@protontech/openpgp 6.0.0-beta.0.patch.0 → 6.0.0-beta.2

package/dist/lightweight/openpgp.min.mjs

@@ -1,3 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.0.patch.0 - 2024-04-19 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),a=Symbol("readingIndex");class ArrayStream extends Array{constructor(){super(),Object.setPrototypeOf(this,ArrayStream.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function n(e){return e&&e.getReader&&Array.isArray(e)}function s(e){if(!n(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function o(t){if(n(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function c(e){return Uint8Array.prototype.isPrototypeOf(e)}function u(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!c(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}ArrayStream.prototype.getReader=function(){return void 0===this[a]&&(this[a]=0),{read:async()=>(await this[t],this[a]===this.length?{value:void 0,done:!0}:{value:this[this[a]++],done:!1})}},ArrayStream.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[a]));return this.length=0,r},ArrayStream.prototype.clone=function(){const e=new ArrayStream;return e[t]=this[t].then((()=>{e.push(...this)})),e},s.prototype.write=async function(e){this.stream.push(e)},s.prototype.close=async function(){this.stream[r]()},s.prototype.abort=async function(e){return this.stream[i](e),e},s.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const h=new WeakSet,y=Symbol("externalBuffer");function l(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),n(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(o(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||h.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{h.add(e)}catch(e){}}}function p(e){return o(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function g(e){if(o(e))return e;const t=new ArrayStream;return(async()=>{const r=x(t);await r.write(e),await r.close()})(),t}function d(e){return e.some((e=>o(e)&&!n(e)))?function(e){e=e.map(p);const t=w((async function(e){await Promise.all(i.map((t=>U(t,e))))}));let r=Promise.resolve();const i=e.map(((i,a)=>k(i,((i,n)=>(r=r.then((()=>f(i,t.writable,{preventClose:a!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>n(e)))?function(e){const t=new ArrayStream;let r=Promise.resolve();return e.forEach(((i,a)=>(r=r.then((()=>f(i,t,{preventClose:a!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):u(e)}async function f(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:a=!1}={}){if(o(e)&&!n(e)){e=p(e);try{if(e[y]){const r=x(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:a})}catch(e){}return}const s=C(e=g(e)),c=x(t);try{for(;;){await c.ready;const{done:e,value:t}=await s.read();if(e){r||await c.close();break}await c.write(t)}}catch(e){i||await c.abort(e)}finally{s.releaseLock(),c.releaseLock()}}function m(e,t){const r=new TransformStream(t);return f(e,r.writable),r.readable}function w(e){let t,r,i=!1;return{readable:new ReadableStream({start(e){r=e},pull(){t?t():i=!0},cancel:e},{highWaterMark:0}),writable:new WritableStream({write:async function(e){r.enqueue(e),i?i=!1:(await new Promise((e=>{t=e})),t=null)},close:r.close.bind(r),abort:r.error.bind(r)})}}function b(e,t=(()=>{}),r=(()=>{})){if(n(e)){const i=new ArrayStream;return(async()=>{const a=x(i);try{const i=await P(e),n=t(i),s=r();let o;o=void 0!==n&&void 0!==s?d([n,s]):void 0!==n?n:s,await a.write(o),await a.close()}catch(e){await a.abort(e)}})(),i}if(o(e))return m(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),a=r();return void 0!==i&&void 0!==a?d([i,a]):void 0!==i?i:a}function k(e,t){if(o(e)&&!n(e)){let r;const i=new TransformStream({start(e){r=e}}),a=f(e,i.writable),n=w((async function(e){r.error(e),await a,await new Promise(setTimeout)}));return t(i.readable,n.writable),n.readable}e=g(e);const r=new ArrayStream;return t(e,r),r}function v(e,t){let r;const i=k(e,((e,a)=>{const n=C(e);n.remainder=()=>(n.releaseLock(),f(e,a),i),r=t(n)}));return r}function A(e){if(n(e))return e.clone();if(o(e)){const t=function(e){if(n(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(o(e)){const t=p(e).tee();return t[0][y]=t[1][y]=e[y],t}return[S(e),S(e)]}(e);return K(e,t[0]),t[1]}return S(e)}function E(e){return n(e)?A(e):o(e)?new ReadableStream({start(t){const r=k(e,(async(e,r)=>{const i=C(e),a=x(r);try{for(;;){await a.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await a.close()}try{t.enqueue(r)}catch(e){}await a.write(r)}}catch(e){t.error(e),await a.abort(e)}}));K(e,r)}}):S(e)}function K(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function S(e,t=0,r=1/0){if(n(e))throw Error("Not implemented");if(o(e)){if(t>=0&&r>=0){let i=0;return m(e,{transform(e,a){i<r?(i+e.length>=t&&a.enqueue(S(e,Math.max(t-i,0),r-i)),i+=e.length):a.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return b(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>S(d(i),t,r)))}if(0===t&&r<0){let i;return b(e,(e=>{const a=i?d([i,e]):e;if(a.length>=-r)return i=S(a,r),S(a,t,r);i=a}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),D((async()=>S(await P(e),t,r)))}return e[y]&&(e=d(e[y].concat([e]))),c(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function P(e,t=d){return n(e)?e.readToEnd(t):o(e)?C(e).readToEnd(t):e}async function U(e,t){if(o(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function D(e){const t=new ArrayStream;return(async()=>{const r=x(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function C(e){return new l(e)}function x(e){return new s(e)}l.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},l.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},l.prototype.cancel=function(e){return this._cancel(e)},l.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?d(t):void 0;const a=i.indexOf("\n")+1;a&&(e=d(t.concat(i.substr(0,a))),t=[]),a!==i.length&&t.push(i.substr(a))}return this.unshift(...t),e},l.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(S(t,1)),r},l.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:a}=await this.read();if(i)return t.length?d(t):void 0;if(t.push(a),r+=a.length,r>=e){const r=d(t);return this.unshift(S(r,e)),S(r,0,e)}}},l.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},l.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&c(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},l.prototype.readToEnd=async function(e=d){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const T=Symbol("byValue");var I={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[T]||(e[T]=[],Object.entries(e).forEach((([t,r])=>{e[T][r]=t}))),void 0!==e[T][t])return e[T][t];throw Error("Invalid enum value.")}},_={preferredHashAlgorithm:I.hash.sha256,preferredSymmetricAlgorithm:I.symmetric.aes256,preferredCompressionAlgorithm:I.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:I.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,s2kType:I.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([I.symmetric.aes128,I.symmetric.aes192,I.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.0-beta.0.patch.0",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([I.hash.md5,I.hash.ripemd]),rejectMessageHashAlgorithms:new Set([I.hash.md5,I.hash.ripemd,I.hash.sha1]),rejectPublicKeyAlgorithms:new Set([I.publicKey.elgamal,I.publicKey.dsa]),rejectCurves:new Set([I.curve.secp256k1])};const B=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),M={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:c,isStream:o,getBigInteger:async function(){if("undefined"!=typeof BigInt){const{default:e}=await import("./native.interface.min.mjs");return e}{const{default:e}=await import("./bn.interface.min.mjs");return e}},getNobleCurve:async(e,t)=>{if(!_.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case I.publicKey.ecdh:case I.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case I.publicKey.x448:return r.get("x448");case I.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=M.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return M.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return M.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=M.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return M.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+M.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return b(e,(e=>{if(!M.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let a=0;a<i;a+=r)t.push(String.fromCharCode.apply(String,e.subarray(a,a+r<i?a+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return b(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return b(e,r,(()=>r(new Uint8Array,!0)))},concat:d,concatUint8Array:u,equalsUint8Array:function(e,t){if(!M.isUint8Array(e)||!M.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return M.writeNumber(t,2)},printDebug:function(e){B&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){B&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!M.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return b(e,(e=>{let r;t&&(e=M.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const a=new Uint8Array(e.length+i.length);let n=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);a.set(r,n),n+=r.length,a[n-1]=13,a[n]=10,n++}return a.set(e.subarray(i[i.length-1]||0),n),a}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return b(e,(e=>{let r;13===(e=t&&10!==e[0]?M.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const a=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,a),i+=a-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),a=new Uint8Array(i);let n=0;for(let i=0;i<a.length;i++)a[i]=t[i]&256-e|r[i]&255+e,n+=e&i<t.length|1-e&i<r.length;return a.subarray(0,n)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===I.symmetric.aes128||e===I.symmetric.aes192||e===I.symmetric.aes256}},R=M.getNodeBuffer();let L,F;function N(e){let t=new Uint8Array;return b(e,(e=>{t=M.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),a=45*i,n=L(t.subarray(0,a));for(let e=0;e<i;e++)r.push(n.substr(60*e,60)),r.push("\n");return t=t.subarray(a),r.join("")}),(()=>t.length?L(t)+"\n":""))}function O(e){let t="";return b(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const a=i[e];for(let e=t.indexOf(a);-1!==e;e=t.indexOf(a,e+1))r++}let a=t.length;for(;a>0&&(a-r)%4!=0;a--)i.includes(t[a])&&r--;const n=F(t.substr(0,a));return t=t.substr(a),n}),(()=>F(t)))}function z(e){return O(e.replace(/-/g,"+").replace(/_/g,"/"))}function H(e,t){let r=N(e).replace(/[\r\n]/g,"");return t&&(r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,"")),r}function j(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?I.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?I.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?I.armor.signed:/MESSAGE/.test(t[1])?I.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?I.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?I.armor.privateKey:/SIGNATURE/.test(t[1])?I.armor.signature:void 0}function G(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function q(e){const t=function(e){let t=13501623;return b(e,(e=>{const r=W?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=V[0][t>>24&255]^V[1][t>>16&255]^V[2][t>>8&255]^V[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^V[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}R?(L=e=>R.from(e).toString("base64"),F=e=>{const t=R.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(L=e=>btoa(M.uint8ArrayToString(e)),F=e=>M.stringToUint8Array(atob(e)));const V=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);V[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)V[1][e]=V[0][e]>>8^V[0][255&V[0][e]];for(let e=0;e<=255;e++)V[2][e]=V[1][e]>>8^V[0][255&V[1][e]];for(let e=0;e<=255;e++)V[3][e]=V[2][e]>>8^V[0][255&V[2][e]];const W=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function $(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||M.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||M.printDebugError(Error("Unknown header: "+e[t]))}function X(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function Q(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,a=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let n;const s=[];let o,c,u=s,h=[];const y=O(k(e,(async(e,l)=>{const p=C(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=M.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),n)if(o)c||n!==I.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,$(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),a.test(e)){if($(u),o=!0,c||n!==I.armor.signed){t({text:h,data:y,headers:s,type:n});break}}else u.push(e);else i.test(e)&&(n=j(e))}}catch(e){return void r(e)}const g=x(l);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=M.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const a=X(t[0].slice(0,-1));await g.write(a);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(n(e.data)&&(e.data=await P(e.data)),e)))}function Z(e,t,r,i,a,n=!1,s=_){let o,c;e===I.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=n&&E(t),h=[];switch(e){case I.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case I.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case I.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP SIGNATURE-----\n");break;case I.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE-----\n");break;case I.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case I.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case I.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP SIGNATURE-----\n")}return M.concat(h)}async function Y(e){switch(e){case I.symmetric.aes128:case I.symmetric.aes192:case I.symmetric.aes256:throw Error("Not a legacy cipher");case I.symmetric.cast5:case I.symmetric.blowfish:case I.symmetric.twofish:case I.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function J(e){switch(e){case I.symmetric.aes128:case I.symmetric.aes192:case I.symmetric.aes256:case I.symmetric.twofish:return 16;case I.symmetric.blowfish:case I.symmetric.cast5:case I.