate-viewer.js +2 -2
  5. package/components/crl-viewer.js +2 -2
  6. package/components/csr-viewer.js +1 -1
  7. package/components/download.js +14324 -17
  8. package/components/download.js.map +1 -1
  9. package/components/index.js +1 -2
  10. package/components/index.js.map +1 -1
  11. package/components/index2.js +1 -1
  12. package/components/issuer_name.js +1 -1
  13. package/components/miscellaneous.js +1 -2
  14. package/components/miscellaneous.js.map +1 -1
  15. package/components/peculiar-certificate-decoder.js +1 -1
  16. package/components/peculiar-certificates-viewer.js +1 -2
  17. package/components/peculiar-certificates-viewer.js.map +1 -1
  18. package/components/pkcs10_certificate_request.js +2 -2
  19. package/components/row.js +1 -1
  20. package/components/ssh-certificate-viewer.js +23 -6
  21. package/components/ssh-certificate-viewer.js.map +1 -1
  22. package/components/subject_name.js +1 -1
  23. package/components/utils.js +39 -0
  24. package/components/utils.js.map +1 -0
  25. package/dist/cjs/{extension-D8YKlAu4.js → extension-DTtJlxk8.js} +3 -3
  26. package/dist/cjs/{extension-D8YKlAu4.js.map → extension-DTtJlxk8.js.map} +1 -1
  27. package/dist/cjs/index.cjs.js +2 -2
  28. package/dist/cjs/{miscellaneous-DvVSM5KJ.js → miscellaneous-DCeacaAw.js} +4 -4
  29. package/dist/cjs/{miscellaneous-DvVSM5KJ.js.map → miscellaneous-DCeacaAw.js.map} +1 -1
  30. package/dist/cjs/peculiar-attribute-certificate-viewer.peculiar-certificate-chain-viewer.peculiar-crl-viewer.peculiar-csr-viewer.peculiar-ssh-certificate-viewer.entry.cjs.js.map +1 -1
  31. package/dist/cjs/peculiar-attribute-certificate-viewer_5.cjs.entry.js +27 -10
  32. package/dist/cjs/peculiar-attribute-certificate-viewer_5.cjs.entry.js.map +1 -1
  33. package/dist/cjs/peculiar-certificate-decoder.cjs.entry.js +5 -5
  34. package/dist/cjs/peculiar-certificate-viewer.cjs.entry.js +4 -4
  35. package/dist/cjs/peculiar-certificates-viewer.cjs.entry.js +3 -3
  36. package/dist/cjs/{pkcs10_certificate_request-BoHhadiA.js → pkcs10_certificate_request-DE-0eDXE.js} +3 -3
  37. package/dist/cjs/{pkcs10_certificate_request-BoHhadiA.js.map → pkcs10_certificate_request-DE-0eDXE.js.map} +1 -1
  38. package/dist/cjs/{ssh_certificate-s3-rwdMT.js → ssh_certificate-D2q_p49O.js} +14 -2
  39. package/dist/cjs/ssh_certificate-D2q_p49O.js.map +1 -0
  40. package/dist/cjs/{x509_certificate-DfXuxxZp.js → x509_certificate-Cto1q-eu.js} +4 -4
  41. package/dist/cjs/{x509_certificate-DfXuxxZp.js.map → x509_certificate-Cto1q-eu.js.map} +1 -1
  42. package/dist/cjs/{x509_crl-CxJ2lyGX.js → x509_crl-CgixMZrh.js} +5 -5
  43. package/dist/cjs/{x509_crl-CxJ2lyGX.js.map → x509_crl-CgixMZrh.js.map} +1 -1
  44. package/dist/collection/components/ssh-certificate-viewer/-components/basic_information.js +3 -3
  45. package/dist/collection/components/ssh-certificate-viewer/-components/basic_information.js.map +1 -1
  46. package/dist/collection/components/ssh-certificate-viewer/-components/miscellaneous.js +23 -0
  47. package/dist/collection/components/ssh-certificate-viewer/-components/miscellaneous.js.map +1 -0
  48. package/dist/collection/components/ssh-certificate-viewer/ssh-certificate-viewer.js +2 -1
  49. package/dist/collection/components/ssh-certificate-viewer/ssh-certificate-viewer.js.map +1 -1
  50. package/dist/collection/crypto/ssh_certificate.js +7 -1
  51. package/dist/collection/crypto/ssh_certificate.js.map +1 -1
  52. package/dist/collection/locales/en.json +1 -0
  53. package/dist/collection/utils/download.js +5 -0
  54. package/dist/collection/utils/download.js.map +1 -1
  55. package/dist/esm/{extension-oK2qpCU6.js → extension-DmlhftES.js} +3 -3
  56. package/dist/esm/{extension-oK2qpCU6.js.map → extension-DmlhftES.js.map} +1 -1
  57. package/dist/esm/index.js +2 -2
  58. package/dist/esm/{miscellaneous-DrmTXljc.js → miscellaneous-BTlqwN5_.js} +4 -4
  59. package/dist/esm/{miscellaneous-DrmTXljc.js.map → miscellaneous-BTlqwN5_.js.map} +1 -1
  60. package/dist/esm/peculiar-attribute-certificate-viewer.peculiar-certificate-chain-viewer.peculiar-crl-viewer.peculiar-csr-viewer.peculiar-ssh-certificate-viewer.entry.js.map +1 -1
  61. package/dist/esm/peculiar-attribute-certificate-viewer_5.entry.js +28 -11
  62. package/dist/esm/peculiar-attribute-certificate-viewer_5.entry.js.map +1 -1
  63. package/dist/esm/peculiar-certificate-decoder.entry.js +5 -5
  64. package/dist/esm/peculiar-certificate-viewer.entry.js +4 -4
  65. package/dist/esm/peculiar-certificates-viewer.entry.js +3 -3
  66. package/dist/esm/{pkcs10_certificate_request-Bdt_qA_g.js → pkcs10_certificate_request-B5C1NYFc.js} +3 -3
  67. package/dist/esm/{pkcs10_certificate_request-Bdt_qA_g.js.map → pkcs10_certificate_request-B5C1NYFc.js.map} +1 -1
  68. package/dist/esm/{ssh_certificate-Ct-r021h.js → ssh_certificate-PCn0WXhQ.js} +14 -2
  69. package/dist/esm/ssh_certificate-PCn0WXhQ.js.map +1 -0
  70. package/dist/esm/{x509_certificate-5DEbrOA7.js → x509_certificate-BiAmXJ4S.js} +4 -4
  71. package/dist/{esm-es5/x509_certificate-5DEbrOA7.js.map → esm/x509_certificate-BiAmXJ4S.js.map} +1 -1
  72. package/dist/esm/{x509_crl-CPgNUkh7.js → x509_crl-CCeoLLUZ.js} +5 -5
  73. package/dist/esm/{x509_crl-CPgNUkh7.js.map → x509_crl-CCeoLLUZ.js.map} +1 -1
  74. package/dist/esm-es5/{extension-oK2qpCU6.js → extension-DmlhftES.js} +2 -2
  75. package/dist/esm-es5/{extension-oK2qpCU6.js.map → extension-DmlhftES.js.map} +1 -1
  76. package/dist/esm-es5/index.js +1 -1
  77. package/dist/esm-es5/{miscellaneous-DrmTXljc.js → miscellaneous-BTlqwN5_.js} +2 -2
  78. package/dist/esm-es5/{miscellaneous-DrmTXljc.js.map → miscellaneous-BTlqwN5_.js.map} +1 -1
  79. package/dist/esm-es5/peculiar-attribute-certificate-viewer.peculiar-certificate-chain-viewer.peculiar-crl-viewer.peculiar-csr-viewer.peculiar-ssh-certificate-viewer.entry.js.map +1 -1
  80. package/dist/esm-es5/peculiar-attribute-certificate-viewer_5.entry.js +10 -3
  81. package/dist/esm-es5/peculiar-attribute-certificate-viewer_5.entry.js.map +1 -1
  82. package/dist/esm-es5/peculiar-certificate-decoder.entry.js +1 -1
  83. package/dist/esm-es5/peculiar-certificate-viewer.entry.js +1 -1
  84. package/dist/esm-es5/peculiar-certificates-viewer.entry.js +1 -1
  85. package/dist/esm-es5/{pkcs10_certificate_request-Bdt_qA_g.js → pkcs10_certificate_request-B5C1NYFc.js} +2 -2
  86. package/dist/esm-es5/{pkcs10_certificate_request-Bdt_qA_g.js.map → pkcs10_certificate_request-B5C1NYFc.js.map} +1 -1
  87. package/dist/esm-es5/{ssh_certificate-Ct-r021h.js → ssh_certificate-PCn0WXhQ.js} +4 -4
  88. package/dist/esm-es5/ssh_certificate-PCn0WXhQ.js.map +1 -0
  89. package/dist/esm-es5/{x509_certificate-5DEbrOA7.js → x509_certificate-BiAmXJ4S.js} +4 -4
  90. package/dist/{esm/x509_certificate-5DEbrOA7.js.map → esm-es5/x509_certificate-BiAmXJ4S.js.map} +1 -1
  91. package/dist/esm-es5/{x509_crl-CPgNUkh7.js → x509_crl-CCeoLLUZ.js} +2 -2
  92. package/dist/esm-es5/{x509_crl-CPgNUkh7.js.map → x509_crl-CCeoLLUZ.js.map} +1 -1
  93. package/dist/peculiar/index.esm.js +1 -1
  94. package/dist/peculiar/locales/en.json +1 -0
  95. package/dist/peculiar/{p-364fd32b.system.entry.js → p-24861cf6.system.entry.js} +2 -2
  96. package/dist/peculiar/{p-11434880.system.entry.js → p-46c17c8d.system.entry.js} +2 -2
  97. package/dist/peculiar/{p-62b723f6.entry.js → p-71cb31c6.entry.js} +29 -22
  98. package/dist/peculiar/p-71cb31c6.entry.js.map +1 -0
  99. package/dist/peculiar/{p-0b895a8e.entry.js → p-71eab586.entry.js} +2 -2
  100. package/dist/peculiar/{p-da9eb1e7.entry.js → p-7273601a.entry.js} +2 -2
  101. package/dist/peculiar/{p-fd98bb82.system.entry.js → p-83bfd8e5.system.entry.js} +2 -2
  102. package/dist/peculiar/{p-83a53b4f.entry.js → p-98219569.entry.js} +2 -2
  103. package/dist/peculiar/{p-LmKU8Smy.system.js.map → p-9MJeDspO.system.js.map} +1 -1
  104. package/dist/peculiar/p-AjXipXSl.system.js +12 -0
  105. package/dist/peculiar/{p-IOtHTzYC.system.js.map → p-AjXipXSl.system.js.map} +1 -1
  106. package/dist/peculiar/{p-BQiABBi1.system.js → p-B2FH4Pv2.system.js} +4 -4
  107. package/dist/peculiar/{p-BQiABBi1.system.js.map → p-B2FH4Pv2.system.js.map} +1 -1
  108. package/dist/peculiar/{p-BeVuAzsd.system.js → p-B5GO6_Ut.system.js} +43 -43
  109. package/dist/peculiar/{p-BeVuAzsd.system.js.map → p-B5GO6_Ut.system.js.map} +1 -1
  110. package/dist/peculiar/{p-CxtUQdcj.system.js.map → p-B82-c-xr.system.js.map} +1 -1
  111. package/dist/peculiar/p-BGASC3UX.system.js +1 -1
  112. package/dist/peculiar/p-BHpSDBz_.system.js.map +1 -0
  113. package/dist/peculiar/p-BwlcJAh0.js +12 -0
  114. package/dist/peculiar/{p-BGIWeG8l.js.map → p-BwlcJAh0.js.map} +1 -1
  115. package/dist/peculiar/{p-BCsPspKr.system.js.map → p-CSz5liuX.system.js.map} +1 -1
  116. package/dist/peculiar/{p-D9qq15zG.js → p-CstRxc9v.js} +2 -2
  117. package/dist/peculiar/{p-D9qq15zG.js.map → p-CstRxc9v.js.map} +1 -1
  118. package/dist/peculiar/{p-ClkgAXnd.system.js → p-DMDALRLP.system.js} +4 -4
  119. package/dist/peculiar/p-DMDALRLP.system.js.map +1 -0
  120. package/dist/peculiar/{p-2GQYAR0v.system.js → p-DPbpwYQ8.system.js} +3 -3
  121. package/dist/peculiar/{p-2GQYAR0v.system.js.map → p-DPbpwYQ8.system.js.map} +1 -1
  122. package/dist/peculiar/{p-RWPI76Dh.js → p-Db41gPxb.js} +4 -4
  123. package/dist/peculiar/{p-RWPI76Dh.js.map → p-Db41gPxb.js.map} +1 -1
  124. package/dist/peculiar/{p-B2G7qjfV.js → p-DnOLjFJP.js} +40 -40
  125. package/dist/peculiar/{p-B2G7qjfV.js.map → p-DnOLjFJP.js.map} +1 -1
  126. package/dist/peculiar/{p-Ct-r021h.js → p-PCn0WXhQ.js} +4 -4
  127. package/dist/peculiar/p-PCn0WXhQ.js.map +1 -0
  128. package/dist/peculiar/{p-zQwWLfga.system.js → p-SjVQtfgD.system.js} +4 -4
  129. package/dist/peculiar/{p-zQwWLfga.system.js.map → p-SjVQtfgD.system.js.map} +1 -1
  130. package/dist/peculiar/{p-5df0f22b.system.entry.js → p-cc01a2da.system.entry.js} +29 -22
  131. package/dist/peculiar/p-cc01a2da.system.entry.js.map +1 -0
  132. package/dist/peculiar/{p-C31rbtuG.system.js → p-dOkqMp-O.system.js} +2 -2
  133. package/dist/peculiar/p-dOkqMp-O.system.js.map +1 -0
  134. package/dist/peculiar/{p-DOpiv0-8.js → p-h7XP7otl.js} +2 -2
  135. package/dist/peculiar/{p-DOpiv0-8.js.map → p-h7XP7otl.js.map} +1 -1
  136. package/dist/peculiar/peculiar-attribute-certificate-viewer.peculiar-certificate-chain-viewer.peculiar-crl-viewer.peculiar-csr-viewer.peculiar-ssh-certificate-viewer.entry.esm.js.map +1 -1
  137. package/dist/peculiar/peculiar.esm.js +1 -1
  138. package/dist/types/components/ssh-certificate-viewer/-components/miscellaneous.d.ts +14 -0
  139. package/dist/types/crypto/ssh_certificate.d.ts +2 -0
  140. package/dist/types/utils/download.d.ts +3 -0
  141. package/dist/types/utils/l10n.d.ts +1 -0
  142. package/hydrate/index.js +33 -4
  143. package/hydrate/index.mjs +33 -4
  144. package/package.json +2 -2
  145. package/components/link.js +0 -14335
  146. package/components/link.js.map +0 -1
  147. package/dist/cjs/ssh_certificate-s3-rwdMT.js.map +0 -1
  148. package/dist/esm/ssh_certificate-Ct-r021h.js.map +0 -1
  149. package/dist/esm-es5/ssh_certificate-Ct-r021h.js.map +0 -1
  150. package/dist/peculiar/p-5df0f22b.system.entry.js.map +0 -1
  151. package/dist/peculiar/p-62b723f6.entry.js.map +0 -1
  152. package/dist/peculiar/p-BGIWeG8l.js +0 -12
  153. package/dist/peculiar/p-C31rbtuG.system.js.map +0 -1
  154. package/dist/peculiar/p-Ce-IF7_R.system.js.map +0 -1
  155. package/dist/peculiar/p-ClkgAXnd.system.js.map +0 -1
  156. package/dist/peculiar/p-Ct-r021h.js.map +0 -1
  157. package/dist/peculiar/p-IOtHTzYC.system.js +0 -12
  158. /package/dist/peculiar/{p-364fd32b.system.entry.js.map → p-24861cf6.system.entry.js.map} +0 -0
  159. /package/dist/peculiar/{p-11434880.system.entry.js.map → p-46c17c8d.system.entry.js.map} +0 -0
  160. /package/dist/peculiar/{p-0b895a8e.entry.js.map → p-71eab586.entry.js.map} +0 -0
  161. /package/dist/peculiar/{p-da9eb1e7.entry.js.map → p-7273601a.entry.js.map} +0 -0
  162. /package/dist/peculiar/{p-fd98bb82.system.entry.js.map → p-83bfd8e5.system.entry.js.map} +0 -0
  163. /package/dist/peculiar/{p-83a53b4f.entry.js.map → p-98219569.entry.js.map} +0 -0
package/dist/peculiar/{p-Ct-r021h.js → p-PCn0WXhQ.js} RENAMED
@@ -39,7 +39,7 @@ function t(t,e,i,r="application/octet-stream"){const s=new Blob([t],{type:r});if
39
39
  *
40
40
  * This source code is licensed under the MIT license found in the
41
41
  * LICENSE file in the root directory of this source tree.
42
- */class o{}o.cert={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"cer","application/pkix-cert")},asDER:(e,i)=>{t(e,i,"cer","application/pkix-cert")}};o.attrCert={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"cer","application/pkix-attr-cert")},asDER:(e,i)=>{t(e,i,"cer","application/pkix-attr-cert")}};o.csr={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"csr","application/pkcs10")},asDER:(e,i)=>{t(e,i,"csr","application/pkcs10")}};o.crl={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"crl","application/pkix-crl")},asDER:(e,i)=>{t(e,i,"crl","application/pkix-crl")}};
42
+ */class o{}o.cert={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"cer","application/pkix-cert")},asDER:(e,i)=>{t(e,i,"cer","application/pkix-cert")}};o.attrCert={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"cer","application/pkix-attr-cert")},asDER:(e,i)=>{t(e,i,"cer","application/pkix-attr-cert")}};o.csr={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"csr","application/pkcs10")},asDER:(e,i)=>{t(e,i,"csr","application/pkcs10")}};o.crl={asPEM:(e,i)=>{t(n.Convert.FromString(e),i,"crl","application/pkix-crl")},asDER:(e,i)=>{t(e,i,"crl","application/pkix-crl")}};o.certSSH={asSSH:(e,i)=>{t(n.Convert.FromString(e),i,"cert","application/ssh-cert")}};
43
43
  /*!
44
44
  Copyright (c) Peculiar Ventures, LLC
45
45
  */function a(t,e){let i=0;if(t.length===1){return t[0]}for(let r=t.length-1;r>=0;r--){i+=t[t.length-1-r]*Math.pow(2,e*r)}return i}function c(t,e,i=-1){const r=i;let s=t;let n=0;let o=Math.pow(2,e);for(let i=1;i<8;i++){if(t<o){let t;if(r<0){t=new ArrayBuffer(i);n=i}else{if(r<i){return new ArrayBuffer(0)}t=new ArrayBuffer(r);n=r}const o=new Uint8Array(t);for(let t=i-1;t>=0;t--){const i=Math.pow(2,t*e);o[n-t-1]=Math.floor(s/i);s-=o[n-t-1]*i}return t}o*=Math.pow(2,e)}return new ArrayBuffer(0)}function u(...t){let e=0;let i=0;for(const i of t){e+=i.length}const r=new ArrayBuffer(e);const s=new Uint8Array(r);for(const e of t){s.set(e,i);i+=e.length}return s}function l(){const t=new Uint8Array(this.valueHex);if(this.valueHex.byteLength>=2){const e=t[0]===255&&t[1]&128;const i=t[0]===0&&(t[1]&128)===0;if(e||i){this.warnings.push("Needlessly long format")}}const e=new ArrayBuffer(this.valueHex.byteLength);const i=new Uint8Array(e);for(let t=0;t<this.valueHex.byteLength;t++){i[t]=0}i[0]=t[0]&128;const r=a(i,8);const s=new ArrayBuffer(this.valueHex.byteLength);const n=new Uint8Array(s);for(let e=0;e<this.valueHex.byteLength;e++){n[e]=t[e]}n[0]&=127;const o=a(n,8);return o-r}function h(t){const e=t<0?t*-1:t;let i=128;for(let r=1;r<8;r++){if(e<=i){if(t<0){const t=i-e;const s=c(t,8,r);const n=new Uint8Array(s);n[0]|=128;return s}let s=c(e,8,r);let n=new Uint8Array(s);if(n[0]&128){const t=s.slice(0);const e=new Uint8Array(t);s=new ArrayBuffer(s.byteLength+1);n=new Uint8Array(s);for(let i=0;i<t.byteLength;i++){n[i+1]=e[i]}n[0]=0}return s}i*=Math.pow(2,8)}return new ArrayBuffer(0)}function p(t,e){if(t.byteLength!==e.byteLength){return false}const i=new Uint8Array(t);const r=new Uint8Array(e);for(let t=0;t<i.length;t++){if(i[t]!==r[t]){return false}}return true}function d(t,e){const i=t.toString(10);if(e<i.length){return""}const r=e-i.length;const s=new Array(r);for(let t=0;t<r;t++){s[t]="0"}const n=s.join("");return n.concat(i)}
@@ -82,7 +82,7 @@ function t(t,e,i,r="application/octet-stream"){const s=new Blob([t],{type:r});if
82
82
  *
83
83
  * This source code is licensed under the MIT license found in the
84
84
  * LICENSE file in the root directory of this source tree.
