npm - @protontech/openpgp - Versions diffs - 6.0.0-beta.0.patch.0 → 6.0.0-beta.1 - Mend

@protontech/openpgp 6.0.0-beta.0.patch.0 → 6.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/dist/lightweight/argon2id.min.mjs +2 -2
package/dist/lightweight/argon2id.min.mjs.map +1 -1
package/dist/lightweight/argon2id.mjs +5 -28
package/dist/lightweight/legacy_ciphers.min.mjs +2 -2
package/dist/lightweight/legacy_ciphers.min.mjs.map +1 -1
package/dist/lightweight/legacy_ciphers.mjs +6 -51
package/dist/lightweight/noble_curves.min.mjs +11 -11
package/dist/lightweight/noble_curves.min.mjs.map +1 -1
package/dist/lightweight/noble_curves.mjs +477 -465
package/dist/lightweight/noble_hashes.min.mjs +2 -2
package/dist/lightweight/noble_hashes.min.mjs.map +1 -1
package/dist/lightweight/noble_hashes.mjs +19 -31
package/dist/lightweight/openpgp.min.mjs +2 -2
package/dist/lightweight/openpgp.min.mjs.map +1 -1
package/dist/lightweight/openpgp.mjs +591 -457
package/dist/lightweight/sha3.min.mjs +3 -3
package/dist/lightweight/sha3.min.mjs.map +1 -1
package/dist/lightweight/sha3.mjs +80 -80
package/dist/node/openpgp.cjs +1245 -5442
package/dist/node/openpgp.min.cjs +11 -12
package/dist/node/openpgp.min.cjs.map +1 -1
package/dist/node/openpgp.min.mjs +11 -12
package/dist/node/openpgp.min.mjs.map +1 -1
package/dist/node/openpgp.mjs +1245 -5442
package/dist/openpgp.js +1238 -5435
package/dist/openpgp.min.js +11 -12
package/dist/openpgp.min.js.map +1 -1
package/dist/openpgp.min.mjs +11 -12
package/dist/openpgp.min.mjs.map +1 -1
package/dist/openpgp.mjs +1238 -5435
package/openpgp.d.ts +61 -60
package/package.json +16 -10
package/dist/lightweight/bn.interface.min.mjs +0 -3
package/dist/lightweight/bn.interface.min.mjs.map +0 -1
package/dist/lightweight/bn.interface.mjs +0 -3807
package/dist/lightweight/interface.min.mjs +0 -3
package/dist/lightweight/interface.min.mjs.map +0 -1
package/dist/lightweight/interface.mjs +0 -16
package/dist/lightweight/native.interface.min.mjs +0 -3
package/dist/lightweight/native.interface.min.mjs.map +0 -1
package/dist/lightweight/native.interface.mjs +0 -456

package/dist/lightweight/openpgp.mjs CHANGED Viewed

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.0.patch.0 - 2024-04-19 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.0-beta.1 - 2024-05-17 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 const doneWritingPromise = Symbol('doneWritingPromise');
@@ -1660,7 +1660,7 @@ var config = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 6.0.0-beta.0.patch.0',
+  versionString: 'OpenPGP.js 6.0.0-beta.1',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -1721,27 +1721,6 @@ var config = {
   rejectCurves: new Set([enums.curve.secp256k1])
 };
-/**
- * We don't use the BigIntegerInterface wrapper from noble-hashes because:
- * - importing the instance results in it being shared with noble-hashes, which separately calls `setImplementation()`
- *  on load, causing it to throw due to duplicate initialization.
- * - even duplicating the interface code here to keep a separate instance requires handing a race-conditions the first time
- * `getBigInteger` is called, when the code needs to check if the implementation is set, and initialize it if not.
- * Ultimately, the interface provides no advantages and it's only needed because of TS.
- */
-const detectBigInt = () => typeof BigInt !== 'undefined';
-async function getBigInteger() {
-  if (detectBigInt()) {
-    // NativeBigInteger is small, so it's imported in isolation (it could also be imported at the top level)
-    const { default: NativeBigInteger } = await import('./native.interface.mjs');
-    return NativeBigInteger;
-  } else {
-    // FallbackBigInteger relies on large BN.js lib, which is also used by noble-hashes and noble-curves
-    const { default: FallbackBigInteger } = await import('./bn.interface.mjs');
-    return FallbackBigInteger;
-  }
-}
 // GPG4Browsers - An OpenPGP implementation in javascript
 // Copyright (C) 2011 Recurity Labs GmbH
 //
@@ -1783,8 +1762,6 @@ const util = {
   isStream: isStream,
-  getBigInteger,
   /**
    * Load noble-curves lib on demand and return the requested curve function
    * @param {enums.publicKey} publicKeyAlgo
@@ -2506,7 +2483,7 @@ function b64ToUint8Array(base64) {
  */
 function uint8ArrayToB64(bytes, url) {
   let encoded = encode$1(bytes).replace(/[\r\n]/g, '');
-  if (url) {
+  {
     encoded = encoded.replace(/[+]/g, '-').replace(/[/]/g, '_').replace(/[=]/g, '');
   }
   return encoded;
@@ -4293,7 +4270,7 @@ function is_bytes(a) {
     return a instanceof Uint8Array;
 }
 function _heap_init(heap, heapSize) {
-    const size = heap ? heap.byteLength : heapSize || 65536;
+    const size = heap ? heap.byteLength : 65536;
     if (size & 0xfff || size <= 0)
         throw new Error('heap size must be a positive integer and a multiple of 4096');
     heap = heap || new Uint8Array(new ArrayBuffer(size));
@@ -5850,6 +5827,202 @@ var mode = {
   ocb: OCB
 };
+// Operations are not constant time, but we try and limit timing leakage where we can
+const _0n$1 = BigInt(0);
+const _1n$4 = BigInt(1);
+function uint8ArrayToBigInt(bytes) {
+    const hexAlphabet = '0123456789ABCDEF';
+    let s = '';
+    bytes.forEach(v => {
+        s += hexAlphabet[v >> 4] + hexAlphabet[v & 15];
+    });
+    return BigInt('0x0' + s);
+}
+function mod$1(a, m) {
+    const reduced = a % m;
+    return reduced < _0n$1 ? reduced + m : reduced;
+}
+/**
+ * Compute modular exponentiation using square and multiply
+ * @param {BigInt} a - Base
+ * @param {BigInt} e - Exponent
+ * @param {BigInt} n - Modulo
+ * @returns {BigInt} b ** e mod n.
+ */
+function modExp(b, e, n) {
+    if (n === _0n$1)
+        throw Error('Modulo cannot be zero');
+    if (n === _1n$4)
+        return BigInt(0);
+    if (e < _0n$1)
+        throw Error('Unsopported negative exponent');
+    let exp = e;
+    let x = b;
+    x %= n;
+    let r = BigInt(1);
+    while (exp > _0n$1) {
+        const lsb = exp & _1n$4;
+        exp >>= _1n$4; // e / 2
+        // Always compute multiplication step, to reduce timing leakage
+        const rx = (r * x) % n;
+        // Update r only if lsb is 1 (odd exponent)
+        r = lsb ? rx : r;
+        x = (x * x) % n; // Square
+    }
+    return r;
+}
+function abs(x) {
+    return x >= _0n$1 ? x : -x;
+}
+/**
+ * Extended Eucleadian algorithm (http://anh.cs.luc.edu/331/notes/xgcd.pdf)
+ * Given a and b, compute (x, y) such that ax + by = gdc(a, b).
+ * Negative numbers are also supported.