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function ee(e){switch(e){case I.symmetric.aes128:case I.symmetric.blowfish:case I.symmetric.cast5:return 16;case I.symmetric.aes192:case I.symmetric.tripledes:return 24;case I.symmetric.aes256:case I.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function te(e){return{keySize:ee(e),blockSize:J(e)}}var re=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:te,getLegacyCipher:Y});function ie(e,t){let r=e[0],i=e[1],a=e[2],n=e[3];r=ne(r,i,a,n,t[0],7,-680876936),n=ne(n,r,i,a,t[1],12,-389564586),a=ne(a,n,r,i,t[2],17,606105819),i=ne(i,a,n,r,t[3],22,-1044525330),r=ne(r,i,a,n,t[4],7,-176418897),n=ne(n,r,i,a,t[5],12,1200080426),a=ne(a,n,r,i,t[6],17,-1473231341),i=ne(i,a,n,r,t[7],22,-45705983),r=ne(r,i,a,n,t[8],7,1770035416),n=ne(n,r,i,a,t[9],12,-1958414417),a=ne(a,n,r,i,t[10],17,-42063),i=ne(i,a,n,r,t[11],22,-1990404162),r=ne(r,i,a,n,t[12],7,1804603682),n=ne(n,r,i,a,t[13],12,-40341101),a=ne(a,n,r,i,t[14],17,-1502002290),i=ne(i,a,n,r,t[15],22,1236535329),r=se(r,i,a,n,t[1],5,-165796510),n=se(n,r,i,a,t[6],9,-1069501632),a=se(a,n,r,i,t[11],14,643717713),i=se(i,a,n,r,t[0],20,-373897302),r=se(r,i,a,n,t[5],5,-701558691),n=se(n,r,i,a,t[10],9,38016083),a=se(a,n,r,i,t[15],14,-660478335),i=se(i,a,n,r,t[4],20,-405537848),r=se(r,i,a,n,t[9],5,568446438),n=se(n,r,i,a,t[14],9,-1019803690),a=se(a,n,r,i,t[3],14,-187363961),i=se(i,a,n,r,t[8],20,1163531501),r=se(r,i,a,n,t[13],5,-1444681467),n=se(n,r,i,a,t[2],9,-51403784),a=se(a,n,r,i,t[7],14,1735328473),i=se(i,a,n,r,t[12],20,-1926607734),r=oe(r,i,a,n,t[5],4,-378558),n=oe(n,r,i,a,t[8],11,-2022574463),a=oe(a,n,r,i,t[11],16,1839030562),i=oe(i,a,n,r,t[14],23,-35309556),r=oe(r,i,a,n,t[1],4,-1530992060),n=oe(n,r,i,a,t[4],11,1272893353),a=oe(a,n,r,i,t[7],16,-155497632),i=oe(i,a,n,r,t[10],23,-1094730640),r=oe(r,i,a,n,t[13],4,681279174),n=oe(n,r,i,a,t[0],11,-358537222),a=oe(a,n,r,i,t[3],16,-722521979),i=oe(i,a,n,r,t[6],23,76029189),r=oe(r,i,a,n,t[9],4,-640364487),n=oe(n,r,i,a,t[12],11,-421815835),a=oe(a,n,r,i,t[15],16,530742520),i=oe(i,a,n,r,t[2],23,-995338651),r=ce(r,i,a,n,t[0],6,-198630844),n=ce(n,r,i,a,t[7],10,1126891415),a=ce(a,n,r,i,t[14],15,-1416354905),i=ce(i,a,n,r,t[5],21,-57434055),r=ce(r,i,a,n,t[12],6,1700485571),n=ce(n,r,i,a,t[3],10,-1894986606),a=ce(a,n,r,i,t[10],15,-1051523),i=ce(i,a,n,r,t[1],21,-2054922799),r=ce(r,i,a,n,t[8],6,1873313359),n=ce(n,r,i,a,t[15],10,-30611744),a=ce(a,n,r,i,t[6],15,-1560198380),i=ce(i,a,n,r,t[13],21,1309151649),r=ce(r,i,a,n,t[4],6,-145523070),n=ce(n,r,i,a,t[11],10,-1120210379),a=ce(a,n,r,i,t[2],15,718787259),i=ce(i,a,n,r,t[9],21,-343485551),e[0]=le(r,e[0]),e[1]=le(i,e[1]),e[2]=le(a,e[2]),e[3]=le(n,e[3])}function ae(e,t,r,i,a,n){return t=le(le(t,e),le(i,n)),le(t<<a|t>>>32-a,r)}function ne(e,t,r,i,a,n,s){return ae(t&r|~t&i,e,t,a,n,s)}function se(e,t,r,i,a,n,s){return ae(t&i|r&~i,e,t,a,n,s)}function oe(e,t,r,i,a,n,s){return ae(t^r^i,e,t,a,n,s)}function ce(e,t,r,i,a,n,s){return ae(r^(t|~i),e,t,a,n,s)}function ue(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const he="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=he[e>>8*r+4&15]+he[e>>8*r&15];return t}function le(e,t){return e+t&4294967295}const pe=M.getWebCrypto(),ge=M.getNodeCrypto(),de=ge&&ge.getHashes();function fe(e){if(ge&&de.includes(e))return async function(t){const r=ge.createHash(e);return b(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function me(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(n(e)&&(e=await P(e)),M.isStream(e)){const t=(await r()).create();return b(e,(e=>{t.update(e)}),(()=>t.digest()))}if(pe&&t)return new Uint8Array(await pe.digest(t,e));return(await r())(e)}}var we={md5:fe("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ie(r,ue(e.substring(i-64,i)));e=e.substring(i-64);const a=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)a[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(a[i>>2]|=128<<(i%4<<3),i>55)for(ie(r,a),i=0;i<16;i++)a[i]=0;return a[14]=8*t,ie(r,a),r}(M.uint8ArrayToString(e));return M.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:fe("sha1")||me("sha1","SHA-1"),sha224:fe("sha224")||me("sha224"),sha256:fe("sha256")||me("sha256","SHA-256"),sha384:fe("sha384")||me("sha384","SHA-384"),sha512:fe("sha512")||me("sha512","SHA-512"),ripemd:fe("ripemd160")||me("ripemd160"),sha3_256:fe("sha3-256")||me("sha3_256"),sha3_512:fe("sha3-512")||me("sha3_512"),digest:function(e,t){switch(e){case I.hash.md5:return this.md5(t);case I.hash.sha1:return this.sha1(t);case I.hash.ripemd:return this.ripemd(t);case I.hash.sha256:return this.sha256(t);case I.hash.sha384:return this.sha384(t);case I.hash.sha512:return this.sha512(t);case I.hash.sha224:return this.sha224(t);case I.hash.sha3_256:return this.sha3_256(t);case I.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case I.hash.md5:return 16;case I.hash.sha1:case I.hash.ripemd:return 20;case I.hash.sha256:return 32;case I.hash.sha384:return 48;case I.hash.sha512:return 64;case I.hash.sha224:return 28;case I.hash.sha3_256:return 32;case I.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case I.hash.md5:case I.hash.sha1:case I.hash.ripemd:case I.hash.sha224:case I.hash.sha256:return 64;case I.hash.sha384:case I.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}},be=function(){var e,t,r=!1;function i(r,i){var a=e[(t[r]+t[i])%255];return 0!==r&&0!==i||(a=0),a}var a,n,s,o,c=!1;function u(){function u(r){var i,a,n;for(a=n=function(r){var i=e[255-t[r]];return 0===r&&(i=0),i}(r),i=0;i<4;i++)n^=a=255&(a<<1|a>>>7);return n^=99}r||function(){e=[],t=[];var i,a,n=1;for(i=0;i<255;i++)e[i]=n,a=128&n,n<<=1,n&=255,128===a&&(n^=27),n^=e[i],t[e[i]]=i;e[255]=e[0],t[0]=0,r=!0}(),a=[],n=[],s=[[],[],[],[]],o=[[],[],[],[]];for(var h=0;h<256;h++){var y=u(h);a[h]=y,n[y]=h,s[0][h]=i(2,y)<<24|y<<16|y<<8|i(3,y),o[0][y]=i(14,h)<<24|i(9,h)<<16|i(13,h)<<8|i(11,h);for(var l=1;l<4;l++)s[l][h]=s[l-1][h]>>>8|s[l-1][h]<<24,o[l][y]=o[l-1][y]>>>8|o[l-1][y]<<24}c=!0}var h=function(e,t){c||u();var r=new Uint32Array(t);r.set(a,512),r.set(n,768);for(var i=0;i<4;i++)r.set(s[i],4096+1024*i>>2),r.set(o[i],8192+1024*i>>2);var h=function(e,t,r){"use asm";var i=0,a=0,n=0,s=0,o=0,c=0,u=0,h=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0;var K=new e.Uint32Array(r),S=new e.Uint8Array(r);function P(e,t,r,o,c,u,h,y){e=e|0;t=t|0;r=r|0;o=o|0;c=c|0;u=u|0;h=h|0;y=y|0;var l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0;l=r|0x400,p=r|0x800,g=r|0xc00;c=c^K[(e|0)>>2],u=u^K[(e|4)>>2],h=h^K[(e|8)>>2],y=y^K[(e|12)>>2];for(b=16;(b|0)<=o<<4;b=b+16|0){d=K[(r|c>>22&1020)>>2]^K[(l|u>>14&1020)>>2]^K[(p|h>>6&1020)>>2]^K[(g|y<<2&1020)>>2]^K[(e|b|0)>>2],f=K[(r|u>>22&1020)>>2]^K[(l|h>>14&1020)>>2]^K[(p|y>>6&1020)>>2]^K[(g|c<<2&1020)>>2]^K[(e|b|4)>>2],m=K[(r|h>>22&1020)>>2]^K[(l|y>>14&1020)>>2]^K[(p|c>>6&1020)>>2]^K[(g|u<<2&1020)>>2]^K[(e|b|8)>>2],w=K[(r|y>>22&1020)>>2]^K[(l|c>>14&1020)>>2]^K[(p|u>>6&1020)>>2]^K[(g|h<<2&1020)>>2]^K[(e|b|12)>>2];c=d,u=f,h=m,y=w}i=K[(t|c>>22&1020)>>2]<<24^K[(t|u>>14&1020)>>2]<<16^K[(t|h>>6&1020)>>2]<<8^K[(t|y<<2&1020)>>2]^K[(e|b|0)>>2],a=K[(t|u>>22&1020)>>2]<<24^K[(t|h>>14&1020)>>2]<<16^K[(t|y>>6&1020)>>2]<<8^K[(t|c<<2&1020)>>2]^K[(e|b|4)>>2],n=K[(t|h>>22&1020)>>2]<<24^K[(t|y>>14&1020)>>2]<<16^K[(t|c>>6&1020)>>2]<<8^K[(t|u<<2&1020)>>2]^K[(e|b|8)>>2],s=K[(t|y>>22&1020)>>2]<<24^K[(t|c>>14&1020)>>2]<<16^K[(t|u>>6&1020)>>2]<<8^K[(t|h<<2&1020)>>2]^K[(e|b|12)>>2]}function U(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;P(0x0000,0x0800,0x1000,E,e,t,r,i)}function D(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;var n=0;P(0x0400,0x0c00,0x2000,E,e,i,r,t);n=a,a=s,s=n}function C(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o^e,c^t,u^r,h^y);o=i,c=a,u=n,h=s}function x(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;var l=0;P(0x0400,0x0c00,0x2000,E,e,y,r,t);l=a,a=s,s=l;i=i^o,a=a^c,n=n^u,s=s^h;o=e,c=t,u=r,h=y}function T(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);o=i=i^e,c=a=a^t,u=n=n^r,h=s=s^y}function I(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);i=i^e,a=a^t,n=n^r,s=s^y;o=e,c=t,u=r,h=y}function _(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);o=i,c=a,u=n,h=s;i=i^e,a=a^t,n=n^r,s=s^y}function B(e,t,r,o){e=e|0;t=t|0;r=r|0;o=o|0;P(0x0000,0x0800,0x1000,E,y,l,p,g);g=~w&g|w&g+1;p=~m&p|m&p+((g|0)==0);l=~f&l|f&l+((p|0)==0);y=~d&y|d&y+((l|0)==0);i=i^e;a=a^t;n=n^r;s=s^o}function M(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;var a=0,n=0,s=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0;e=e^o,t=t^c,r=r^u,i=i^h;a=b|0,n=k|0,s=v|0,y=A|0;for(;(f|0)<128;f=f+1|0){if(a>>>31){l=l^e,p=p^t,g=g^r,d=d^i}a=a<<1|n>>>31,n=n<<1|s>>>31,s=s<<1|y>>>31,y=y<<1;m=i&1;i=i>>>1|r<<31,r=r>>>1|t<<31,t=t>>>1|e<<31,e=e>>>1;if(m)e=e^0xe1000000}o=l,c=p,u=g,h=d}function R(e){e=e|0;E=e}function L(e,t,r,o){e=e|0;t=t|0;r=r|0;o=o|0;i=e,a=t,n=r,s=o}function F(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;o=e,c=t,u=r,h=i}function N(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;y=e,l=t,p=r,g=i}function O(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;d=e,f=t,m=r,w=i}function z(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;g=~w&g|w&i,p=~m&p|m&r,l=~f&l|f&t,y=~d&y|d&e}function H(e){e=e|0;if(e&15)return-1;S[e|0]=i>>>24,S[e|1]=i>>>16&255,S[e|2]=i>>>8&255,S[e|3]=i&255,S[e|4]=a>>>24,S[e|5]=a>>>16&255,S[e|6]=a>>>8&255,S[e|7]=a&255,S[e|8]=n>>>24,S[e|9]=n>>>16&255,S[e|10]=n>>>8&255,S[e|11]=n&255,S[e|12]=s>>>24,S[e|13]=s>>>16&255,S[e|14]=s>>>8&255,S[e|15]=s&255;return 16}function j(e){e=e|0;if(e&15)return-1;S[e|0]=o>>>24,S[e|1]=o>>>16&255,S[e|2]=o>>>8&255,S[e|3]=o&255,S[e|4]=c>>>24,S[e|5]=c>>>16&255,S[e|6]=c>>>8&255,S[e|7]=c&255,S[e|8]=u>>>24,S[e|9]=u>>>16&255,S[e|10]=u>>>8&255,S[e|11]=u&255,S[e|12]=h>>>24,S[e|13]=h>>>16&255,S[e|14]=h>>>8&255,S[e|15]=h&255;return 16}function G(){U(0,0,0,0);b=i,k=a,v=n,A=s}function q(e,t,r){e=e|0;t=t|0;r=r|0;var o=0;if(t&15)return-1;while((r|0)>=16){W[e&7](S[t|0]<<24|S[t|1]<<16|S[t|2]<<8|S[t|3],S[t|4]<<24|S[t|5]<<16|S[t|6]<<8|S[t|7],S[t|8]<<24|S[t|9]<<16|S[t|10]<<8|S[t|11],S[t|12]<<24|S[t|13]<<16|S[t|14]<<8|S[t|15]);S[t|0]=i>>>24,S[t|1]=i>>>16&255,S[t|2]=i>>>8&255,S[t|3]=i&255,S[t|4]=a>>>24,S[t|5]=a>>>16&255,S[t|6]=a>>>8&255,S[t|7]=a&255,S[t|8]=n>>>24,S[t|9]=n>>>16&255,S[t|10]=n>>>8&255,S[t|11]=n&255,S[t|12]=s>>>24,S[t|13]=s>>>16&255,S[t|14]=s>>>8&255,S[t|15]=s&255;o=o+16|0,t=t+16|0,r=r-16|0}return o|0}function V(e,t,r){e=e|0;t=t|0;r=r|0;var i=0;if(t&15)return-1;while((r|0)>=16){$[e&1](S[t|0]<<24|S[t|1]<<16|S[t|2]<<8|S[t|3],S[t|4]<<24|S[t|5]<<16|S[t|6]<<8|S[t|7],S[t|8]<<24|S[t|9]<<16|S[t|10]<<8|S[t|11],S[t|12]<<24|S[t|13]<<16|S[t|14]<<8|S[t|15]);i=i+16|0,t=t+16|0,r=r-16|0}return i|0}var W=[U,D,C,x,T,I,_,B];var $=[C,M];return{set_rounds:R,set_state:L,set_iv:F,set_nonce:N,set_mask:O,set_counter:z,get_state:H,get_iv:j,gcm_init:G,cipher:q,mac:V}}({Uint8Array,Uint32Array},e,t);return h.set_key=function(e,t,i,n,s,c,u,y,l){var p=r.subarray(0,60),g=r.subarray(256,316);p.set([t,i,n,s,c,u,y,l]);for(var d=e,f=1;d<4*e+28;d++){var m=p[d-1];(d%e==0||8===e&&d%e==4)&&(m=a[m>>>24]<<24^a[m>>>16&255]<<16^a[m>>>8&255]<<8^a[255&m]),d%e==0&&(m=m<<8^m>>>24^f<<24,f=f<<1^(128&f?27:0)),p[d]=p[d-e]^m}for(var w=0;w<d;w+=4)for(var b=0;b<4;b++){m=p[d-(4+w)+(4-b)%4];g[w+b]=w<4||w>=d-4?m:o[0][a[m>>>24]]^o[1][a[m>>>16&255]]^o[2][a[m>>>8&255]]^o[3][a[255&m]]}h.set_rounds(e+5)},h};return h.ENC={ECB:0,CBC:2,CFB:4,OFB:6,CTR:7},h.DEC={ECB:1,CBC:3,CFB:5,OFB:6,CTR:7},h.MAC={CBC:0,GCM:1},h.HEAP_DATA=16384,h}();function ke(e){return e instanceof Uint8Array}function ve(e,t,r,i,a){const n=e.length-t,s=n<a?n:a;return e.set(r.subarray(i,i+s),t),s}function Ae(...e){const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);let i=0;for(let t=0;t<e.length;t++)r.set(e[t],i),i+=e[t].length;return r}class Ee extends Error{constructor(...e){super(...e)}}class Ke extends Error{constructor(...e){super(...e)}}class Se extends Error{constructor(...e){super(...e)}}const Pe=[],Ue=[];class De{constructor(e,t,r=!0,i,a,n){this.pos=0,this.len=0,this.mode=i,this.pos=0,this.len=0,this.key=e,this.iv=t,this.padding=r,this.acquire_asm(a,n)}acquire_asm(e,t){return void 0!==this.heap&&void 0!==this.asm||(this.heap=e||Pe.pop()||function(e,t){const r=e?e.byteLength:t||65536;if(4095&r||r<=0)throw Error("heap size must be a positive integer and a multiple of 4096");return e||new Uint8Array(new ArrayBuffer(r))}().subarray(be.HEAP_DATA),this.asm=t||Ue.pop()||new be(null,this.heap.buffer),this.reset(this.key,this.iv)),{heap:this.heap,asm:this.asm}}release_asm(){void 0!==this.heap&&void 0!==this.asm&&(Pe.push(this.heap),Ue.push(this.asm)),this.heap=void 0,this.asm=void 0}reset(e,t){const{asm:r}=this.acquire_asm(),i=e.length;if(16!==i&&24!==i&&32!==i)throw new Ke("illegal key size");const a=new DataView(e.buffer,e.byteOffset,e.byteLength);if(r.set_key(i>>2,a.getUint32(0),a.getUint32(4),a.getUint32(8),a.getUint32(12),i>16?a.getUint32(16):0,i>16?a.getUint32(20):0,i>24?a.getUint32(24):0,i>24?a.getUint32(28):0),void 0!==t){if(16!==t.length)throw new Ke("illegal iv size");let e=new DataView(t.buffer,t.byteOffset,t.byteLength);r.set_iv(e.getUint32(0),e.getUint32(4),e.getUint32(8),e.getUint32(12))}else r.set_iv(0,0,0,0)}AES_Encrypt_process(e){if(!ke(e))throw new TypeError("data isn't of expected type");let{heap:t,asm:r}=this.acquire_asm(),i=be.ENC[this.mode],a=be.HEAP_DATA,n=this.pos,s=this.len,o=0,c=e.length||0,u=0,h=0,y=new Uint8Array(s+c&-16);for(;c>0;)h=ve(t,n+s,e,o,c),s+=h,o+=h,c-=h,h=r.cipher(i,a+n,s),h&&y.set(t.subarray(n,n+h),u),u+=h,h<s?(n+=h,s-=h):(n=0,s=0);return this.pos=n,this.len=s,y}AES_Encrypt_finish(){let{heap:e,asm:t}=this.acquire_asm(),r=be.ENC[this.mode],i=be.HEAP_DATA,a=this.pos,n=this.len,s=16-n%16,o=n;if(this.hasOwnProperty("padding")){if(this.padding){for(let t=0;t<s;++t)e[a+n+t]=s;n+=s,o=n}else if(n%16)throw new Ke("data length must be a multiple of the block size")}else n+=s;const c=new Uint8Array(o);return n&&t.cipher(r,i+a,n),o&&c.set(e.subarray(a,a+o)),this.pos=0,this.len=0,this.release_asm(),c}AES_Decrypt_process(e){if(!ke(e))throw new TypeError("data isn't of expected type");let{heap:t,asm:r}=this.acquire_asm(),i=be.DEC[this.mode],a=be.HEAP_DATA,n=this.pos,s=this.len,o=0,c=e.length||0,u=0,h=s+c&-16,y=0,l=0;this.padding&&(y=s+c-h||16,h-=y);const p=new Uint8Array(h);for(;c>0;)l=ve(t,n+s,e,o,c),s+=l,o+=l,c-=l,l=r.cipher(i,a+n,s-(c?0:y)),l&&p.set(t.subarray(n,n+l),u),u+=l,l<s?