85
- */Zn.extend(so);const no=t=>new Date(t).toUTCString();const oo=(t,e)=>{if(!t||!e){return""}const i=Zn(t);const r=Zn(e);return i.to(r,true)};const ao="Basic Information";const co="Subject Name";const uo="Issuer Name";const lo="Public Key Info";const ho="Signature";const po="Extensions";const fo="Miscellaneous";const yo="Download";const So="Serial Number";const Ao="Version";const vo="Validity";const mo="Issued";const Co="Expired";const go="Last Update";const wo="Next Update";const Eo="Algorithm";const bo="Named Curve";const Po="Exponent";const Do="Modulus";const Io="Value";const Bo="Valid";const xo="Revoked";const To="Issuer";const Oo="Name";const ko="Public Key";const Ro="Fingerprint";const No="Fingerprints";const Mo="Test URLs";const Ko="Certificate Details";const Ho="Holder";const Uo="Digest Info";const jo="Type";const _o="Revoked Certificates";const Fo="Revocation Date";const Vo="Yes";const Lo="No";const $o="Only User Certificates";const Go="Only Attribute Certificates";const Wo="Only CA Certificates";const Qo="Indirect CRL";const qo="Only Reasons";const zo="CRL Entry Extensions";const Jo="Preview certificate";const Yo="View details";const Zo="Download options";const Xo="Key ID";const ta="Principals";const ea="Critical Options";const ia="Signing CA";var ra={basicInformation:ao,subjectName:co,issuerName:uo,publicKeyInfo:lo,signature:ho,extensions:po,miscellaneous:fo,download:yo,"download.pem":"Download PEM","download.der":"Download DER",serialNumber:So,version:Ao,validity:vo,issued:mo,expired:Co,lastUpdate:go,nextUpdate:wo,algorithm:Eo,namedCurve:bo,exponent:Po,modulus:Do,value:Io,valid:Bo,revoked:xo,issuer:To,name:Oo,publicKey:ko,fingerprint:Ro,fingerprints:No,testURLs:Mo,certificateDetails:Ko,holder:Ho,digestInfo:Uo,type:jo,revokedCertificates:_o,revocationDate:Fo,yes:Vo,no:Lo,onlyUserCertificates:$o,onlyAttributeCertificates:Go,onlyCACertificates:Wo,indirectCRL:Qo,onlyReasons:qo,crlEntryExtensions:zo,previewCertificate:Jo,viewDetails:Yo,downloadOptions:Zo,keyId:Xo,principals:ta,criticalOptions:ea,signingCA:ia};
85
+ */Zn.extend(so);const no=t=>new Date(t).toUTCString();const oo=(t,e)=>{if(!t||!e){return""}const i=Zn(t);const r=Zn(e);return i.to(r,true)};const ao="Basic Information";const co="Subject Name";const uo="Issuer Name";const lo="Public Key Info";const ho="Signature";const po="Extensions";const fo="Miscellaneous";const yo="Download";const So="Serial Number";const Ao="Version";const vo="Validity";const mo="Issued";const Co="Expired";const go="Last Update";const wo="Next Update";const Eo="Algorithm";const bo="Named Curve";const Po="Exponent";const Do="Modulus";const Io="Value";const Bo="Valid";const xo="Revoked";const To="Issuer";const Oo="Name";const ko="Public Key";const Ro="Fingerprint";const No="Fingerprints";const Mo="Test URLs";const Ko="Certificate Details";const Ho="Holder";const Uo="Digest Info";const jo="Type";const _o="Revoked Certificates";const Fo="Revocation Date";const Vo="Yes";const Lo="No";const $o="Only User Certificates";const Go="Only Attribute Certificates";const Wo="Only CA Certificates";const Qo="Indirect CRL";const qo="Only Reasons";const zo="CRL Entry Extensions";const Jo="Preview certificate";const Yo="View details";const Zo="Download options";const Xo="Key ID";const ta="Principals";const ea="Critical Options";const ia="Signing CA";var ra={basicInformation:ao,subjectName:co,issuerName:uo,publicKeyInfo:lo,signature:ho,extensions:po,miscellaneous:fo,download:yo,"download.pem":"Download PEM","download.der":"Download DER","download.ssh":"Download SSH",serialNumber:So,version:Ao,validity:vo,issued:mo,expired:Co,lastUpdate:go,nextUpdate:wo,algorithm:Eo,namedCurve:bo,exponent:Po,modulus:Do,value:Io,valid:Bo,revoked:xo,issuer:To,name:Oo,publicKey:ko,fingerprint:Ro,fingerprints:No,testURLs:Mo,certificateDetails:Ko,holder:Ho,digestInfo:Uo,type:jo,revokedCertificates:_o,revocationDate:Fo,yes:Vo,no:Lo,onlyUserCertificates:$o,onlyAttributeCertificates:Go,onlyCACertificates:Wo,indirectCRL:Qo,onlyReasons:qo,crlEntryExtensions:zo,previewCertificate:Jo,viewDetails:Yo,downloadOptions:Zo,keyId:Xo,principals:ta,criticalOptions:ea,signingCA:ia};
86
86
  /**
87
87
  * @license
88
88
  * Copyright (c) Peculiar Ventures, LLC.
@@ -131,5 +131,5 @@ function t(t,e,i,r="application/octet-stream"){const s=new Blob([t],{type:r});if
131
131
  *
132
132
  * This source code is licensed under the MIT license found in the
133
133
  * LICENSE file in the root directory of this source tree.
134
- */const Lu=t=>{if(_u.isPem(t)){return _u.decode(t)[0]}if(n.Convert.isHex(t)){return n.Convert.FromHex(t)}if(n.Convert.isBase64(t)){return n.Convert.FromBase64(t)}if(n.Convert.isBase64Url(t)){return n.Convert.FromBase64Url(t)}return n.Convert.FromBinary(t)};const $u=async(t,e)=>{const i=Vu.get();if(i.subtle){return i.subtle.digest(t,e)}return undefined};class Gu{constructor(t={}){this.acIssuer=new Mi;this.acSerial=0;this.attrs=[];Object.assign(this,t)}}gi([yi({type:Mi})],Gu.prototype,"acIssuer",void 0);gi([yi({type:Ne.Integer})],Gu.prototype,"acSerial",void 0);gi([yi({type:Xr,repeated:"sequence"})],Gu.prototype,"attrs",void 0);var Wu;let Qu=Wu=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Wu.prototype)}};Qu=Wu=gi([fi({type:Re.Sequence,itemType:Ne.ObjectIdentifier})],Qu);class qu{constructor(t={}){this.permitUnSpecified=true;Object.assign(this,t)}}gi([yi({type:Ne.Integer,optional:true})],qu.prototype,"pathLenConstraint",void 0);gi([yi({type:Qu,implicit:true,context:0,optional:true})],qu.prototype,"permittedAttrs",void 0);gi([yi({type:Qu,implicit:true,context:1,optional:true})],qu.prototype,"excludedAttrs",void 0);gi([yi({type:Ne.Boolean,defaultValue:true})],qu.prototype,"permitUnSpecified",void 0);class zu{constructor(t={}){this.issuer=new zi;this.serial=new ArrayBuffer(0);this.issuerUID=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:zi})],zu.prototype,"issuer",void 0);gi([yi({type:Ne.Integer,converter:_e})],zu.prototype,"serial",void 0);gi([yi({type:Ne.BitString,optional:true})],zu.prototype,"issuerUID",void 0);var Ju;(function(t){t[t["publicKey"]=0]="publicKey";t[t["publicKeyCert"]=1]="publicKeyCert";t[t["otherObjectTypes"]=2]="otherObjectTypes"})(Ju||(Ju={}));class Yu{constructor(t={}){this.digestedObjectType=Ju.publicKey;this.digestAlgorithm=new fs;this.objectDigest=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.Enumerated})],Yu.prototype,"digestedObjectType",void 0);gi([yi({type:Ne.ObjectIdentifier,optional:true})],Yu.prototype,"otherObjectTypeID",void 0);gi([yi({type:fs})],Yu.prototype,"digestAlgorithm",void 0);gi([yi({type:Ne.BitString})],Yu.prototype,"objectDigest",void 0);class Zu{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zi,optional:true})],Zu.prototype,"issuerName",void 0);gi([yi({type:zu,context:0,implicit:true,optional:true})],Zu.prototype,"baseCertificateID",void 0);gi([yi({type:Yu,context:1,implicit:true,optional:true})],Zu.prototype,"objectDigestInfo",void 0);let Xu=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Mi,repeated:"sequence"})],Xu.prototype,"v1Form",void 0);gi([yi({type:Zu,context:0,implicit:true})],Xu.prototype,"v2Form",void 0);Xu=gi([fi({type:Re.Choice})],Xu);class tl{constructor(t={}){this.notBeforeTime=new Date;this.notAfterTime=new Date;Object.assign(this,t)}}gi([yi({type:Ne.GeneralizedTime})],tl.prototype,"notBeforeTime",void 0);gi([yi({type:Ne.GeneralizedTime})],tl.prototype,"notAfterTime",void 0);class el{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zu,implicit:true,context:0,optional:true})],el.prototype,"baseCertificateID",void 0);gi([yi({type:zi,implicit:true,context:1,optional:true})],el.prototype,"entityName",void 0);gi([yi({type:Yu,implicit:true,context:2,optional:true})],el.prototype,"objectDigestInfo",void 0);var il;(function(t){t[t["v2"]=1]="v2"})(il||(il={}));class rl{constructor(t={}){this.version=il.v2;this.holder=new el;this.issuer=new Xu;this.signature=new fs;this.serialNumber=new ArrayBuffer(0);this.attrCertValidityPeriod=new tl;this.attributes=[];Object.assign(this,t)}}gi([yi({type:Ne.Integer})],rl.prototype,"version",void 0);gi([yi({type:el})],rl.prototype,"holder",void 0);gi([yi({type:Xu})],rl.prototype,"issuer",void 0);gi([yi({type:fs})],rl.prototype,"signature",void 0);gi([yi({type:Ne.Integer,converter:_e})],rl.prototype,"serialNumber",void 0);gi([yi({type:tl})],rl.prototype,"attrCertValidityPeriod",void 0);gi([yi({type:Xr,repeated:"sequence"})],rl.prototype,"attributes",void 0);gi([yi({type:Ne.BitString,optional:true})],rl.prototype,"issuerUniqueID",void 0);gi([yi({type:Cs,optional:true})],rl.prototype,"extensions",void 0);class sl{constructor(t={}){this.acinfo=new rl;this.signatureAlgorithm=new fs;this.signatureValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:rl})],sl.prototype,"acinfo",void 0);gi([yi({type:fs})],sl.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ne.BitString})],sl.prototype,"signatureValue",void 0);var nl;(function(t){t[t["unmarked"]=1]="unmarked";t[t["unclassified"]=2]="unclassified";t[t["restricted"]=4]="restricted";t[t["confidential"]=8]="confidential";t[t["secret"]=16]="secret";t[t["topSecret"]=32]="topSecret"})(nl||(nl={}));class ol extends Me{}class al{constructor(t={}){this.type="";this.value=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier,implicit:true,context:0})],al.prototype,"type",void 0);gi([yi({type:Ne.Any,implicit:true,context:1})],al.prototype,"value",void 0);class cl{constructor(t={}){this.policyId="";this.classList=new ol(nl.unclassified);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],cl.prototype,"policyId",void 0);gi([yi({type:ol,defaultValue:new ol(nl.unclassified)})],cl.prototype,"classList",void 0);gi([yi({type:al,repeated:"set"})],cl.prototype,"securityCategories",void 0);class ul{constructor(t={}){Object.assign(this,t)}}gi([yi({type:Ke})],ul.prototype,"cotets",void 0);gi([yi({type:Ne.ObjectIdentifier})],ul.prototype,"oid",void 0);gi([yi({type:Ne.Utf8String})],ul.prototype,"string",void 0);class ll{constructor(t={}){this.values=[];Object.assign(this,t)}}gi([yi({type:zi,implicit:true,context:0,optional:true})],ll.prototype,"policyAuthority",void 0);gi([yi({type:ul,repeated:"sequence"})],ll.prototype,"values",void 0);var hl;class pl{constructor(t={}){this.targetCertificate=new zu;Object.assign(this,t)}}gi([yi({type:zu})],pl.prototype,"targetCertificate",void 0);gi([yi({type:Mi,optional:true})],pl.prototype,"targetName",void 0);gi([yi({type:Yu,optional:true})],pl.prototype,"certDigestInfo",void 0);let dl=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Mi,context:0,implicit:true})],dl.prototype,"targetName",void 0);gi([yi({type:Mi,context:1,implicit:true})],dl.prototype,"targetGroup",void 0);gi([yi({type:pl,context:2,implicit:true})],dl.prototype,"targetCert",void 0);dl=gi([fi({type:Re.Choice})],dl);let fl=hl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,hl.prototype)}};fl=hl=gi([fi({type:Re.Sequence,itemType:dl})],fl);var yl;let Sl=yl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,yl.prototype)}};Sl=yl=gi([fi({type:Re.Sequence,itemType:fl})],Sl);class Al{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zi,implicit:true,context:0,optional:true})],Al.prototype,"roleAuthority",void 0);gi([yi({type:Mi,implicit:true,context:1})],Al.prototype,"roleName",void 0);class vl{constructor(t={}){this.service=new Mi;this.ident=new Mi;Object.assign(this,t)}}gi([yi({type:Mi})],vl.prototype,"service",void 0);gi([yi({type:Mi})],vl.prototype,"ident",void 0);gi([yi({type:Ke,optional:true})],vl.prototype,"authInfo",void 0);const ml="0.4.0.9496";const Cl=`${ml}.6`;let gl=class t{constructor(t={}){this.codeAuthority=new Mi;this.codeId=new Mi;this.shortName="";this.shortDescription="";Object.assign(this,t)}};gi([yi({type:Mi,context:0})],gl.prototype,"codeAuthority",void 0);gi([yi({type:Mi,context:1})],gl.prototype,"codeId",void 0);gi([yi({type:Ne.Utf8String,context:2})],gl.prototype,"shortName",void 0);gi([yi({type:Ne.Utf8String,context:3})],gl.prototype,"shortDescription",void 0);gl=gi([fi({type:Re.Sequence})],gl);let wl=class t extends Oi{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};wl=gi([fi({type:Re.Sequence})],wl);const El=`${ml}.1`;let bl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};bl=gi([fi({type:Re.Sequence})],bl);const Pl=`${ml}.2`;let Dl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Dl=gi([fi({type:Re.Sequence})],Dl);const Il=`${ml}.3`;let Bl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Bl=gi([fi({type:Re.Sequence})],Bl);const xl=`${ml}.4`;let Tl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Tl=gi([fi({type:Re.Sequence})],Tl);const Ol=`${ml}.8`;let kl=class t{constructor(t={}){this.location="";this.base=0;this.degree=0;Object.assign(this,t)}toString(){return`${this.base} x 10^${this.degree} ${this.location}`}};gi([yi({type:Ne.PrintableString})],kl.prototype,"location",void 0);gi([yi({type:Ne.Integer})],kl.prototype,"base",void 0);gi([yi({type:Ne.Integer})],kl.prototype,"degree",void 0);kl=gi([fi({type:Re.Sequence})],kl);const Rl=`${ml}.9`;let Nl=class t{constructor(t={}){this.stars5=0;this.stars4=0;this.stars3=0;this.stars2=0;this.stars1=0;Object.assign(this,t)}};gi([yi({type:Ne.Integer})],Nl.prototype,"stars5",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars4",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars3",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars2",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars1",void 0);Nl=gi([fi({type:Re.Sequence})],Nl);const Ml=`${ml}.5`;let Kl=class t{constructor(t={}){this.DNBvsDNO=new Me(0);this.DNBvsDNT=new Me(0);this.DNOvsDNT=new Me(0);Object.assign(this,t)}};gi([yi({type:Me,context:0})],Kl.prototype,"DNBvsDNO",void 0);gi([yi({type:Me,context:1})],Kl.prototype,"DNBvsDNT",void 0);gi([yi({type:Me,context:2})],Kl.prototype,"DNOvsDNT",void 0);Kl=gi([fi({type:Re.Sequence})],Kl);const Hl=`${ml}.7`;let Ul=class t{constructor(t={}){this.assessmentAuthority=new Mi;this.assessmentRef=new Mi;this.assessmentLocation=new Mi;this.dataStorageTerritory="";this.description="";Object.assign(this,t)}};gi([yi({type:Mi,context:0})],Ul.prototype,"assessmentAuthority",void 0);gi([yi({type:Mi,context:1})],Ul.prototype,"assessmentRef",void 0);gi([yi({type:Mi,context:2})],Ul.prototype,"assessmentLocation",void 0);gi([yi({type:Ne.PrintableString,context:3})],Ul.prototype,"dataStorageTerritory",void 0);gi([yi({type:Ne.Utf8String,context:4})],Ul.prototype,"description",void 0);Ul=gi([fi({type:Re.Sequence})],Ul);class jl{constructor(t={}){this.issuer=new Oi;this.serialNumber=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Oi})],jl.prototype,"issuer",void 0);gi([yi({type:Ne.Integer,converter:_e})],jl.prototype,"serialNumber",void 0);let _l=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true})],_l.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:jl})],_l.prototype,"issuerAndSerialNumber",void 0);_l=gi([fi({type:Re.Choice})],_l);var Fl;(function(t){t[t["v0"]=0]="v0";t[t["v1"]=1]="v1";t[t["v2"]=2]="v2";t[t["v3"]=3]="v3";t[t["v4"]=4]="v4";t[t["v5"]=5]="v5"})(Fl||(Fl={}));let Vl=class t extends fs{};Vl=gi([fi({type:Re.Sequence})],Vl);let Ll=class t extends fs{};Ll=gi([fi({type:Re.Sequence})],Ll);let $l=class t extends fs{};$l=gi([fi({type:Re.Sequence})],$l);let Gl=class t extends fs{};Gl=gi([fi({type:Re.Sequence})],Gl);let Wl=class t extends fs{};Wl=gi([fi({type:Re.Sequence})],Wl);let Ql=class t extends fs{};Ql=gi([fi({type:Re.Sequence})],Ql);class ql{constructor(t={}){this.attrType="";this.attrValues=[];Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],ql.prototype,"attrType",void 0);gi([yi({type:Ne.Any,repeated:"set"})],ql.prototype,"attrValues",void 0);var zl;class Jl{constructor(t={}){this.version=Fl.v0;this.sid=new _l;this.digestAlgorithm=new Vl;this.signatureAlgorithm=new Ll;this.signature=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Jl.prototype,"version",void 0);gi([yi({type:_l})],Jl.prototype,"sid",void 0);gi([yi({type:Vl})],Jl.prototype,"digestAlgorithm",void 0);gi([yi({type:ql,repeated:"set",context:0,implicit:true,optional:true})],Jl.prototype,"signedAttrs",void 0);gi([yi({type:Ll})],Jl.