+ * @param {BigInt} a - First operand
+ * @param {BigInt} b - Second operand
+ * @returns {{ gcd, x, y: bigint }}
+ */
+function _egcd(aInput, bInput) {
+    let x = BigInt(0);
+    let y = BigInt(1);
+    let xPrev = BigInt(1);
+    let yPrev = BigInt(0);
+    // Deal with negative numbers: run algo over absolute values,
+    // and "move" the sign to the returned x and/or y.
+    // See https://math.stackexchange.com/questions/37806/extended-euclidean-algorithm-with-negative-numbers
+    let a = abs(aInput);
+    let b = abs(bInput);
+    const aNegated = aInput < _0n$1;
+    const bNegated = bInput < _0n$1;
+    while (b !== _0n$1) {
+        const q = a / b;
+        let tmp = x;
+        x = xPrev - q * x;
+        xPrev = tmp;
+        tmp = y;
+        y = yPrev - q * y;
+        yPrev = tmp;
+        tmp = b;
+        b = a % b;
+        a = tmp;
+    }
+    return {
+        x: aNegated ? -xPrev : xPrev,
+        y: bNegated ? -yPrev : yPrev,
+        gcd: a
+    };
+}
+/**
+ * Compute the inverse of `a` modulo `n`
+ * Note: `a` and and `n` must be relatively prime
+ * @param {BigInt} a
+ * @param {BigInt} n - Modulo
+ * @returns {BigInt} x such that a*x = 1 mod n
+ * @throws {Error} if the inverse does not exist
+ */
+function modInv(a, n) {
+    const { gcd, x } = _egcd(a, n);
+    if (gcd !== _1n$4) {
+        throw new Error('Inverse does not exist');
+    }
+    return mod$1(x + n, n);
+}
+/**
+ * Compute greatest common divisor between this and n
+ * @param {BigInt} aInput - Operand
+ * @param {BigInt} bInput - Operand
+ * @returns {BigInt} gcd
+ */
+function gcd(aInput, bInput) {
+    let a = aInput;
+    let b = bInput;
+    while (b !== _0n$1) {
+        const tmp = b;
+        b = a % b;
+        a = tmp;
+    }
+    return a;
+}
+/**
+ * Get this value as an exact Number (max 53 bits)
+ * Fails if this value is too large
+ * @returns {Number}
+ */
+function bigIntToNumber(x) {
+    const number = Number(x);
+    if (number > Number.MAX_SAFE_INTEGER) {
+        // We throw and error to conform with the bn.js implementation
+        throw new Error('Number can only safely store up to 53 bits');
+    }
+    return number;
+}
+/**
+ * Get value of i-th bit
+ * @param {BigInt} x
+ * @param {Number} i - Bit index
+ * @returns {Number} Bit value.
+ */
+function getBit(x, i) {
+    const bit = (x >> BigInt(i)) & _1n$4;
+    return bit === _0n$1 ? 0 : 1;
+}
+/**
+ * Compute bit length
+ */
+function bitLength(x) {
+    // -1n >> -1n is -1n
+    // 1n >> 1n is 0n
+    const target = x < _0n$1 ? BigInt(-1) : _0n$1;
+    let bitlen = 1;
+    let tmp = x;
+    // eslint-disable-next-line no-cond-assign
+    while ((tmp >>= _1n$4) !== target) {
+        bitlen++;
+    }
+    return bitlen;
+}
+/**
+ * Compute byte length
+ */
+function byteLength(x) {
+    const target = x < _0n$1 ? BigInt(-1) : _0n$1;
+    const _8n = BigInt(8);
+    let len = 1;
+    let tmp = x;
+    // eslint-disable-next-line no-cond-assign
+    while ((tmp >>= _8n) !== target) {
+        len++;
+    }
+    return len;
+}
+/**
+ * Get Uint8Array representation of this number
+ * @param {String} endian - Endianess of output array (defaults to 'be')
+ * @param {Number} length - Of output array
+ * @returns {Uint8Array}
+ */
+function bigIntToUint8Array(x, endian = 'be', length) {
+    // we get and parse the hex string (https://coolaj86.com/articles/convert-js-bigints-to-typedarrays/)
+    // this is faster than shift+mod iterations
+    let hex = x.toString(16);
+    if (hex.length % 2 === 1) {
+        hex = '0' + hex;
+    }
+    const rawLength = hex.length / 2;
+    const bytes = new Uint8Array(length || rawLength);
+    // parse hex
+    const offset = length ? length - rawLength : 0;
+    let i = 0;
+    while (i < rawLength) {
+        bytes[i + offset] = parseInt(hex.slice(2 * i, 2 * i + 2), 16);
+        i++;
+    }
+    if (endian !== 'be') {
+        bytes.reverse();
+    }
+    return bytes;
+}
 // GPG4Browsers - An OpenPGP implementation in javascript
 // Copyright (C) 2011 Recurity Labs GmbH
 //
@@ -5889,27 +6062,25 @@ function getRandomBytes(length) {
 }
 /**
- * Create a secure random BigInteger that is greater than or equal to min and less than max.
- * @param {module:BigInteger} min - Lower bound, included
- * @param {module:BigInteger} max - Upper bound, excluded
- * @returns {Promise<module:BigInteger>} Random BigInteger.
+ * Create a secure random BigInt that is greater than or equal to min and less than max.
+ * @param {bigint} min - Lower bound, included
+ * @param {bigint} max - Upper bound, excluded
+ * @returns {bigint} Random BigInt.
  * @async
  */
-async function getRandomBigInteger(min, max) {
-  const BigInteger = await util.getBigInteger();
-  if (max.lt(min)) {
+function getRandomBigInteger(min, max) {
+  if (max < min) {
     throw new Error('Illegal parameter value: max <= min');
   }
-  const modulus = max.sub(min);
-  const bytes = modulus.byteLength();
+  const modulus = max - min;
+  const bytes = byteLength(modulus);
   // Using a while loop is necessary to avoid bias introduced by the mod operation.
   // However, we request 64 extra random bits so that the bias is negligible.
   // Section B.1.1 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
-  const r = new BigInteger(getRandomBytes(bytes + 8));
-  return r.mod(modulus).add(min);
+  const r = uint8ArrayToBigInt(getRandomBytes(bytes + 8));
+  return mod$1(r, modulus) + min;
 }
 var random = /*#__PURE__*/Object.freeze({
@@ -5934,177 +6105,159 @@ var random = /*#__PURE__*/Object.freeze({
 // You should have received a copy of the GNU Lesser General Public
 // License along with this library; if not, write to the Free Software
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+/**
+ * @fileoverview Algorithms for probabilistic random prime generation
+ * @module crypto/public_key/prime
+ */
+const _1n$3 = BigInt(1);
 /**
  * Generate a probably prime random number
- * @param {Integer} bits - Bit length of the prime
- * @param {BigInteger} e - Optional RSA exponent to check against the prime
- * @param {Integer} k - Optional number of iterations of Miller-Rabin test
- * @returns BigInteger
- * @async
+ * @param bits - Bit length of the prime
+ * @param e - Optional RSA exponent to check against the prime
+ * @param k - Optional number of iterations of Miller-Rabin test
  */
-async function randomProbablePrime(bits, e, k) {
-  const BigInteger = await util.getBigInteger();
-  const one = new BigInteger(1);
-  const min = one.leftShift(new BigInteger(bits - 1));
-  const thirty = new BigInteger(30);
-  /*
-   * We can avoid any multiples of 3 and 5 by looking at n mod 30
-   * n mod 30 = 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
-   * the next possible prime is mod 30:
-   *            1  7  7  7  7  7  7 11 11 11 11 13 13 17 17 17 17 19 19 23 23 23 23 29 29 29 29 29 29 1
-   */
-  const adds = [1, 6, 5, 4, 3, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 6, 5, 4, 3, 2, 1, 2];
-  const n = await getRandomBigInteger(min, min.leftShift(one));
-  let i = n.mod(thirty).toNumber();
-  do {
-    n.iadd(new BigInteger(adds[i]));
-    i = (i + adds[i]) % adds.length;
-    // If reached the maximum, go back to the minimum.