(n+=l,s-=l):(n=0,s=0);return this.pos=n,this.len=s,p}AES_Decrypt_finish(){let{heap:e,asm:t}=this.acquire_asm(),r=be.DEC[this.mode],i=be.HEAP_DATA,a=this.pos,n=this.len,s=n;if(n>0){if(n%16){if(this.hasOwnProperty("padding"))throw new Ke("data length must be a multiple of the block size");n+=16-n%16}if(t.cipher(r,i+a,n),this.hasOwnProperty("padding")&&this.padding){let t=e[a+s-1];if(t<1||t>16||t>s)throw new Se("bad padding");let r=0;for(let i=t;i>1;i--)r|=t^e[a+s-i];if(r)throw new Se("bad padding");s-=t}}const o=new Uint8Array(s);return s>0&&o.set(e.subarray(a,a+s)),this.pos=0,this.len=0,this.release_asm(),o}}class Ce{static encrypt(e,t,r){return new Ce(t,r).encrypt(e)}static decrypt(e,t,r){return new Ce(t,r).decrypt(e)}constructor(e,t,r){this.aes=r||new De(e,t,!0,"CFB"),delete this.aes.padding}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Decrypt_process(e),this.aes.AES_Decrypt_finish())}}const xe=M.getWebCrypto(),Te=M.getNodeCrypto(),Ie=Te?Te.getCiphers():[],_e={idea:Ie.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Ie.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Ie.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Ie.includes("bf-cfb")?"bf-cfb":void 0,aes128:Ie.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Ie.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Ie.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Be{constructor(e,t,r){const{blockSize:i}=te(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=te(e);return xe.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await xe.importKey("raw",this.key,r,!1,["encrypt"]);const i=await xe.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=M.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),a=M.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),n=await this._runCBC(a);return Me(n,i),this.prevBlock=n.subarray(-this.blockSize).slice(),r>0&&this.nextBlock.set(e.subarray(-r).slice()),this.i=r,n}this.i+=r.length;let i=new Uint8Array;if(this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Me(i,t),this.prevBlock=i.slice(),this.i=0;const a=e.subarray(r.length);this.nextBlock.set(a,this.i),this.i+=a.length}return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Me(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(M.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Me(t,e),this.clearSensitiveData(),t}}function Me(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}var Re=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const a=I.read(I.symmetric,e);if(Te&&_e[a])return function(e,t,r,i){const a=I.read(I.symmetric,e),n=new Te.createDecipheriv(_e[a],t,i);return b(r,(e=>new Uint8Array(n.update(e))))}(e,t,r,i);if(M.isAES(e))return function(e,t,r,i){if(M.isStream(r)){const e=new Ce(t,i);return b(r,(t=>e.aes.AES_Decrypt_process(t)),(()=>e.aes.AES_Decrypt_finish()))}return Ce.decrypt(r,t,i)}(0,t,r,i);const n=new(await Y(e))(t),s=n.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=M.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=n.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return b(r,u,u)},encrypt:async function(e,t,r,i,a){const n=I.read(I.symmetric,e);if(M.getNodeCrypto()&&_e[n])return function(e,t,r,i){const a=I.read(I.symmetric,e),n=new Te.createCipheriv(_e[a],t,i);return b(r,(e=>new Uint8Array(n.update(e))))}(e,t,r,i);if(M.isAES(e))return async function(e,t,r,i){if(xe&&await Be.isSupported(e)){const a=new Be(e,t,i);return M.isStream(r)?b(r,(e=>a.encryptChunk(e)),(()=>a.finish())):a.encrypt(r)}{const e=new Ce(t,i);return b(r,(t=>e.aes.AES_Encrypt_process(t)),(()=>e.aes.AES_Encrypt_finish()))}}(e,t,r,i);const s=new(await Y(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=M.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return b(r,h,h)}});class Le{static encrypt(e,t,r){return new Le(t,r).encrypt(e)}static decrypt(e,t,r){return new Le(t,r).encrypt(e)}constructor(e,t,r){this.aes=r||new De(e,void 0,!1,"CTR"),delete this.aes.padding,this.AES_CTR_set_options(t)}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}AES_CTR_set_options(e,t,r){let{asm:i}=this.aes.acquire_asm();if(void 0!==r){if(r<8||r>48)throw new Ke("illegal counter size");let e=Math.pow(2,r)-1;i.set_mask(0,0,e/4294967296|0,0|e)}else r=48,i.set_mask(0,0,65535,4294967295);if(void 0===e)throw Error("nonce is required");{let t=e.length;if(!t||t>16)throw new Ke("illegal nonce size");let r=new DataView(new ArrayBuffer(16));new Uint8Array(r.buffer).set(e),i.set_nonce(r.getUint32(0),r.getUint32(4),r.getUint32(8),r.getUint32(12))}if(void 0!==t){if(t<0||t>=Math.pow(2,r))throw new Ke("illegal counter value");i.set_counter(0,0,t/4294967296|0,0|t)}}}class Fe{static encrypt(e,t,r=!0,i){return new Fe(t,i,r).encrypt(e)}static decrypt(e,t,r=!0,i){return new Fe(t,i,r).decrypt(e)}constructor(e,t,r=!0,i){this.aes=i||new De(e,t,r,"CBC")}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Decrypt_process(e),this.aes.AES_Decrypt_finish())}}const Ne=M.getWebCrypto(),Oe=M.getNodeCrypto(),ze=16;function He(e,t){const r=e.length-ze;for(let i=0;i<ze;i++)e[i+r]^=t[i];return e}const je=new Uint8Array(ze);async function Ge(e){const t=await async function(e){if(M.getNodeCrypto())return async function(t){const r=new Oe.createCipheriv("aes-"+8*e.length+"-cbc",e,je).update(t);return new Uint8Array(r)};if(M.getWebCrypto())try{return e=await Ne.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Ne.encrypt({name:"AES-CBC",iv:je,length:8*ze},e,t);return new Uint8Array(r).subarray(0,r.byteLength-ze)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;M.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return Fe.encrypt(t,e,!1,je)}}(e),r=M.double(await t(je)),i=M.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%ze==0)return He(e,t);const i=new Uint8Array(e.length+(ze-e.length%ze));return i.set(e),i[e.length]=128,He(i,r)}(e,r,i))).subarray(-ze)}}const qe=M.getWebCrypto(),Ve=M.getNodeCrypto(),We=M.getNodeBuffer(),$e=16,Xe=$e,Qe=$e,Ze=new Uint8Array($e),Ye=new Uint8Array($e);Ye[$e-1]=1;const Je=new Uint8Array($e);async function et(e){const t=await Ge(e);return function(e,r){return t(M.concatUint8Array([e,r]))}}async function tt(e){if(M.getNodeCrypto())return async function(t,r){const i=new Ve.createCipheriv("aes-"+8*e.length+"-ctr",e,r),a=We.concat([i.update(t),i.final()]);return new Uint8Array(a)};if(M.getWebCrypto())try{const t=await qe.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await qe.encrypt({name:"AES-CTR",counter:r,length:8*$e},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;M.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return Le.encrypt(t,e,r)}}async function rt(e,t){if(e!==I.symmetric.aes128&&e!==I.symmetric.aes192&&e!==I.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([et(t),tt(t)]);return{encrypt:async function(e,t,a){const[n,s]=await Promise.all([r(Ze,t),r(Ye,a)]),o=await i(e,n),c=await r(Je,o);for(let e=0;e<Qe;e++)c[e]^=s[e]^n[e];return M.concatUint8Array([o,c])},decrypt:async function(e,t,a){if(e.length<Qe)throw Error("Invalid EAX ciphertext");const n=e.subarray(0,-Qe),s=e.subarray(-Qe),[o,c,u]=await Promise.all([r(Ze,t),r(Ye,a),r(Je,n)]),h=u;for(let e=0;e<Qe;e++)h[e]^=c[e]^o[e];if(!M.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(n,o)}}}Je[$e-1]=2,rt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},rt.blockLength=$e,rt.ivLength=Xe,rt.tagLength=Qe;const it=16,at=16;function nt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function st(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function ot(e,t){return st(e.slice(),t)}const ct=new Uint8Array(it),ut=new Uint8Array([1]);async function ht(e,t){const{keySize:r}=te(e);if(!M.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const a=e=>Fe.encrypt(e,t,!1),n=e=>Fe.decrypt(e,t,!1);let s;function o(e,t,r,n){const o=t.length/it|0;!function(e,t){const r=M.nbits(Math.max(e.length,t.length)/it|0)-1;for(let e=i+1;e<=r;e++)s[e]=M.double(s[e-1]);i=r}(t,n);const c=M.concatUint8Array([ct.subarray(0,15-r.length),ut,r]),u=63&c[15];c[15]&=192;const h=a(c),y=M.concatUint8Array([h,ot(h.subarray(0,8),h.subarray(1,9))]),l=M.shiftRight(y.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(it),g=new Uint8Array(t.length+at);let d,f=0;for(d=0;d<o;d++)st(l,s[nt(d+1)]),g.set(st(e(ot(l,t)),l),f),st(p,e===a?t:g.subarray(f)),t=t.subarray(it),f+=it;if(t.length){st(l,s.x);const r=a(l);g.set(ot(t,r),f);const i=new Uint8Array(it);i.set(e===a?t:g.subarray(f,-16),0),i[t.length]=128,st(p,i),f+=t.length}const m=st(a(st(st(p,l),s.$)),function(e){if(!e.length)return ct;const t=e.length/it|0,r=new Uint8Array(it),i=new Uint8Array(it);for(let n=0;n<t;n++)st(r,s[nt(n+1)]),st(i,a(ot(r,e))),e=e.subarray(it);if(e.length){st(r,s.x);const t=new Uint8Array(it);t.set(e,0),t[e.length]=128,st(t,r),st(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(ct),t=M.double(e);s=[],s[0]=M.double(t),s.x=e,s.$=t}(),{encrypt:async function(e,t,r){return o(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<at)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const a=o(n,e,t,r);if(M.equalsUint8Array(i,a.subarray(-16)))return a.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ht.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ht.blockLength=it,ht.ivLength=15,ht.tagLength=at;const yt=68719476704;class lt{static encrypt(e,t,r,i,a){return new lt(t,r,i,a).encrypt(e)}static decrypt(e,t,r,i,a){return new lt(t,r,i,a).decrypt(e)}constructor(e,t,r,i=16,a){this.tagSize=i,this.gamma0=0,this.counter=1,this.aes=a||new De(e,void 0,!1,"CTR");let{asm:n,heap:s}=this.aes.acquire_asm();if(n.gcm_init(),this.tagSize<4||this.tagSize>16)throw new Ke("illegal tagSize value");const o=t.length||0,c=new Uint8Array(16);12!==o?(this._gcm_mac_process(t),s[0]=0,s[1]=0,s[2]=0,s[3]=0,s[4]=0,s[5]=0,s[6]=0,s[7]=0,s[8]=0,s[9]=0,s[10]=0,s[11]=o>>>29,s[12]=o>>>21&255,s[13]=o>>>13&255,s[14]=o>>>5&255,s[15]=o<<3&255,n.mac(be.MAC.GCM,be.HEAP_DATA,16),n.get_iv(be.HEAP_DATA),n.set_iv(0,0,0,0),c.set(s.subarray(0,16))):(c.set(t),c[15]=1);const u=new DataView(c.buffer);if(this.gamma0=u.getUint32(12),n.set_nonce(u.getUint32(0),u.getUint32(4),u.getUint32(8),0),n.set_mask(0,0,0,4294967295),void 0!==r){if(r.length>yt)throw new Ke("illegal adata length");r.length?(this.adata=r,this._gcm_mac_process(r)):this.adata=void 0}else this.adata=void 0;if(this.counter<1||this.counter>4294967295)throw new RangeError("counter must be a positive 32-bit integer");n.set_counter(0,0,0,this.gamma0+this.counter|0)}encrypt(e){return this.AES_GCM_encrypt(e)}decrypt(e){return this.AES_GCM_decrypt(e)}AES_GCM_Encrypt_process(e){let t=0,r=e.length||0,{asm:i,heap:a}=this.aes.acquire_asm(),n=this.counter,s=this.aes.pos,o=this.aes.len,c=0,u=o+r&-16,h=0;if((n-1<<4)+o+r>yt)throw new RangeError("counter overflow");const y=new Uint8Array(u);for(;r>0;)h=ve(a,s+o,e,t,r),o+=h,t+=h,r-=h,h=i.cipher(be.ENC.CTR,be.HEAP_DATA+s,o),h=i.mac(be.MAC.GCM,be.HEAP_DATA+s,h),h&&y.set(a.subarray(s,s+h),c),n+=h>>>4,c+=h,h<o?(s+=h,o-=h):(s=0,o=0);return this.counter=n,this.aes.pos=s,this.aes.len=o,y}AES_GCM_Encrypt_finish(){let{asm:e,heap:t}=this.aes.acquire_asm(),r=this.counter,i=this.tagSize,a=this.adata,n=this.aes.pos,s=this.aes.len;const o=new Uint8Array(s+i);e.cipher(be.ENC.CTR,be.HEAP_DATA+n,s+15&-16),s&&o.set(t.subarray(n,n+s));let c=s;for(;15&c;c++)t[n+c]=0;e.mac(be.MAC.GCM,be.HEAP_DATA+n,c);const u=void 0!==a?a.length:0,h=(r-1<<4)+s;return t[0]=0,t[1]=0,t[2]=0,t[3]=u>>>29,t[4]=u>>>21,t[5]=u>>>13&255,t[6]=u>>>5&255,t[7]=u<<3&255,t[8]=t[9]=t[10]=0,t[11]=h>>>29,t[12]=h>>>21&255,t[13]=h>>>13&255,t[14]=h>>>5&255,t[15]=h<<3&255,e.mac(be.MAC.GCM,be.HEAP_DATA,16),e.get_iv(be.HEAP_DATA),e.set_counter(0,0,0,this.gamma0),e.cipher(be.ENC.CTR,be.HEAP_DATA,16),o.set(t.subarray(0,i),s),this.counter=1,this.aes.pos=0,this.aes.len=0,o}AES_GCM_Decrypt_process(e){let t=0,r=e.length||0,{asm:i,heap:a}=this.aes.acquire_asm(),n=this.counter,s=this.tagSize,o=this.aes.pos,c=this.aes.len,u=0,h=c+r>s?c+r-s&-16:0,y=c+r-h,l=0;if((n-1<<4)+c+r>yt)throw new RangeError("counter overflow");const p=new Uint8Array(h);for(;r>y;)l=ve(a,o+c,e,t,r-y),c+=l,t+=l,r-=l,l=i.mac(be.MAC.GCM,be.HEAP_DATA+o,l),l=i.cipher(be.DEC.CTR,be.HEAP_DATA+o,l),l&&p.set(a.subarray(o,o+l),u),n+=l>>>4,u+=l,o=0,c=0;return r>0&&(c+=ve(a,0,e,t,r)),this.counter=n,this.aes.pos=o,this.aes.len=c,p}AES_GCM_Decrypt_finish(){let{asm:e,heap:t}=this.aes.acquire_asm(),r=this.tagSize,i=this.adata,a=this.counter,n=this.aes.pos,s=this.aes.len,o=s-r;if(s<r)throw new Ee("authentication tag not found");const c=new Uint8Array(o),u=new Uint8Array(t.subarray(n+o,n+s));let h=o;for(;15&h;h++)t[n+h]=0;e.mac(be.MAC.GCM,be.HEAP_DATA+n,h),e.cipher(be.DEC.CTR,be.HEAP_DATA+n,h),o&&c.set(t.subarray(n,n+o));const y=void 0!==i?i.length:0,l=(a-1<<4)+s-r;t[0]=0,t[1]=0,t[2]=0,t[3]=y>>>29,t[4]=y>>>21,t[5]=y>>>13&255,t[6]=y>>>5&255,t[7]=y<<3&255,t[8]=t[9]=t[10]=0,t[11]=l>>>29,t[12]=l>>>21&255,t[13]=l>>>13&255,t[14]=l>>>5&255,t[15]=l<<3&255,e.mac(be.MAC.GCM,be.HEAP_DATA,16),e.get_iv(be.HEAP_DATA),e.set_counter(0,0,0,this.gamma0),e.cipher(be.ENC.CTR,be.HEAP_DATA,16);let p=0;for(let e=0;e<r;++e)p|=u[e]^t[e];if(p)throw new Se("data integrity check failed");return this.counter=1,this.aes.pos=0,this.aes.len=0,c}AES_GCM_decrypt(e){const t=this.AES_GCM_Decrypt_process(e),r=this.AES_GCM_Decrypt_finish(),i=new Uint8Array(t.length+r.length);return t.length&&i.set(t),r.length&&i.set(r,t.length),i}AES_GCM_encrypt(e){const t=this.AES_GCM_Encrypt_process(e),r=this.AES_GCM_Encrypt_finish(),i=new Uint8Array(t.length+r.length);return t.length&&i.set(t),r.length&&i.set(r,t.length),i}_gcm_mac_process(e){let{asm:t,heap:r}=this.aes.acquire_asm(),i=0,a=e.length||0,n=0;for(;a>0;){for(n=ve(r,0,e,i,a),i+=n,a-=n;15&n;)r[n++]=0;t.mac(be.MAC.GCM,be.HEAP_DATA,n)}}}const pt=M.getWebCrypto(),gt=M.getNodeCrypto(),dt=M.getNodeBuffer(),ft=16,mt="AES-GCM";async function wt(e,t){if(e!