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ke})],Jl.prototype,"signature",void 0);gi([yi({type:ql,repeated:"set",context:1,implicit:true,optional:true})],Jl.prototype,"unsignedAttrs",void 0);let Yl=zl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,zl.prototype)}};Yl=zl=gi([fi({type:Re.Set,itemType:Jl})],Yl);let Zl=class t extends Ss{};Zl=gi([fi({type:Re.Choice})],Zl);let Xl=class t extends Jl{};Xl=gi([fi({type:Re.Sequence})],Xl);var th;class eh{constructor(t={}){this.otherCertFormat="";this.otherCert=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],eh.prototype,"otherCertFormat",void 0);gi([yi({type:Ne.Any})],eh.prototype,"otherCert",void 0);let ih=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Es})],ih.prototype,"certificate",void 0);gi([yi({type:sl,context:2,implicit:true})],ih.prototype,"v2AttrCert",void 0);gi([yi({type:eh,context:3,implicit:true})],ih.prototype,"other",void 0);ih=gi([fi({type:Re.Choice})],ih);let rh=th=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,th.prototype)}};rh=th=gi([fi({type:Re.Set,itemType:ih})],rh);class sh{constructor(t={}){this.contentType="";this.content=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],sh.prototype,"contentType",void 0);gi([yi({type:Ne.Any,context:0})],sh.prototype,"content",void 0);let nh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Ke})],nh.prototype,"single",void 0);gi([yi({type:Ne.Any})],nh.prototype,"any",void 0);nh=gi([fi({type:Re.Choice})],nh);class oh{constructor(t={}){this.eContentType="";Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],oh.prototype,"eContentType",void 0);gi([yi({type:nh,context:0,optional:true})],oh.prototype,"eContent",void 0);let ah=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Ke,context:0,implicit:true,optional:true})],ah.prototype,"value",void 0);gi([yi({type:Ke,converter:Ge,context:0,implicit:true,optional:true,repeated:"sequence"})],ah.prototype,"constructedValue",void 0);ah=gi([fi({type:Re.Choice})],ah);class ch{constructor(t={}){this.contentType="";this.contentEncryptionAlgorithm=new Gl;Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],ch.prototype,"contentType",void 0);gi([yi({type:Gl})],ch.prototype,"contentEncryptionAlgorithm",void 0);gi([yi({type:ah,optional:true})],ch.prototype,"encryptedContent",void 0);class uh{constructor(t={}){this.keyAttrId="";Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],uh.prototype,"keyAttrId",void 0);gi([yi({type:Ne.Any,optional:true})],uh.prototype,"keyAttr",void 0);var lh;class hh{constructor(t={}){this.subjectKeyIdentifier=new ss;Object.assign(this,t)}}gi([yi({type:ss})],hh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:Ne.GeneralizedTime,optional:true})],hh.prototype,"date",void 0);gi([yi({type:uh,optional:true})],hh.prototype,"other",void 0);let ph=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:hh,context:0,implicit:true,optional:true})],ph.prototype,"rKeyId",void 0);gi([yi({type:jl,optional:true})],ph.prototype,"issuerAndSerialNumber",void 0);ph=gi([fi({type:Re.Choice})],ph);class dh{constructor(t={}){this.rid=new ph;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:ph})],dh.prototype,"rid",void 0);gi([yi({type:Ke})],dh.prototype,"encryptedKey",void 0);let fh=lh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,lh.prototype)}};fh=lh=gi([fi({type:Re.Sequence,itemType:dh})],fh);class yh{constructor(t={}){this.algorithm=new fs;this.publicKey=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:fs})],yh.prototype,"algorithm",void 0);gi([yi({type:Ne.BitString})],yh.prototype,"publicKey",void 0);let Sh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true,optional:true})],Sh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:yh,context:1,implicit:true,optional:true})],Sh.prototype,"originatorKey",void 0);gi([yi({type:jl,optional:true})],Sh.prototype,"issuerAndSerialNumber",void 0);Sh=gi([fi({type:Re.Choice})],Sh);class Ah{constructor(t={}){this.version=Fl.v3;this.originator=new Sh;this.keyEncryptionAlgorithm=new $l;this.recipientEncryptedKeys=new fh;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Ah.prototype,"version",void 0);gi([yi({type:Sh,context:0})],Ah.prototype,"originator",void 0);gi([yi({type:Ke,context:1,optional:true})],Ah.prototype,"ukm",void 0);gi([yi({type:$l})],Ah.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:fh})],Ah.prototype,"recipientEncryptedKeys",void 0);let vh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true})],vh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:jl})],vh.prototype,"issuerAndSerialNumber",void 0);vh=gi([fi({type:Re.Choice})],vh);class mh{constructor(t={}){this.version=Fl.v0;this.rid=new vh;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],mh.prototype,"version",void 0);gi([yi({type:vh})],mh.prototype,"rid",void 0);gi([yi({type:$l})],mh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],mh.prototype,"encryptedKey",void 0);class Ch{constructor(t={}){this.keyIdentifier=new Ke;Object.assign(this,t)}}gi([yi({type:Ke})],Ch.prototype,"keyIdentifier",void 0);gi([yi({type:Ne.GeneralizedTime,optional:true})],Ch.prototype,"date",void 0);gi([yi({type:uh,optional:true})],Ch.prototype,"other",void 0);class gh{constructor(t={}){this.version=Fl.v4;this.kekid=new Ch;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],gh.prototype,"version",void 0);gi([yi({type:Ch})],gh.prototype,"kekid",void 0);gi([yi({type:$l})],gh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],gh.prototype,"encryptedKey",void 0);class wh{constructor(t={}){this.version=Fl.v0;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],wh.prototype,"version",void 0);gi([yi({type:Ql,context:0,optional:true})],wh.prototype,"keyDerivationAlgorithm",void 0);gi([yi({type:$l})],wh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],wh.prototype,"encryptedKey",void 0);class Eh{constructor(t={}){this.oriType="";this.oriValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Eh.prototype,"oriType",void 0);gi([yi({type:Ne.Any})],Eh.prototype,"oriValue",void 0);let bh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:mh,optional:true})],bh.prototype,"ktri",void 0);gi([yi({type:Ah,context:1,implicit:true,optional:true})],bh.prototype,"kari",void 0);gi([yi({type:gh,context:2,implicit:true,optional:true})],bh.prototype,"kekri",void 0);gi([yi({type:wh,context:3,implicit:true,optional:true})],bh.prototype,"pwri",void 0);gi([yi({type:Eh,context:4,implicit:true,optional:true})],bh.prototype,"ori",void 0);bh=gi([fi({type:Re.Choice})],bh);var Ph;let Dh=Ph=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Ph.prototype)}};Dh=Ph=gi([fi({type:Re.Set,itemType:bh})],Dh);var Ih;class Bh{constructor(t={}){this.otherRevInfoFormat="";this.otherRevInfo=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Bh.prototype,"otherRevInfoFormat",void 0);gi([yi({type:Ne.Any})],Bh.prototype,"otherRevInfo",void 0);let xh=class t{constructor(t={}){this.other=new Bh;Object.assign(this,t)}};gi([yi({type:Bh,context:1,implicit:true})],xh.prototype,"other",void 0);xh=gi([fi({type:Re.Choice})],xh);let Th=Ih=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Ih.prototype)}};Th=Ih=gi([fi({type:Re.Set,itemType:xh})],Th);class Oh{constructor(t={}){Object.assign(this,t)}}gi([yi({type:rh,context:0,implicit:true,optional:true})],Oh.prototype,"certs",void 0);gi([yi({type:Th,context:1,implicit:true,optional:true})],Oh.prototype,"crls",void 0);var kh;let Rh=kh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,kh.prototype)}};Rh=kh=gi([fi({type:Re.Set,itemType:ql})],Rh);class Nh{constructor(t={}){this.version=Fl.v0;this.recipientInfos=new Dh;this.encryptedContentInfo=new ch;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Nh.prototype,"version",void 0);gi([yi({type:Oh,context:0,implicit:true,optional:true})],Nh.prototype,"originatorInfo",void 0);gi([yi({type:Dh})],Nh.prototype,"recipientInfos",void 0);gi([yi({type:ch})],Nh.prototype,"encryptedContentInfo",void 0);gi([yi({type:Rh,context:1,implicit:true,optional:true})],Nh.prototype,"unprotectedAttrs",void 0);var Mh;let Kh=Mh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Mh.prototype)}};Kh=Mh=gi([fi({type:Re.Set,itemType:Vl})],Kh);class Hh{constructor(t={}){this.version=Fl.v0;this.digestAlgorithms=new Kh;this.encapContentInfo=new oh;this.signerInfos=new Yl;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Hh.prototype,"version",void 0);gi([yi({type:Kh})],Hh.prototype,"digestAlgorithms",void 0);gi([yi({type:oh})],Hh.prototype,"encapContentInfo",void 0);gi([yi({type:rh,context:0,implicit:true,optional:true})],Hh.prototype,"certificates",void 0);gi([yi({type:Th,context:1,implicit:true,optional:true})],Hh.prototype,"crls",void 0);gi([yi({type:Yl})],Hh.prototype,"signerInfos",void 0);var Uh;class jh{constructor(t={}){this.attrId="";this.attrValues=[];Object.assign(t)}}gi([yi({type:Ne.ObjectIdentifier})],jh.prototype,"attrId",void 0);gi([yi({type:Ne.Any,repeated:"set"})],jh.prototype,"attrValues",void 0);let _h=Uh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Uh.prototype)}};_h=Uh=gi([fi({type:Re.Sequence,itemType:jh})],_h);var Fh;let Vh=Fh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Fh.prototype)}};Vh=Fh=gi([fi({type:Re.Sequence,itemType:sh})],Vh);class Lh{constructor(t={}){this.certId="";this.certValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Lh.prototype,"certId",void 0);gi([yi({type:Ne.Any,context:0})],Lh.prototype,"certValue",void 0);class $h{constructor(t={}){this.crlId="";this.crltValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],$h.prototype,"crlId",void 0);gi([yi({type:Ne.Any,context:0})],$h.prototype,"crltValue",void 0);let Gh=class t extends Nn{};Gh=gi([fi({type:Re.Sequence})],Gh);let Wh=class t extends xn{};Wh=gi([fi({type:Re.Sequence})],Wh);class Qh{constructor(t={}){this.secretTypeId="";this.secretValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Qh.prototype,"secretTypeId",void 0);gi([yi({type:Ne.Any,context:0})],Qh.prototype,"secretValue",void 0);class qh{constructor(t={}){this.mac=new An;this.macSalt=new Ke;this.iterations=1;Object.assign(this,t)}}gi([yi({type:An})],qh.prototype,"mac",void 0);gi([yi({type:Ke})],qh.prototype,"macSalt",void 0);gi([yi({type:Ne.Integer,defaultValue:1})],qh.prototype,"iterations",void 0);class zh{constructor(t={}){this.version=3;this.authSafe=new sh;this.macData=new qh;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],zh.prototype,"version",void 0);gi([yi({type:sh})],zh.prototype,"authSafe",void 0);gi([yi({type:qh,optional:true})],zh.prototype,"macData",void 0);var Jh;class Yh{constructor(t={}){this.bagId="";this.bagValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Yh.prototype,"bagId",void 0);gi([yi({type:Ne.Any,context:0})],Yh.prototype,"bagValue",void 0);gi([yi({type:jh,repeated:"set",optional:true})],Yh.prototype,"bagAttributes",void 0);let Zh=Jh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Jh.prototype)}};Zh=Jh=gi([fi({type:Re.Sequence,itemType:Yh})],Zh);var Xh,tp,ep;const ip="1.2.840.113549.1.9";const rp=`${ip}.2`;const sp=`${ip}.7`;const np=`${ip}.14`;let op=class t extends Di{constructor(t={}){super(t)}toString(){return this.ia5String||super.toString()}};gi([yi({type:Ne.IA5String})],op.prototype,"ia5String",void 0);op=gi([fi({type:Re.Choice})],op);let ap=class t extends sh{};ap=gi([fi({type:Re.Sequence})],ap);let cp=class t extends zh{};cp=gi([fi({type:Re.Sequence})],cp);let up=class t extends xn{};up=gi([fi({type:Re.Sequence})],up);let lp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.IA5String})],lp.prototype,"value",void 0);lp=gi([fi({type:Re.Choice})],lp);let hp=class t extends op{};hp=gi([fi({type:Re.Choice})],hp);let pp=class t extends Di{};pp=gi([fi({type:Re.Choice})],pp);let dp=class t{constructor(t=new Date){this.value=t}};gi([yi({type:Ne.GeneralizedTime})],dp.prototype,"value",void 0);dp=gi([fi({type:Re.Choice})],dp);let fp=class t extends Di{};fp=gi([fi({type:Re.Choice})],fp);let yp=class t{constructor(t="M"){this.value=t}toString(){return this.value}};gi([yi({type:Ne.PrintableString})],yp.prototype,"value",void 0);yp=gi([fi({type:Re.Choice})],yp);let Sp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.PrintableString})],Sp.prototype,"value",void 0);Sp=gi([fi({type:Re.Choice})],Sp);let Ap=class t extends Sp{};Ap=gi([fi({type:Re.Choice})],Ap);let vp=class t extends Di{};vp=gi([fi({type:Re.Choice})],vp);let mp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.ObjectIdentifier})],mp.prototype,"value",void 0);mp=gi([fi({type:Re.Choice})],mp);let Cp=class t extends Ss{};Cp=gi([fi({type:Re.Choice})],Cp);let gp=class t{constructor(t=0){this.value=t}toString(){return this.value.toString()}};gi([yi({type:Ne.Integer})],gp.prototype,"value",void 0);gp=gi([fi({type:Re.Choice})],gp);let wp=class t extends Jl{};wp=gi([fi({type:Re.Sequence})],wp);let Ep=class t extends Di{};Ep=gi([fi({type:Re.Choice})],Ep);let bp=Xh=class t extends Cs{constructor(t){super(t);Object.setPrototypeOf(this,Xh.prototype)}};bp=Xh=gi([fi({type:Re.Sequence})],bp);let Pp=tp=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,tp.prototype)}};Pp=tp=gi([fi({type:Re.Set,itemType:ql})],Pp);let Dp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.BmpString})],Dp.prototype,"value",void 0);Dp=gi([fi({type:Re.Choice})],Dp);let Ip=class t extends fs{};Ip=gi([fi({type:Re.Sequence})],Ip);let Bp=ep=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,ep.prototype)}};Bp=ep=gi([fi({type:Re.Sequence,itemType:Ip})],Bp);const xp="1.3.6.1.4.1.22112.2.1";let Tp=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:jl})],Tp.prototype,"signer",void 0);gi([yi({type:Es,optional:true})],Tp.prototype,"cert",void 0);Tp=gi([fi({type:Re.Sequence})],Tp);var Op;let kp=Op=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Op.prototype)}};kp=Op=gi([fi({type:Re.Sequence,itemType:Xr})],kp);class Rp{constructor(t={}){this.version=0;this.subject=new Oi;this.subjectPKInfo=new ys;this.attributes=new kp;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Rp.prototype,"version",void 0);gi([yi({type:Oi})],Rp.prototype,"subject",void 0);gi([yi({type:ys})],Rp.prototype,"subjectPKInfo",void 0);gi([yi({type:kp,implicit:true,context:0})],Rp.prototype,"attributes",void 0);class Np{constructor(t={}){this.certificationRequestInfo=new Rp;this.signatureAlgorithm=new fs;this.signature=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Rp})],Np.prototype,"certificationRequestInfo",void 0);gi([yi({type:fs})],Np.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ne.BitString})],Np.prototype,"signature",void 0);let Mp=globalThis.crypto;function Kp(){return Mp}class Hp extends Error{code;constructor(t,e){super(t);this.code=e;this.name=this.constructor.name;if(Error.captureStackTrace){Error.captureStackTrace(this,this.constructor)}}}class Up extends Hp{constructor(t,e){const i=e?` Supported: ${e.join(", ")}`:"";super(`Unsupported algorithm: ${t}.${i}`,"UNSUPPORTED_ALGORITHM")}}class jp extends Hp{constructor(t,e){const i=e?` Expected: ${e}`:"";super(`Invalid format: ${t}.${i}`,"INVALID_FORMAT")}}class _p extends Hp{constructor(t,e){const i=e?` Supported: ${e.join(", ")}`:"";super(`Unsupported key type: ${t}.${i}`,"UNSUPPORTED_KEY_TYPE")}}class Fp extends Hp{constructor(t){const e=t?`Invalid SSH private key format: ${t}`:"Invalid SSH private key format";super(e,"INVALID_PRIVATE_KEY_FORMAT")}}class Vp extends Hp{constructor(t){const e=t?`Encrypted SSH private keys are not supported (cipher: ${t})`:"Encrypted SSH private keys are not supported";super(e,"ENCRYPTED_KEY_NOT_SUPPORTED")}}class Lp extends Hp{constructor(t){const e=t?`Invalid key data: ${t}`:"Invalid key data";super(e,"INVALID_KEY_DATA")}}class $p extends Hp{constructor(t,e){const i=t!==undefined&&e!==undefined?` Expected ${t} bytes, got ${e}`:"";super(`Unexpected end of data${i}`,"UNEXPECTED_EOF")}}const Gp=new TextEncoder;const Wp=new TextDecoder;class Qp{buffer;offset;constructor(t){this.buffer=t;this.offset=0}readUint8(){if(this.offset>=this.buffer.length){throw new $p(1,0)}return this.buffer[this.offset++]}readUint32(){const t=this.readUint8()<<24|this.readUint8()<<16|this.readUint8()<<8|this.readUint8();return t>>>0}readUint64(){const t=this.readUint32();const e=this.readUint32();return BigInt(t)<<32n|BigInt(e)}readBytes(t){if(t<0){throw new jp(`Invalid length: ${t}`)}if(this.offset+t>this.buffer.length){throw new $p(t,this.buffer.length-this.offset)}const e=this.buffer.subarray(this.offset,this.offset+t);this.offset+=t;return e}readString(){const t=this.readUint32();const e=this.readBytes(t);return Wp.decode(e)}peekString(t){if(this.offset+t>this.buffer.length){throw new $p(t,this.buffer.length-this.offset)}const e=this.buffer.subarray(this.offset,this.offset+t);return Wp.decode(e)}readMpInt(t=false){const e=this.readUint32();const i=this.readBytes(e);if(t&&i.length>1&&i[0]===0){return i.subarray(1)}return i}readMpIntSsh(){return this.readMpInt(true)}remaining(){return this.buffer.length-this.offset}getOffset(){return this.offset}seek(t){if(t<0||t>this.buffer.length){throw new jp(`Invalid offset: ${t}. Buffer length: ${this.buffer.length}`)}this.offset=t}}class qp{buffer;offset;constructor(t=1024){this.buffer=new Uint8Array(t);this.offset=0}ensureCapacity(t){const e=this.offset+t;if(e>this.buffer.length){const t=Math.max(e,this.buffer.length*2);const i=new Uint8Array(t);i.set(this.buffer.subarray(0,this.offset));this.buffer=i}}reserve(t){if(t>this.buffer.length){const e=new Uint8Array(t);e.set(this.buffer.subarray(0,this.offset));this.buffer=e}}writeUint8(t){this.ensureCapacity(1);this.buffer[this.offset++]=t&255}writeUint32(t){this.ensureCapacity(4);this.buffer[this.offset++]=t>>>24&255;this.buffer[this.offset++]=t>>>16&255;this.buffer[this.offset++]=t>>>8&255;this.buffer[this.offset++]=t&255}writeUint64(t){this.ensureCapacity(8);const e=Number(t>>32n);const i=Number(t&0xffffffffn);this.writeUint32(e);this.writeUint32(i)}writeBytes(t){this.ensureCapacity(t.length);this.buffer.set(t,this.offset);this.offset+=t.length}writeString(t){const e=Gp.encode(t);this.writeUint32(e.length);this.writeBytes(e)}writeMpInt(t,e=false){if(e&&t.length>0&&(t[0]&128)!