-    if (n.bitLength() > bits) {
-      n.imod(min.leftShift(one)).iadd(min);
-      i = n.mod(thirty).toNumber();
-    }
-  } while (!await isProbablePrime(n, e, k));
-  return n;
+function randomProbablePrime(bits, e, k) {
+    const _30n = BigInt(30);
+    const min = _1n$3 << BigInt(bits - 1);
+    /*
+     * We can avoid any multiples of 3 and 5 by looking at n mod 30
+     * n mod 30 = 0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
+     * the next possible prime is mod 30:
+     *            1  7  7  7  7  7  7 11 11 11 11 13 13 17 17 17 17 19 19 23 23 23 23 29 29 29 29 29 29 1
+     */
+    const adds = [1, 6, 5, 4, 3, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 2, 1, 4, 3, 2, 1, 6, 5, 4, 3, 2, 1, 2];
+    let n = getRandomBigInteger(min, min << _1n$3);
+    let i = bigIntToNumber(mod$1(n, _30n));
+    do {
+        n += BigInt(adds[i]);
+        i = (i + adds[i]) % adds.length;
+        // If reached the maximum, go back to the minimum.
+        if (bitLength(n) > bits) {
+            n = mod$1(n, min << _1n$3);
+            n += min;
+            i = bigIntToNumber(mod$1(n, _30n));
+        }
+    } while (!isProbablePrime(n, e, k));
+    return n;
 }
 /**
  * Probabilistic primality testing
- * @param {BigInteger} n - Number to test
- * @param {BigInteger} e - Optional RSA exponent to check against the prime
- * @param {Integer} k - Optional number of iterations of Miller-Rabin test
- * @returns {boolean}
- * @async
+ * @param n - Number to test
+ * @param e - Optional RSA exponent to check against the prime
+ * @param k - Optional number of iterations of Miller-Rabin test
  */
-async function isProbablePrime(n, e, k) {
-  if (e && !n.dec().gcd(e).isOne()) {
-    return false;
-  }
-  if (!await divisionTest(n)) {
-    return false;
-  }
-  if (!await fermat(n)) {
-    return false;
-  }
-  if (!await millerRabin(n, k)) {
-    return false;
-  }
-  // TODO implement the Lucas test
-  // See Section C.3.3 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
-  return true;
+function isProbablePrime(n, e, k) {
+    if (e && gcd(n - _1n$3, e) !== _1n$3) {
+        return false;
+    }
+    if (!divisionTest(n)) {
+        return false;
+    }
+    if (!fermat(n)) {
+        return false;
+    }
+    if (!millerRabin(n, k)) {
+        return false;
+    }
+    // TODO implement the Lucas test
+    // See Section C.3.3 here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
+    return true;
 }
 /**
  * Tests whether n is probably prime or not using Fermat's test with b = 2.
  * Fails if b^(n-1) mod n != 1.
- * @param {BigInteger} n - Number to test
- * @param {BigInteger} b - Optional Fermat test base
- * @returns {boolean}
+ * @param n - Number to test
+ * @param b - Optional Fermat test base
  */
-async function fermat(n, b) {
-  const BigInteger = await util.getBigInteger();
-  b = b || new BigInteger(2);
-  return b.modExp(n.dec(), n).isOne();
+function fermat(n, b = BigInt(2)) {
+    return modExp(b, n - _1n$3, n) === _1n$3;
 }
-async function divisionTest(n) {
-  const BigInteger = await util.getBigInteger();
-  return smallPrimes.every(m => {
-    return n.mod(new BigInteger(m)) !== 0;
-  });
+function divisionTest(n) {
+    const _0n = BigInt(0);
+    return smallPrimes.every(m => mod$1(n, m) !== _0n);
 }
 // https://github.com/gpg/libgcrypt/blob/master/cipher/primegen.c
 const smallPrimes = [
-  7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43,
-  47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101,
-  103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
-  157, 163, 167, 173, 179, 181, 191, 193, 197, 199,
-  211, 223, 227, 229, 233, 239, 241, 251, 257, 263,
-  269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
-  331, 337, 347, 349, 353, 359, 367, 373, 379, 383,
-  389, 397, 401, 409, 419, 421, 431, 433, 439, 443,
-  449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
-  509, 521, 523, 541, 547, 557, 563, 569, 571, 577,
-  587, 593, 599, 601, 607, 613, 617, 619, 631, 641,
-  643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
-  709, 719, 727, 733, 739, 743, 751, 757, 761, 769,
-  773, 787, 797, 809, 811, 821, 823, 827, 829, 839,
-  853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
-  919, 929, 937, 941, 947, 953, 967, 971, 977, 983,
-  991, 997, 1009, 1013, 1019, 1021, 1031, 1033,
-  1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091,
-  1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151,
-  1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213,
-  1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277,
-  1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307,
-  1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399,
-  1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451,
-  1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493,
-  1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559,
-  1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609,
-  1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667,
-  1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733,
-  1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789,
-  1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871,
-  1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931,
-  1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997,
-  1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053,
-  2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111,
-  2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161,
-  2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243,
-  2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
-  2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357,
-  2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411,
-  2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473,
-  2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
-  2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633,
-  2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687,
-  2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729,
-  2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791,
-  2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851,
-  2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917,
-  2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999,
-  3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061,
-  3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137,
-  3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209,
-  3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271,
-  3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331,
-  3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391,
-  3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467,
-  3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
-  3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583,
-  3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643,
-  3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709,
-  3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779,
-  3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851,
-  3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917,
-  3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989,
-  4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049,
-  4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111,
-  4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177,
-  4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243,
-  4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297,
-  4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391,
-  4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457,
-  4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519,
-  4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597,
-  4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657,
-  4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
-  4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799,
-  4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889,
-  4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951,
-  4957, 4967, 4969, 4973, 4987, 4993, 4999
-];
+    7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43,
+    47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101,
+    103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
+    157, 163, 167, 173, 179, 181, 191, 193, 197, 199,
+    211, 223, 227, 229, 233, 239, 241, 251, 257, 263,
+    269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
+    331, 337, 347, 349, 353, 359, 367, 373, 379, 383,
+    389, 397, 401, 409, 419, 421, 431, 433, 439, 443,
+    449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
+    509, 521, 523, 541, 547, 557, 563, 569, 571, 577,
+    587, 593, 599, 601, 607, 613, 617, 619, 631, 641,
+    643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
+    709, 719, 727, 733, 739, 743, 751, 757, 761, 769,
+    773, 787, 797, 809, 811, 821, 823, 827, 829, 839,
+    853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
+    919, 929, 937, 941, 947, 953, 967, 971, 977, 983,
+    991, 997, 1009, 1013, 1019, 1021, 1031, 1033,
+    1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091,
+    1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151,
+    1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213,
+    1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277,
+    1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307,
+    1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399,
+    1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451,
+    1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493,
+    1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559,
+    1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609,
+    1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667,
+    1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733,
+    1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789,
+    1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871,
+    1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931,
+    1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997,
+    1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053,
+    2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111,
+    2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161,
+    2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243,
+    2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
+    2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357,
+    2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411,
+    2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473,
+    2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
+    2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633,
+    2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687,
+    2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729,
+    2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791,
+    2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851,
+    2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917,
+    2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999,
+    3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061,
+    3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137,
+    3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209,
+    3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271,
+    3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331,
+    3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391,
+    3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467,
+    3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
+    3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583,
+    3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643,
+    3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709,
+    3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779,
+    3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851,
+    3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917,
+    3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989,
+    4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049,
+    4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111,
+    4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177,
+    4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243,
+    4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297,
+    4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391,
+    4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457,
+    4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519,
+    4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597,
+    4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657,
+    4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
+    4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799,
+    4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889,
+    4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951,
+    4957, 4967, 4969, 4973, 4987, 4993, 4999
+].map(n => BigInt(n));
 // Miller-Rabin - Miller Rabin algorithm for primality test
 // Copyright Fedor Indutny, 2014.