==I.symmetric.aes128&&e!==I.symmetric.aes192&&e!==I.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(M.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const a=new gt.createCipheriv("aes-"+8*t.length+"-gcm",t,r);a.setAAD(i);const n=dt.concat([a.update(e),a.final(),a.getAuthTag()]);return new Uint8Array(n)},decrypt:async function(e,r,i=new Uint8Array){const a=new gt.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);a.setAAD(i),a.setAuthTag(e.slice(e.length-ft,e.length));const n=dt.concat([a.update(e.slice(0,e.length-ft)),a.final()]);return new Uint8Array(n)}};if(M.getWebCrypto())try{const e=await pt.importKey("raw",t,{name:mt},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,a,n=new Uint8Array){if(r&&!i.length)return lt.encrypt(i,t,a,n);const s=await pt.encrypt({name:mt,iv:a,additionalData:n,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,a,n=new Uint8Array){if(r&&i.length===ft)return lt.decrypt(i,t,a,n);try{const t=await pt.decrypt({name:mt,iv:a,additionalData:n,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;M.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return lt.encrypt(e,t,r,i)},decrypt:async function(e,r,i){return lt.decrypt(e,t,r,i)}}}wt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},wt.blockLength=16,wt.ivLength=12,wt.tagLength=ft;var bt={cfb:Re,gcm:wt,experimentalGCM:wt,eax:rt,ocb:ht};const kt=M.getNodeCrypto();function vt(e){const t=new Uint8Array(e);if(kt){const e=kt.randomBytes(t.length);t.set(e)}else{if("undefined"==typeof crypto||!crypto.getRandomValues)throw Error("No secure random number generator available.");crypto.getRandomValues(t)}return t}async function At(e,t){const r=await M.getBigInteger();if(t.lt(e))throw Error("Illegal parameter value: max <= min");const i=t.sub(e);return new r(vt(i.byteLength()+8)).mod(i).add(e)}var Et=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:At,getRandomBytes:vt});async function Kt(e,t,r){const i=await M.getBigInteger(),a=new i(1),n=a.leftShift(new i(e-1)),s=new i(30),o=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2],c=await At(n,n.leftShift(a));let u=c.mod(s).toNumber();do{c.iadd(new i(o[u])),u=(u+o[u])%o.length,c.bitLength()>e&&(c.imod(n.leftShift(a)).iadd(n),u=c.mod(s).toNumber())}while(!await St(c,t,r));return c}async function St(e,t,r){return!(t&&!e.dec().gcd(t).isOne())&&(!!await async function(e){const t=await M.getBigInteger();return Pt.every((r=>0!==e.mod(new t(r))))}(e)&&(!!await async function(e,t){const r=await M.getBigInteger();return(t=t||new r(2)).modExp(e.dec(),e).isOne()}(e)&&!!await async function(e,t,r){const i=await M.getBigInteger(),a=e.bitLength();t||(t=Math.max(1,a/48|0));const n=e.dec();let s=0;for(;!n.getBit(s);)s++;const o=e.rightShift(new i(s));for(;t>0;t--){let t,a=(r?r():await At(new i(2),n)).modExp(o,e);if(!a.isOne()&&!a.equal(n)){for(t=1;t<s;t++){if(a=a.mul(a).mod(e),a.isOne())return!1;if(a.equal(n))break}if(t===s)return!1}}return!0}(e,r)))}const Pt=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999];const Ut=[];function Dt(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=vt(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),a=new Uint8Array(t);return a[1]=2,a.set(i,2),a.set(e,t-r),a}function Ct(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const a=r-2,n=e.subarray(r+1),s=0===e[0]&2===e[1]&a>=8&!i;if(t)return M.selectUint8Array(s,n,t);if(s)return n;throw Error("Decryption error")}async function xt(e,t,r){let i;if(t.length!==we.getHashByteLength(e))throw Error("Invalid hash length");const a=new Uint8Array(Ut[e].length);for(i=0;i<Ut[e].length;i++)a[i]=Ut[e][i];const n=a.length+t.length;if(r<n+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-n-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(a,r-n),o.set(t,r-t.length),o}Ut[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Ut[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Ut[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Ut[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Ut[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Ut[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Ut[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Tt=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Ct,emeEncode:Dt,emsaEncode:xt});const It=M.getWebCrypto(),_t=M.getNodeCrypto();async function Bt(e,t,r,i,a,n){const s=await M.getBigInteger(),o=new s(i),c=new s(a),u=new s(r);let h=u.mod(c.dec()),y=u.mod(o.dec());return y=y.toUint8Array(),h=h.toUint8Array(),{kty:"RSA",n:H(e,!0),e:H(t,!0),d:H(r,!0),p:H(a,!0),q:H(i,!0),dp:H(h,!0),dq:H(y,!0),qi:H(n,!0),ext:!0}}function Mt(e,t){return{kty:"RSA",n:H(e,!0),e:H(t,!0),ext:!0}}function Rt(e,t){return{n:z(e.n),e:t.toUint8Array(),d:z(e.d),p:z(e.q),q:z(e.p),u:z(e.qi)}}var Lt=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a,n,s,o){if(M.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,a,n,s){const o=await Bt(t,r,i,a,n,s),c={key:o,format:"jwk",type:"pkcs1",padding:_t.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(_t.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,a,n,s)}catch(e){M.printDebugError(e)}return async function(e,t,r,i,a,n,s,o){const c=await M.getBigInteger();if(e=new c(e),t=new c(t),r=new c(r),i=new c(i),a=new c(a),n=new c(n),s=new c(s),e.gte(t))throw Error("Data too large.");const u=i.mod(n.dec()),h=i.mod(a.dec()),y=(await At(new c(2),t)).mod(t),l=y.modInv(t).modExp(r,t);e=e.mul(l).mod(t);const p=e.modExp(h,a),g=e.modExp(u,n),d=s.mul(g.sub(p)).mod(n);let f=d.mul(a).add(p);return f=f.mul(y).mod(t),Ct(f.toUint8Array("be",t.byteLength()),o)}(e,t,r,i,a,n,s,o)},encrypt:async function(e,t,r){return M.getNodeCrypto()?async function(e,t,r){const i=Mt(t,r),a={key:i,format:"jwk",type:"pkcs1",padding:_t.constants.RSA_PKCS1_PADDING};return new Uint8Array(_t.publicEncrypt(a,e))}(e,t,r):async function(e,t,r){const i=await M.getBigInteger();if(t=new i(t),e=new i(Dt(e,t.byteLength())),r=new i(r),e.gte(t))throw Error("Message size cannot exceed modulus size");return e.modExp(r,t).toUint8Array("be",t.byteLength())}(e,t,r)},generate:async function(e,t){if(t=new(await M.getBigInteger())(t),M.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:t.toUint8Array(),hash:{name:"SHA-1"}},i=await It.generateKey(r,!0,["sign","verify"]);return Rt(await It.exportKey("jwk",i.privateKey),t)}if(M.getNodeCrypto()){const r={modulusLength:e,publicExponent:t.toNumber(),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{_t.generateKeyPair("rsa",r,((r,i,a)=>{r?t(r):e(a)}))}));return Rt(i,t)}let r,i,a;do{i=await Kt(e-(e>>1),t,40),r=await Kt(e>>1,t,40),a=r.mul(i)}while(a.bitLength()!==e);const n=r.dec().imul(i.dec());return i.lt(r)&&([r,i]=[i,r]),{n:a.toUint8Array(),e:t.toUint8Array(),d:t.modInv(n).toUint8Array(),p:r.toUint8Array(),q:i.toUint8Array(),u:r.modInv(i).toUint8Array()}},sign:async function(e,t,r,i,a,n,s,o,c){if(t&&!M.isStream(t))if(M.getWebCrypto())try{return await async function(e,t,r,i,a,n,s,o){const c=await Bt(r,i,a,n,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await It.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await It.sign("RSASSA-PKCS1-v1_5",h,t))}(I.read(I.webHash,e),t,r,i,a,n,s,o)}catch(e){M.printDebugError(e)}else if(M.getNodeCrypto())return async function(e,t,r,i,a,n,s,o){const c=_t.createSign(I.read(I.hash,e));c.write(t),c.end();const u=await Bt(r,i,a,n,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,a,n,s,o);return async function(e,t,r,i){const a=await M.getBigInteger();t=new a(t);const n=new a(await xt(e,i,t.byteLength()));if(r=new a(r),n.gte(t))throw Error("Message size cannot exceed modulus size");return n.modExp(r,t).toUint8Array("be",t.byteLength())}(e,r,a,c)},validateParams:async function(e,t,r,i,a,n){const s=await M.getBigInteger();if(e=new s(e),i=new s(i),a=new s(a),!i.mul(a).equal(e))return!1;const o=new s(2);if(n=new s(n),!i.mul(n).mod(a).isOne())return!1;t=new s(t),r=new s(r);const c=new s(Math.floor(e.bitLength()/3)),u=await At(o,o.leftShift(c)),h=u.mul(r).mul(t);return!(!h.mod(i.dec()).equal(u)||!h.mod(a.dec()).equal(u))},verify:async function(e,t,r,i,a,n){if(t&&!M.isStream(t))if(M.getWebCrypto())try{return await async function(e,t,r,i,a){const n=Mt(i,a),s=await It.importKey("jwk",n,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return It.verify("RSASSA-PKCS1-v1_5",s,r,t)}(I.read(I.webHash,e),t,r,i,a)}catch(e){M.printDebugError(e)}else if(M.getNodeCrypto())return async function(e,t,r,i,a){const n=Mt(i,a),s={key:n,format:"jwk",type:"pkcs1"},o=_t.createVerify(I.read(I.hash,e));o.write(t),o.end();try{return await o.verify(s,r)}catch(e){return!1}}(e,t,r,i,a);return async function(e,t,r,i,a){const n=await M.getBigInteger();if(r=new n(r),t=new n(t),i=new n(i),t.gte(r))throw Error("Signature size cannot exceed modulus size");const s=t.modExp(i,r).toUint8Array("be",r.byteLength()),o=await xt(e,a,r.byteLength());return M.equalsUint8Array(s,o)}(e,r,i,a,n)}});var Ft=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a){const n=await M.getBigInteger();return e=new n(e),t=new n(t),r=new n(r),i=new n(i),Ct(e.modExp(i,r).modInv(r).imul(t).imod(r).toUint8Array("be",r.byteLength()),a)},encrypt:async function(e,t,r,i){const a=await M.getBigInteger();t=new a(t),r=new a(r),i=new a(i);const n=new a(Dt(e,t.byteLength())),s=await At(new a(1),t.dec());return{c1:r.modExp(s,t).toUint8Array(),c2:i.modExp(s,t).imul(n).imod(t).toUint8Array()}},validateParams:async function(e,t,r,i){const a=await M.getBigInteger();e=new a(e),t=new a(t),r=new a(r);const n=new a(1);if(t.lte(n)||t.gte(e))return!1;const s=new a(e.bitLength()),o=new a(1023);if(s.lt(o))return!1;if(!t.modExp(e.dec(),e).isOne())return!1;let c=t;const u=new a(1),h=new a(2).leftShift(new a(17));for(;u.lt(h);){if(c=c.mul(t).imod(e),c.isOne())return!1;u.iinc()}i=new a(i);const y=new a(2),l=await At(y.leftShift(s.dec()),y.leftShift(s)),p=e.dec().imul(l).iadd(i);return!!r.equal(t.modExp(p,e))}});const Nt="object"==typeof e&&"crypto"in e?e.crypto:void 0,Ot={};var zt=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},Ht=function(){throw Error("no PRNG")},jt=new Uint8Array(32);jt[0]=9;var Gt=zt(),qt=zt([1]),Vt=zt([56129,1]),Wt=zt([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),$t=zt([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),Xt=zt([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),Qt=zt([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),Zt=zt([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function Yt(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function Jt(e,t,r,i){return function(e,t,r,i,a){var n,s=0;for(n=0;n<a;n++)s|=e[t+n]^r[i+n];return(1&s-1>>>8)-1}(e,t,r,i,32)}function er(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function tr(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function rr(e,t,r){for(var i,a=~(r-1),n=0;n<16;n++)i=a&(e[n]^t[n]),e[n]^=i,t[n]^=i}function ir(e,t){var r,i,a,n=zt(),s=zt();for(r=0;r<16;r++)s[r]=t[r];for(tr(s),tr(s),tr(s),i=0;i<2;i++){for(n[0]=s[0]-65517,r=1;r<15;r++)n[r]=s[r]-65535-(n[r-1]>>16&1),n[r-1]&=65535;n[15]=s[15]-32767-(n[14]>>16&1),a=n[15]>>16&1,n[14]&=65535,rr(s,n,1-a)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function ar(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ir(r,e),ir(i,t),Jt(r,0,i,0)}function nr(e){var t=new Uint8Array(32);return ir(t,e),1&t[0]}function sr(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function or(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function cr(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function ur(e,t,r){var i,a,n=0,s=0,o=0,c=0,u=0,h=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0,K=0,S=0,P=0,U=0,D=0,C=0,x=0,T=0,I=0,_=0,B=0,M=0,R=r[0],L=r[1],F=r[2],N=r[3],O=r[4],z=r[5],H=r[6],j=r[7],G=r[8],q=r[9],V=r[10],W=r[11],$=r[12],X=r[13],Q=r[14],Z=r[15];n+=(i=t[0])*R,s+=i*L,o+=i*F,c+=i*N,u+=i*O,h+=i*z,y+=i*H,l+=i*j,p+=i*G,g+=i*q,d+=i*V,f+=i*W,m+=i*$,w+=i*X,b+=i*Q,k+=i*Z,s+=(i=t[1])*R,o+=i*L,c+=i*F,u+=i*N,h+=i*O,y+=i*z,l+=i*H,p+=i*j,g+=i*G,d+=i*q,f+=i*V,m+=i*W,w+=i*$,b+=i*X,k+=i*Q,v+=i*Z,o+=(i=t[2])*R,c+=i*L,u+=i*F,h+=i*N,y+=i*O,l+=i*z,p+=i*H,g+=i*j,d+=i*G,f+=i*q,m+=i*V,w+=i*W,b+=i*$,k+=i*X,v+=i*Q,A+=i*Z,c+=(i=t[3])*R,u+=i*L,h+=i*F,y+=i*N,l+=i*O,p+=i*z,g+=i*H,d+=i*j,f+=i*G,m+=i*q,w+=i*V,b+=i*W,k+=i*$,v+=i*X,A+=i*Q,E+=i*Z,u+=(i=t[4])*R,h+=i*L,y+=i*F,l+=i*N,p+=i*O,g+=i*z,d+=i*H,f+=i*j,m+=i*G,w+=i*q,b+=i*V,k+=i*W,v+=i*$,A+=i*X,E+=i*Q,K+=i*Z,h+=(i=t[5])*R,y+=i*L,l+=i*F,p+=i*N,g+=i*O,d+=i*z,f+=i*H,m+=i*j,w+=i*G,b+=i*q,k+=i*V,v+=i*W,A+=i*$,E+=i*X,K+=i*Q,S+=i*Z,y+=(i=t[6])*R,l+=i*L,p+=i*F,g+=i*N,d+=i*O,f+=i*z,m+=i*H,w+=i*j,b+=i*G,k+=i*q,v+=i*V,A+=i*W,E+=i*$,K+=i*X,S+=i*Q,P+=i*Z,l+=(i=t[7])*R,p+=i*L,g+=i*F,d+=i*N,f+=i*O,m+=i*z,w+=i*H,b+=i*j,k+=i*G,v+=i*q,A+=i*V,E+=i*W,K+=i*$,S+=i*X,P+=i*Q,U+=i*Z,p+=(i=t[8])*R,g+=i*L,d+=i*F,f+=i*N,m+=i*O,w+=i*z,b+=i*H,k+=i*j,v+=i*G,A+=i*q,E+=i*V,K+=i*W,S+=i*$,P+=i*X,U+=i*Q,D+=i*Z,g+=(i=t[9])*R,d+=i*L,f+=i*F,m+=i*N,w+=i*O,b+=i*z,k+=i*H,v+=i*j,A+=i*G,E+=i*q,K+=i*V,S+=i*W,P+=i*$,U+=i*X,D+=i*Q,C+=i*Z,d+=(i=t[10])*R,f+=i*L,m+=i*F,w+=i*N,b+=i*O,k+=i*z,v+=i*H,A+=i*j,E+=i*G,K+=i*q,S+=i*V,P+=i*W,U+=i*$,D+=i*X,C+=i*Q,x+=i*Z,f+=(i=t[11])*R,m+=i*L,w+=i*F,b+=i*N,k+=i*O,v+=i*z,A+=i*H,E+=i*j,K+=i*G,S+=i*q,P+=i*V,U+=i*W,D+=i*$,C+=i*X,x+=i*Q,T+=i*Z,m+=(i=t[12])*R,w+=i*L,b+=i*F,k+=i*N,v+=i*O,A+=i*z,E+=i*H,K+=i*j,S+=i*G,P+=i*q,U+=i*V,D+=i*W,C+=i*$,x+=i*X,T+=i*Q,I+=i*Z,w+=(i=t[13])*R,b+=i*L,k+=i*F,v+=i*N,A+=i*O,E+=i*z,K+=i*H,S+=i*j,P+=i*G,U+=i*q,D+=i*V,C+=i*W,x+=i*$,T+=i*X,I+=i*Q,_+=i*Z,b+=(i=t[14])*R,k+=i*L,v+=i*F,A+=i*N,E+=i*O,K+=i*z,S+=i*H,P+=i*j,U+=i*G,D+=i*q,C+=i*V,x+=i*W,T+=i*$,I+=i*X,_+=i*Q,B+=i*Z,k+=(i=t[15])*R,s+=38*(A+=i*F),o+=38*(E+=i*N),c+=38*(K+=i*O),u+=38*(S+=i*z),h+=38*(P+=i*H),y+=38*(U+=i*j),l+=38*(D+=i*G),p+=38*(C+=i*q),g+=38*(x+=i*V),d+=38*(T+=i*W),f+=38*(I+=i*$),m+=38*(_+=i*X),w+=38*(B+=i*Q),b+=38*(M+=i*Z),n=(i=(n+=38*(v+=i*L))+(a=1)+65535)-65536*(a=Math.floor(i/65536)),s=(i=s+a+65535)-65536*(a=Math.floor(i/65536)),o=(i=o+a+65535)-65536*(a=Math.floor(i/65536)),c=(i=c+a+65535)-65536*(a=Math.floor(i/65536)),u=(i=u+a+65535)-65536*(a=Math.floor(i/65536)),h=(i=h+a+65535)-65536*(a=Math.floor(i/65536)),y=(i=y+a+65535)-65536*(a=Math.floor(i/65536)),l=(i=l+a+65535)-65536*(a=Math.floor(i/65536)),p=(i=p+a+65535)-65536*(a=Math.floor(i/65536)),g=(i=g+a+65535)-65536*(a=Math.floor(i/65536)),d=(i=d+a+65535)-65536*(a=Math.floor(i/65536)),f=(i=f+a+65535)-65536*(a=Math.floor(i/65536)),m=(i=m+a+65535)-65536*(a=Math.floor(i/65536)),w=(i=w+a+65535)-65536*(a=Math.floor(i/65536)),b=(i=b+a+65535)-65536*(a=Math.floor(i/65536)),k=(i=k+a+65535)-65536*(a=Math.floor(i/65536)),n=(i=(n+=a-1+37*(a-1))+(a=1)+65535)-65536*(a=Math.floor(i/65536)),s=(i=s+a+65535)-65536*(a=Math.floor(i/65536)),o=(i=o+a+65535)-65536*(a=Math.floor(i/65536)),c=(i=c+a+65535)-65536*(a=Math.floor(i/65536)),u=(i=u+a+65535)-65536*(a=Math.floor(i/65536)),h=(i=h+a+65535)-65536*(a=Math.floor(i/65536)),y=(i=y+a+65535)-65536*(a=Math.floor(i/65536)),l=(i=l+a+65535)-65536*(a=Math.floor(i/65536)),p=(i=p+a+65535)-65536*(a=Math.floor(i/65536)),g=(i=g+a+65535)-65536*(a=Math.floor(i/65536)),d=(i=d+a+65535)-65536*(a=Math.floor(i/65536)),f=(i=f+a+65535)-65536*(a=Math.floor(i/65536)),m=(i=m+a+65535)-65536*(a=Math.floor(i/65536)),w=(i=w+a+65535)-65536*(a=Math.floor(i/65536)),b=(i=b+a+65535)-65536*(a=Math.floor(i/65536)),k=(i=k+a+65535)-65536*(a=Math.floor(i/65536)),n+=a-1+37*(a-1),e[0]=n,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=y,e[7]=l,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function hr(e,t){ur(e,t,t)}function yr(e,t){var r,i=zt();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)hr(i,i),2!