==0){const e=new Uint8Array(t.length+1);e[0]=0;e.set(t,1);this.writeUint32(e.length);this.writeBytes(e)}else{this.writeUint32(t.length);this.writeBytes(t)}}writeMpIntSsh(t){this.writeMpInt(t,true)}toUint8Array(){return this.buffer.subarray(0,this.offset)}getOffset(){return this.offset}seek(t){if(t<0||t>this.buffer.length){throw new jp("Invalid offset")}this.offset=t}}class zp{hash="SHA-256";constructor(t="SHA-256"){this.hash=t}async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readMpInt(true);const o=r.readMpInt(true);const a={kty:"RSA",n:n.Convert.ToBase64Url(o),e:n.Convert.ToBase64Url(s)};return i.subtle.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.n||!r.e){throw new Lp("RSA JWK missing required parameters (n, e)")}const s=n.BufferSourceConverter.toUint8Array(n.Convert.FromBase64Url(r.n));const o=n.BufferSourceConverter.toUint8Array(n.Convert.FromBase64Url(r.e));const a=new qp;a.writeString("ssh-rsa");a.writeMpInt(o,true);a.writeMpInt(s,true);return a.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();const S=d.readMpInt(true);const A=d.readMpInt(true);const v=d.readMpInt(true);const m=d.readMpInt(true);const C=d.readMpInt(true);const g=d.readMpInt(true);d.readString();const w=BigInt("0x"+n.Convert.ToHex(v));const E=BigInt("0x"+n.Convert.ToHex(C));const b=BigInt("0x"+n.Convert.ToHex(g));const P=w%(E-1n);const D=w%(b-1n);const I=n.Convert.FromHex(P.toString(16).padStart(C.length*2,"0"));const B=n.Convert.FromHex(D.toString(16).padStart(g.length*2,"0"));const x={kty:"RSA",n:n.Convert.ToBase64Url(S),e:n.Convert.ToBase64Url(A),d:n.Convert.ToBase64Url(v),p:n.Convert.ToBase64Url(C),q:n.Convert.ToBase64Url(g),dp:n.Convert.ToBase64Url(I),dq:n.Convert.ToBase64Url(B),qi:n.Convert.ToBase64Url(m)};return i.subtle.importKey("jwk",x,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["sign"])}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.n||!s.e||!s.d||!s.p||!s.q){throw new Lp("RSA JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.n));const a=new Uint8Array(n.Convert.FromBase64Url(s.e));const c=new Uint8Array(n.Convert.FromBase64Url(s.d));const u=new Uint8Array(n.Convert.FromBase64Url(s.p));const l=new Uint8Array(n.Convert.FromBase64Url(s.q));const h=s.qi?new Uint8Array(n.Convert.FromBase64Url(s.qi)):new Uint8Array;const p=new qp;p.writeString("ssh-rsa");p.writeMpInt(o,true);p.writeMpInt(a,true);p.writeMpInt(c,true);p.writeMpInt(h,true);p.writeMpInt(u,true);p.writeMpInt(l,true);return p.toUint8Array()}async sign(t){const{privateKey:e,data:i,crypto:r,hash:s}=t;if(s&&s!==this.hash){throw new Lp(`Hash ${s} not supported for this RSA algorithm`)}if(!e.extractable){throw new Lp("Private key is not extractable")}const o=await this.exportPrivatePkcs8({privateKey:e,crypto:r});const a=await this.importPrivatePkcs8({pkcs8:new Uint8Array(o),crypto:r});const c=await r.subtle.sign("RSASSA-PKCS1-v1_5",a,i);return n.BufferSourceConverter.toUint8Array(c)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s,hash:n}=t;if(n&&n!==this.hash){return false}if(!e.extractable){throw new Lp("Public key is not extractable")}const o=await this.exportPublicSpki({publicKey:e,crypto:s});const a=await this.importPublicSpki({spki:new Uint8Array(o),crypto:s});return s.subtle.verify("RSASSA-PKCS1-v1_5",a,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;const r=new qp;r.writeString(i);r.writeUint32(e.byteLength);r.writeBytes(e);return r.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="RSASSA-PKCS1-v1_5"}parsePublicKey(t){const e=t.readBytes(t.readUint32());const i=t.readBytes(t.readUint32());const r=new qp;r.writeString("ssh-rsa");r.writeMpInt(e);r.writeMpInt(i);return{type:"ssh-rsa",keyData:r.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readMpInt();const s=i.readMpInt();t.writeUint32(r.length);t.writeBytes(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return"ssh-rsa-cert-v01@openssh.com"}getSignatureAlgo(){return this.hash==="SHA-256"?"rsa-sha2-256":"rsa-sha2-512"}}class Jp{curveName;sshType;namedCurve;constructor(t,e,i){this.curveName=t;this.sshType=e;this.namedCurve=i}getHashAlgorithm(){switch(this.namedCurve){case"P-256":return"SHA-256";case"P-384":return"SHA-384";case"P-521":return"SHA-512";default:return"SHA-256"}}getExpectedLength(){switch(this.namedCurve){case"P-256":return 32;case"P-384":return 48;case"P-521":return 66;default:return 32}}getSignatureCoordLength(){return this.getExpectedLength()}async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readString();if(s!==this.curveName){throw new Lp(`ECDSA curve name ${s}, expected ${this.curveName}`)}const o=r.readMpInt();const a=Math.floor((o.length-1)/2);const c={kty:"EC",crv:this.namedCurve,x:n.Convert.ToBase64Url(o.slice(1,1+a)),y:n.Convert.ToBase64Url(o.slice(1+a))};return i.subtle.importKey("jwk",c,{name:"ECDSA",namedCurve:this.namedCurve},true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.x||!r.y){throw new Lp("ECDSA JWK missing x or y parameters")}const s=new Uint8Array(n.Convert.FromBase64Url(r.x));const o=new Uint8Array(n.Convert.FromBase64Url(r.y));const a=new Uint8Array(1+s.length+o.length);a[0]=4;a.set(s,1);a.set(o,1+s.length);const c=new qp;c.writeString(this.sshType);c.writeString(this.curveName);c.writeMpInt(a);return c.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,{name:"ECDSA",namedCurve:this.namedCurve},true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,{name:"ECDSA",namedCurve:this.namedCurve},true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.d||!s.x||!s.y){throw new Lp("ECDSA private key JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.x));const a=new Uint8Array(n.Convert.FromBase64Url(s.y));const c=new Uint8Array(n.Convert.FromBase64Url(s.d));const u=new Uint8Array(1+o.length+a.length);u[0]=4;u.set(o,1);u.set(a,1+o.length);const l=new qp;l.writeString(this.sshType);l.writeString(this.curveName);l.writeMpInt(u);l.writeMpInt(c);return l.toUint8Array()}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();d.readString();const S=d.readMpInt();const A=d.readMpInt();d.readString();if(S[0]!==4){throw new Lp("invalid ECDSA public key point format")}const v=Math.floor((S.length-1)/2);const m=S.slice(1,1+v);const C=S.slice(1+v);const g={kty:"EC",crv:this.namedCurve,x:n.Convert.ToBase64Url(m),y:n.Convert.ToBase64Url(C),d:n.Convert.ToBase64Url(A)};return i.subtle.importKey("jwk",g,{name:"ECDSA",namedCurve:this.namedCurve},true,["sign"])}async sign(t){const{privateKey:e,data:i,crypto:r,hash:s}=t;const o=this.getHashAlgorithm();if(s&&s!==o){throw new Lp(`ECDSA ${this.namedCurve} requires ${o}, got ${s}`)}const a=await r.subtle.sign({name:"ECDSA",hash:o},e,i);return n.BufferSourceConverter.toUint8Array(a)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s,hash:n}=t;const o=this.getHashAlgorithm();if(n&&n!==o){throw new Lp(`ECDSA ${this.namedCurve} requires ${o}, got ${n}`)}return s.subtle.verify({name:"ECDSA",hash:o},e,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;if(i.startsWith("ecdsa-sha2-")){const t=this.getSignatureCoordLength();const r=e.subarray(0,t);const s=e.subarray(t);const n=new qp;n.writeString(i);const o=new qp;o.writeMpInt(r,true);o.writeMpInt(s,true);const a=o.toUint8Array();n.writeUint32(a.length);n.writeBytes(a);return n.toUint8Array()}const r=new qp;r.writeString(i);r.writeUint32(e.byteLength);r.writeBytes(e);return r.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);if(r.startsWith("ecdsa-sha2-")){const t=new Qp(n);let e=t.readMpInt();let i=t.readMpInt();if(e[0]===0&&e.length>1&&(e[1]&128)===0){e=e.slice(1)}if(i[0]===0&&i.length>1&&(i[1]&128)===0){i=i.slice(1)}const s=this.getExpectedLength();const o=new Uint8Array(s);const a=new Uint8Array(s);if(e.length<=s){o.set(e,s-e.length)}else{o.set(e.slice(e.length-s),0)}if(i.length<=s){a.set(i,s-i.length)}else{a.set(i.slice(i.length-s),0)}const c=new Uint8Array([...o,...a]);return{signature:c,algo:r}}return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="ECDSA"&&t.algorithm.namedCurve===this.namedCurve}parsePublicKey(t){const e=t.readString();if(e!==this.curveName){throw new Lp(`ECDSA certificate curve name ${e}, expected ${this.curveName}`)}const i=t.readBytes(t.readUint32());const r=new qp;r.writeString(this.sshType);r.writeString(e);r.writeMpInt(i);return{type:this.sshType,keyData:r.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readString();const s=i.readMpInt();t.writeString(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return`${this.sshType}-cert-v01@openssh.com`}getSignatureAlgo(){return this.sshType}}const Yp=new Jp("nistp256","ecdsa-sha2-nistp256","P-256");const Zp=new Jp("nistp384","ecdsa-sha2-nistp384","P-384");const Xp=new Jp("nistp521","ecdsa-sha2-nistp521","P-521");class td{async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readUint32();if(s!==32){throw new Lp(`Ed25519 key length ${s}, expected 32`)}const n=r.readBytes(s);return i.subtle.importKey("raw",n,"Ed25519",true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.x){throw new Lp("Ed25519 JWK missing x parameter")}const s=new Uint8Array(n.Convert.FromBase64Url(r.x));const o=new qp;o.writeString("ssh-ed25519");o.writeUint32(s.length);o.writeBytes(s);return o.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,"Ed25519",true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,"Ed25519",true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.d||!s.x){throw new Lp("Ed25519 private key JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.d));const a=new Uint8Array(n.Convert.FromBase64Url(s.x));const c=new qp;c.writeString("ssh-ed25519");c.writeUint32(a.length);c.writeBytes(a);const u=new Uint8Array(64);u.set(o,0);u.set(a,32);c.writeUint32(u.length);c.writeBytes(u);return c.toUint8Array()}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();const S=d.readUint32();const A=d.readBytes(S);const v=d.readUint32();const m=d.readBytes(v);d.readString();const C=m.slice(0,32);const g={kty:"OKP",crv:"Ed25519",d:n.Convert.ToBase64Url(C),x:n.Convert.ToBase64Url(A)};return i.subtle.importKey("jwk",g,"Ed25519",true,["sign"])}async sign(t){const{privateKey:e,data:i,crypto:r}=t;const s=await r.subtle.sign("Ed25519",e,i);return n.BufferSourceConverter.toUint8Array(s)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s}=t;return s.subtle.verify("Ed25519",e,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;const r=new Uint8Array(e);const s=new qp;s.writeString(i);s.writeUint32(r.length);s.writeBytes(r);return s.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="Ed25519"}parsePublicKey(t){const e=t.readBytes(t.readUint32());const i=new qp;i.writeString("ssh-ed25519");i.writeUint32(e.length);i.writeBytes(e);return{type:"ssh-ed25519",keyData:i.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readUint32();const s=i.readBytes(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return"ssh-ed25519-cert-v01@openssh.com"}getSignatureAlgo(){return"ssh-ed25519"}}const ed=new Map;class id{static get(t){const e=ed.get(t);if(!e){throw new _p(t,Array.from(ed.keys()))}return e}static register(t,e){ed.set(t,e)}static getSshTypeFromCryptoKey(t){for(const[e,i]of ed.entries()){if(i.supportsCryptoKey(t)){return e}}throw new _p(t.algorithm.name,Array.from(ed.keys()))}static certTypeToKeyType(t){const e={"ssh-rsa-cert-v01@openssh.com":"ssh-rsa","ssh-ed25519-cert-v01@openssh.com":"ssh-ed25519","ecdsa-sha2-nistp256-cert-v01@openssh.com":"ecdsa-sha2-nistp256","ecdsa-sha2-nistp384-cert-v01@openssh.com":"ecdsa-sha2-nistp384","ecdsa-sha2-nistp521-cert-v01@openssh.com":"ecdsa-sha2-nistp521"};return e[t]}static getSupportedCertTypes(){return Object.keys({"ssh-rsa-cert-v01@openssh.com":"ssh-rsa","ssh-ed25519-cert-v01@openssh.com":"ssh-ed25519","ecdsa-sha2-nistp256-cert-v01@openssh.com":"ecdsa-sha2-nistp256","ecdsa-sha2-nistp384-cert-v01@openssh.com":"ecdsa-sha2-nistp384","ecdsa-sha2-nistp521-cert-v01@openssh.com":"ecdsa-sha2-nistp521"})}}id.register("ssh-ed25519",new td);id.register("ssh-rsa",new zp("SHA-256"));id.register("rsa-sha2-256",new zp("SHA-256"));id.register("rsa-sha2-512",new zp("SHA-512"));id.register("ecdsa-sha2-nistp256",Yp);id.register("ecdsa-sha2-nistp384",Zp);id.register("ecdsa-sha2-nistp521",Xp);function rd(t){const e=typeof t==="string"?t.trim().split(/\s+/):null;if(!e||e.length<2){throw new jp("Invalid SSH public key format")}const i=e[0];const r=new Uint8Array(n.Convert.FromBase64(e[1]));const s=e.length>2?e.slice(2).join(" "):undefined;const o=new Qp(r);const a=o.readString();if(a!==i){throw new jp("Key type mismatch")}return{type:i,keyData:r,comment:s}}function sd(t){const e=n.Convert.ToBase64(t.keyData);const i=[t.type,e];if(t.comment){i.push(t.comment)}return i.join(" ")}function nd(t){if(typeof t==="string"){const e=t.trim().split(/\s+/);if(e.length<2){throw new jp("SSH certificate string","type base64 [comment]")}const i=e[0];const r=new Uint8Array(n.Convert.FromBase64(e[1]));const s=e.length>2?e.slice(2).join(" "):undefined;const o=new Qp(r);const a=o.readString();if(a!==i){throw new jp(`certificate blob type ${a}`,`expected ${i}`)}return{type:i,keyData:r,comment:s}}else{const e=new Qp(t);const i=e.readString();const r=t.slice(e.getOffset());return{type:i,keyData:r}}}function od(t){const e=new Qp(t);const i=e.readString();const r=e.readBytes(e.readUint32());const s=id.certTypeToKeyType(i);if(!s){throw new Up(i,id.getSupportedCertTypes())}const n=id.get(s);const o=n.parsePublicKey(e);const a=s;const c=e.readUint64();const u=e.readUint32();const l=u===1?"user":"host";const h=e.readString();const p=e.readUint32();const d=e.readBytes(p);const f=[];if(d.length>0){const t=new Qp(d);while(t.getOffset()<d.length){try{const e=t.readString();f.push(e)}catch{break}}}const y=e.readUint64();const S=e.readUint64();const A={};const v=e.readUint32();const m=e.readBytes(v);if(m.length>0){const t=new Qp(m);while(t.getOffset()<m.length){try{const e=t.readString();const i=t.readBytes(t.readUint32());const r=i.length===0?"":Wp.decode(i);A[e]=r}catch{break}}}const C={};const g=e.readUint32();const w=e.readBytes(g);if(w.length>0){const t=new Qp(w);while(t.getOffset()<w.length){try{const e=t.readString();const i=t.readBytes(t.readUint32());const r=i.length===0?"":Wp.decode(i);C[e]=r}catch{break}}}const E=e.readUint32();const b=e.readBytes(E);const P=e.readUint32();const D=e.readBytes(P);const I=new Qp(D);const B=I.readString();const x={type:B,keyData:D};const T=e.readUint32();const O=e.readBytes(T);return{nonce:r,keyType:a,publicKey:o,serial:c,type:l,keyId:h,validPrincipals:f,validAfter:y,validBefore:S,criticalOptions:A,extensions:C,reserved:b,signatureKey:x,signature:O}}function ad(t){const e=n.Convert.ToBase64(t.keyData);const i=[t.type,e];if(t.comment){i.push(t.comment)}return i.join(" ")}function cd(t){const e=new Qp(t);if(t.length>=6&&(new TextDecoder).decode(t.subarray(0,6))==="SSHSIG"){return ud(e)}else{return ld(e)}}function ud(t){const e=t.readBytes(6);const i=(new TextDecoder).decode(e);if(i!