 //
@@ -6128,63 +6281,51 @@ const smallPrimes = [
 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
 // USE OR OTHER DEALINGS IN THE SOFTWARE.
 // Adapted on Jan 2018 from version 4.0.1 at https://github.com/indutny/miller-rabin
 // Sample syntax for Fixed-Base Miller-Rabin:
 // millerRabin(n, k, () => new BN(small_primes[Math.random() * small_primes.length | 0]))
 /**
  * Tests whether n is probably prime or not using the Miller-Rabin test.
  * See HAC Remark 4.28.
- * @param {BigInteger} n - Number to test
- * @param {Integer} k - Optional number of iterations of Miller-Rabin test
- * @param {Function} rand - Optional function to generate potential witnesses
+ * @param n - Number to test
+ * @param k - Optional number of iterations of Miller-Rabin test
+ * @param rand - Optional function to generate potential witnesses
  * @returns {boolean}
  * @async
  */
-async function millerRabin(n, k, rand) {
-  const BigInteger = await util.getBigInteger();
-  const len = n.bitLength();
-  if (!k) {
-    k = Math.max(1, (len / 48) | 0);
-  }
-  const n1 = n.dec(); // n - 1
-  // Find d and s, (n - 1) = (2 ^ s) * d;
-  let s = 0;
-  while (!n1.getBit(s)) { s++; }
-  const d = n.rightShift(new BigInteger(s));
-  for (; k > 0; k--) {
-    const a = rand ? rand() : await getRandomBigInteger(new BigInteger(2), n1);
-    let x = a.modExp(d, n);
-    if (x.isOne() || x.equal(n1)) {
-      continue;
+function millerRabin(n, k, rand) {
+    const len = bitLength(n);
+    if (!k) {
+        k = Math.max(1, (len / 48) | 0);
     }
-    let i;
-    for (i = 1; i < s; i++) {
-      x = x.mul(x).mod(n);
-      if (x.isOne()) {
-        return false;
-      }
-      if (x.equal(n1)) {
-        break;
-      }
-    }
-    if (i === s) {
-      return false;
+    const n1 = n - _1n$3; // n - 1
+    // Find d and s, (n - 1) = (2 ^ s) * d;
+    let s = 0;
+    while (!getBit(n1, s)) {
+        s++;
+    }
+    const d = n >> BigInt(s);
+    for (; k > 0; k--) {
+        const a = getRandomBigInteger(BigInt(2), n1);
+        let x = modExp(a, d, n);
+        if (x === _1n$3 || x === n1) {
+            continue;
+        }
+        let i;
+        for (i = 1; i < s; i++) {
+            x = mod$1(x * x, n);
+            if (x === _1n$3) {
+                return false;
+            }
+            if (x === n1) {
+                break;
+            }
+        }
+        if (i === s) {
+            return false;
+        }
     }
-  }
-  return true;
+    return true;
 }
 // GPG4Browsers - An OpenPGP implementation in javascript
@@ -6310,7 +6451,7 @@ function emeDecode(encoded, randomPayload) {
  * @param {Integer} emLen - Intended length in octets of the encoded message
  * @returns {Uint8Array} Encoded message.
  */
-async function emsaEncode(algo, hashed, emLen) {
+function emsaEncode(algo, hashed, emLen) {
   let i;
   if (hashed.length !== hash.getHashByteLength(algo)) {
     throw new Error('Invalid hash length');
@@ -6367,6 +6508,7 @@ var pkcs1 = /*#__PURE__*/Object.freeze({
 const webCrypto$6 = util.getWebCrypto();
 const nodeCrypto$4 = util.getNodeCrypto();
+const _1n$2 = BigInt(1);
 /** Create signature
  * @param {module:enums.hash} hashAlgo - Hash algorithm
@@ -6480,16 +6622,14 @@ async function decrypt$4(data, n, e, d, p, q, u, randomPayload) {
  * @async
  */
 async function generate$5(bits, e) {
-  const BigInteger = await util.getBigInteger();
-  e = new BigInteger(e);
+  e = BigInt(e);
   // Native RSA keygen using Web Crypto
   if (util.getWebCrypto()) {
     const keyGenOpt = {
       name: 'RSASSA-PKCS1-v1_5',
       modulusLength: bits, // the specified keysize in bits
-      publicExponent: e.toUint8Array(), // take three bytes (max 65537) for exponent
+      publicExponent: bigIntToUint8Array(e), // take three bytes (max 65537) for exponent
       hash: {
         name: 'SHA-1' // not required for actual RSA keys, but for crypto api 'sign' and 'verify'
       }
@@ -6504,7 +6644,7 @@ async function generate$5(bits, e) {
   } else if (util.getNodeCrypto()) {
     const opts = {
       modulusLength: bits,
-      publicExponent: e.toNumber(),
+      publicExponent: bigIntToNumber(e),
       publicKeyEncoding: { type: 'pkcs1', format: 'jwk' },
       privateKeyEncoding: { type: 'pkcs1', format: 'jwk' }
     };
@@ -6527,26 +6667,26 @@ async function generate$5(bits, e) {
   let q;
   let n;
   do {
-    q = await randomProbablePrime(bits - (bits >> 1), e, 40);
-    p = await randomProbablePrime(bits >> 1, e, 40);
-    n = p.mul(q);
-  } while (n.bitLength() !== bits);
+    q = randomProbablePrime(bits - (bits >> 1), e, 40);
+    p = randomProbablePrime(bits >> 1, e, 40);
+    n = p * q;
+  } while (bitLength(n) !== bits);
-  const phi = p.dec().imul(q.dec());
+  const phi = (p - _1n$2) * (q - _1n$2);
-  if (q.lt(p)) {
+  if (q < p) {
     [p, q] = [q, p];
   }
   return {
-    n: n.toUint8Array(),
-    e: e.toUint8Array(),
-    d: e.modInv(phi).toUint8Array(),
-    p: p.toUint8Array(),
-    q: q.toUint8Array(),
+    n: bigIntToUint8Array(n),
+    e: bigIntToUint8Array(e),
+    d: bigIntToUint8Array(modInv(e, phi)),
+    p: bigIntToUint8Array(p),
+    q: bigIntToUint8Array(q),
     // dp: d.mod(p.subn(1)),
     // dq: d.mod(q.subn(1)),
-    u: p.modInv(q).toUint8Array()
+    u: bigIntToUint8Array(modInv(p, q))
   };
 }
@@ -6562,26 +6702,24 @@ async function generate$5(bits, e) {
  * @async
  */
 async function validateParams$8(n, e, d, p, q, u) {
-  const BigInteger = await util.getBigInteger();
-  n = new BigInteger(n);
-  p = new BigInteger(p);
-  q = new BigInteger(q);
+  n = uint8ArrayToBigInt(n);
+  p = uint8ArrayToBigInt(p);
+  q = uint8ArrayToBigInt(q);
   // expect pq = n
-  if (!p.mul(q).equal(n)) {
+  if ((p * q) !== n) {
     return false;
   }
-  const two = new BigInteger(2);
+  const _2n = BigInt(2);
   // expect p*u = 1 mod q
-  u = new BigInteger(u);
-  if (!p.mul(u).mod(q).isOne()) {
+  u = uint8ArrayToBigInt(u);
+  if (mod$1(p * u, q) !== BigInt(1)) {
     return false;
   }
-  e = new BigInteger(e);
-  d = new BigInteger(d);
+  e = uint8ArrayToBigInt(e);
+  d = uint8ArrayToBigInt(d);
   /**