==r&&4!==r&&ur(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function lr(e,t,r){var i,a,n=new Uint8Array(32),s=new Float64Array(80),o=zt(),c=zt(),u=zt(),h=zt(),y=zt(),l=zt();for(a=0;a<31;a++)n[a]=t[a];for(n[31]=127&t[31]|64,n[0]&=248,sr(s,r),a=0;a<16;a++)c[a]=s[a],h[a]=o[a]=u[a]=0;for(o[0]=h[0]=1,a=254;a>=0;--a)rr(o,c,i=n[a>>>3]>>>(7&a)&1),rr(u,h,i),or(y,o,u),cr(o,o,u),or(u,c,h),cr(c,c,h),hr(h,y),hr(l,o),ur(o,u,o),ur(u,c,y),or(y,o,u),cr(o,o,u),hr(c,o),cr(u,h,l),ur(o,u,Vt),or(o,o,h),ur(u,u,o),ur(o,h,l),ur(h,c,s),hr(c,y),rr(o,c,i),rr(u,h,i);for(a=0;a<16;a++)s[a+16]=o[a],s[a+32]=u[a],s[a+48]=c[a],s[a+64]=h[a];var p=s.subarray(32),g=s.subarray(16);return yr(p,p),ur(g,g,p),ir(e,g),0}function pr(e,t){return lr(e,t,jt)}var gr=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function dr(e,t,r,i){for(var a,n,s,o,c,u,h,y,l,p,g,d,f,m,w,b,k,v,A,E,K,S,P,U,D,C,x=new Int32Array(16),T=new Int32Array(16),I=e[0],_=e[1],B=e[2],M=e[3],R=e[4],L=e[5],F=e[6],N=e[7],O=t[0],z=t[1],H=t[2],j=t[3],G=t[4],q=t[5],V=t[6],W=t[7],$=0;i>=128;){for(A=0;A<16;A++)E=8*A+$,x[A]=r[E+0]<<24|r[E+1]<<16|r[E+2]<<8|r[E+3],T[A]=r[E+4]<<24|r[E+5]<<16|r[E+6]<<8|r[E+7];for(A=0;A<80;A++)if(a=I,n=_,s=B,o=M,c=R,u=L,h=F,N,l=O,p=z,g=H,d=j,f=G,m=q,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(K=N),C=K>>>16,P+=65535&(S=(G>>>14|R<<18)^(G>>>18|R<<14)^(R>>>9|G<<23)),U+=S>>>16,D+=65535&(K=(R>>>14|G<<18)^(R>>>18|G<<14)^(G>>>9|R<<23)),C+=K>>>16,P+=65535&(S=G&q^~G&V),U+=S>>>16,D+=65535&(K=R&L^~R&F),C+=K>>>16,K=gr[2*A],P+=65535&(S=gr[2*A+1]),U+=S>>>16,D+=65535&K,C+=K>>>16,K=x[A%16],U+=(S=T[A%16])>>>16,D+=65535&K,C+=K>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(K=k=65535&D|(C+=D>>>16)<<16),C=K>>>16,P+=65535&(S=(O>>>28|I<<4)^(I>>>2|O<<30)^(I>>>7|O<<25)),U+=S>>>16,D+=65535&(K=(I>>>28|O<<4)^(O>>>2|I<<30)^(O>>>7|I<<25)),C+=K>>>16,U+=(S=O&z^O&H^z&H)>>>16,D+=65535&(K=I&_^I&B^_&B),C+=K>>>16,y=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(C+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(K=o),C=K>>>16,U+=(S=v)>>>16,D+=65535&(K=k),C+=K>>>16,_=a,B=n,M=s,R=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(C+=D>>>16)<<16,L=c,F=u,N=h,I=y,z=l,H=p,j=g,G=d=65535&P|U<<16,q=f,V=m,W=w,O=b,A%16==15)for(E=0;E<16;E++)K=x[E],P=65535&(S=T[E]),U=S>>>16,D=65535&K,C=K>>>16,K=x[(E+9)%16],P+=65535&(S=T[(E+9)%16]),U+=S>>>16,D+=65535&K,C+=K>>>16,k=x[(E+1)%16],P+=65535&(S=((v=T[(E+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(K=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),C+=K>>>16,k=x[(E+14)%16],U+=(S=((v=T[(E+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(K=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,x[E]=65535&D|C<<16,T[E]=65535&P|U<<16;P=65535&(S=O),U=S>>>16,D=65535&(K=I),C=K>>>16,K=e[0],U+=(S=t[0])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=I=65535&D|C<<16,t[0]=O=65535&P|U<<16,P=65535&(S=z),U=S>>>16,D=65535&(K=_),C=K>>>16,K=e[1],U+=(S=t[1])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=_=65535&D|C<<16,t[1]=z=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(K=B),C=K>>>16,K=e[2],U+=(S=t[2])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=B=65535&D|C<<16,t[2]=H=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(K=M),C=K>>>16,K=e[3],U+=(S=t[3])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=M=65535&D|C<<16,t[3]=j=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(K=R),C=K>>>16,K=e[4],U+=(S=t[4])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=R=65535&D|C<<16,t[4]=G=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(K=L),C=K>>>16,K=e[5],U+=(S=t[5])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=L=65535&D|C<<16,t[5]=q=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(K=F),C=K>>>16,K=e[6],U+=(S=t[6])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=F=65535&D|C<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(K=N),C=K>>>16,K=e[7],U+=(S=t[7])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=N=65535&D|C<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function fr(e,t,r){var i,a=new Int32Array(8),n=new Int32Array(8),s=new Uint8Array(256),o=r;for(a[0]=1779033703,a[1]=3144134277,a[2]=1013904242,a[3]=2773480762,a[4]=1359893119,a[5]=2600822924,a[6]=528734635,a[7]=1541459225,n[0]=4089235720,n[1]=2227873595,n[2]=4271175723,n[3]=1595750129,n[4]=2917565137,n[5]=725511199,n[6]=4215389547,n[7]=327033209,dr(a,n,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,Yt(s,r-8,o/536870912|0,o<<3),dr(a,n,s,r),i=0;i<8;i++)Yt(e,8*i,a[i],n[i]);return 0}function mr(e,t){var r=zt(),i=zt(),a=zt(),n=zt(),s=zt(),o=zt(),c=zt(),u=zt(),h=zt();cr(r,e[1],e[0]),cr(h,t[1],t[0]),ur(r,r,h),or(i,e[0],e[1]),or(h,t[0],t[1]),ur(i,i,h),ur(a,e[3],t[3]),ur(a,a,$t),ur(n,e[2],t[2]),or(n,n,n),cr(s,i,r),cr(o,n,a),or(c,n,a),or(u,i,r),ur(e[0],s,o),ur(e[1],u,c),ur(e[2],c,o),ur(e[3],s,u)}function wr(e,t,r){var i;for(i=0;i<4;i++)rr(e[i],t[i],r)}function br(e,t){var r=zt(),i=zt(),a=zt();yr(a,t[2]),ur(r,t[0],a),ur(i,t[1],a),ir(e,i),e[31]^=nr(r)<<7}function kr(e,t,r){var i,a;for(er(e[0],Gt),er(e[1],qt),er(e[2],qt),er(e[3],Gt),a=255;a>=0;--a)wr(e,t,i=r[a/8|0]>>(7&a)&1),mr(t,e),mr(e,e),wr(e,t,i)}function vr(e,t){var r=[zt(),zt(),zt(),zt()];er(r[0],Xt),er(r[1],Qt),er(r[2],qt),ur(r[3],Xt,Qt),kr(e,r,t)}function Ar(e,t,r){var i,a=new Uint8Array(64),n=[zt(),zt(),zt(),zt()];for(r||Ht(t,32),fr(a,t,32),a[0]&=248,a[31]&=127,a[31]|=64,vr(n,a),br(e,n),i=0;i<32;i++)t[i+32]=e[i];return 0}var Er=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Kr(e,t){var r,i,a,n;for(i=63;i>=32;--i){for(r=0,a=i-32,n=i-12;a<n;++a)t[a]+=r-16*t[i]*Er[a-(i-32)],r=Math.floor((t[a]+128)/256),t[a]-=256*r;t[a]+=r,t[i]=0}for(r=0,a=0;a<32;a++)t[a]+=r-(t[31]>>4)*Er[a],r=t[a]>>8,t[a]&=255;for(a=0;a<32;a++)t[a]-=r*Er[a];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Sr(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Kr(e,r)}function Pr(e,t){var r=zt(),i=zt(),a=zt(),n=zt(),s=zt(),o=zt(),c=zt();return er(e[2],qt),sr(e[1],t),hr(a,e[1]),ur(n,a,Wt),cr(a,a,e[2]),or(n,e[2],n),hr(s,n),hr(o,s),ur(c,o,s),ur(r,c,a),ur(r,r,n),function(e,t){var r,i=zt();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)hr(i,i),1!==r&&ur(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),ur(r,r,a),ur(r,r,n),ur(r,r,n),ur(e[0],r,n),hr(i,e[0]),ur(i,i,n),ar(i,a)&&ur(e[0],e[0],Zt),hr(i,e[0]),ur(i,i,n),ar(i,a)?-1:(nr(e[0])===t[31]>>7&&cr(e[0],Gt,e[0]),ur(e[3],e[0],e[1]),0)}var Ur=64;function Dr(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Ot.scalarMult=function(e,t){if(Dr(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return lr(r,e,t),r},Ot.box={},Ot.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){Ht(t,32),pr(e,t)}(e,t),{publicKey:e,secretKey:t}},Ot.box.keyPair.fromSecretKey=function(e){if(Dr(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return pr(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Ot.sign=function(e,t){if(Dr(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ur+e.length);return function(e,t,r,i){var a,n,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[zt(),zt(),zt(),zt()];fr(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var y=r+64;for(a=0;a<r;a++)e[64+a]=t[a];for(a=0;a<32;a++)e[32+a]=s[32+a];for(fr(c,e.subarray(32),r+32),Sr(c),vr(h,c),br(e,h),a=32;a<64;a++)e[a]=i[a];for(fr(o,e,r+64),Sr(o),a=0;a<64;a++)u[a]=0;for(a=0;a<32;a++)u[a]=c[a];for(a=0;a<32;a++)for(n=0;n<32;n++)u[a+n]+=o[a]*s[n];Kr(e.subarray(32),u)}(r,e,e.length,t),r},Ot.sign.detached=function(e,t){for(var r=Ot.sign(e,t),i=new Uint8Array(Ur),a=0;a<i.length;a++)i[a]=r[a];return i},Ot.sign.detached.verify=function(e,t,r){if(Dr(e,t,r),t.length!==Ur)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,a=new Uint8Array(Ur+e.length),n=new Uint8Array(Ur+e.length);for(i=0;i<Ur;i++)a[i]=t[i];for(i=0;i<e.length;i++)a[i+Ur]=e[i];return function(e,t,r,i){var a,n=new Uint8Array(32),s=new Uint8Array(64),o=[zt(),zt(),zt(),zt()],c=[zt(),zt(),zt(),zt()];if(r<64)return-1;if(Pr(c,i))return-1;for(a=0;a<r;a++)e[a]=t[a];for(a=0;a<32;a++)e[a+32]=i[a];if(fr(s,e,r),Sr(s),kr(o,c,s),vr(c,t.subarray(32)),mr(o,c),br(n,o),r-=64,Jt(t,0,n,0)){for(a=0;a<r;a++)e[a]=0;return-1}for(a=0;a<r;a++)e[a]=t[a+64];return r}(n,a,a.length,r)>=0},Ot.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Ar(e,t),{publicKey:e,secretKey:t}},Ot.sign.keyPair.fromSecretKey=function(e){if(Dr(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Ot.sign.keyPair.fromSeed=function(e){if(Dr(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Ar(t,r,!0),{publicKey:t,secretKey:r}},Ot.setPRNG=function(e){Ht=e},function(){if(Nt&&Nt.getRandomValues){Ot.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)Nt.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Cr={"2a8648ce3d030107":I.curve.nistP256,"2b81040022":I.curve.nistP384,"2b81040023":I.curve.nistP521,"2b8104000a":I.curve.secp256k1,"2b06010401da470f01":I.curve.ed25519Legacy,"2b060104019755010501":I.curve.curve25519Legacy,"2b2403030208010107":I.curve.brainpoolP256r1,"2b240303020801010b":I.curve.brainpoolP384r1,"2b240303020801010d":I.curve.brainpoolP512r1};class xr{constructor(e){if(e instanceof xr)this.oid=e.oid;else if(M.isArray(e)||M.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return M.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return M.uint8ArrayToHex(this.oid)}getName(){const e=Cr[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Tr(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=M.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function Ir(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):M.concatUint8Array([new Uint8Array([255]),M.writeNumber(e,4)])}function _r(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Br(e){return new Uint8Array([192|e])}function Mr(e,t){return M.concatUint8Array([Br(e),Ir(t)])}function Rr(e){return[I.packet.literalData,I.packet.compressedData,I.packet.symmetricallyEncryptedData,I.packet.symEncryptedIntegrityProtectedData,I.packet.aeadEncryptedData].includes(e)}async function Lr(e,t){const r=C(e);let i,a;try{const n=await r.peekBytes(2);if(!n||n.length<2||!(128&n[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const s=await r.readByte();let o,c,u=-1,h=-1;h=0,64&s&&(h=1),h?u=63&s:(u=(63&s)>>2,c=3&s);const y=Rr(u);let l,p=null;if(y){if("array"===M.isStream(e)){const e=new ArrayStream;i=x(e),p=e}else{const e=new TransformStream;i=x(e.writable),p=e.readable}a=t({tag:u,packet:p})}else p=[];do{if(h){const e=await r.readByte();if(l=!1,e<192)o=e;else if(e>=192&&e<224)o=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(o=1<<(31&e),l=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else o=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(c){case 0:o=await r.readByte();break;case 1:o=await r.readByte()<<8|await r.readByte();break;case 2:o=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:o=1/0}if(o>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:a}=await r.read();if(t){if(o===1/0)break;throw Error("Unexpected end of packet")}const n=o===1/0?a:a.subarray(0,o-e);if(i?await i.write(n):p.push(n),e+=a.length,e>=o){r.unshift(a.subarray(o-e+a.length));break}}}}while(l);const g=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(p=M.concatUint8Array(p),await t({tag:u,packet:p})),!g||!g.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await a,r.releaseLock()}}class Fr extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Fr),this.name="UnsupportedError"}}class Nr extends Fr{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Fr),this.name="UnknownPacketError"}}class Or{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}const zr=M.getWebCrypto(),Hr=M.getNodeCrypto(),jr={[I.curve.nistP256]:"P-256",[I.curve.nistP384]:"P-384",[I.curve.nistP521]:"P-521"},Gr=Hr?Hr.getCurves():[],qr=Hr?{[I.curve.secp256k1]:Gr.includes("secp256k1")?"secp256k1":void 0,[I.curve.nistP256]:Gr.includes("prime256v1")?"prime256v1":void 0,[I.curve.nistP384]:Gr.includes("secp384r1")?"secp384r1":void 0,[I.curve.nistP521]:Gr.includes("secp521r1")?"secp521r1":void 0,[I.curve.ed25519Legacy]:Gr.includes("ED25519")?"ED25519":void 0,[I.curve.curve25519Legacy]:Gr.includes("X25519")?"X25519":void 0,[I.curve.brainpoolP256r1]:Gr.