=="SSHSIG"){throw new jp(i,"SSHSIG")}const r=t.readUint32();const s=t.readUint32();const n=t.readBytes(s);const o=t.readString();const a=t.readString();const c=t.readString();const u=t.readUint32();const l=t.readBytes(u);const h=new Qp(l);const p=h.readString();const d=h.readUint32();const f=h.readBytes(d);return{format:"ssh-signature",algorithm:p,signature:f,version:r,publicKey:n,namespace:o,reserved:a,hashAlgorithm:c}}function ld(t){const e=t.readString();const i=t.readUint32();const r=t.readBytes(i);return{format:"legacy",algorithm:e,signature:r}}function hd(t){if(t.format==="ssh-signature"){return pd(t)}else{return dd(t)}}function pd(t){const e=new qp;e.writeBytes((new TextEncoder).encode("SSHSIG"));e.writeUint32(t.version||1);if(t.publicKey){e.writeUint32(t.publicKey.length);e.writeBytes(t.publicKey)}else{e.writeUint32(0)}e.writeString(t.namespace||"file");e.writeString(t.reserved||"");e.writeString(t.hashAlgorithm||"sha512");const i=new qp;i.writeString(t.algorithm);i.writeUint32(t.signature.length);i.writeBytes(t.signature);const r=i.toUint8Array();e.writeUint32(r.length);e.writeBytes(r);return e.toUint8Array()}function dd(t){const e=new qp;e.writeString(t.algorithm);e.writeUint32(t.signature.length);e.writeBytes(t.signature);return e.toUint8Array()}class fd{}class yd extends fd{static TYPE="public-key";type=yd.TYPE;blob;cachedCryptoKey;constructor(t){super();this.blob=t}async getCryptoKey(t=Kp()){if(!this.cachedCryptoKey){const e=id.get(this.blob.type);this.cachedCryptoKey=await e.importPublicSsh({blob:this.blob.keyData,crypto:t})}return this.cachedCryptoKey}static async fromSSH(t,e=Kp()){const i=rd(t);const r=id.get(i.type);await r.importPublicSsh({blob:i.keyData,crypto:e});return new yd(i)}static async fromSPKI(t,e,i=Kp()){const r=id.get(e);const s=await r.importPublicSpki({spki:t,crypto:i});const n=await r.exportPublicSsh({publicKey:s,crypto:i});const o={type:e,keyData:n};return new yd(o)}static async fromWebCrypto(t,e,i=Kp()){const r=e||id.getSshTypeFromCryptoKey(t);const s=id.get(r);const n=await s.exportPublicSsh({publicKey:t,crypto:i});const o={type:r,keyData:n};return new yd(o)}async export(t="ssh",e=Kp()){if(t==="ssh"){return sd(this.blob)}else if(t==="spki"){const t=await this.getCryptoKey(e);const i=id.get(this.blob.type);const r=await i.exportPublicSpki({publicKey:t,crypto:e});return new Uint8Array(r)}throw new _p(`Unsupported export format: ${t}`)}async toSSH(){const t=await this.export("ssh");return t}async toSPKI(){const t=await this.export("spki");return t}async toWebCrypto(t=Kp()){return this.getCryptoKey(t)}async verify(t,e,i,r=Kp()){const s=id.get(t);const n=await this.toWebCrypto(r);return s.verify({publicKey:n,signature:e,data:i,crypto:r})}get keyType(){return this.blob.type}get comment(){return this.blob.comment}getBlob(){return{...this.blob}}async thumbprint(t="sha256",e=Kp()){const i=t==="sha256"?"SHA-256":"SHA-512";const r=this.blob.keyData;const s=await e.subtle.digest(i,r);return new Uint8Array(s)}}class Sd extends fd{static TYPE="signature";type=Sd.TYPE;blob;format;algorithm;signature;version;publicKey;namespace;reserved;hashAlgorithm;constructor(t){super();this.blob=t;this.format=t.format;this.algorithm=t.algorithm;this.signature=t.signature;this.version=t.version;this.namespace=t.namespace;this.reserved=t.reserved;this.hashAlgorithm=t.hashAlgorithm;if(t.publicKey){const e=new Qp(t.publicKey);const i=e.readString();this.publicKey=new yd({type:i,keyData:t.publicKey})}}static parse(t){const e=cd(t);return new Sd(e)}static fromBlob(t){return new Sd(t)}static fromBase64(t){const e=new Uint8Array(n.Convert.FromBase64(t));return Sd.parse(e)}static fromText(t){const e=t.replace(/-----BEGIN SSH SIGNATURE-----/,"").replace(/-----END SSH SIGNATURE-----/,"").replace(/[\r\n\s]/g,"");return Sd.fromBase64(e)}serialize(){return hd(this.blob)}toBase64(){return n.Convert.ToBase64(this.serialize())}toText(){const t=this.toBase64();const e=[];for(let i=0;i<t.length;i+=70){e.push(t.substring(i,i+70))}return["-----BEGIN SSH SIGNATURE-----",...e,"-----END SSH SIGNATURE-----"].join("\n")}async toSSH(){return this.toText()}async verify(t,e){const i=id.get(this.algorithm);const r=await e["getCryptoKey"]();const s=Kp();let n=t;if(this.format==="ssh-signature"){const e=this.hashAlgorithm||"sha512";const i=this.namespace||"file";const r=this.reserved||"";const o=e==="sha256"?"SHA-256":"SHA-512";const a=await s.subtle.digest(o,t);const c=new Uint8Array(a);const u=new qp;u.writeBytes((new TextEncoder).encode("SSHSIG"));u.writeString(i);u.writeString(r);u.writeString(e);u.writeUint32(c.length);u.writeBytes(c);n=u.toUint8Array()}let o;if(this.algorithm==="rsa-sha2-256"){o="SHA-256"}else if(this.algorithm==="rsa-sha2-512"){o="SHA-512"}let a;if(this.format==="legacy"||this.format==="ssh-signature"){const t=new qp;t.writeString(this.algorithm);t.writeUint32(this.signature.length);t.writeBytes(this.signature);const e=t.toUint8Array();const r=i.decodeSignature({signature:e});a=r.signature}else{a=this.signature}return i.verify({publicKey:r,signature:a,data:n,crypto:s,hash:o})}static fromLegacy(t,e){const i=id.get(t);const r=i.encodeSignature({signature:e,algo:t});const s=new Qp(r);s.readString();const n=s.readUint32();const o=s.readBytes(n);return new Sd({format:"legacy",algorithm:t,signature:o})}static fromSshSignature(t,e,i={}){const r={format:"ssh-signature",algorithm:t,signature:e,version:i.version||1,publicKey:i.publicKey?i.publicKey.getBlob().keyData:undefined,namespace:i.namespace||"file",reserved:i.reserved||"",hashAlgorithm:i.hashAlgorithm||"sha512"};return new Sd(r)}static async sign(t,e,i,r={}){const{format:s="legacy",namespace:n="file"}=r;if(s==="legacy"){const r=await e.sign(t,i);const s=t||e.keyType;return Sd.fromLegacy(s,r)}else{const r=t;const s=id.get(r);const o=t==="rsa-sha2-256"?"sha256":"sha512";const a=await e.getPublicKey();const c=Kp();const u=o==="sha256"?"SHA-256":"SHA-512";const l=await c.subtle.digest(u,i);const h=new Uint8Array(l);const p=new qp;p.writeBytes((new TextEncoder).encode("SSHSIG"));p.writeString(n);p.writeString("");p.writeString(o);p.writeUint32(h.length);p.writeBytes(h);const d=p.toUint8Array();const f=await e.sign(r,d);const y=s.encodeSignature({signature:f,algo:r});const S=new Qp(y);S.readString();const A=S.readUint32();const v=S.readBytes(A);return Sd.fromSshSignature(r,v,{namespace:n,hashAlgorithm:o,publicKey:a})}}}let Ad=class t extends fd{static TYPE="certificate";type=t.TYPE;_blob;data;_validAfter;_validBefore;keyId;principals;certType;serial;validAfter;validBefore;publicKey;signatureKey;criticalOptions;extensions;constructor(t){super();this._blob=t;this.data=od(t.keyData);this._validAfter=this.data.validAfter;this._validBefore=this.data.validBefore;this.keyId=this.data.keyId;this.principals=this.data.validPrincipals;this.certType=this.data.type;this.serial=this.data.serial;this.validAfter=new Date(Number(this.data.validAfter)*1e3);this.validBefore=new Date(Number(this.data.validBefore)*1e3);this.publicKey=new yd(this.data.publicKey);this.signatureKey=new yd(this.data.signatureKey);this.criticalOptions={...this.data.criticalOptions};this.extensions={...this.data.extensions}}static async fromSSH(e){const i=nd(e);return new t(i)}static async fromBlob(e){return new t(e)}async toSSH(){return ad(this._blob)}toBlob(){return{...this._blob}}get blob(){return this.toBlob()}validate(t=new Date){const e=BigInt(Math.floor(t.getTime()/1e3));const i=this._validAfter;const r=this._validBefore;const s=0xffffffffffffffffn;const n=r===s?e:r;return e>=i&&e<=n}async verify(t,e=Kp()){const i=t||this.signatureKey;const r=this.getSignedData();const s=Sd.parse(this.data.signature);const n=id.get(s.algorithm);const o=await i.toWebCrypto(e);return n.verify({publicKey:o,signature:s.signature,data:r,crypto:e})}getSignedData(){const t=new Qp(this._blob.keyData);t.readString();t.readBytes(t.readUint32());if(this.data.keyType==="ssh-ed25519"){t.readBytes(t.readUint32())}else if(this.data.keyType==="ssh-rsa"){t.readBytes(t.readUint32());t.readBytes(t.readUint32())}else if(this.data.keyType.startsWith("ecdsa-sha2-")){t.readString();t.readBytes(t.readUint32())}t.readUint64();t.readUint32();t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readUint64();t.readUint64();t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readBytes(t.readUint32());const e=t.getOffset();return this._blob.keyData.slice(0,e)}};var vd=undefined&&undefined.__classPrivateFieldSet||function(t,e,i,r,s){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!s)throw new TypeError("Private accessor was defined without a setter");if(typeof e==="function"?t!==e||!s:!e.has(t))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?s.call(t,i):s?s.value=i:e.set(t,i),i};var md=undefined&&undefined.__classPrivateFieldGet||function(t,e,i,r){if(i==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof e==="function"?t!==e||!r:!e.has(t))throw new TypeError("Cannot read private member from an object whose class did not declare it");return i==="m"?r:i==="a"?r.call(t):r?r.value:e.get(t)};var Cd;class gd{constructor(t){Cd.set(this,void 0);const e=nd(t.trim());vd(this,Cd,new Ad(e),"f");this.notBefore=md(this,Cd,"f").validAfter;this.notAfter=md(this,Cd,"f").validBefore;this.validity=oo(this.notBefore,this.notAfter);this.type=[md(this,Cd,"f").blob.type,md(this,Cd,"f").certType,md(this,Cd,"f").type].join(" ");this.serialNumber=md(this,Cd,"f").serial.toString();this.keyId=md(this,Cd,"f").keyId;this.principals=md(this,Cd,"f").principals;this.extensions=md(this,Cd,"f").extensions;this.criticalOptions=md(this,Cd,"f").criticalOptions}async parseSignatureKey(){const t=await md(this,Cd,"f").signatureKey.toWebCrypto();const e=md(this,Cd,"f").signatureKey.getBlob();const i=await md(this,Cd,"f").signatureKey.thumbprint("sha256");this.signatureKey={algorithm:t.algorithm.name,type:e.type,value:await md(this,Cd,"f").signatureKey.toSSH(),thumbprint:n.Convert.ToBase64(i)}}async parsePublicKey(){const t=await md(this,Cd,"f").publicKey.toWebCrypto();const e=md(this,Cd,"f").publicKey.getBlob();const i=await md(this,Cd,"f").publicKey.thumbprint("sha256");this.publicKey={algorithm:t.algorithm.name,type:e.type,value:await md(this,Cd,"f").publicKey.toSSH(),thumbprint:n.Convert.ToBase64(i)}}async toString(t="pem"){return md(this,Cd,"f").toSSH()}}Cd=new WeakMap;export{ca as $,Bu as A,np as B,Es as C,o as D,js as E,rp as F,sp as G,Rl as H,kl as I,Ol as J,Hl as K,Cl as L,Ml as M,pa as N,xl as O,_u as P,Il as Q,wn as R,Pl as S,Kl as T,hp as U,Nl as V,Ul as W,El as X,Np as Y,oa as Z,no as _,oo as a,es as a$,Ke as a0,Cc as a1,Pc as a2,ms as a3,Eu as a4,Au as a5,hr as a6,ur as a7,ds as a8,ru as a9,wr as aA,vr as aB,ar as aC,Zi as aD,Qi as aE,Gi as aF,Vi as aG,wu as aH,nu as aI,lr as aJ,cr as aK,ps as aL,tu as aM,fa as aN,as as aO,ns as aP,Ic as aQ,xc as aR,vc as aS,fc as aT,Ha as aU,ac as aV,lc as aW,Na as aX,ka as aY,wa as aZ,rs as a_,$c as aa,va as ab,ls as ac,os as ad,Bc as ae,Tc as af,mc as ag,Ac as ah,Ua as ai,uc as aj,hc as ak,Ka as al,Ra as am,Ia as an,ss as ao,is as ap,Zr as aq,zr as ar,Gr as as,Lr as at,Ur as au,Mr as av,kr as aw,Tr as ax,Br as ay,Pr as az,n as b,Yr as b0,Qr as b1,$r as b2,_r as b3,Kr as b4,Nr as b5,Or as b6,xr as b7,Ir as b8,Er as b9,_e as bA,Cu as bB,au as bC,cu as bD,gr as ba,dr as bb,tr as bc,Yi as bd,Wi as be,Li as bf,_i as bg,Hh as bh,nh as bi,rh as bj,ih as bk,sh as bl,gd as bm,Oi as bn,Ri as bo,er as bp,rr as bq,Ni as br,gi as bs,yi as bt,Ne as bu,fi as bv,Re as bw,mi as bx,ba as by,Da as bz,Lu as c,t as d,Ci as e,Ls as f,Ln as g,Gn as h,Is as i,Pn as j,In as k,Dn as l,$u as m,sl as n,Ds as o,Xr as p,Ai as q,Tp as r,bp as s,Ep as t,gl as u,Tl as v,Bl as w,Dl as x,bl as y,xp as z};
135
- //# sourceMappingURL=p-Ct-r021h.js.map
134
+ */const Lu=t=>{if(_u.isPem(t)){return _u.decode(t)[0]}if(n.Convert.isHex(t)){return n.Convert.FromHex(t)}if(n.Convert.isBase64(t)){return n.Convert.FromBase64(t)}if(n.Convert.isBase64Url(t)){return n.Convert.FromBase64Url(t)}return n.Convert.FromBinary(t)};const $u=async(t,e)=>{const i=Vu.get();if(i.subtle){return i.subtle.digest(t,e)}return undefined};class Gu{constructor(t={}){this.acIssuer=new Mi;this.acSerial=0;this.attrs=[];Object.assign(this,t)}}gi([yi({type:Mi})],Gu.prototype,"acIssuer",void 0);gi([yi({type:Ne.Integer})],Gu.prototype,"acSerial",void 0);gi([yi({type:Xr,repeated:"sequence"})],Gu.prototype,"attrs",void 0);var Wu;let Qu=Wu=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Wu.prototype)}};Qu=Wu=gi([fi({type:Re.Sequence,itemType:Ne.ObjectIdentifier})],Qu);class qu{constructor(t={}){this.permitUnSpecified=true;Object.assign(this,t)}}gi([yi({type:Ne.Integer,optional:true})],qu.prototype,"pathLenConstraint",void 0);gi([yi({type:Qu,implicit:true,context:0,optional:true})],qu.prototype,"permittedAttrs",void 0);gi([yi({type:Qu,implicit:true,context:1,optional:true})],qu.prototype,"excludedAttrs",void 0);gi([yi({type:Ne.Boolean,defaultValue:true})],qu.prototype,"permitUnSpecified",void 0);class zu{constructor(t={}){this.issuer=new zi;this.serial=new ArrayBuffer(0);this.issuerUID=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:zi})],zu.prototype,"issuer",void 0);gi([yi({type:Ne.Integer,converter:_e})],zu.prototype,"serial",void 0);gi([yi({type:Ne.BitString,optional:true})],zu.prototype,"issuerUID",void 0);var Ju;(function(t){t[t["publicKey"]=0]="publicKey";t[t["publicKeyCert"]=1]="publicKeyCert";t[t["otherObjectTypes"]=2]="otherObjectTypes"})(Ju||(Ju={}));class Yu{constructor(t={}){this.digestedObjectType=Ju.publicKey;this.digestAlgorithm=new fs;this.objectDigest=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.Enumerated})],Yu.prototype,"digestedObjectType",void 0);gi([yi({type:Ne.ObjectIdentifier,optional:true})],Yu.prototype,"otherObjectTypeID",void 0);gi([yi({type:fs})],Yu.prototype,"digestAlgorithm",void 0);gi([yi({type:Ne.BitString})],Yu.prototype,"objectDigest",void 0);class Zu{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zi,optional:true})],Zu.prototype,"issuerName",void 0);gi([yi({type:zu,context:0,implicit:true,optional:true})],Zu.prototype,"baseCertificateID",void 0);gi([yi({type:Yu,context:1,implicit:true,optional:true})],Zu.prototype,"objectDigestInfo",void 0);let Xu=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Mi,repeated:"sequence"})],Xu.prototype,"v1Form",void 0);gi([yi({type:Zu,context:0,implicit:true})],Xu.prototype,"v2Form",void 0);Xu=gi([fi({type:Re.Choice})],Xu);class tl{constructor(t={}){this.notBeforeTime=new Date;this.notAfterTime=new Date;Object.assign(this,t)}}gi([yi({type:Ne.GeneralizedTime})],tl.prototype,"notBeforeTime",void 0);gi([yi({type:Ne.GeneralizedTime})],tl.prototype,"notAfterTime",void 0);class el{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zu,implicit:true,context:0,optional:true})],el.prototype,"baseCertificateID",void 0);gi([yi({type:zi,implicit:true,context:1,optional:true})],el.prototype,"entityName",void 0);gi([yi({type:Yu,implicit:true,context:2,optional:true})],el.prototype,"objectDigestInfo",void 0);var il;(function(t){t[t["v2"]=1]="v2"})(il||(il={}));class rl{constructor(t={}){this.version=il.v2;this.holder=new el;this.issuer=new Xu;this.signature=new fs;this.serialNumber=new ArrayBuffer(0);this.attrCertValidityPeriod=new tl;this.attributes=[];Object.assign(this,t)}}gi([yi({type:Ne.Integer})],rl.prototype,"version",void 0);gi([yi({type:el})],rl.prototype,"holder",void 0);gi([yi({type:Xu})],rl.prototype,"issuer",void 0);gi([yi({type:fs})],rl.prototype,"signature",void 0);gi([yi({type:Ne.Integer,converter:_e})],rl.prototype,"serialNumber",void 0);gi([yi({type:tl})],rl.prototype,"attrCertValidityPeriod",void 0);gi([yi({type:Xr,repeated:"sequence"})],rl.prototype,"attributes",void 0);gi([yi({type:Ne.BitString,optional:true})],rl.prototype,"issuerUniqueID",void 0);gi([yi({type:Cs,optional:true})],rl.prototype,"extensions",void 0);class sl{constructor(t={}){this.acinfo=new rl;this.signatureAlgorithm=new fs;this.signatureValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:rl})],sl.prototype,"acinfo",void 0);gi([yi({type:fs})],sl.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ne.BitString})],sl.prototype,"signatureValue",void 0);var nl;(function(t){t[t["unmarked"]=1]="unmarked";t[t["unclassified"]=2]="unclassified";t[t["restricted"]=4]="restricted";t[t["confidential"]=8]="confidential";t[t["secret"]=16]="secret";t[t["topSecret"]=32]="topSecret"})(nl||(nl={}));class ol extends Me{}class al{constructor(t={}){this.type="";this.value=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier,implicit:true,context:0})],al.prototype,"type",void 0);gi([yi({type:Ne.Any,implicit:true,context:1})],al.prototype,"value",void 0);class cl{constructor(t={}){this.policyId="";this.classList=new ol(nl.unclassified);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],cl.prototype,"policyId",void 0);gi([yi({type:ol,defaultValue:new ol(nl.unclassified)})],cl.prototype,"classList",void 0);gi([yi({type:al,repeated:"set"})],cl.prototype,"securityCategories",void 0);class ul{constructor(t={}){Object.assign(this,t)}}gi([yi({type:Ke})],ul.prototype,"cotets",void 0);gi([yi({type:Ne.ObjectIdentifier})],ul.prototype,"oid",void 0);gi([yi({type:Ne.Utf8String})],ul.prototype,"string",void 0);class ll{constructor(t={}){this.values=[];Object.assign(this,t)}}gi([yi({type:zi,implicit:true,context:0,optional:true})],ll.prototype,"policyAuthority",void 0);gi([yi({type:ul,repeated:"sequence"})],ll.prototype,"values",void 0);var hl;class pl{constructor(t={}){this.targetCertificate=new zu;Object.assign(this,t)}}gi([yi({type:zu})],pl.prototype,"targetCertificate",void 0);gi([yi({type:Mi,optional:true})],pl.prototype,"targetName",void 0);gi([yi({type:Yu,optional:true})],pl.prototype,"certDigestInfo",void 0);let dl=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Mi,context:0,implicit:true})],dl.prototype,"targetName",void 0);gi([yi({type:Mi,context:1,implicit:true})],dl.prototype,"targetGroup",void 0);gi([yi({type:pl,context:2,implicit:true})],dl.prototype,"targetCert",void 0);dl=gi([fi({type:Re.Choice})],dl);let fl=hl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,hl.prototype)}};fl=hl=gi([fi({type:Re.Sequence,itemType:dl})],fl);var yl;let Sl=yl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,yl.prototype)}};Sl=yl=gi([fi({type:Re.Sequence,itemType:fl})],Sl);class Al{constructor(t={}){Object.assign(this,t)}}gi([yi({type:zi,implicit:true,context:0,optional:true})],Al.prototype,"roleAuthority",void 0);gi([yi({type:Mi,implicit:true,context:1})],Al.prototype,"roleName",void 0);class vl{constructor(t={}){this.service=new Mi;this.ident=new Mi;Object.assign(this,t)}}gi([yi({type:Mi})],vl.prototype,"service",void 0);gi([yi({type:Mi})],vl.prototype,"ident",void 0);gi([yi({type:Ke,optional:true})],vl.prototype,"authInfo",void 0);const ml="0.4.0.9496";const Cl=`${ml}.6`;let gl=class t{constructor(t={}){this.codeAuthority=new Mi;this.codeId=new Mi;this.shortName="";this.shortDescription="";Object.assign(this,t)}};gi([yi({type:Mi,context:0})],gl.prototype,"codeAuthority",void 