    * In RSA pkcs#1 the exponents (d, e) are inverses modulo lcm(p-1, q-1)
    * We check that [de = 1 mod (p-1)] and [de = 1 mod (q-1)]
@@ -6589,11 +6727,11 @@ async function validateParams$8(n, e, d, p, q, u) {
    *
    * We blind the multiplication with r, and check that rde = r mod lcm(p-1, q-1)
    */
-  const nSizeOver3 = new BigInteger(Math.floor(n.bitLength() / 3));
-  const r = await getRandomBigInteger(two, two.leftShift(nSizeOver3)); // r in [ 2, 2^{|n|/3} ) < p and q
-  const rde = r.mul(d).mul(e);
+  const nSizeOver3 = BigInt(Math.floor(bitLength(n) / 3));
+  const r = getRandomBigInteger(_2n, _2n << nSizeOver3); // r in [ 2, 2^{|n|/3} ) < p and q
+  const rde = r * d * e;
-  const areInverses = rde.mod(p.dec()).equal(r) && rde.mod(q.dec()).equal(r);
+  const areInverses = mod$1(rde, p - _1n$2) === r && mod$1(rde, q - _1n$2) === r;
   if (!areInverses) {
     return false;
   }
@@ -6602,15 +6740,13 @@ async function validateParams$8(n, e, d, p, q, u) {
 }
 async function bnSign(hashAlgo, n, d, hashed) {
-  const BigInteger = await util.getBigInteger();
-  n = new BigInteger(n);
-  const m = new BigInteger(await emsaEncode(hashAlgo, hashed, n.byteLength()));
-  d = new BigInteger(d);
-  if (m.gte(n)) {
+  n = uint8ArrayToBigInt(n);
+  const m = uint8ArrayToBigInt(emsaEncode(hashAlgo, hashed, byteLength(n)));
+  d = uint8ArrayToBigInt(d);
+  if (m >= n) {
     throw new Error('Message size cannot exceed modulus size');
   }
-  return m.modExp(d, n).toUint8Array('be', n.byteLength());
+  return bigIntToUint8Array(modExp(m, d, n), 'be', byteLength(n));
 }
 async function webSign$1(hashName, data, n, e, d, p, q, u) {
@@ -6640,16 +6776,14 @@ async function nodeSign$1(hashAlgo, data, n, e, d, p, q, u) {
 }
 async function bnVerify(hashAlgo, s, n, e, hashed) {
-  const BigInteger = await util.getBigInteger();
-  n = new BigInteger(n);
-  s = new BigInteger(s);
-  e = new BigInteger(e);
-  if (s.gte(n)) {
+  n = uint8ArrayToBigInt(n);
+  s = uint8ArrayToBigInt(s);
+  e = uint8ArrayToBigInt(e);
+  if (s >= n) {
     throw new Error('Signature size cannot exceed modulus size');
   }
-  const EM1 = s.modExp(e, n).toUint8Array('be', n.byteLength());
-  const EM2 = await emsaEncode(hashAlgo, hashed, n.byteLength());
+  const EM1 = bigIntToUint8Array(modExp(s, e, n), 'be', byteLength(n));
+  const EM2 = emsaEncode(hashAlgo, hashed, byteLength(n));
   return util.equalsUint8Array(EM1, EM2);
 }
@@ -6671,7 +6805,7 @@ async function nodeVerify$1(hashAlgo, data, s, n, e) {
   verify.end();
   try {
-    return await verify.verify(key, s);
+    return verify.verify(key, s);
   } catch (err) {
     return false;
   }
@@ -6685,15 +6819,13 @@ async function nodeEncrypt(data, n, e) {
 }
 async function bnEncrypt(data, n, e) {
-  const BigInteger = await util.getBigInteger();
-  n = new BigInteger(n);
-  data = new BigInteger(emeEncode(data, n.byteLength()));
-  e = new BigInteger(e);
-  if (data.gte(n)) {
+  n = uint8ArrayToBigInt(n);
+  data = uint8ArrayToBigInt(emeEncode(data, byteLength(n)));
+  e = uint8ArrayToBigInt(e);
+  if (data >= n) {
     throw new Error('Message size cannot exceed modulus size');
   }
-  return data.modExp(e, n).toUint8Array('be', n.byteLength());
+  return bigIntToUint8Array(modExp(data, e, n), 'be', byteLength(n));
 }
 async function nodeDecrypt(data, n, e, d, p, q, u) {
@@ -6708,36 +6840,32 @@ async function nodeDecrypt(data, n, e, d, p, q, u) {
 }
 async function bnDecrypt(data, n, e, d, p, q, u, randomPayload) {
-  const BigInteger = await util.getBigInteger();
-  data = new BigInteger(data);
-  n = new BigInteger(n);
-  e = new BigInteger(e);
-  d = new BigInteger(d);
-  p = new BigInteger(p);
-  q = new BigInteger(q);
-  u = new BigInteger(u);
-  if (data.gte(n)) {
+  data = uint8ArrayToBigInt(data);
+  n = uint8ArrayToBigInt(n);
+  e = uint8ArrayToBigInt(e);
+  d = uint8ArrayToBigInt(d);
+  p = uint8ArrayToBigInt(p);
+  q = uint8ArrayToBigInt(q);
+  u = uint8ArrayToBigInt(u);
+  if (data >= n) {
     throw new Error('Data too large.');
   }
-  const dq = d.mod(q.dec()); // d mod (q-1)
-  const dp = d.mod(p.dec()); // d mod (p-1)
-  const unblinder = (await getRandomBigInteger(new BigInteger(2), n)).mod(n);
-  const blinder = unblinder.modInv(n).modExp(e, n);
-  data = data.mul(blinder).mod(n);
+  const dq = mod$1(d, q - _1n$2); // d mod (q-1)
+  const dp = mod$1(d, p - _1n$2); // d mod (p-1)
-  const mp = data.modExp(dp, p); // data**{d mod (q-1)} mod p
-  const mq = data.modExp(dq, q); // data**{d mod (p-1)} mod q
-  const h = u.mul(mq.sub(mp)).mod(q); // u * (mq-mp) mod q (operands already < q)
+  const unblinder = getRandomBigInteger(BigInt(2), n);
+  const blinder = modExp(modInv(unblinder, n), e, n);
+  data = mod$1(data * blinder, n);
-  let result = h.mul(p).add(mp); // result < n due to relations above
+  const mp = modExp(data, dp, p); // data**{d mod (q-1)} mod p
+  const mq = modExp(data, dq, q); // data**{d mod (p-1)} mod q
+  const h = mod$1(u * (mq - mp), q); // u * (mq-mp) mod q (operands already < q)
-  result = result.mul(unblinder).mod(n);
+  let result = h * p + mp; // result < n due to relations above
+  result = mod$1(result * unblinder, n);
-  return emeDecode(result.toUint8Array('be', n.byteLength()), randomPayload);
+  return emeDecode(bigIntToUint8Array(result, 'be', byteLength(n)), randomPayload);
 }
 /** Convert Openpgp private key params to jwk key according to
@@ -6751,28 +6879,26 @@ async function bnDecrypt(data, n, e, d, p, q, u, randomPayload) {
  * @param {Uint8Array} u
  */
 async function privateToJWK$1(n, e, d, p, q, u) {
-  const BigInteger = await util.getBigInteger();
-  const pNum = new BigInteger(p);
-  const qNum = new BigInteger(q);
-  const dNum = new BigInteger(d);
-  let dq = dNum.mod(qNum.dec()); // d mod (q-1)
-  let dp = dNum.mod(pNum.dec()); // d mod (p-1)
-  dp = dp.toUint8Array();
-  dq = dq.toUint8Array();
+  const pNum = uint8ArrayToBigInt(p);
+  const qNum = uint8ArrayToBigInt(q);
+  const dNum = uint8ArrayToBigInt(d);
+  let dq = mod$1(dNum, qNum - _1n$2); // d mod (q-1)
+  let dp = mod$1(dNum, pNum - _1n$2); // d mod (p-1)
+  dp = bigIntToUint8Array(dp);