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[I.curve.brainpoolP384r1]:Gr.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[I.curve.brainpoolP512r1]:Gr.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},Vr={[I.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:qr[I.curve.nistP256],web:jr[I.curve.nistP256],payloadSize:32,sharedSize:256},[I.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:I.publicKey.ecdsa,hash:I.hash.sha384,cipher:I.symmetric.aes192,node:qr[I.curve.nistP384],web:jr[I.curve.nistP384],payloadSize:48,sharedSize:384},[I.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:I.publicKey.ecdsa,hash:I.hash.sha512,cipher:I.symmetric.aes256,node:qr[I.curve.nistP521],web:jr[I.curve.nistP521],payloadSize:66,sharedSize:528},[I.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:qr[I.curve.secp256k1],payloadSize:32},[I.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:I.publicKey.eddsaLegacy,hash:I.hash.sha512,node:!1,payloadSize:32},[I.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:I.publicKey.ecdh,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:!1,payloadSize:32},[I.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:qr[I.curve.brainpoolP256r1],payloadSize:32},[I.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:I.publicKey.ecdsa,hash:I.hash.sha384,cipher:I.symmetric.aes192,node:qr[I.curve.brainpoolP384r1],payloadSize:48},[I.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:I.publicKey.ecdsa,hash:I.hash.sha512,cipher:I.symmetric.aes256,node:qr[I.curve.brainpoolP512r1],payloadSize:64}};class Wr{constructor(e){try{this.name=e instanceof xr?e.getName():I.write(I.curve,e)}catch(e){throw new Fr("Unknown curve")}const t=Vr[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.web&&M.getWebCrypto()?this.type="web":this.node&&M.getNodeCrypto()?this.type="node":this.name===I.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===I.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e){const t=await zr.generateKey({name:"ECDSA",namedCurve:jr[e]},!0,["sign","verify"]),r=await zr.exportKey("jwk",t.privateKey),i=await zr.exportKey("jwk",t.publicKey);return{publicKey:Qr(i),privateKey:z(r.d)}}(this.name)}catch(e){return M.printDebugError("Browser did not support generating ec key "+e.message),Xr(this.name)}case"node":return async function(e){const t=Hr.createECDH(qr[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const e=vt(32);e[0]=127&e[0]|64,e[31]&=248;const t=e.slice().reverse(),{publicKey:r}=Ot.box.keyPair.fromSecretKey(t);return{publicKey:M.concatUint8Array([new Uint8Array([64]),r]),privateKey:e}}case"ed25519Legacy":{const e=vt(32),t=Ot.sign.keyPair.fromSeed(e);return{publicKey:M.concatUint8Array([new Uint8Array([64]),t.publicKey]),privateKey:e}}default:return Xr(this.name)}}}async function $r(e,t,r,i){const a={[I.curve.nistP256]:!0,[I.curve.nistP384]:!0,[I.curve.nistP521]:!0,[I.curve.secp256k1]:!0,[I.curve.curve25519Legacy]:e===I.publicKey.ecdh,[I.curve.brainpoolP256r1]:!0,[I.curve.brainpoolP384r1]:!0,[I.curve.brainpoolP512r1]:!0},n=t.getName();if(!a[n])return!1;if(n===I.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Ot.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!M.equalsUint8Array(t,r)}const s=(await M.getNobleCurve(I.publicKey.ecdsa,n)).getPublicKey(i,!1);return!!M.equalsUint8Array(s,r)}async function Xr(e){const t=await M.getNobleCurve(I.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function Qr(e){const t=z(e.x),r=z(e.y),i=new Uint8Array(t.length+r.length+1);return i[0]=4,i.set(t,1),i.set(r,t.length+1),i}function Zr(e,t,r){const i=e,a=r.slice(1,i+1),n=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:H(a,!0),y:H(n,!0),ext:!0}}function Yr(e,t,r,i){const a=Zr(e,t,r);return a.d=H(i,!0),a}const Jr=M.getWebCrypto(),ei=M.getNodeCrypto();async function ti(e,t,r,i,a,n){const s=new Wr(e);if(r&&!M.isStream(r)){const e={publicKey:i,privateKey:a};switch(s.type){case"web":try{return await async function(e,t,r,i){const a=e.payloadSize,n=Yr(e.payloadSize,jr[e.name],i.publicKey,i.privateKey),s=await Jr.importKey("jwk",n,{name:"ECDSA",namedCurve:jr[e.name],hash:{name:I.read(I.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await Jr.sign({name:"ECDSA",namedCurve:jr[e.name],hash:{name:I.read(I.webHash,t)}},s,r));return{r:o.slice(0,a),s:o.slice(a,a<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;M.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const a=M.nodeRequire("eckey-utils"),n=M.getNodeBuffer(),{privateKey:s}=a.generateDer({curveName:qr[e.name],privateKey:n.from(i)}),o=ei.createSign(I.read(I.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,a)}}const o=(await M.getNobleCurve(I.publicKey.ecdsa,s.name)).sign(n,a,{lowS:!1});return{r:o.r.toUint8Array("be",s.payloadSize),s:o.s.toUint8Array("be",s.payloadSize)}}async function ri(e,t,r,i,a,n){const s=new Wr(e),o=async()=>0===n[0]&&ii(s,r,n.subarray(1),a);if(i&&!M.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},a,n){const s=Zr(e.payloadSize,jr[e.name],n),o=await Jr.importKey("jwk",s,{name:"ECDSA",namedCurve:jr[e.name],hash:{name:I.read(I.webHash,e.hash)}},!1,["verify"]),c=M.concatUint8Array([r,i]).buffer;return Jr.verify({name:"ECDSA",namedCurve:jr[e.name],hash:{name:I.read(I.webHash,t)}},o,c,a)}(s,t,r,i,a);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;M.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},a,n){const s=M.nodeRequire("eckey-utils"),o=M.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:qr[e.name],publicKey:o.from(n)}),u=ei.createVerify(I.read(I.hash,t));u.write(a),u.end();const h=M.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,a);return e||o()}}return await ii(s,r,n,a)||o()}async function ii(e,t,r,i){return(await M.getNobleCurve(I.publicKey.ecdsa,e.name)).verify(M.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var ai=/*#__PURE__*/Object.freeze({__proto__:null,sign:ti,validateParams:async function(e,t,r){const i=new Wr(e);if(i.keyType!==I.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=vt(8),a=I.hash.sha256,n=await we.digest(a,i);try{const s=await ti(e,a,i,t,r,n);return await ri(e,a,s,i,t,n)}catch(e){return!1}}default:return $r(I.publicKey.ecdsa,e,t,r)}},verify:ri});var ni=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,a,n){if(we.getHashByteLength(t)<we.getHashByteLength(I.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const s=M.concatUint8Array([a,i.subarray(1)]),o=Ot.sign.detached(n,s);return{r:o.subarray(0,32),s:o.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==I.curve.ed25519Legacy)return!1;const{publicKey:i}=Ot.sign.keyPair.fromSeed(r),a=new Uint8Array([64,...i]);return M.equalsUint8Array(t,a)},verify:async function(e,t,{r,s:i},a,n,s){if(we.getHashByteLength(t)<we.getHashByteLength(I.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=M.concatUint8Array([r,i]);return Ot.sign.detached.verify(s,o,n.subarray(1))}});function si(e){switch(e){case I.publicKey.ed25519:return 32;case I.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function oi(e){switch(e){case I.publicKey.ed25519:return I.hash.sha256;case I.publicKey.ed448:return I.hash.sha512;default:throw Error("Unknown EdDSA algo")}}var ci=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){switch(e){case I.publicKey.ed25519:{const t=vt(si(e)),{publicKey:r}=Ot.sign.keyPair.fromSeed(t);return{A:r,seed:t}}case I.publicKey.ed448:{const e=await M.getNobleCurve(I.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}},getPayloadSize:si,getPreferredHashAlgo:oi,sign:async function(e,t,r,i,a,n){if(we.getHashByteLength(t)<we.getHashByteLength(oi(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case I.publicKey.ed25519:{const e=M.concatUint8Array([a,i]);return{RS:Ot.sign.detached(n,e)}}case I.publicKey.ed448:return{RS:(await M.getNobleCurve(I.publicKey.ed448)).sign(n,a)};default:throw Error("Unsupported EdDSA algorithm")}},validateParams:async function(e,t,r){switch(e){case I.publicKey.ed25519:{const{publicKey:e}=Ot.sign.keyPair.fromSeed(r);return M.equalsUint8Array(t,e)}case I.publicKey.ed448:{const e=(await M.getNobleCurve(I.publicKey.ed448)).getPublicKey(r);return M.equalsUint8Array(t,e)}default:return!1}},verify:async function(e,t,{RS:r},i,a,n){if(we.getHashByteLength(t)<we.getHashByteLength(oi(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case I.publicKey.ed25519:return Ot.sign.detached.verify(n,r,a);case I.publicKey.ed448:return(await M.getNobleCurve(I.publicKey.ed448)).verify(r,n,a);default:throw Error("Unsupported EdDSA algorithm")}}});const ui=M.getWebCrypto();async function hi(e,t,r){const{keySize:i}=te(e);if(!M.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await ui.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await ui.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),a=await ui.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(a)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;M.printDebugError("Browser did not support operation: "+e.message)}return function(e,t,r){const i=new Fe(t,new Uint8Array(16),!1),a=new Uint32Array([2795939494,2795939494]),n=li(r);let s=a;const o=n,c=n.length/2,u=new Uint32Array([0,0]);let h=new Uint32Array(4);for(let e=0;e<=5;++e)for(let t=0;t<c;++t)u[1]=c*e+(1+t),h[0]=s[0],h[1]=s[1],h[2]=o[2*t],h[3]=o[2*t+1],h=li(i.encrypt(pi(h))),s=h.subarray(0,2),s[0]^=u[0],s[1]^=u[1],o[2*t]=h[2],o[2*t+1]=h[3];return pi(s,o)}(0,t,r)}async function yi(e,t,r){const{keySize:i}=te(e);if(!M.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let a;try{a=await ui.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return M.printDebugError("Browser did not support operation: "+e.message),function(e,t,r){const i=new Fe(t,new Uint8Array(16),!1),a=new Uint32Array([2795939494,2795939494]),n=li(r);let s=n.subarray(0,2);const o=n.subarray(2),c=n.length/2-1,u=new Uint32Array([0,0]);let h=new Uint32Array(4);for(let e=5;e>=0;--e)for(let t=c-1;t>=0;--t)u[1]=c*e+(t+1),h[0]=s[0]^u[0],h[1]=s[1]^u[1],h[2]=o[2*t],h[3]=o[2*t+1],h=li(i.decrypt(pi(h))),s=h.subarray(0,2),o[2*t]=h[2],o[2*t+1]=h[3];if(s[0]===a[0]&&s[1]===a[1])return pi(o);throw Error("Key Data Integrity failed")}(0,t,r)}try{const e=await ui.unwrapKey("raw",r,a,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await ui.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}function li(e){const t=e.buffer,r=new DataView(t),i=new Uint32Array(e.length/4);for(let t=0;t<e.length/4;++t)i[t]=r.getUint32(4*t);return i}function pi(){let e=0;for(let t=0;t<arguments.length;++t)e+=4*arguments[t].length;const t=new ArrayBuffer(e),r=new DataView(t);let i=0;for(let e=0;e<arguments.length;++e){for(let t=0;t<arguments[e].length;++t)r.setUint32(i+4*t,arguments[e][t]);i+=4*arguments[e].length}return new Uint8Array(t)}var gi=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:yi,wrap:hi});function di(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function fi(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),a=new Uint8Array(r).fill(r);if(M.equalsUint8Array(i,a))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var mi=/*#__PURE__*/Object.freeze({__proto__:null,decode:fi,encode:di});const wi=M.getWebCrypto(),bi=M.getNodeCrypto();function ki(e,t,r,i){return M.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),M.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i.subarray(0,20)])}async function vi(e,t,r,i,a=!1,n=!1){let s;if(a){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(n){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await we.digest(e,M.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function Ai(e,t){switch(e.type){case"curve25519Legacy":{const r=vt(32),{secretKey:i,sharedKey:a}=await Ei(e,t,null,r);let{publicKey:n}=Ot.box.keyPair.fromSecretKey(i);return n=M.concatUint8Array([new Uint8Array([64]),n]),{publicKey:n,sharedKey:a}}case"web":if(e.web&&M.getWebCrypto())try{return await async function(e,t){const r=Zr(e.payloadSize,e.web,t);let i=wi.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),a=wi.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,a]=await Promise.all([i,a]);let n=wi.deriveBits({name:"ECDH",namedCurve:e.web,public:a},i.privateKey,e.sharedSize),s=wi.exportKey("jwk",i.publicKey);[n,s]=await Promise.all([n,s]);const o=new Uint8Array(n),c=new Uint8Array(Qr(s));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return M.printDebugError(r),Si(e,t)}break;case"node":return async function(e,t){const r=bi.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),a=new Uint8Array(r.getPublicKey());return{publicKey:a,sharedKey:i}}(e,t);default:return Si(e,t)}}async function Ei(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:Ot.scalarMult(e,t.subarray(1))}}case"web":if(e.web&&M.getWebCrypto())try{return await async function(e,t,r,i){const a=Yr(e.payloadSize,e.web,r,i);let n=wi.importKey("jwk",a,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=Zr(e.payloadSize,e.web,t);let o=wi.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[n,o]=await Promise.all([n,o]);let c=wi.deriveBits({name:"ECDH",namedCurve:e.web,public:o},n,e.sharedSize),u=wi.exportKey("jwk",n);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:z(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return M.printDebugError(r),Ki(e,t,i)}break;case"node":return async function(e,t,r){const i=bi.createECDH(e.node);i.setPrivateKey(r);const a=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:a}}(e,t,i);default:return Ki(e,t,i)}}async function Ki(e,t,r){return{secretKey:r,sharedKey:(await M.getNobleCurve(I.