0);gi([yi({type:Mi,context:1})],gl.prototype,"codeId",void 0);gi([yi({type:Ne.Utf8String,context:2})],gl.prototype,"shortName",void 0);gi([yi({type:Ne.Utf8String,context:3})],gl.prototype,"shortDescription",void 0);gl=gi([fi({type:Re.Sequence})],gl);let wl=class t extends Oi{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};wl=gi([fi({type:Re.Sequence})],wl);const El=`${ml}.1`;let bl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};bl=gi([fi({type:Re.Sequence})],bl);const Pl=`${ml}.2`;let Dl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Dl=gi([fi({type:Re.Sequence})],Dl);const Il=`${ml}.3`;let Bl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Bl=gi([fi({type:Re.Sequence})],Bl);const xl=`${ml}.4`;let Tl=class t extends wl{constructor(t){super(t);Object.setPrototypeOf(this,Oi.prototype)}};Tl=gi([fi({type:Re.Sequence})],Tl);const Ol=`${ml}.8`;let kl=class t{constructor(t={}){this.location="";this.base=0;this.degree=0;Object.assign(this,t)}toString(){return`${this.base} x 10^${this.degree} ${this.location}`}};gi([yi({type:Ne.PrintableString})],kl.prototype,"location",void 0);gi([yi({type:Ne.Integer})],kl.prototype,"base",void 0);gi([yi({type:Ne.Integer})],kl.prototype,"degree",void 0);kl=gi([fi({type:Re.Sequence})],kl);const Rl=`${ml}.9`;let Nl=class t{constructor(t={}){this.stars5=0;this.stars4=0;this.stars3=0;this.stars2=0;this.stars1=0;Object.assign(this,t)}};gi([yi({type:Ne.Integer})],Nl.prototype,"stars5",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars4",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars3",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars2",void 0);gi([yi({type:Ne.Integer})],Nl.prototype,"stars1",void 0);Nl=gi([fi({type:Re.Sequence})],Nl);const Ml=`${ml}.5`;let Kl=class t{constructor(t={}){this.DNBvsDNO=new Me(0);this.DNBvsDNT=new Me(0);this.DNOvsDNT=new Me(0);Object.assign(this,t)}};gi([yi({type:Me,context:0})],Kl.prototype,"DNBvsDNO",void 0);gi([yi({type:Me,context:1})],Kl.prototype,"DNBvsDNT",void 0);gi([yi({type:Me,context:2})],Kl.prototype,"DNOvsDNT",void 0);Kl=gi([fi({type:Re.Sequence})],Kl);const Hl=`${ml}.7`;let Ul=class t{constructor(t={}){this.assessmentAuthority=new Mi;this.assessmentRef=new Mi;this.assessmentLocation=new Mi;this.dataStorageTerritory="";this.description="";Object.assign(this,t)}};gi([yi({type:Mi,context:0})],Ul.prototype,"assessmentAuthority",void 0);gi([yi({type:Mi,context:1})],Ul.prototype,"assessmentRef",void 0);gi([yi({type:Mi,context:2})],Ul.prototype,"assessmentLocation",void 0);gi([yi({type:Ne.PrintableString,context:3})],Ul.prototype,"dataStorageTerritory",void 0);gi([yi({type:Ne.Utf8String,context:4})],Ul.prototype,"description",void 0);Ul=gi([fi({type:Re.Sequence})],Ul);class jl{constructor(t={}){this.issuer=new Oi;this.serialNumber=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Oi})],jl.prototype,"issuer",void 0);gi([yi({type:Ne.Integer,converter:_e})],jl.prototype,"serialNumber",void 0);let _l=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true})],_l.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:jl})],_l.prototype,"issuerAndSerialNumber",void 0);_l=gi([fi({type:Re.Choice})],_l);var Fl;(function(t){t[t["v0"]=0]="v0";t[t["v1"]=1]="v1";t[t["v2"]=2]="v2";t[t["v3"]=3]="v3";t[t["v4"]=4]="v4";t[t["v5"]=5]="v5"})(Fl||(Fl={}));let Vl=class t extends fs{};Vl=gi([fi({type:Re.Sequence})],Vl);let Ll=class t extends fs{};Ll=gi([fi({type:Re.Sequence})],Ll);let $l=class t extends fs{};$l=gi([fi({type:Re.Sequence})],$l);let Gl=class t extends fs{};Gl=gi([fi({type:Re.Sequence})],Gl);let Wl=class t extends fs{};Wl=gi([fi({type:Re.Sequence})],Wl);let Ql=class t extends fs{};Ql=gi([fi({type:Re.Sequence})],Ql);class ql{constructor(t={}){this.attrType="";this.attrValues=[];Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],ql.prototype,"attrType",void 0);gi([yi({type:Ne.Any,repeated:"set"})],ql.prototype,"attrValues",void 0);var zl;class Jl{constructor(t={}){this.version=Fl.v0;this.sid=new _l;this.digestAlgorithm=new Vl;this.signatureAlgorithm=new Ll;this.signature=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Jl.prototype,"version",void 0);gi([yi({type:_l})],Jl.prototype,"sid",void 0);gi([yi({type:Vl})],Jl.prototype,"digestAlgorithm",void 0);gi([yi({type:ql,repeated:"set",context:0,implicit:true,optional:true})],Jl.prototype,"signedAttrs",void 0);gi([yi({type:Ll})],Jl.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ke})],Jl.prototype,"signature",void 0);gi([yi({type:ql,repeated:"set",context:1,implicit:true,optional:true})],Jl.prototype,"unsignedAttrs",void 0);let Yl=zl=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,zl.prototype)}};Yl=zl=gi([fi({type:Re.Set,itemType:Jl})],Yl);let Zl=class t extends Ss{};Zl=gi([fi({type:Re.Choice})],Zl);let Xl=class t extends Jl{};Xl=gi([fi({type:Re.Sequence})],Xl);var th;class eh{constructor(t={}){this.otherCertFormat="";this.otherCert=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],eh.prototype,"otherCertFormat",void 0);gi([yi({type:Ne.Any})],eh.prototype,"otherCert",void 0);let ih=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Es})],ih.prototype,"certificate",void 0);gi([yi({type:sl,context:2,implicit:true})],ih.prototype,"v2AttrCert",void 0);gi([yi({type:eh,context:3,implicit:true})],ih.prototype,"other",void 0);ih=gi([fi({type:Re.Choice})],ih);let rh=th=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,th.prototype)}};rh=th=gi([fi({type:Re.Set,itemType:ih})],rh);class sh{constructor(t={}){this.contentType="";this.content=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],sh.prototype,"contentType",void 0);gi([yi({type:Ne.Any,context:0})],sh.prototype,"content",void 0);let nh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Ke})],nh.prototype,"single",void 0);gi([yi({type:Ne.Any})],nh.prototype,"any",void 0);nh=gi([fi({type:Re.Choice})],nh);class oh{constructor(t={}){this.eContentType="";Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],oh.prototype,"eContentType",void 0);gi([yi({type:nh,context:0,optional:true})],oh.prototype,"eContent",void 0);let ah=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:Ke,context:0,implicit:true,optional:true})],ah.prototype,"value",void 0);gi([yi({type:Ke,converter:Ge,context:0,implicit:true,optional:true,repeated:"sequence"})],ah.prototype,"constructedValue",void 0);ah=gi([fi({type:Re.Choice})],ah);class ch{constructor(t={}){this.contentType="";this.contentEncryptionAlgorithm=new Gl;Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],ch.prototype,"contentType",void 0);gi([yi({type:Gl})],ch.prototype,"contentEncryptionAlgorithm",void 0);gi([yi({type:ah,optional:true})],ch.prototype,"encryptedContent",void 0);class uh{constructor(t={}){this.keyAttrId="";Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],uh.prototype,"keyAttrId",void 0);gi([yi({type:Ne.Any,optional:true})],uh.prototype,"keyAttr",void 0);var lh;class hh{constructor(t={}){this.subjectKeyIdentifier=new ss;Object.assign(this,t)}}gi([yi({type:ss})],hh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:Ne.GeneralizedTime,optional:true})],hh.prototype,"date",void 0);gi([yi({type:uh,optional:true})],hh.prototype,"other",void 0);let ph=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:hh,context:0,implicit:true,optional:true})],ph.prototype,"rKeyId",void 0);gi([yi({type:jl,optional:true})],ph.prototype,"issuerAndSerialNumber",void 0);ph=gi([fi({type:Re.Choice})],ph);class dh{constructor(t={}){this.rid=new ph;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:ph})],dh.prototype,"rid",void 0);gi([yi({type:Ke})],dh.prototype,"encryptedKey",void 0);let fh=lh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,lh.prototype)}};fh=lh=gi([fi({type:Re.Sequence,itemType:dh})],fh);class yh{constructor(t={}){this.algorithm=new fs;this.publicKey=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:fs})],yh.prototype,"algorithm",void 0);gi([yi({type:Ne.BitString})],yh.prototype,"publicKey",void 0);let Sh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true,optional:true})],Sh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:yh,context:1,implicit:true,optional:true})],Sh.prototype,"originatorKey",void 0);gi([yi({type:jl,optional:true})],Sh.prototype,"issuerAndSerialNumber",void 0);Sh=gi([fi({type:Re.Choice})],Sh);class Ah{constructor(t={}){this.version=Fl.v3;this.originator=new Sh;this.keyEncryptionAlgorithm=new $l;this.recipientEncryptedKeys=new fh;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Ah.prototype,"version",void 0);gi([yi({type:Sh,context:0})],Ah.prototype,"originator",void 0);gi([yi({type:Ke,context:1,optional:true})],Ah.prototype,"ukm",void 0);gi([yi({type:$l})],Ah.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:fh})],Ah.prototype,"recipientEncryptedKeys",void 0);let vh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:ss,context:0,implicit:true})],vh.prototype,"subjectKeyIdentifier",void 0);gi([yi({type:jl})],vh.prototype,"issuerAndSerialNumber",void 0);vh=gi([fi({type:Re.Choice})],vh);class mh{constructor(t={}){this.version=Fl.v0;this.rid=new vh;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],mh.prototype,"version",void 0);gi([yi({type:vh})],mh.prototype,"rid",void 0);gi([yi({type:$l})],mh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],mh.prototype,"encryptedKey",void 0);class Ch{constructor(t={}){this.keyIdentifier=new Ke;Object.assign(this,t)}}gi([yi({type:Ke})],Ch.prototype,"keyIdentifier",void 0);gi([yi({type:Ne.GeneralizedTime,optional:true})],Ch.prototype,"date",void 0);gi([yi({type:uh,optional:true})],Ch.prototype,"other",void 0);class gh{constructor(t={}){this.version=Fl.v4;this.kekid=new Ch;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],gh.prototype,"version",void 0);gi([yi({type:Ch})],gh.prototype,"kekid",void 0);gi([yi({type:$l})],gh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],gh.prototype,"encryptedKey",void 0);class wh{constructor(t={}){this.version=Fl.v0;this.keyEncryptionAlgorithm=new $l;this.encryptedKey=new Ke;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],wh.prototype,"version",void 0);gi([yi({type:Ql,context:0,optional:true})],wh.prototype,"keyDerivationAlgorithm",void 0);gi([yi({type:$l})],wh.prototype,"keyEncryptionAlgorithm",void 0);gi([yi({type:Ke})],wh.prototype,"encryptedKey",void 0);class Eh{constructor(t={}){this.oriType="";this.oriValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Eh.prototype,"oriType",void 0);gi([yi({type:Ne.Any})],Eh.prototype,"oriValue",void 0);let bh=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:mh,optional:true})],bh.prototype,"ktri",void 0);gi([yi({type:Ah,context:1,implicit:true,optional:true})],bh.prototype,"kari",void 0);gi([yi({type:gh,context:2,implicit:true,optional:true})],bh.prototype,"kekri",void 0);gi([yi({type:wh,context:3,implicit:true,optional:true})],bh.prototype,"pwri",void 0);gi([yi({type:Eh,context:4,implicit:true,optional:true})],bh.prototype,"ori",void 0);bh=gi([fi({type:Re.Choice})],bh);var Ph;let Dh=Ph=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Ph.prototype)}};Dh=Ph=gi([fi({type:Re.Set,itemType:bh})],Dh);var Ih;class Bh{constructor(t={}){this.otherRevInfoFormat="";this.otherRevInfo=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Bh.prototype,"otherRevInfoFormat",void 0);gi([yi({type:Ne.Any})],Bh.prototype,"otherRevInfo",void 0);let xh=class t{constructor(t={}){this.other=new Bh;Object.assign(this,t)}};gi([yi({type:Bh,context:1,implicit:true})],xh.prototype,"other",void 0);xh=gi([fi({type:Re.Choice})],xh);let Th=Ih=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Ih.prototype)}};Th=Ih=gi([fi({type:Re.Set,itemType:xh})],Th);class Oh{constructor(t={}){Object.assign(this,t)}}gi([yi({type:rh,context:0,implicit:true,optional:true})],Oh.prototype,"certs",void 0);gi([yi({type:Th,context:1,implicit:true,optional:true})],Oh.prototype,"crls",void 0);var kh;let Rh=kh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,kh.prototype)}};Rh=kh=gi([fi({type:Re.Set,itemType:ql})],Rh);class Nh{constructor(t={}){this.version=Fl.v0;this.recipientInfos=new Dh;this.encryptedContentInfo=new ch;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Nh.prototype,"version",void 0);gi([yi({type:Oh,context:0,implicit:true,optional:true})],Nh.prototype,"originatorInfo",void 0);gi([yi({type:Dh})],Nh.prototype,"recipientInfos",void 0);gi([yi({type:ch})],Nh.prototype,"encryptedContentInfo",void 0);gi([yi({type:Rh,context:1,implicit:true,optional:true})],Nh.prototype,"unprotectedAttrs",void 0);var Mh;let Kh=Mh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Mh.prototype)}};Kh=Mh=gi([fi({type:Re.Set,itemType:Vl})],Kh);class Hh{constructor(t={}){this.version=Fl.v0;this.digestAlgorithms=new Kh;this.encapContentInfo=new oh;this.signerInfos=new Yl;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Hh.prototype,"version",void 0);gi([yi({type:Kh})],Hh.prototype,"digestAlgorithms",void 0);gi([yi({type:oh})],Hh.prototype,"encapContentInfo",void 0);gi([yi({type:rh,context:0,implicit:true,optional:true})],Hh.prototype,"certificates",void 0);gi([yi({type:Th,context:1,implicit:true,optional:true})],Hh.prototype,"crls",void 0);gi([yi({type:Yl})],Hh.prototype,"signerInfos",void 0);var Uh;class jh{constructor(t={}){this.attrId="";this.attrValues=[];Object.assign(t)}}gi([yi({type:Ne.ObjectIdentifier})],jh.prototype,"attrId",void 0);gi([yi({type:Ne.Any,repeated:"set"})],jh.prototype,"attrValues",void 0);let _h=Uh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Uh.prototype)}};_h=Uh=gi([fi({type:Re.Sequence,itemType:jh})],_h);var Fh;let Vh=Fh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Fh.prototype)}};Vh=Fh=gi([fi({type:Re.Sequence,itemType:sh})],Vh);class Lh{constructor(t={}){this.certId="";this.certValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Lh.prototype,"certId",void 0);gi([yi({type:Ne.Any,context:0})],Lh.prototype,"certValue",void 0);class $h{constructor(t={}){this.crlId="";this.crltValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],$h.prototype,"crlId",void 0);gi([yi({type:Ne.Any,context:0})],$h.prototype,"crltValue",void 0);let Gh=class t extends Nn{};Gh=gi([fi({type:Re.Sequence})],Gh);let Wh=class t extends xn{};Wh=gi([fi({type:Re.Sequence})],Wh);class Qh{constructor(t={}){this.secretTypeId="";this.secretValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Qh.prototype,"secretTypeId",void 0);gi([yi({type:Ne.Any,context:0})],Qh.prototype,"secretValue",void 0);class qh{constructor(t={}){this.mac=new An;this.macSalt=new Ke;this.iterations=1;Object.assign(this,t)}}gi([yi({type:An})],qh.prototype,"mac",void 0);gi([yi({type:Ke})],qh.prototype,"macSalt",void 0);gi([yi({type:Ne.Integer,defaultValue:1})],qh.prototype,"iterations",void 0);class zh{constructor(t={}){this.version=3;this.authSafe=new sh;this.macData=new qh;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],zh.prototype,"version",void 0);gi([yi({type:sh})],zh.prototype,"authSafe",void 0);gi([yi({type:qh,optional:true})],zh.prototype,"macData",void 0);var Jh;class Yh{constructor(t={}){this.bagId="";this.bagValue=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Ne.ObjectIdentifier})],Yh.prototype,"bagId",void 0);gi([yi({type:Ne.Any,context:0})],Yh.prototype,"bagValue",void 0);gi([yi({type:jh,repeated:"set",optional:true})],Yh.prototype,"bagAttributes",void 0);let Zh=Jh=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Jh.prototype)}};Zh=Jh=gi([fi({type:Re.Sequence,itemType:Yh})],Zh);var Xh,tp,ep;const ip="1.2.840.113549.1.9";const rp=`${ip}.2`;const sp=`${ip}.7`;const np=`${ip}.14`;let op=class t extends Di{constructor(t={}){super(t)}toString(){return this.ia5String||super.toString()}};gi([yi({type:Ne.IA5String})],op.prototype,"ia5String",void 0);op=gi([fi({type:Re.Choice})],op);let ap=class t extends sh{};ap=gi([fi({type:Re.Sequence})],ap);let cp=class t extends zh{};cp=gi([fi({type:Re.Sequence})],cp);let up=class t extends xn{};up=gi([fi({type:Re.Sequence})],up);let lp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.IA5String})],lp.prototype,"value",void 0);lp=gi([fi({type:Re.Choice})],lp);let hp=class t extends op{};hp=gi([fi({type:Re.Choice})],hp);let pp=class t extends Di{};pp=gi([fi({type:Re.Choice})],pp);let dp=class t{constructor(t=new Date){this.value=t}};gi([yi({type:Ne.GeneralizedTime})],dp.prototype,"value",void 0);dp=gi([fi({type:Re.Choice})],dp);let fp=class t extends Di{};fp=gi([fi({type:Re.Choice})],fp);let yp=class t{constructor(t="M"){this.value=t}toString(){return this.value}};gi([yi({type:Ne.PrintableString})],yp.prototype,"value",void 0);yp=gi([fi({type:Re.Choice})],yp);let Sp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.PrintableString})],Sp.prototype,"value",void 0);Sp=gi([fi({type:Re.Choice})],Sp);let Ap=class t extends Sp{};Ap=gi([fi({type:Re.Choice})],Ap);let vp=class t extends Di{};vp=gi([fi({type:Re.Choice})],vp);let mp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.ObjectIdentifier})],mp.prototype,"value",void 0);mp=gi([fi({type:Re.Choice})],mp);let Cp=class t extends Ss{};Cp=gi([fi({type:Re.Choice})],Cp);let gp=class t{constructor(t=0){this.value=t}toString(){return this.value.toString()}};gi([yi({type:Ne.Integer})],gp.prototype,"value",void 0);gp=gi([fi({type:Re.Choice})],gp);let wp=class t extends Jl{};wp=gi([fi({type:Re.Sequence})],wp);let Ep=class t extends Di{};Ep=gi([fi({type:Re.Choice})],Ep);let bp=Xh=class t extends Cs{constructor(t){super(t);Object.setPrototypeOf(this,Xh.prototype)}};bp=Xh=gi([fi({type:Re.Sequence})],bp);let Pp=tp=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,tp.prototype)}};Pp=tp=gi([fi({type:Re.Set,itemType:ql})],Pp);let Dp=class t{constructor(t=""){this.value=t}toString(){return this.value}};gi([yi({type:Ne.BmpString})],Dp.prototype,"value",void 0);Dp=gi([fi({type:Re.Choice})],Dp);let Ip=class t extends fs{};Ip=gi([fi({type:Re.Sequence})],Ip);let Bp=ep=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,ep.prototype)}};Bp=ep=gi([fi({type:Re.Sequence,itemType:Ip})],Bp);const xp="1.3.6.1.4.1.22112.2.1";let Tp=class t{constructor(t={}){Object.assign(this,t)}};gi([yi({type:jl})],Tp.prototype,"signer",void 0);gi([yi({type:Es,optional:true})],Tp.prototype,"cert",void 0);Tp=gi([fi({type:Re.Sequence})],Tp);var Op;let kp=Op=class t extends mi{constructor(t){super(t);Object.setPrototypeOf(this,Op.prototype)}};kp=Op=gi([fi({type:Re.Sequence,itemType:Xr})],kp);class Rp{constructor(t={}){this.version=0;this.subject=new Oi;this.subjectPKInfo=new ys;this.attributes=new kp;Object.assign(this,t)}}gi([yi({type:Ne.Integer})],Rp.prototype,"version",void 0);gi([yi({type:Oi})],Rp.prototype,"subject",void 0);gi([yi({type:ys})],Rp.prototype,"subjectPKInfo",void 0);gi([yi({type:kp,implicit:true,context:0})],Rp.prototype,"attributes",void 0);class Np{constructor(t={}){this.certificationRequestInfo=new Rp;this.signatureAlgorithm=new fs;this.signature=new ArrayBuffer(0);Object.assign(this,t)}}gi([yi({type:Rp})],Np.prototype,"certificationRequestInfo",void 0);gi([yi({type:fs})],Np.prototype,"signatureAlgorithm",void 0);gi([yi({type:Ne.BitString})],Np.prototype,"signature",void 0);let Mp=globalThis.crypto;function Kp(){return Mp}class Hp extends Error{code;constructor(t,e){super(t);this.code=e;this.name=this.constructor.name;if(Error.captureStackTrace){Error.captureStackTrace(this,this.constructor)}}}class Up extends Hp{constructor(t,e){const i=e?