+  dq = bigIntToUint8Array(dq);
   return {
     kty: 'RSA',
-    n: uint8ArrayToB64(n, true),
-    e: uint8ArrayToB64(e, true),
-    d: uint8ArrayToB64(d, true),
+    n: uint8ArrayToB64(n),
+    e: uint8ArrayToB64(e),
+    d: uint8ArrayToB64(d),
     // switch p and q
-    p: uint8ArrayToB64(q, true),
-    q: uint8ArrayToB64(p, true),
+    p: uint8ArrayToB64(q),
+    q: uint8ArrayToB64(p),
     // switch dp and dq
-    dp: uint8ArrayToB64(dq, true),
-    dq: uint8ArrayToB64(dp, true),
-    qi: uint8ArrayToB64(u, true),
+    dp: uint8ArrayToB64(dq),
+    dq: uint8ArrayToB64(dp),
+    qi: uint8ArrayToB64(u),
     ext: true
   };
 }
@@ -6786,8 +6912,8 @@ async function privateToJWK$1(n, e, d, p, q, u) {
 function publicToJWK(n, e) {
   return {
     kty: 'RSA',
-    n: uint8ArrayToB64(n, true),
-    e: uint8ArrayToB64(e, true),
+    n: uint8ArrayToB64(n),
+    e: uint8ArrayToB64(e),
     ext: true
   };
 }
@@ -6796,7 +6922,7 @@ function publicToJWK(n, e) {
 function jwkToPrivate(jwk, e) {
   return {
     n: b64ToUint8Array(jwk.n),
-    e: e.toUint8Array(),
+    e: bigIntToUint8Array(e),
     d: b64ToUint8Array(jwk.d),
     // switch p and q
     p: b64ToUint8Array(jwk.q),
@@ -6834,6 +6960,8 @@ var rsa = /*#__PURE__*/Object.freeze({
 // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+const _1n$1 = BigInt(1);
 /**
  * ElGamal Encryption function
  * Note that in OpenPGP, the message needs to be padded with PKCS#1 (same as RSA)
@@ -6845,21 +6973,19 @@ var rsa = /*#__PURE__*/Object.freeze({
  * @async
  */
 async function encrypt$3(data, p, g, y) {
-  const BigInteger = await util.getBigInteger();
-  p = new BigInteger(p);
-  g = new BigInteger(g);
-  y = new BigInteger(y);
+  p = uint8ArrayToBigInt(p);
+  g = uint8ArrayToBigInt(g);
+  y = uint8ArrayToBigInt(y);
-  const padded = emeEncode(data, p.byteLength());
-  const m = new BigInteger(padded);
+  const padded = emeEncode(data, byteLength(p));
+  const m = uint8ArrayToBigInt(padded);
   // OpenPGP uses a "special" version of ElGamal where g is generator of the full group Z/pZ*
   // hence g has order p-1, and to avoid that k = 0 mod p-1, we need to pick k in [1, p-2]
-  const k = await getRandomBigInteger(new BigInteger(1), p.dec());
+  const k = getRandomBigInteger(_1n$1, p - _1n$1);
   return {
-    c1: g.modExp(k, p).toUint8Array(),
-    c2: y.modExp(k, p).imul(m).imod(p).toUint8Array()
+    c1: bigIntToUint8Array(modExp(g, k, p)),
+    c2: bigIntToUint8Array(mod$1(modExp(y, k, p) * m, p))
   };
 }
@@ -6876,15 +7002,13 @@ async function encrypt$3(data, p, g, y) {
  * @async
  */
 async function decrypt$3(c1, c2, p, x, randomPayload) {
-  const BigInteger = await util.getBigInteger();
-  c1 = new BigInteger(c1);
-  c2 = new BigInteger(c2);
-  p = new BigInteger(p);
-  x = new BigInteger(x);
+  c1 = uint8ArrayToBigInt(c1);
+  c2 = uint8ArrayToBigInt(c2);
+  p = uint8ArrayToBigInt(p);
+  x = uint8ArrayToBigInt(x);
-  const padded = c1.modExp(x, p).modInv(p).imul(c2).imod(p);
-  return emeDecode(padded.toUint8Array('be', p.byteLength()), randomPayload);
+  const padded = mod$1(modInv(modExp(c1, x, p), p) * c2, p);
+  return emeDecode(bigIntToUint8Array(padded, 'be', byteLength(p)), randomPayload);
 }
 /**
@@ -6897,22 +7021,19 @@ async function decrypt$3(c1, c2, p, x, randomPayload) {
  * @async
  */
 async function validateParams$7(p, g, y, x) {
-  const BigInteger = await util.getBigInteger();
+  p = uint8ArrayToBigInt(p);
+  g = uint8ArrayToBigInt(g);
+  y = uint8ArrayToBigInt(y);
-  p = new BigInteger(p);
-  g = new BigInteger(g);
-  y = new BigInteger(y);
-  const one = new BigInteger(1);
   // Check that 1 < g < p
-  if (g.lte(one) || g.gte(p)) {
+  if (g <= _1n$1 || g >= p) {
     return false;
   }
   // Expect p-1 to be large
-  const pSize = new BigInteger(p.bitLength());
-  const n1023 = new BigInteger(1023);
-  if (pSize.lt(n1023)) {
+  const pSize = BigInt(bitLength(p));
+  const _1023n = BigInt(1023);
+  if (pSize < _1023n) {
     return false;
   }
@@ -6920,7 +7041,7 @@ async function validateParams$7(p, g, y, x) {
    * g should have order p-1
    * Check that g ** (p-1) = 1 mod p
    */
-  if (!g.modExp(p.dec(), p).isOne()) {
+  if (modExp(g, p - _1n$1, p) !== _1n$1) {
     return false;
   }
@@ -6931,14 +7052,15 @@ async function validateParams$7(p, g, y, x) {
    * We just check g**i != 1 for all i up to a threshold
    */
   let res = g;
-  const i = new BigInteger(1);
-  const threshold = new BigInteger(2).leftShift(new BigInteger(17)); // we want order > threshold
-  while (i.lt(threshold)) {
-    res = res.mul(g).imod(p);
-    if (res.isOne()) {
+  let i = BigInt(1);
+  const _2n = BigInt(2);
+  const threshold = _2n << BigInt(17); // we want order > threshold
+  while (i < threshold) {
+    res = mod$1(res * g, p);
+    if (res === _1n$1) {
       return false;
     }
-    i.iinc();
+    i++;
   }
   /**
@@ -6947,11 +7069,10 @@ async function validateParams$7(p, g, y, x) {
    *
    * Blinded exponentiation computes g**{r(p-1) + x} to compare to y
    */
-  x = new BigInteger(x);
-  const two = new BigInteger(2);
-  const r = await getRandomBigInteger(two.leftShift(pSize.dec()), two.leftShift(pSize)); // draw r of same size as p-1
-  const rqx = p.dec().imul(r).iadd(x);
-  if (!y.equal(g.modExp(rqx, p))) {
+  x = uint8ArrayToBigInt(x);
+  const r = getRandomBigInteger(_2n << (pSize - _1n$1), _2n << pSize); // draw r of same size as p-1
+  const rqx = (p - _1n$1) * r + x;
+  if (y !== modExp(g, rqx, p)) {
     return false;
   }
@@ -9095,8 +9216,8 @@ function rawPublicToJWK(payloadSize, name, publicKey) {
   const jwk = {
     kty: 'EC',
     crv: name,
-    x: uint8ArrayToB64(bufX, true),
-    y: uint8ArrayToB64(bufY, true),
+    x: uint8ArrayToB64(bufX),
+    y: uint8ArrayToB64(bufY),
     ext: true
   };
   return jwk;
@@ -9112,7 +9233,7 @@ function rawPublicToJWK(payloadSize, name, publicKey) {
  */
 function privateToJWK(payloadSize, name, publicKey, privateKey) {
   const jwk = rawPublicToJWK(payloadSize, name, publicKey);
-  jwk.d = uint8ArrayToB64(privateKey, true);
+  jwk.d = uint8ArrayToB64(privateKey);
   return jwk;
 }