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Si(e,t){const r=await M.getNobleCurve(I.publicKey.ecdh,e.name),{publicKey:i,privateKey:a}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(a,t).subarray(1)}}var Pi=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a,n,s){const o=new Wr(e),{sharedKey:c}=await Ei(o,r,a,n),u=ki(I.publicKey.ecdh,e,t,s),{keySize:h}=te(t.cipher);let y;for(let e=0;e<3;e++)try{const r=await vi(t.hash,c,h,u,1===e,2===e);return fi(await yi(t.cipher,r,i))}catch(e){y=e}throw y},encrypt:async function(e,t,r,i,a){const n=di(r),s=new Wr(e),{publicKey:o,sharedKey:c}=await Ai(s,i),u=ki(I.publicKey.ecdh,e,t,a),{keySize:h}=te(t.cipher),y=await vi(t.hash,c,h,u);return{publicKey:o,wrappedKey:await hi(t.cipher,y,n)}},validateParams:async function(e,t,r){return $r(I.publicKey.ecdh,e,t,r)}});const Ui=M.getWebCrypto();async function Di(e,t,r,i,a){const n=I.read(I.webHash,e);if(!n)throw Error("Hash algo not supported with HKDF");const s=await Ui.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Ui.deriveBits({name:"HKDF",hash:n,salt:r,info:i},s,8*a);return new Uint8Array(o)}const Ci={x25519:M.encodeUTF8("OpenPGP X25519"),x448:M.encodeUTF8("OpenPGP X448")};var xi=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a){switch(e){case I.publicKey.x25519:{const e=Ot.scalarMult(a,t),n=M.concatUint8Array([t,i,e]),s=I.symmetric.aes128,{keySize:o}=te(s);return yi(s,await Di(I.hash.sha256,n,new Uint8Array,Ci.x25519,o),r)}case I.publicKey.x448:{const e=(await M.getNobleCurve(I.publicKey.x448)).getSharedSecret(a,t),n=M.concatUint8Array([t,i,e]),s=I.symmetric.aes256,{keySize:o}=te(I.symmetric.aes256);return yi(s,await Di(I.hash.sha512,n,new Uint8Array,Ci.x448,o),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){switch(e){case I.publicKey.x25519:{const e=vt(32),i=Ot.scalarMult(e,r),{publicKey:a}=Ot.box.keyPair.fromSecretKey(e),n=M.concatUint8Array([a,r,i]),s=I.symmetric.aes128,{keySize:o}=te(s),c=await Di(I.hash.sha256,n,new Uint8Array,Ci.x25519,o);return{ephemeralPublicKey:a,wrappedKey:await hi(s,c,t)}}case I.publicKey.x448:{const e=await M.getNobleCurve(I.publicKey.x448),i=e.utils.randomPrivateKey(),a=e.getSharedSecret(i,r),n=e.getPublicKey(i),s=M.concatUint8Array([n,r,a]),o=I.symmetric.aes256,{keySize:c}=te(I.symmetric.aes256),u=await Di(I.hash.sha512,s,new Uint8Array,Ci.x448,c);return{ephemeralPublicKey:n,wrappedKey:await hi(o,u,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:async function(e){switch(e){case I.publicKey.x25519:{const e=vt(32),{publicKey:t}=Ot.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case I.publicKey.x448:{const e=await M.getNobleCurve(I.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}},getPayloadSize:function(e){switch(e){case I.publicKey.x25519:return 32;case I.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}},validateParams:async function(e,t,r){switch(e){case I.publicKey.x25519:{const{publicKey:e}=Ot.box.keyPair.fromSecretKey(r);return M.equalsUint8Array(t,e)}case I.publicKey.x448:{const e=(await M.getNobleCurve(I.publicKey.x448)).getPublicKey(r);return M.equalsUint8Array(t,e)}default:return!1}}}),Ti=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:Wr,ecdh:Pi,ecdhX:xi,ecdsa:ai,eddsa:ci,eddsaLegacy:ni,generate:async function(e){const t=new Wr(e),{oid:r,hash:i,cipher:a}=t,n=await t.genKeyPair();return{oid:r,Q:n.publicKey,secret:M.leftPad(n.privateKey,t.payloadSize),hash:i,cipher:a}},getPreferredHashAlgo:function(e){return Vr[e.getName()].hash}});var Ii=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,a,n){const s=await M.getBigInteger(),o=new s(1);let c,u,h,y;i=new s(i),a=new s(a),r=new s(r),n=new s(n),r=r.mod(i),n=n.mod(a);const l=new s(t.subarray(0,a.byteLength())).mod(a);for(;;){if(c=await At(o,a),u=r.modExp(c,i).imod(a),u.isZero())continue;const e=n.mul(u).imod(a);if(y=l.add(e).imod(a),h=c.modInv(a).imul(y).imod(a),!h.isZero())break}return{r:u.toUint8Array("be",a.byteLength()),s:h.toUint8Array("be",a.byteLength())}},validateParams:async function(e,t,r,i,a){const n=await M.getBigInteger();e=new n(e),t=new n(t),r=new n(r),i=new n(i);const s=new n(1);if(r.lte(s)||r.gte(e))return!1;if(!e.dec().mod(t).isZero())return!1;if(!r.modExp(t,e).isOne())return!1;const o=new n(t.bitLength()),c=new n(150);if(o.lt(c)||!await St(t,null,32))return!1;a=new n(a);const u=new n(2),h=await At(u.leftShift(o.dec()),u.leftShift(o)),y=t.mul(h).add(a);return!!i.equal(r.modExp(y,e))},verify:async function(e,t,r,i,a,n,s,o){const c=await M.getBigInteger(),u=new c(0);if(t=new c(t),r=new c(r),n=new c(n),s=new c(s),a=new c(a),o=new c(o),t.lte(u)||t.gte(s)||r.lte(u)||r.gte(s))return M.printDebug("invalid DSA Signature"),!1;const h=new c(i.subarray(0,s.byteLength())).imod(s),y=r.modInv(s);if(y.isZero())return M.printDebug("invalid DSA Signature"),!1;a=a.mod(n),o=o.mod(n);const l=h.mul(y).imod(s),p=t.mul(y).imod(s),g=a.modExp(l,n),d=o.modExp(p,n);return g.mul(d).imod(n).imod(s).equal(t)}});const _i=new Set([I.hash.sha1,I.hash.sha256,I.hash.sha512]),Bi=M.getWebCrypto(),Mi=M.getNodeCrypto();var Ri={rsa:Lt,elgamal:Ft,elliptic:Ti,dsa:Ii,hmac:/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!_i.has(e))throw Error("Unsupported hash algorithm.");const t=I.read(I.webHash,e),r=Bi||Mi.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),a=await r.exportKey("raw",i);return new Uint8Array(a)},sign:async function(e,t,r){if(!_i.has(e))throw Error("Unsupported hash algorithm.");const i=I.read(I.webHash,e),a=Bi||Mi.webcrypto.subtle,n=await a.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await a.sign("HMAC",n,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!_i.has(e))throw Error("Unsupported hash algorithm.");const a=I.read(I.webHash,e),n=Bi||Mi.webcrypto.subtle,s=await n.importKey("raw",t,{name:"HMAC",hash:{name:a}},!1,["verify"]);return n.verify("HMAC",s,r,i)}})};class Li{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!M.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return M.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var Fi=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const e=M.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case I.publicKey.dsa:case I.publicKey.ecdsa:{const e=M.readMPI(t.subarray(r));r+=e.length+2;const i=M.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case I.publicKey.eddsaLegacy:{let e=M.readMPI(t.subarray(r));r+=e.length+2,e=M.leftPad(e,32);let i=M.readMPI(t.subarray(r));return r+=i.length+2,i=M.leftPad(i,32),{read:r,signatureParams:{r:e,s:i}}}case I.publicKey.ed25519:case I.publicKey.ed448:{const i=2*Ri.elliptic.eddsa.getPayloadSize(e),a=M.readExactSubarray(t,r,r+i);return r+=a.length,{read:r,signatureParams:{RS:a}}}case I.publicKey.hmac:{const e=new Li;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}default:throw new Fr("Unknown signature algorithm.")}},sign:async function(e,t,r,i,a,n){if(!r||!i)throw Error("Missing key parameters");switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Ri.rsa.sign(t,a,e,s,o,c,u,h,n)}}case I.publicKey.dsa:{const{g:e,p:a,q:s}=r,{x:o}=i;return Ri.dsa.sign(t,n,e,a,s,o)}case I.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case I.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return Ri.elliptic.ecdsa.sign(e,t,a,s,o,n)}case I.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return Ri.elliptic.eddsaLegacy.sign(e,t,a,s,o,n)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return Ri.elliptic.eddsa.sign(e,t,a,s,o,n)}case I.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,a=await Ri.hmac.sign(e.getValue(),t,n);return{mac:new Li(a)}}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,a,n,s){switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const{n:e,e:a}=i,o=M.leftPad(r.s,e.length);return Ri.rsa.verify(t,n,o,e,a,s)}case I.publicKey.dsa:{const{g:e,p:a,q:n,y:o}=i,{r:c,s:u}=r;return Ri.dsa.verify(t,c,u,s,e,a,n,o)}case I.publicKey.ecdsa:{const{oid:e,Q:a}=i,o=new Ri.elliptic.CurveWithOID(e).payloadSize,c=M.leftPad(r.r,o),u=M.leftPad(r.s,o);return Ri.elliptic.ecdsa.verify(e,t,{r:c,s:u},n,a,s)}case I.publicKey.eddsaLegacy:{const{oid:e,Q:a}=i;return Ri.elliptic.eddsaLegacy.verify(e,t,r,n,a,s)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:a}=i;return Ri.elliptic.eddsa.verify(e,t,r,n,a,s)}case I.publicKey.hmac:{if(!a)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=a;return Ri.hmac.verify(e.getValue(),t,r.mac.data,s)}default:throw Error("Unknown signature algorithm.")}}});class Ni{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return M.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class Oi{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:a}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=a}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new Fr("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return M.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const zi=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=I.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return I.read(e,this.data)}getValue(){return this.data}},Hi=zi(I.aead),ji=zi(I.symmetric),Gi=zi(I.hash);class qi{static fromObject({wrappedKey:e,algorithm:t}){const r=new qi;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=M.readExactSubarray(e,t,t+r),t+=r}write(){return M.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function Vi(e,t){const r=vt(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await we.sha256(r)}}}function Wi(e){const{keySize:t}=te(e);return vt(t)}function $i(e){const t=I.read(I.aead,e);return bt[t]}function Xi(e){try{e.getName()}catch(e){throw new Fr("Unknown curve OID")}}function Qi(e,t){switch(e){case I.publicKey.ecdsa:case I.publicKey.ecdh:case I.publicKey.eddsaLegacy:return new Ri.elliptic.CurveWithOID(t).payloadSize;case I.publicKey.ed25519:case I.publicKey.ed448:return Ri.elliptic.eddsa.getPayloadSize(e);case I.publicKey.x25519:case I.publicKey.x448:return Ri.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var Zi=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:return Ri.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:a,u:n})=>({privateParams:{d:r,p:i,q:a,u:n},publicParams:{n:e,e:t}})));case I.publicKey.ecdsa:return Ri.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new xr(e),Q:t}})));case I.publicKey.eddsaLegacy:return Ri.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new xr(e),Q:t}})));case I.publicKey.ecdh:return Ri.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:a})=>({privateParams:{d:r},publicParams:{oid:new xr(e),Q:t,kdfParams:new Oi({hash:i,cipher:a})}})));case I.publicKey.ed25519:case I.publicKey.ed448:return Ri.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case I.publicKey.x25519:case I.publicKey.x448:return Ri.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case I.publicKey.hmac:return Vi(await Ri.hmac.generate(i),new Gi(i));case I.publicKey.aead:return Vi(Wi(i),new ji(i));case I.publicKey.dsa:case I.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:Wi,getAEADMode:$i,getCipherParams:te,getCurvePayloadSize:Qi,getPreferredCurveHashAlgo:function(e,t){switch(e){case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:return Ri.elliptic.getPreferredHashAlgo(t);case I.publicKey.ed25519:case I.publicKey.ed448:return Ri.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=te(e),r=await vt(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return M.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:return{c:M.readMPI(t.subarray(r))};case I.publicKey.elgamal:{const e=M.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:M.readMPI(t.subarray(r))}}case I.publicKey.ecdh:{const e=M.readMPI(t.subarray(r));r+=e.length+2;const i=new Ni;return i.read(t.subarray(r)),{V:e,C:i}}case I.publicKey.x25519:case I.publicKey.x448:{const i=Qi(e),a=M.readExactSubarray(t,r,r+i);r+=a.length;const n=new qi;return n.read(t.subarray(r)),{ephemeralPublicKey:a,C:n}}case I.publicKey.aead:{const e=new Hi;r+=e.read(t.subarray(r));const{ivLength:i}=$i(e.getValue()),a=t.subarray(r,r+i);r+=i;const n=new Li;return r+=n.read(t.subarray(r)),{aeadMode:e,iv:a,c:n}}default:throw new Fr("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:function(e,t,r){let i=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const e=M.readMPI(t.subarray(i));i+=e.length+2;const r=M.readMPI(t.subarray(i));i+=r.length+2;const a=M.readMPI(t.subarray(i));i+=a.length+2;const n=M.readMPI(t.subarray(i));return i+=n.length+2,{read:i,privateParams:{d:e,p:r,q:a,u:n}}}case I.publicKey.dsa:case I.publicKey.elgamal:{const e=M.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case I.publicKey.ecdsa:case I.publicKey.ecdh:{const a=Qi(e,r.oid);let n=M.readMPI(t.subarray(i));return i+=n.length+2,n=M.leftPad(n,a),{read:i,privateParams:{d:n}}}case I.publicKey.eddsaLegacy:{const a=Qi(e,r.oid);let n=M.readMPI(t.subarray(i));return i+=n.length+2,n=M.leftPad(n,a),{read:i,privateParams:{seed:n}}}case I.publicKey.ed25519:case I.publicKey.ed448:{const r=Qi(e),a=M.readExactSubarray(t,i,i+r);return i+=a.length,{read:i,privateParams:{seed:a}}}case I.publicKey.x25519:case I.publicKey.x448:{const r=Qi(e),a=M.readExactSubarray(t,i,i+r);return i+=a.length,{read:i,privateParams:{k:a}}}case I.publicKey.hmac:{const{cipher:e}=r,a=we.getHashByteLength(e.getValue()),n=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}case I.publicKey.aead:{const{cipher:e}=r,a=t.subarray(i,i+32);i+=32;const{keySize:n}=te(e.getValue()),s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}default:throw new Fr("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const e=M.readMPI(t.subarray(r));r+=e.length+2;const i=M.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case I.publicKey.dsa:{const e=M.readMPI(t.subarray(r));r+=e.length+2;const i=M.readMPI(t.subarray(r));r+=i.length+2;const a=M.readMPI(t.subarray(r));r+=a.length+2;const n=M.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,q:i,g:a,y:n}}}case I.publicKey.elgamal:{const e=M.readMPI(t.subarray(r));r+=e.length+2;const i=M.readMPI(t.subarray(r));r+=i.length+2;const a=M.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,g:i,y:a}}}case I.publicKey.ecdsa:{const e=new xr;r+=e.read(t),Xi(e);const i=M.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case I.publicKey.eddsaLegacy:{const e=new xr;r+=e.read(t),Xi(e);let i=M.readMPI(t.subarray(r));return r+=i.length+2,i=M.