` Supported: ${e.join(", ")}`:"";super(`Unsupported algorithm: ${t}.${i}`,"UNSUPPORTED_ALGORITHM")}}class jp extends Hp{constructor(t,e){const i=e?` Expected: ${e}`:"";super(`Invalid format: ${t}.${i}`,"INVALID_FORMAT")}}class _p extends Hp{constructor(t,e){const i=e?` Supported: ${e.join(", ")}`:"";super(`Unsupported key type: ${t}.${i}`,"UNSUPPORTED_KEY_TYPE")}}class Fp extends Hp{constructor(t){const e=t?`Invalid SSH private key format: ${t}`:"Invalid SSH private key format";super(e,"INVALID_PRIVATE_KEY_FORMAT")}}class Vp extends Hp{constructor(t){const e=t?`Encrypted SSH private keys are not supported (cipher: ${t})`:"Encrypted SSH private keys are not supported";super(e,"ENCRYPTED_KEY_NOT_SUPPORTED")}}class Lp extends Hp{constructor(t){const e=t?`Invalid key data: ${t}`:"Invalid key data";super(e,"INVALID_KEY_DATA")}}class $p extends Hp{constructor(t,e){const i=t!==undefined&&e!==undefined?` Expected ${t} bytes, got ${e}`:"";super(`Unexpected end of data${i}`,"UNEXPECTED_EOF")}}const Gp=new TextEncoder;const Wp=new TextDecoder;class Qp{buffer;offset;constructor(t){this.buffer=t;this.offset=0}readUint8(){if(this.offset>=this.buffer.length){throw new $p(1,0)}return this.buffer[this.offset++]}readUint32(){const t=this.readUint8()<<24|this.readUint8()<<16|this.readUint8()<<8|this.readUint8();return t>>>0}readUint64(){const t=this.readUint32();const e=this.readUint32();return BigInt(t)<<32n|BigInt(e)}readBytes(t){if(t<0){throw new jp(`Invalid length: ${t}`)}if(this.offset+t>this.buffer.length){throw new $p(t,this.buffer.length-this.offset)}const e=this.buffer.subarray(this.offset,this.offset+t);this.offset+=t;return e}readString(){const t=this.readUint32();const e=this.readBytes(t);return Wp.decode(e)}peekString(t){if(this.offset+t>this.buffer.length){throw new $p(t,this.buffer.length-this.offset)}const e=this.buffer.subarray(this.offset,this.offset+t);return Wp.decode(e)}readMpInt(t=false){const e=this.readUint32();const i=this.readBytes(e);if(t&&i.length>1&&i[0]===0){return i.subarray(1)}return i}readMpIntSsh(){return this.readMpInt(true)}remaining(){return this.buffer.length-this.offset}getOffset(){return this.offset}seek(t){if(t<0||t>this.buffer.length){throw new jp(`Invalid offset: ${t}. Buffer length: ${this.buffer.length}`)}this.offset=t}}class qp{buffer;offset;constructor(t=1024){this.buffer=new Uint8Array(t);this.offset=0}ensureCapacity(t){const e=this.offset+t;if(e>this.buffer.length){const t=Math.max(e,this.buffer.length*2);const i=new Uint8Array(t);i.set(this.buffer.subarray(0,this.offset));this.buffer=i}}reserve(t){if(t>this.buffer.length){const e=new Uint8Array(t);e.set(this.buffer.subarray(0,this.offset));this.buffer=e}}writeUint8(t){this.ensureCapacity(1);this.buffer[this.offset++]=t&255}writeUint32(t){this.ensureCapacity(4);this.buffer[this.offset++]=t>>>24&255;this.buffer[this.offset++]=t>>>16&255;this.buffer[this.offset++]=t>>>8&255;this.buffer[this.offset++]=t&255}writeUint64(t){this.ensureCapacity(8);const e=Number(t>>32n);const i=Number(t&0xffffffffn);this.writeUint32(e);this.writeUint32(i)}writeBytes(t){this.ensureCapacity(t.length);this.buffer.set(t,this.offset);this.offset+=t.length}writeString(t){const e=Gp.encode(t);this.writeUint32(e.length);this.writeBytes(e)}writeMpInt(t,e=false){if(e&&t.length>0&&(t[0]&128)!==0){const e=new Uint8Array(t.length+1);e[0]=0;e.set(t,1);this.writeUint32(e.length);this.writeBytes(e)}else{this.writeUint32(t.length);this.writeBytes(t)}}writeMpIntSsh(t){this.writeMpInt(t,true)}toUint8Array(){return this.buffer.subarray(0,this.offset)}getOffset(){return this.offset}seek(t){if(t<0||t>this.buffer.length){throw new jp("Invalid offset")}this.offset=t}}class zp{hash="SHA-256";constructor(t="SHA-256"){this.hash=t}async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readMpInt(true);const o=r.readMpInt(true);const a={kty:"RSA",n:n.Convert.ToBase64Url(o),e:n.Convert.ToBase64Url(s)};return i.subtle.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.n||!r.e){throw new Lp("RSA JWK missing required parameters (n, e)")}const s=n.BufferSourceConverter.toUint8Array(n.Convert.FromBase64Url(r.n));const o=n.BufferSourceConverter.toUint8Array(n.Convert.FromBase64Url(r.e));const a=new qp;a.writeString("ssh-rsa");a.writeMpInt(o,true);a.writeMpInt(s,true);return a.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();const S=d.readMpInt(true);const A=d.readMpInt(true);const v=d.readMpInt(true);const m=d.readMpInt(true);const C=d.readMpInt(true);const g=d.readMpInt(true);d.readString();const w=BigInt("0x"+n.Convert.ToHex(v));const E=BigInt("0x"+n.Convert.ToHex(C));const b=BigInt("0x"+n.Convert.ToHex(g));const P=w%(E-1n);const D=w%(b-1n);const I=n.Convert.FromHex(P.toString(16).padStart(C.length*2,"0"));const B=n.Convert.FromHex(D.toString(16).padStart(g.length*2,"0"));const x={kty:"RSA",n:n.Convert.ToBase64Url(S),e:n.Convert.ToBase64Url(A),d:n.Convert.ToBase64Url(v),p:n.Convert.ToBase64Url(C),q:n.Convert.ToBase64Url(g),dp:n.Convert.ToBase64Url(I),dq:n.Convert.ToBase64Url(B),qi:n.Convert.ToBase64Url(m)};return i.subtle.importKey("jwk",x,{name:"RSASSA-PKCS1-v1_5",hash:this.hash},true,["sign"])}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.n||!s.e||!s.d||!s.p||!s.q){throw new Lp("RSA JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.n));const a=new Uint8Array(n.Convert.FromBase64Url(s.e));const c=new Uint8Array(n.Convert.FromBase64Url(s.d));const u=new Uint8Array(n.Convert.FromBase64Url(s.p));const l=new Uint8Array(n.Convert.FromBase64Url(s.q));const h=s.qi?new Uint8Array(n.Convert.FromBase64Url(s.qi)):new Uint8Array;const p=new qp;p.writeString("ssh-rsa");p.writeMpInt(o,true);p.writeMpInt(a,true);p.writeMpInt(c,true);p.writeMpInt(h,true);p.writeMpInt(u,true);p.writeMpInt(l,true);return p.toUint8Array()}async sign(t){const{privateKey:e,data:i,crypto:r,hash:s}=t;if(s&&s!==this.hash){throw new Lp(`Hash ${s} not supported for this RSA algorithm`)}if(!e.extractable){throw new Lp("Private key is not extractable")}const o=await this.exportPrivatePkcs8({privateKey:e,crypto:r});const a=await this.importPrivatePkcs8({pkcs8:new Uint8Array(o),crypto:r});const c=await r.subtle.sign("RSASSA-PKCS1-v1_5",a,i);return n.BufferSourceConverter.toUint8Array(c)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s,hash:n}=t;if(n&&n!==this.hash){return false}if(!e.extractable){throw new Lp("Public key is not extractable")}const o=await this.exportPublicSpki({publicKey:e,crypto:s});const a=await this.importPublicSpki({spki:new Uint8Array(o),crypto:s});return s.subtle.verify("RSASSA-PKCS1-v1_5",a,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;const r=new qp;r.writeString(i);r.writeUint32(e.byteLength);r.writeBytes(e);return r.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="RSASSA-PKCS1-v1_5"}parsePublicKey(t){const e=t.readBytes(t.readUint32());const i=t.readBytes(t.readUint32());const r=new qp;r.writeString("ssh-rsa");r.writeMpInt(e);r.writeMpInt(i);return{type:"ssh-rsa",keyData:r.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readMpInt();const s=i.readMpInt();t.writeUint32(r.length);t.writeBytes(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return"ssh-rsa-cert-v01@openssh.com"}getSignatureAlgo(){return this.hash==="SHA-256"?"rsa-sha2-256":"rsa-sha2-512"}}class Jp{curveName;sshType;namedCurve;constructor(t,e,i){this.curveName=t;this.sshType=e;this.namedCurve=i}getHashAlgorithm(){switch(this.namedCurve){case"P-256":return"SHA-256";case"P-384":return"SHA-384";case"P-521":return"SHA-512";default:return"SHA-256"}}getExpectedLength(){switch(this.namedCurve){case"P-256":return 32;case"P-384":return 48;case"P-521":return 66;default:return 32}}getSignatureCoordLength(){return this.getExpectedLength()}async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readString();if(s!==this.curveName){throw new Lp(`ECDSA curve name ${s}, expected ${this.curveName}`)}const o=r.readMpInt();const a=Math.floor((o.length-1)/2);const c={kty:"EC",crv:this.namedCurve,x:n.Convert.ToBase64Url(o.slice(1,1+a)),y:n.Convert.ToBase64Url(o.slice(1+a))};return i.subtle.importKey("jwk",c,{name:"ECDSA",namedCurve:this.namedCurve},true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.x||!r.y){throw new Lp("ECDSA JWK missing x or y parameters")}const s=new Uint8Array(n.Convert.FromBase64Url(r.x));const o=new Uint8Array(n.Convert.FromBase64Url(r.y));const a=new Uint8Array(1+s.length+o.length);a[0]=4;a.set(s,1);a.set(o,1+s.length);const c=new qp;c.writeString(this.sshType);c.writeString(this.curveName);c.writeMpInt(a);return c.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,{name:"ECDSA",namedCurve:this.namedCurve},true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,{name:"ECDSA",namedCurve:this.namedCurve},true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.d||!s.x||!s.y){throw new Lp("ECDSA private key JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.x));const a=new Uint8Array(n.Convert.FromBase64Url(s.y));const c=new Uint8Array(n.Convert.FromBase64Url(s.d));const u=new Uint8Array(1+o.length+a.length);u[0]=4;u.set(o,1);u.set(a,1+o.length);const l=new qp;l.writeString(this.sshType);l.writeString(this.curveName);l.writeMpInt(u);l.writeMpInt(c);return l.toUint8Array()}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();d.readString();const S=d.readMpInt();const A=d.readMpInt();d.readString();if(S[0]!==4){throw new Lp("invalid ECDSA public key point format")}const v=Math.floor((S.length-1)/2);const m=S.slice(1,1+v);const C=S.slice(1+v);const g={kty:"EC",crv:this.namedCurve,x:n.Convert.ToBase64Url(m),y:n.Convert.ToBase64Url(C),d:n.Convert.ToBase64Url(A)};return i.subtle.importKey("jwk",g,{name:"ECDSA",namedCurve:this.namedCurve},true,["sign"])}async sign(t){const{privateKey:e,data:i,crypto:r,hash:s}=t;const o=this.getHashAlgorithm();if(s&&s!==o){throw new Lp(`ECDSA ${this.namedCurve} requires ${o}, got ${s}`)}const a=await r.subtle.sign({name:"ECDSA",hash:o},e,i);return n.BufferSourceConverter.toUint8Array(a)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s,hash:n}=t;const o=this.getHashAlgorithm();if(n&&n!==o){throw new Lp(`ECDSA ${this.namedCurve} requires ${o}, got ${n}`)}return s.subtle.verify({name:"ECDSA",hash:o},e,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;if(i.startsWith("ecdsa-sha2-")){const t=this.getSignatureCoordLength();const r=e.subarray(0,t);const s=e.subarray(t);const n=new qp;n.writeString(i);const o=new qp;o.writeMpInt(r,true);o.writeMpInt(s,true);const a=o.toUint8Array();n.writeUint32(a.length);n.writeBytes(a);return n.toUint8Array()}const r=new qp;r.writeString(i);r.writeUint32(e.byteLength);r.writeBytes(e);return r.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);if(r.startsWith("ecdsa-sha2-")){const t=new Qp(n);let e=t.readMpInt();let i=t.readMpInt();if(e[0]===0&&e.length>1&&(e[1]&128)===0){e=e.slice(1)}if(i[0]===0&&i.length>1&&(i[1]&128)===0){i=i.slice(1)}const s=this.getExpectedLength();const o=new Uint8Array(s);const a=new Uint8Array(s);if(e.length<=s){o.set(e,s-e.length)}else{o.set(e.slice(e.length-s),0)}if(i.length<=s){a.set(i,s-i.length)}else{a.set(i.slice(i.length-s),0)}const c=new Uint8Array([...o,...a]);return{signature:c,algo:r}}return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="ECDSA"&&t.algorithm.namedCurve===this.namedCurve}parsePublicKey(t){const e=t.readString();if(e!==this.curveName){throw new Lp(`ECDSA certificate curve name ${e}, expected ${this.curveName}`)}const i=t.readBytes(t.readUint32());const r=new qp;r.writeString(this.sshType);r.writeString(e);r.writeMpInt(i);return{type:this.sshType,keyData:r.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readString();const s=i.readMpInt();t.writeString(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return`${this.sshType}-cert-v01@openssh.com`}getSignatureAlgo(){return this.sshType}}const Yp=new Jp("nistp256","ecdsa-sha2-nistp256","P-256");const Zp=new Jp("nistp384","ecdsa-sha2-nistp384","P-384");const Xp=new Jp("nistp521","ecdsa-sha2-nistp521","P-521");class td{async importPublicSsh(t){const{blob:e,crypto:i}=t;const r=new Qp(e);r.readString();const s=r.readUint32();if(s!==32){throw new Lp(`Ed25519 key length ${s}, expected 32`)}const n=r.readBytes(s);return i.subtle.importKey("raw",n,"Ed25519",true,["verify"])}async exportPublicSsh(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("jwk",e);if(!r.x){throw new Lp("Ed25519 JWK missing x parameter")}const s=new Uint8Array(n.Convert.FromBase64Url(r.x));const o=new qp;o.writeString("ssh-ed25519");o.writeUint32(s.length);o.writeBytes(s);return o.toUint8Array()}async importPublicSpki(t){const{spki:e,crypto:i}=t;return i.subtle.importKey("spki",e,"Ed25519",true,["verify"])}async exportPublicSpki(t){const{publicKey:e,crypto:i}=t;const r=await i.subtle.exportKey("spki",e);return n.BufferSourceConverter.toUint8Array(r)}async importPrivatePkcs8(t){const{pkcs8:e,crypto:i}=t;return i.subtle.importKey("pkcs8",e,"Ed25519",true,["sign"])}async exportPrivatePkcs8(t){const{privateKey:e,crypto:i}=t;const r=await i.subtle.exportKey("pkcs8",e);return n.BufferSourceConverter.toUint8Array(r)}async exportPrivateSsh(t){const{privateKey:e,crypto:i,jwk:r}=t;const s=r||await i.subtle.exportKey("jwk",e);if(!s.d||!s.x){throw new Lp("Ed25519 private key JWK missing required parameters")}const o=new Uint8Array(n.Convert.FromBase64Url(s.d));const a=new Uint8Array(n.Convert.FromBase64Url(s.x));const c=new qp;c.writeString("ssh-ed25519");c.writeUint32(a.length);c.writeBytes(a);const u=new Uint8Array(64);u.set(o,0);u.set(a,32);c.writeUint32(u.length);c.writeBytes(u);return c.toUint8Array()}async importPrivateSsh(t){const{sshKey:e,crypto:i}=t;const r=e.replace(/-----BEGIN OPENSSH PRIVATE KEY-----/,"").replace(/-----END OPENSSH PRIVATE KEY-----/,"").replace(/\s/g,"");const s=n.Convert.FromBase64(r);const o=new Qp(n.BufferSourceConverter.toUint8Array(s));const a=o.readBytes(15);if(n.Convert.ToHex(a)!=="6f70656e7373682d6b65792d763100"){throw new Fp("invalid magic string")}const c=o.readString();o.readString();o.readString();if(c!=="none"){throw new Vp(c)}const u=o.readUint32();if(u!==1){throw new Fp("multiple keys not supported")}const l=o.readUint32();o.readBytes(l);const h=o.readUint32();const p=o.readBytes(h);const d=new Qp(p);const f=d.readUint32();const y=d.readUint32();if(f!