@@ -9180,8 +9301,8 @@ async function sign$6(oid, hashAlgo, message, publicKey, privateKey, hashed) {
   // lowS: non-canonical sig: https://stackoverflow.com/questions/74338846/ecdsa-signature-verification-mismatch
   const signature = nobleCurve.sign(hashed, privateKey, { lowS: false });
   return {
-    r: signature.r.toUint8Array('be', curve.payloadSize),
-    s: signature.s.toUint8Array('be', curve.payloadSize)
+    r: bigIntToUint8Array(signature.r, 'be', curve.payloadSize),
+    s: bigIntToUint8Array(signature.s, 'be', curve.payloadSize)
   };
 }
@@ -9264,6 +9385,7 @@ async function validateParams$6(oid, Q, d) {
       const hashed = await hash.digest(hashAlgo, message);
       try {
         const signature = await sign$6(oid, hashAlgo, message, Q, d, hashed);
+        // eslint-disable-next-line @typescript-eslint/return-await
         return await verify$6(oid, hashAlgo, signature, message, Q, hashed);
       } catch (err) {
         return false;
@@ -10522,6 +10644,9 @@ var elliptic = /*#__PURE__*/Object.freeze({
    https://tools.ietf.org/html/rfc4880#section-14
 */
+const _0n = BigInt(0);
+const _1n = BigInt(1);
 /**
  * DSA Sign function
  * @param {Integer} hashAlgo
@@ -10534,26 +10659,24 @@ var elliptic = /*#__PURE__*/Object.freeze({
  * @async
  */
 async function sign$3(hashAlgo, hashed, g, p, q, x) {
-  const BigInteger = await util.getBigInteger();
-  const one = new BigInteger(1);
-  p = new BigInteger(p);
-  q = new BigInteger(q);
-  g = new BigInteger(g);
-  x = new BigInteger(x);
+  const _0n = BigInt(0);
+  p = uint8ArrayToBigInt(p);
+  q = uint8ArrayToBigInt(q);
+  g = uint8ArrayToBigInt(g);
+  x = uint8ArrayToBigInt(x);
   let k;
   let r;
   let s;
   let t;
-  g = g.mod(p);
-  x = x.mod(q);
+  g = mod$1(g, p);
+  x = mod$1(x, q);
   // If the output size of the chosen hash is larger than the number of
   // bits of q, the hash result is truncated to fit by taking the number
   // of leftmost bits equal to the number of bits of q.  This (possibly
   // truncated) hash function result is treated as a number and used
   // directly in the DSA signature algorithm.
-  const h = new BigInteger(hashed.subarray(0, q.byteLength())).mod(q);
+  const h = mod$1(uint8ArrayToBigInt(hashed.subarray(0, byteLength(q))), q);
   // FIPS-186-4, section 4.6:
   // The values of r and s shall be checked to determine if r = 0 or s = 0.
   // If either r = 0 or s = 0, a new value of k shall be generated, and the
@@ -10561,22 +10684,22 @@ async function sign$3(hashAlgo, hashed, g, p, q, x) {
   // or s = 0 if signatures are generated properly.
   while (true) {
     // See Appendix B here: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
-    k = await getRandomBigInteger(one, q); // returns in [1, q-1]
-    r = g.modExp(k, p).imod(q); // (g**k mod p) mod q
-    if (r.isZero()) {
+    k = getRandomBigInteger(_1n, q); // returns in [1, q-1]
+    r = mod$1(modExp(g, k, p), q); // (g**k mod p) mod q
+    if (r === _0n) {
       continue;
     }
-    const xr = x.mul(r).imod(q);
-    t = h.add(xr).imod(q); // H(m) + x*r mod q
-    s = k.modInv(q).imul(t).imod(q); // k**-1 * (H(m) + x*r) mod q
-    if (s.isZero()) {
+    const xr = mod$1(x * r, q);
+    t = mod$1(h + xr, q); // H(m) + x*r mod q
+    s = mod$1(modInv(k, q) * t, q); // k**-1 * (H(m) + x*r) mod q
+    if (s === _0n) {
       continue;
     }
     break;
   }
   return {
-    r: r.toUint8Array('be', q.byteLength()),
-    s: s.toUint8Array('be', q.byteLength())
+    r: bigIntToUint8Array(r, 'be', byteLength(p)),
+    s: bigIntToUint8Array(s, 'be', byteLength(p))
   };
 }
@@ -10594,37 +10717,34 @@ async function sign$3(hashAlgo, hashed, g, p, q, x) {
  * @async
  */
 async function verify$3(hashAlgo, r, s, hashed, g, p, q, y) {
-  const BigInteger = await util.getBigInteger();
-  const zero = new BigInteger(0);
-  r = new BigInteger(r);
-  s = new BigInteger(s);
+  r = uint8ArrayToBigInt(r);
+  s = uint8ArrayToBigInt(s);
-  p = new BigInteger(p);
-  q = new BigInteger(q);
-  g = new BigInteger(g);
-  y = new BigInteger(y);
+  p = uint8ArrayToBigInt(p);
+  q = uint8ArrayToBigInt(q);
+  g = uint8ArrayToBigInt(g);
+  y = uint8ArrayToBigInt(y);
-  if (r.lte(zero) || r.gte(q) ||
-      s.lte(zero) || s.gte(q)) {
+  if (r <= _0n || r >= q ||
+      s <= _0n || s >= q) {
     util.printDebug('invalid DSA Signature');
     return false;
   }
-  const h = new BigInteger(hashed.subarray(0, q.byteLength())).imod(q);
-  const w = s.modInv(q); // s**-1 mod q
-  if (w.isZero()) {
+  const h = mod$1(uint8ArrayToBigInt(hashed.subarray(0, byteLength(q))), q);
+  const w = modInv(s, q); // s**-1 mod q
+  if (w === _0n) {
     util.printDebug('invalid DSA Signature');
     return false;
   }
-  g = g.mod(p);
-  y = y.mod(p);
-  const u1 = h.mul(w).imod(q); // H(m) * w mod q
-  const u2 = r.mul(w).imod(q); // r * w mod q
-  const t1 = g.modExp(u1, p); // g**u1 mod p
-  const t2 = y.modExp(u2, p); // y**u2 mod p
-  const v = t1.mul(t2).imod(p).imod(q); // (g**u1 * y**u2 mod p) mod q
-  return v.equal(r);
+  g = mod$1(g, p);
+  y = mod$1(y, p);
+  const u1 = mod$1(h * w, q); // H(m) * w mod q
+  const u2 = mod$1(r * w, q); // r * w mod q
+  const t1 = modExp(g, u1, p); // g**u1 mod p
+  const t2 = modExp(y, u2, p); // y**u2 mod p
+  const v = mod$1(mod$1(t1 * t2, p), q); // (g**u1 * y**u2 mod p) mod q
+  return v === r;
 }
 /**
@@ -10638,22 +10758,19 @@ async function verify$3(hashAlgo, r, s, hashed, g, p, q, y) {
  * @async
  */
 async function validateParams$1(p, q, g, y, x) {
-  const BigInteger = await util.getBigInteger();
-  p = new BigInteger(p);
-  q = new BigInteger(q);
-  g = new BigInteger(g);
-  y = new BigInteger(y);
-  const one = new BigInteger(1);
+  p = uint8ArrayToBigInt(p);
+  q = uint8ArrayToBigInt(q);
+  g = uint8ArrayToBigInt(g);
+  y = uint8ArrayToBigInt(y);
   // Check that 1 < g < p
-  if (g.lte(one) || g.gte(p)) {
+  if (g <= _1n || g >= p) {
     return false;
   }
   /**
    * Check that subgroup order q divides p-1
    */
-  if (!p.dec().mod(q).isZero()) {
+  if (mod$1(p - _1n, q) !== _0n) {
     return false;
   }