==y){throw new Fp("invalid checkints")}d.readString();const S=d.readUint32();const A=d.readBytes(S);const v=d.readUint32();const m=d.readBytes(v);d.readString();const C=m.slice(0,32);const g={kty:"OKP",crv:"Ed25519",d:n.Convert.ToBase64Url(C),x:n.Convert.ToBase64Url(A)};return i.subtle.importKey("jwk",g,"Ed25519",true,["sign"])}async sign(t){const{privateKey:e,data:i,crypto:r}=t;const s=await r.subtle.sign("Ed25519",e,i);return n.BufferSourceConverter.toUint8Array(s)}async verify(t){const{publicKey:e,signature:i,data:r,crypto:s}=t;return s.subtle.verify("Ed25519",e,i,r)}encodeSignature(t){const{signature:e,algo:i}=t;const r=new Uint8Array(e);const s=new qp;s.writeString(i);s.writeUint32(r.length);s.writeBytes(r);return s.toUint8Array()}decodeSignature(t){const{signature:e}=t;const i=new Qp(e);const r=i.readString();const s=i.readUint32();const n=i.readBytes(s);return{signature:n,algo:r}}supportsCryptoKey(t){return t.algorithm.name==="Ed25519"}parsePublicKey(t){const e=t.readBytes(t.readUint32());const i=new qp;i.writeString("ssh-ed25519");i.writeUint32(e.length);i.writeBytes(e);return{type:"ssh-ed25519",keyData:i.toUint8Array()}}writePublicKey(t,e){const i=new Qp(e.keyData);i.readString();const r=i.readUint32();const s=i.readBytes(r);t.writeUint32(s.length);t.writeBytes(s)}getCertificateType(){return"ssh-ed25519-cert-v01@openssh.com"}getSignatureAlgo(){return"ssh-ed25519"}}const ed=new Map;class id{static get(t){const e=ed.get(t);if(!e){throw new _p(t,Array.from(ed.keys()))}return e}static register(t,e){ed.set(t,e)}static getSshTypeFromCryptoKey(t){for(const[e,i]of ed.entries()){if(i.supportsCryptoKey(t)){return e}}throw new _p(t.algorithm.name,Array.from(ed.keys()))}static certTypeToKeyType(t){const e={"ssh-rsa-cert-v01@openssh.com":"ssh-rsa","ssh-ed25519-cert-v01@openssh.com":"ssh-ed25519","ecdsa-sha2-nistp256-cert-v01@openssh.com":"ecdsa-sha2-nistp256","ecdsa-sha2-nistp384-cert-v01@openssh.com":"ecdsa-sha2-nistp384","ecdsa-sha2-nistp521-cert-v01@openssh.com":"ecdsa-sha2-nistp521"};return e[t]}static getSupportedCertTypes(){return Object.keys({"ssh-rsa-cert-v01@openssh.com":"ssh-rsa","ssh-ed25519-cert-v01@openssh.com":"ssh-ed25519","ecdsa-sha2-nistp256-cert-v01@openssh.com":"ecdsa-sha2-nistp256","ecdsa-sha2-nistp384-cert-v01@openssh.com":"ecdsa-sha2-nistp384","ecdsa-sha2-nistp521-cert-v01@openssh.com":"ecdsa-sha2-nistp521"})}}id.register("ssh-ed25519",new td);id.register("ssh-rsa",new zp("SHA-256"));id.register("rsa-sha2-256",new zp("SHA-256"));id.register("rsa-sha2-512",new zp("SHA-512"));id.register("ecdsa-sha2-nistp256",Yp);id.register("ecdsa-sha2-nistp384",Zp);id.register("ecdsa-sha2-nistp521",Xp);function rd(t){const e=typeof t==="string"?t.trim().split(/\s+/):null;if(!e||e.length<2){throw new jp("Invalid SSH public key format")}const i=e[0];const r=new Uint8Array(n.Convert.FromBase64(e[1]));const s=e.length>2?e.slice(2).join(" "):undefined;const o=new Qp(r);const a=o.readString();if(a!==i){throw new jp("Key type mismatch")}return{type:i,keyData:r,comment:s}}function sd(t){const e=n.Convert.ToBase64(t.keyData);const i=[t.type,e];if(t.comment){i.push(t.comment)}return i.join(" ")}function nd(t){if(typeof t==="string"){const e=t.trim().split(/\s+/);if(e.length<2){throw new jp("SSH certificate string","type base64 [comment]")}const i=e[0];const r=new Uint8Array(n.Convert.FromBase64(e[1]));const s=e.length>2?e.slice(2).join(" "):undefined;const o=new Qp(r);const a=o.readString();if(a!==i){throw new jp(`certificate blob type ${a}`,`expected ${i}`)}return{type:i,keyData:r,comment:s}}else{const e=new Qp(t);const i=e.readString();const r=t.slice(e.getOffset());return{type:i,keyData:r}}}function od(t){const e=new Qp(t);const i=e.readString();const r=e.readBytes(e.readUint32());const s=id.certTypeToKeyType(i);if(!s){throw new Up(i,id.getSupportedCertTypes())}const n=id.get(s);const o=n.parsePublicKey(e);const a=s;const c=e.readUint64();const u=e.readUint32();const l=u===1?"user":"host";const h=e.readString();const p=e.readUint32();const d=e.readBytes(p);const f=[];if(d.length>0){const t=new Qp(d);while(t.getOffset()<d.length){try{const e=t.readString();f.push(e)}catch{break}}}const y=e.readUint64();const S=e.readUint64();const A={};const v=e.readUint32();const m=e.readBytes(v);if(m.length>0){const t=new Qp(m);while(t.getOffset()<m.length){try{const e=t.readString();const i=t.readBytes(t.readUint32());const r=i.length===0?"":Wp.decode(i);A[e]=r}catch{break}}}const C={};const g=e.readUint32();const w=e.readBytes(g);if(w.length>0){const t=new Qp(w);while(t.getOffset()<w.length){try{const e=t.readString();const i=t.readBytes(t.readUint32());const r=i.length===0?"":Wp.decode(i);C[e]=r}catch{break}}}const E=e.readUint32();const b=e.readBytes(E);const P=e.readUint32();const D=e.readBytes(P);const I=new Qp(D);const B=I.readString();const x={type:B,keyData:D};const T=e.readUint32();const O=e.readBytes(T);return{nonce:r,keyType:a,publicKey:o,serial:c,type:l,keyId:h,validPrincipals:f,validAfter:y,validBefore:S,criticalOptions:A,extensions:C,reserved:b,signatureKey:x,signature:O}}function ad(t){const e=n.Convert.ToBase64(t.keyData);const i=[t.type,e];if(t.comment){i.push(t.comment)}return i.join(" ")}function cd(t){const e=new Qp(t);if(t.length>=6&&(new TextDecoder).decode(t.subarray(0,6))==="SSHSIG"){return ud(e)}else{return ld(e)}}function ud(t){const e=t.readBytes(6);const i=(new TextDecoder).decode(e);if(i!=="SSHSIG"){throw new jp(i,"SSHSIG")}const r=t.readUint32();const s=t.readUint32();const n=t.readBytes(s);const o=t.readString();const a=t.readString();const c=t.readString();const u=t.readUint32();const l=t.readBytes(u);const h=new Qp(l);const p=h.readString();const d=h.readUint32();const f=h.readBytes(d);return{format:"ssh-signature",algorithm:p,signature:f,version:r,publicKey:n,namespace:o,reserved:a,hashAlgorithm:c}}function ld(t){const e=t.readString();const i=t.readUint32();const r=t.readBytes(i);return{format:"legacy",algorithm:e,signature:r}}function hd(t){if(t.format==="ssh-signature"){return pd(t)}else{return dd(t)}}function pd(t){const e=new qp;e.writeBytes((new TextEncoder).encode("SSHSIG"));e.writeUint32(t.version||1);if(t.publicKey){e.writeUint32(t.publicKey.length);e.writeBytes(t.publicKey)}else{e.writeUint32(0)}e.writeString(t.namespace||"file");e.writeString(t.reserved||"");e.writeString(t.hashAlgorithm||"sha512");const i=new qp;i.writeString(t.algorithm);i.writeUint32(t.signature.length);i.writeBytes(t.signature);const r=i.toUint8Array();e.writeUint32(r.length);e.writeBytes(r);return e.toUint8Array()}function dd(t){const e=new qp;e.writeString(t.algorithm);e.writeUint32(t.signature.length);e.writeBytes(t.signature);return e.toUint8Array()}class fd{}class yd extends fd{static TYPE="public-key";type=yd.TYPE;blob;cachedCryptoKey;constructor(t){super();this.blob=t}async getCryptoKey(t=Kp()){if(!this.cachedCryptoKey){const e=id.get(this.blob.type);this.cachedCryptoKey=await e.importPublicSsh({blob:this.blob.keyData,crypto:t})}return this.cachedCryptoKey}static async fromSSH(t,e=Kp()){const i=rd(t);const r=id.get(i.type);await r.importPublicSsh({blob:i.keyData,crypto:e});return new yd(i)}static async fromSPKI(t,e,i=Kp()){const r=id.get(e);const s=await r.importPublicSpki({spki:t,crypto:i});const n=await r.exportPublicSsh({publicKey:s,crypto:i});const o={type:e,keyData:n};return new yd(o)}static async fromWebCrypto(t,e,i=Kp()){const r=e||id.getSshTypeFromCryptoKey(t);const s=id.get(r);const n=await s.exportPublicSsh({publicKey:t,crypto:i});const o={type:r,keyData:n};return new yd(o)}async export(t="ssh",e=Kp()){if(t==="ssh"){return sd(this.blob)}else if(t==="spki"){const t=await this.getCryptoKey(e);const i=id.get(this.blob.type);const r=await i.exportPublicSpki({publicKey:t,crypto:e});return new Uint8Array(r)}throw new _p(`Unsupported export format: ${t}`)}async toSSH(){const t=await this.export("ssh");return t}async toSPKI(){const t=await this.export("spki");return t}async toWebCrypto(t=Kp()){return this.getCryptoKey(t)}async verify(t,e,i,r=Kp()){const s=id.get(t);const n=await this.toWebCrypto(r);return s.verify({publicKey:n,signature:e,data:i,crypto:r})}get keyType(){return this.blob.type}get comment(){return this.blob.comment}getBlob(){return{...this.blob}}async thumbprint(t="sha256",e=Kp()){const i=t==="sha256"?"SHA-256":"SHA-512";const r=this.blob.keyData;const s=await e.subtle.digest(i,r);return new Uint8Array(s)}}class Sd extends fd{static TYPE="signature";type=Sd.TYPE;blob;format;algorithm;signature;version;publicKey;namespace;reserved;hashAlgorithm;constructor(t){super();this.blob=t;this.format=t.format;this.algorithm=t.algorithm;this.signature=t.signature;this.version=t.version;this.namespace=t.namespace;this.reserved=t.reserved;this.hashAlgorithm=t.hashAlgorithm;if(t.publicKey){const e=new Qp(t.publicKey);const i=e.readString();this.publicKey=new yd({type:i,keyData:t.publicKey})}}static parse(t){const e=cd(t);return new Sd(e)}static fromBlob(t){return new Sd(t)}static fromBase64(t){const e=new Uint8Array(n.Convert.FromBase64(t));return Sd.parse(e)}static fromText(t){const e=t.replace(/-----BEGIN SSH SIGNATURE-----/,"").replace(/-----END SSH SIGNATURE-----/,"").replace(/[\r\n\s]/g,"");return Sd.fromBase64(e)}serialize(){return hd(this.blob)}toBase64(){return n.Convert.ToBase64(this.serialize())}toText(){const t=this.toBase64();const e=[];for(let i=0;i<t.length;i+=70){e.push(t.substring(i,i+70))}return["-----BEGIN SSH SIGNATURE-----",...e,"-----END SSH SIGNATURE-----"].join("\n")}async toSSH(){return this.toText()}async verify(t,e){const i=id.get(this.algorithm);const r=await e["getCryptoKey"]();const s=Kp();let n=t;if(this.format==="ssh-signature"){const e=this.hashAlgorithm||"sha512";const i=this.namespace||"file";const r=this.reserved||"";const o=e==="sha256"?"SHA-256":"SHA-512";const a=await s.subtle.digest(o,t);const c=new Uint8Array(a);const u=new qp;u.writeBytes((new TextEncoder).encode("SSHSIG"));u.writeString(i);u.writeString(r);u.writeString(e);u.writeUint32(c.length);u.writeBytes(c);n=u.toUint8Array()}let o;if(this.algorithm==="rsa-sha2-256"){o="SHA-256"}else if(this.algorithm==="rsa-sha2-512"){o="SHA-512"}let a;if(this.format==="legacy"||this.format==="ssh-signature"){const t=new qp;t.writeString(this.algorithm);t.writeUint32(this.signature.length);t.writeBytes(this.signature);const e=t.toUint8Array();const r=i.decodeSignature({signature:e});a=r.signature}else{a=this.signature}return i.verify({publicKey:r,signature:a,data:n,crypto:s,hash:o})}static fromLegacy(t,e){const i=id.get(t);const r=i.encodeSignature({signature:e,algo:t});const s=new Qp(r);s.readString();const n=s.readUint32();const o=s.readBytes(n);return new Sd({format:"legacy",algorithm:t,signature:o})}static fromSshSignature(t,e,i={}){const r={format:"ssh-signature",algorithm:t,signature:e,version:i.version||1,publicKey:i.publicKey?i.publicKey.getBlob().keyData:undefined,namespace:i.namespace||"file",reserved:i.reserved||"",hashAlgorithm:i.hashAlgorithm||"sha512"};return new Sd(r)}static async sign(t,e,i,r={}){const{format:s="legacy",namespace:n="file"}=r;if(s==="legacy"){const r=await e.sign(t,i);const s=t||e.keyType;return Sd.fromLegacy(s,r)}else{const r=t;const s=id.get(r);const o=t==="rsa-sha2-256"?"sha256":"sha512";const a=await e.getPublicKey();const c=Kp();const u=o==="sha256"?"SHA-256":"SHA-512";const l=await c.subtle.digest(u,i);const h=new Uint8Array(l);const p=new qp;p.writeBytes((new TextEncoder).encode("SSHSIG"));p.writeString(n);p.writeString("");p.writeString(o);p.writeUint32(h.length);p.writeBytes(h);const d=p.toUint8Array();const f=await e.sign(r,d);const y=s.encodeSignature({signature:f,algo:r});const S=new Qp(y);S.readString();const A=S.readUint32();const v=S.readBytes(A);return Sd.fromSshSignature(r,v,{namespace:n,hashAlgorithm:o,publicKey:a})}}}let Ad=class t extends fd{static TYPE="certificate";type=t.TYPE;_blob;data;_validAfter;_validBefore;keyId;principals;certType;serial;validAfter;validBefore;publicKey;signatureKey;criticalOptions;extensions;constructor(t){super();this._blob=t;this.data=od(t.keyData);this._validAfter=this.data.validAfter;this._validBefore=this.data.validBefore;this.keyId=this.data.keyId;this.principals=this.data.validPrincipals;this.certType=this.data.type;this.serial=this.data.serial;this.validAfter=new Date(Number(this.data.validAfter)*1e3);this.validBefore=new Date(Number(this.data.validBefore)*1e3);this.publicKey=new yd(this.data.publicKey);this.signatureKey=new yd(this.data.signatureKey);this.criticalOptions={...this.data.criticalOptions};this.extensions={...this.data.extensions}}static async fromSSH(e){const i=nd(e);return new t(i)}static async fromBlob(e){return new t(e)}async toSSH(){return ad(this._blob)}toBlob(){return{...this._blob}}get blob(){return this.toBlob()}validate(t=new Date){const e=BigInt(Math.floor(t.getTime()/1e3));const i=this._validAfter;const r=this._validBefore;const s=0xffffffffffffffffn;const n=r===s?e:r;return e>=i&&e<=n}async verify(t,e=Kp()){const i=t||this.signatureKey;const r=this.getSignedData();const s=Sd.parse(this.data.signature);const n=id.get(s.algorithm);const o=await i.toWebCrypto(e);return n.verify({publicKey:o,signature:s.signature,data:r,crypto:e})}getSignedData(){const t=new Qp(this._blob.keyData);t.readString();t.readBytes(t.readUint32());if(this.data.keyType==="ssh-ed25519"){t.readBytes(t.readUint32())}else if(this.data.keyType==="ssh-rsa"){t.readBytes(t.readUint32());t.readBytes(t.readUint32())}else if(this.data.keyType.startsWith("ecdsa-sha2-")){t.readString();t.readBytes(t.readUint32())}t.readUint64();t.readUint32();t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readUint64();t.readUint64();t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readBytes(t.readUint32());t.readBytes(t.readUint32());const e=t.getOffset();return this._blob.keyData.slice(0,e)}};var vd=undefined&&undefined.__classPrivateFieldSet||function(t,e,i,r,s){if(r==="m")throw new TypeError("Private method is not writable");if(r==="a"&&!s)throw new TypeError("Private accessor was defined without a setter");if(typeof e==="function"?t!==e||!s:!e.has(t))throw new TypeError("Cannot write private member to an object whose class did not declare it");return r==="a"?s.call(t,i):s?s.value=i:e.set(t,i),i};var md=undefined&&undefined.__classPrivateFieldGet||function(t,e,i,r){if(i==="a"&&!r)throw new TypeError("Private accessor was defined without a getter");if(typeof e==="function"?t!==e||!r:!e.has(t))throw new TypeError("Cannot read private member from an object whose class did not declare it");return i==="m"?r:i==="a"?r.call(t):r?r.value:e.get(t)};var Cd;class gd{constructor(t){Cd.set(this,void 0);const e=nd(t.trim());vd(this,Cd,new Ad(e),"f");this.notBefore=md(this,Cd,"f").validAfter;this.notAfter=md(this,Cd,"f").validBefore;this.validity=oo(this.notBefore,this.notAfter);this.type=[md(this,Cd,"f").blob.type,md(this,Cd,"f").certType,md(this,Cd,"f").type].join(" ");this.serialNumber=md(this,Cd,"f").serial.toString();this.keyId=md(this,Cd,"f").keyId;this.principals=md(this,Cd,"f").principals;this.extensions=md(this,Cd,"f").extensions;this.criticalOptions=md(this,Cd,"f").criticalOptions}async parseSignatureKey(){const t=await md(this,Cd,"f").signatureKey.toWebCrypto();const e=md(this,Cd,"f").signatureKey.getBlob();const i=await md(this,Cd,"f").signatureKey.thumbprint("sha256");this.signatureKey={algorithm:t.algorithm.name,type:e.type,value:await md(this,Cd,"f").signatureKey.toSSH(),thumbprint:n.Convert.ToBase64(i)}}async parsePublicKey(){const t=await md(this,Cd,"f").publicKey.toWebCrypto();const e=md(this,Cd,"f").publicKey.getBlob();const i=await md(this,Cd,"f").publicKey.thumbprint("sha256");this.publicKey={algorithm:t.algorithm.name,type:e.type,value:await md(this,Cd,"f").publicKey.toSSH(),thumbprint:n.Convert.ToBase64(i)}}async toString(t="pem"){return md(this,Cd,"f").toSSH()}get commonName(){return md(this,Cd,"f").principals.join("_")||md(this,Cd,"f").keyId||md(this,Cd,"f").certType}async downloadAsSSH(t){o.certSSH.asSSH(await this.toString(),t||this.commonName)}}Cd=new WeakMap;export{ca as $,Bu as A,np as B,Es as C,o as D,js as E,rp as F,sp as G,Rl as H,kl as I,Ol as J,Hl as K,Cl as L,Ml as M,pa as N,xl as O,_u as P,Il as Q,wn as R,Pl as S,Kl as T,hp as U,Nl as V,Ul as W,El as X,Np as Y,oa as Z,no as _,oo as a,es as a$,Ke as a0,Cc as a1,Pc as a2,ms as a3,Eu as a4,Au as a5,hr as a6,ur as a7,ds as a8,ru as a9,wr as aA,vr as aB,ar as aC,Zi as aD,Qi as aE,Gi as aF,Vi as aG,wu as aH,nu as aI,lr as aJ,cr as aK,ps as aL,tu as aM,fa as aN,as as aO,ns as aP,Ic as aQ,xc as aR,vc as aS,fc as aT,Ha as aU,ac as aV,lc as aW,Na as aX,ka as aY,wa as aZ,rs as a_,$c as aa,va as ab,ls as ac,os as ad,Bc as ae,Tc as af,mc as ag,Ac as ah,Ua as ai,uc as aj,hc as ak,Ka as al,Ra as am,Ia as an,ss as ao,is as ap,Zr as aq,zr as ar,Gr as as,Lr as at,Ur as au,Mr as av,kr as aw,Tr as ax,Br as ay,Pr as az,n as b,Yr as b0,Qr as b1,$r as b2,_r as b3,Kr as b4,Nr as b5,Or as b6,xr as b7,Ir as b8,Er as b9,_e as bA,Cu as bB,au as bC,cu as bD,gr as ba,dr as bb,tr as bc,Yi as bd,Wi as be,Li as bf,_i as bg,Hh as bh,nh as bi,rh as bj,ih as bk,sh as bl,gd as bm,Oi as bn,Ri as bo,er as bp,rr as bq,Ni as br,gi as bs,yi as bt,Ne as bu,fi as bv,Re as bw,mi as bx,ba as by,Da as bz,Lu as c,t as d,Ci as e,Ls as f,Ln as g,Gn as h,Is as i,Pn as j,In as k,Dn as l,$u as m,sl as n,Ds as o,Xr as p,Ai as q,Tp as r,bp as s,Ep as t,gl as u,Tl as v,Bl as w,Dl as x,bl as y,xp as z};
135
+ //# sourceMappingURL=p-PCn0WXhQ.js.map