@@ -10661,16 +10778,16 @@ async function validateParams$1(p, q, g, y, x) {
    * g has order q
    * Check that g ** q = 1 mod p
    */
-  if (!g.modExp(q, p).isOne()) {
+  if (modExp(g, q, p) !== _1n) {
     return false;
   }
   /**
    * Check q is large and probably prime (we mainly want to avoid small factors)
    */
-  const qSize = new BigInteger(q.bitLength());
-  const n150 = new BigInteger(150);
-  if (qSize.lt(n150) || !(await isProbablePrime(q, null, 32))) {
+  const qSize = BigInt(bitLength(q));
+  const _150n = BigInt(150);
+  if (qSize < _150n || !isProbablePrime(q, null, 32)) {
     return false;
   }
@@ -10680,11 +10797,11 @@ async function validateParams$1(p, q, g, y, x) {
    *
    * Blinded exponentiation computes g**{rq + x} to compare to y
    */
-  x = new BigInteger(x);
-  const two = new BigInteger(2);
-  const r = await getRandomBigInteger(two.leftShift(qSize.dec()), two.leftShift(qSize)); // draw r of same size as q
-  const rqx = q.mul(r).add(x);
-  if (!y.equal(g.modExp(rqx, p))) {
+  x = uint8ArrayToBigInt(x);
+  const _2n = BigInt(2);
+  const r = getRandomBigInteger(_2n << (qSize - _1n), _2n << qSize); // draw r of same size as q
+  const rqx = q * r + x;
+  if (y !== modExp(g, rqx, p)) {
     return false;
   }
@@ -16057,7 +16174,7 @@ async function runAEAD(packet, fn, key, data) {
           done = true;
         }
         cryptedBytes += chunk.length - tagLengthIfDecrypting;
-        // eslint-disable-next-line no-loop-func
+        // eslint-disable-next-line @typescript-eslint/no-loop-func
         latestPromise = latestPromise.then(() => cryptedPromise).then(async crypted => {
           await writer.ready;
           await writer.write(crypted);
@@ -17193,7 +17310,7 @@ class PublicSubkeyPacket extends PublicKeyPacket {
    * @param {Date} [date] - Creation date
    * @param {Object} [config] - Full configuration, defaults to openpgp.config
    */
-  // eslint-disable-next-line no-useless-constructor
+  // eslint-disable-next-line @typescript-eslint/no-useless-constructor
   constructor(date, config) {
     super(date, config);
   }
@@ -18098,7 +18215,7 @@ class PaddingPacket {
    * Read a padding packet
    * @param {Uint8Array | ReadableStream<Uint8Array>} bytes
    */
-  read(bytes) { // eslint-disable-line no-unused-vars
+  read(bytes) { // eslint-disable-line @typescript-eslint/no-unused-vars
     // Padding packets are ignored, so this function is never called.
   }
@@ -19652,6 +19769,7 @@ class Key {
       }
     }
     if (!users.length) {
+      // eslint-disable-next-line @typescript-eslint/no-throw-literal
       throw exception || new Error('Could not find primary user');
     }
     await Promise.all(users.map(async function (a) {
@@ -20562,7 +20680,12 @@ async function readKey({ armoredKey, binaryKey, config: config$1, ...rest }) {
     input = binaryKey;
   }
   const packetlist = await PacketList.fromBinary(input, allowedKeyPackets, config$1);
-  return createKey(packetlist);
+  const keyIndex = packetlist.indexOfTag(enums.packet.publicKey, enums.packet.secretKey);
+  if (keyIndex.length === 0) {
+    throw new Error('No key packet found');
+  }
+  const firstKeyPacketList = packetlist.slice(keyIndex[0], keyIndex[1]);
+  return createKey(firstKeyPacketList);
 }
 /**
@@ -20599,7 +20722,15 @@ async function readPrivateKey({ armoredKey, binaryKey, config: config$1, ...rest
     input = binaryKey;
   }
   const packetlist = await PacketList.fromBinary(input, allowedKeyPackets, config$1);
-  return new PrivateKey(packetlist);
+  const keyIndex = packetlist.indexOfTag(enums.packet.publicKey, enums.packet.secretKey);
+  for (let i = 0; i < keyIndex.length; i++) {
+    if (packetlist[keyIndex[i]].constructor.tag === enums.packet.publicKey) {
+      continue;
+    }
+    const firstPrivateKeyList = packetlist.slice(keyIndex[i], keyIndex[i + 1]);
+    return new PrivateKey(firstPrivateKeyList);
+  }
+  throw new Error('No secret key packet found');
 }
 /**
@@ -20678,15 +20809,18 @@ async function readPrivateKeys({ armoredKeys, binaryKeys, config: config$1 }) {
   }
   const keys = [];
   const packetlist = await PacketList.fromBinary(input, allowedKeyPackets, config$1);
-  const keyIndex = packetlist.indexOfTag(enums.packet.secretKey);
-  if (keyIndex.length === 0) {
-    throw new Error('No secret key packet found');
-  }
+  const keyIndex = packetlist.indexOfTag(enums.packet.publicKey, enums.packet.secretKey);
   for (let i = 0; i < keyIndex.length; i++) {
+    if (packetlist[keyIndex[i]].constructor.tag === enums.packet.publicKey) {
+      continue;
+    }
     const oneKeyList = packetlist.slice(keyIndex[i], keyIndex[i + 1]);
     const newKey = new PrivateKey(oneKeyList);
     keys.push(newKey);
   }
+  if (keys.length === 0) {
+    throw new Error('No secret key packet found');
+  }
   return keys;
 }
@@ -22100,7 +22234,7 @@ async function encrypt({ message, encryptionKeys, signingKeys, passwords, sessio
     // serialize data
     const armor = format === 'armored';
     const data = armor ? message.armor(config$1) : message.write();
-    return convertStream(data);
+    return await convertStream(data);
   } catch (err) {
     throw util.wrapError('Error encrypting message', err);
   }
@@ -22237,7 +22371,7 @@ async function sign({ message, signingKeys, format = 'armored', detached = false
         ]);
       });
     }
-    return convertStream(signature);
+    return await convertStream(signature);
   } catch (err) {
     throw util.wrapError('Error signing message', err);
   }
@@ -22420,12 +22554,12 @@ async function decryptSessionKeys({ message, decryptionKeys, passwords, date = n
  */
 function checkString(data, name) {
   if (!util.isString(data)) {
-    throw new Error('Parameter [' + (name || 'data') + '] must be of type String');
+    throw new Error('Parameter [' + (name ) + '] must be of type String');
   }
 }
 function checkBinary(data, name) {
   if (!util.isUint8Array(data)) {
-    throw new Error('Parameter [' + (name || 'data') + '] must be of type Uint8Array');
+    throw new Error('Parameter [' + ('data') + '] must be of type Uint8Array');
   }
 }
 function checkMessage(message) {