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case I.publicKey.ecdh:{const e=new xr;r+=e.read(t),Xi(e);const i=M.readMPI(t.subarray(r));r+=i.length+2;const a=new Oi;return r+=a.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:a}}}case I.publicKey.ed25519:case I.publicKey.ed448:case I.publicKey.x25519:case I.publicKey.x448:{const i=M.readExactSubarray(t,r,r+Qi(e));return r+=i.length,{read:r,publicParams:{A:i}}}case I.publicKey.hmac:case I.publicKey.aead:{const e=new ji;r+=e.read(t);const i=we.getHashByteLength(I.hash.sha256),a=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:a}}}default:throw new Fr("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,a,n){switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:{const{c:e}=i,{n:a,e:s}=t,{d:o,p:c,q:u,u:h}=r;return Ri.rsa.decrypt(e,a,s,o,c,u,h,n)}case I.publicKey.elgamal:{const{c1:e,c2:a}=i,s=t.p,o=r.x;return Ri.elgamal.decrypt(e,a,s,o,n)}case I.publicKey.ecdh:{const{oid:e,Q:n,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Ri.elliptic.ecdh.decrypt(e,s,c,u.data,n,o,a)}case I.publicKey.x25519:case I.publicKey.x448:{const{A:a}=t,{k:n}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!M.isAES(o.algorithm))throw Error("AES session key expected");return Ri.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,a,n)}case I.publicKey.aead:{const{cipher:e}=t,a=e.getValue(),{keyMaterial:n}=r,{aeadMode:s,iv:o,c}=i,u=$i(s.getValue());return(await u(a,n)).decrypt(c.data,o,new Uint8Array)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,a,n){switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ri.rsa.encrypt(a,e,t)}}case I.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return Ri.elgamal.encrypt(a,e,t,i)}case I.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Ri.elliptic.ecdh.encrypt(e,i,a,t,n);return{V:s,C:new Ni(o)}}case I.publicKey.x25519:case I.publicKey.x448:{if(t&&!M.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:n,wrappedKey:s}=await Ri.elliptic.ecdhX.encrypt(e,a,i);return{ephemeralPublicKey:n,C:qi.fromObject({algorithm:t,wrappedKey:s})}}case I.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:n}=i,s=_.preferredAEADAlgorithm,o=$i(_.preferredAEADAlgorithm),{ivLength:c}=o,u=vt(c),h=await o(t,n),y=await h.encrypt(a,u,new Uint8Array);return{aeadMode:new Hi(s),iv:u,c:new Li(y)}}default:return[]}},serializeParams:function(e,t){const r=new Set([I.publicKey.ed25519,I.publicKey.x25519,I.publicKey.ed448,I.publicKey.x448,I.publicKey.aead,I.publicKey.hmac]),i=Object.keys(t).map((i=>{const a=t[i];return M.isUint8Array(a)?r.has(e)?a:M.uint8ArrayToMPI(a):a.write()}));return M.concatUint8Array(i)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const{n:e,e:i}=t,{d:a,p:n,q:s,u:o}=r;return Ri.rsa.validateParams(e,i,a,n,s,o)}case I.publicKey.dsa:{const{p:e,q:i,g:a,y:n}=t,{x:s}=r;return Ri.dsa.validateParams(e,i,a,n,s)}case I.publicKey.elgamal:{const{p:e,g:i,y:a}=t,{x:n}=r;return Ri.elgamal.validateParams(e,i,a,n)}case I.publicKey.ecdsa:case I.publicKey.ecdh:{const i=Ri.elliptic[I.read(I.publicKey,e)],{oid:a,Q:n}=t,{d:s}=r;return i.validateParams(a,n,s)}case I.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:a}=r;return Ri.elliptic.eddsaLegacy.validateParams(i,e,a)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:i}=t,{seed:a}=r;return Ri.elliptic.eddsa.validateParams(e,i,a)}case I.publicKey.x25519:case I.publicKey.x448:{const{A:i}=t,{k:a}=r;return Ri.elliptic.ecdhX.validateParams(e,i,a)}case I.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:a,keyMaterial:n}=r;return we.getHashByteLength(e.getValue())===n.length&&M.equalsUint8Array(i,await we.sha256(a))}case I.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:a,keyMaterial:n}=r,{keySize:s}=te(e.getValue());return s===n.length&&M.equalsUint8Array(i,await we.sha256(a))}default:throw Error("Unknown public key algorithm.")}}});const Yi={cipher:re,hash:we,mode:bt,publicKey:Ri,signature:Fi,random:Et,pkcs1:Tt,pkcs5:mi,aesKW:gi};Object.assign(Yi,Zi);class Ji extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Ji),this.name="Argon2OutOfMemoryError"}}let ea,ta,ra=2<<19;class ia{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return ra}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){ra=e}static reloadWasmModule(){ea&&(ta=ea(),ta.catch((()=>{})))}constructor(e=_){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=Yi.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([I.write(I.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return M.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{ea=ea||(await import("./argon2id.min.mjs")).default,ta=ta||ea();const i=await ta,a=i({version:19,type:2,password:M.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ia.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ia.reloadWasmModule(),a}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new Ji("Could not allocate required memory for Argon2"):e}}}class aa{constructor(e,t=_){this.algorithm=I.hash.sha256,this.type=I.read(I.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=Yi.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==M.uint8ArrayToString(e.subarray(t,t+3)))throw new Fr("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new Fr("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new Fr("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...M.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([I.write(I.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return M.concatUint8Array(e)}async produceKey(e,t){e=M.encodeUTF8(e);const r=[];let i=0,a=0;for(;i<t;){let t;switch(this.type){case"simple":t=M.concatUint8Array([new Uint8Array(a),e]);break;case"salted":t=M.concatUint8Array([new Uint8Array(a),this.salt,e]);break;case"iterated":{const r=M.concatUint8Array([this.salt,e]);let i=r.length;const n=Math.max(this.getCount(),i);t=new Uint8Array(a+n),t.set(r,a);for(let e=a+i;e<n;e+=i,i*=2)t.copyWithin(e,a,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const n=await Yi.hash.digest(this.algorithm,t);r.push(n),i+=n.length,a++}return M.concatUint8Array(r).subarray(0,t)}}const na=new Set([I.s2k.argon2,I.s2k.iterated]);function sa(e,t=_){switch(e){case I.s2k.argon2:return new ia(t);case I.s2k.iterated:case I.s2k.gnu:case I.s2k.salted:case I.s2k.simple:return new aa(e,t);default:throw new Fr("Unsupported S2K type")}}function oa(e){const{s2kType:t}=e;if(!na.has(t))throw Error("The provided `config.s2kType` value is not allowed");return sa(t,e)}var ca=Uint8Array,ua=Uint16Array,ha=Uint32Array,ya=new ca([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),la=new ca([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),pa=new ca([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),ga=function(e,t){for(var r=new ua(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var a=new ha(r[30]);for(i=1;i<30;++i)for(var n=r[i];n<r[i+1];++n)a[n]=n-r[i]<<5|i;return[r,a]},da=ga(ya,2),fa=da[0],ma=da[1];fa[28]=258,ma[258]=28;for(var wa=ga(la,0),ba=wa[0],ka=wa[1],va=new ua(32768),Aa=0;Aa<32768;++Aa){var Ea=(43690&Aa)>>>1|(21845&Aa)<<1;Ea=(61680&(Ea=(52428&Ea)>>>2|(13107&Ea)<<2))>>>4|(3855&Ea)<<4,va[Aa]=((65280&Ea)>>>8|(255&Ea)<<8)>>>1}var Ka=function(e,t,r){for(var i=e.length,a=0,n=new ua(t);a<i;++a)e[a]&&++n[e[a]-1];var s,o=new ua(t);for(a=0;a<t;++a)o[a]=o[a-1]+n[a-1]<<1;if(r){s=new ua(1<<t);var c=15-t;for(a=0;a<i;++a)if(e[a])for(var u=a<<4|e[a],h=t-e[a],y=o[e[a]-1]++<<h,l=y|(1<<h)-1;y<=l;++y)s[va[y]>>>c]=u}else for(s=new ua(i),a=0;a<i;++a)e[a]&&(s[a]=va[o[e[a]-1]++]>>>15-e[a]);return s},Sa=new ca(288);for(Aa=0;Aa<144;++Aa)Sa[Aa]=8;for(Aa=144;Aa<256;++Aa)Sa[Aa]=9;for(Aa=256;Aa<280;++Aa)Sa[Aa]=7;for(Aa=280;Aa<288;++Aa)Sa[Aa]=8;var Pa=new ca(32);for(Aa=0;Aa<32;++Aa)Pa[Aa]=5;var Ua=/*#__PURE__*/Ka(Sa,9,0),Da=/*#__PURE__*/Ka(Sa,9,1),Ca=/*#__PURE__*/Ka(Pa,5,0),xa=/*#__PURE__*/Ka(Pa,5,1),Ta=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Ia=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},_a=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},Ba=function(e){return(e+7)/8|0},Ma=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?ua:4==e.BYTES_PER_ELEMENT?ha:ca)(r-t);return i.set(e.subarray(t,r)),i},Ra=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],La=function(e,t,r){var i=Error(t||Ra[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,La),!r)throw i;return i},Fa=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},Na=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},Oa=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var a=r.length,n=r.slice();if(!a)return[Wa,0];if(1==a){var s=new ca(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,y=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=a-1;)o=r[r[u].f<r[y].f?u++:y++],c=r[u!=h&&r[u].f<r[y].f?u++:y++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var l=n[0].s;for(i=1;i<a;++i)n[i].s>l&&(l=n[i].s);var p=new ua(l+1),g=za(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(n.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<a;++i){var w=n[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=n[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=n[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new ca(p),g]},za=function(e,t,r){return-1==e.s?Math.max(za(e.l,t,r+1),za(e.r,t,r+1)):t[e.s]=r},Ha=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new ua(++t),i=0,a=e[0],n=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==a&&o!=t)++n;else{if(!a&&n>2){for(;n>138;n-=138)s(32754);n>2&&(s(n>10?n-11<<5|28690:n-3<<5|12305),n=0)}else if(n>3){for(s(a),--n;n>6;n-=6)s(8304);n>2&&(s(n-3<<5|8208),n=0)}for(;n--;)s(a);n=1,a=e[o]}return[r.subarray(0,i),t]},ja=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Ga=function(e,t,r){var i=r.length,a=Ba(t+2);e[a]=255&i,e[a+1]=i>>>8,e[a+2]=255^e[a],e[a+3]=255^e[a+1];for(var n=0;n<i;++n)e[a+n+4]=r[n];return 8*(a+4+i)},qa=function(e,t,r,i,a,n,s,o,c,u,h){Fa(t,h++,r),++a[256];for(var y=Oa(a,15),l=y[0],p=y[1],g=Oa(n,15),d=g[0],f=g[1],m=Ha(l),w=m[0],b=m[1],k=Ha(d),v=k[0],A=k[1],E=new ua(19),K=0;K<w.length;++K)E[31&w[K]]++;for(K=0;K<v.length;++K)E[31&v[K]]++;for(var S=Oa(E,7),P=S[0],U=S[1],D=19;D>4&&!P[pa[D-1]];--D);var C,x,T,I,_=u+5<<3,B=ja(a,Sa)+ja(n,Pa)+s,M=ja(a,l)+ja(n,d)+s+14+3*D+ja(E,P)+(2*E[16]+3*E[17]+7*E[18]);if(_<=B&&_<=M)return Ga(t,h,e.subarray(c,c+u));if(Fa(t,h,1+(M<B)),h+=2,M<B){C=Ka(l,p,0),x=l,T=Ka(d,f,0),I=d;var R=Ka(P,U,0);Fa(t,h,b-257),Fa(t,h+5,A-1),Fa(t,h+10,D-4),h+=14;for(K=0;K<D;++K)Fa(t,h+3*K,P[pa[K]]);h+=3*D;for(var L=[w,v],F=0;F<2;++F){var N=L[F];for(K=0;K<N.length;++K){var O=31&N[K];Fa(t,h,R[O]),h+=P[O],O>15&&(Fa(t,h,N[K]>>>5&127),h+=N[K]>>>12)}}}else C=Ua,x=Sa,T=Ca,I=Pa;for(K=0;K<o;++K)if(i[K]>255){O=i[K]>>>18&31;Na(t,h,C[O+257]),h+=x[O+257],O>7&&(Fa(t,h,i[K]>>>23&31),h+=ya[O]);var z=31&i[K];Na(t,h,T[z]),h+=I[z],z>3&&(Na(t,h,i[K]>>>5&8191),h+=la[z])}else Na(t,h,C[i[K]]),h+=x[i[K]];return Na(t,h,C[256]),h+x[256]},Va=/*#__PURE__*/new ha([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),Wa=/*#__PURE__*/new ca(0),$a=function(e,t,r,i,a){return function(e,t,r,i,a,n){var s=e.length,o=new ca(i+s+5*(1+Math.ceil(s/7e3))+a),c=o.subarray(i,o.length-a),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var y=h+65535;y>=s&&(c[u>>3]=n),u=Ga(c,u+1,e.subarray(h,y))}else{for(var l=Va[t-1],p=l>>>13,g=8191&l,d=(1<<r)-1,f=new ua(32768),m=new ua(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new ha(25e3),A=new ua(288),E=new ua(32),K=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var C=k(h),x=32767&h,T=m[C];if(f[x]=T,m[C]=x,U<=h){var I=s-h;if((K>7e3||P>24576)&&I>423){u=qa(e,c,0,v,A,E,S,P,D,h-D,u),P=K=S=0,D=h;for(var _=0;_<286;++_)A[_]=0;for(_=0;_<30;++_)E[_]=0}var B=2,M=0,R=g,L=x-T&32767;if(I>2&&C==k(h-L))for(var F=Math.min(p,I)-1,N=Math.min(32767,h),O=Math.min(258,I);L<=N&&--R&&x!=T;){if(e[h+B]==e[h+B-L]){for(var z=0;z<O&&e[h+z]==e[h+z-L];++z);if(z>B){if(B=z,M=L,z>F)break;var H=Math.min(L,z-2),j=0;for(_=0;_<H;++_){var G=h-L+_+32768&32767,q=G-f[G]+32768&32767;q>j&&(j=q,T=G)}}}L+=(x=T)-(T=f[x])+32768&32767}if(M){v[P++]=268435456|ma[B]<<18|ka[M];var V=31&ma[B],W=31&ka[M];S+=ya[V]+la[W],++A[257+V],++E[W],U=h+B,++K}else v[P++]=e[h],++A[e[h]]}}u=qa(e,c,n,v,A,E,S,P,D,h-D,u),!n&&7&u&&(u=Ga(c,u+1,Wa))}return Ma(o,0,i+Ba(u)+a)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!a)},Xa=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata($a(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||La(5),this.d&&La(4),this.d=t,this.p(e,t||!1)},e}(),Qa=/*#__PURE__*/function(){function e(e){this.s={},this.p=new ca(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||La(5),this.d&&La(4);var t=this.p.length,r=new ca(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new ca(0);var a=!t||r,n=!r||r.i;r||(r={}),t||(t=new ca(3*i));var s=function(e){var r=t.length;if(e>r){var i=new ca(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,y=r.d,l=r.m,p=r.n,g=8*i;do{if(!h){o=Ia(e,c,1);var d=Ia(e,c+1,3);if(c+=3,!d){var f=e[(U=Ba(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){n&&La(0);break}a&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=Da,y=xa,l=9,p=5;else if(2==d){var w=Ia(e,c,31)+257,b=Ia(e,c+10,15)+4,k=w+Ia(e,c+5,31)+1;c+=14;for(var v=new ca(k),A=new ca(19),E=0;E<b;++E)A[pa[E]]=Ia(e,c+3*E,7);c+=3*b;var K=Ta(A),S=(1<<K)-1,P=Ka(A,K,1);for(E=0;E<k;){var U,D=P[Ia(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[E++]=U;else{var C=0,x=0;for(16==U?(x=3+Ia(e,c,3),c+=2,C=v[E-1]):17==U?(x=3+Ia(e,c,7),c+=3):18==U&&(x=11+Ia(e,c,127),c+=7);x--;)v[E++]=C}}var T=v.subarray(0,w),I=v.subarray(w);l=Ta(T),p=Ta(I),h=Ka(T,l,1),y=Ka(I,p,1)}else La(1);if(c>g){n&&La(0);break}}a&&s(u+131072);for(var _=(1<<l)-1,B=(1<<p)-1,M=c;;M=c){var R=(C=h[_a(e,c)&_])>>>4;if((c+=15&C)>g){n&&La(0);break}if(C||La(2),R<256)t[u++]=R;else{if(256==R){M=c,h=null;break}var L=R-254;if(R>264){var F=ya[E=R-257];L=Ia(e,c,(1<<F)-1)+fa[E],c+=F}var N=y[_a(e,c)&B],O=N>>>4;if(N||La(3),c+=15&N,I=ba[O],O>3&&(F=la[O],I+=_a(e,c)&(1<<F)-1,c+=F),c>g){n&&La(0);break}a&&s(u+131072);for(var z=u+L;u<z;u+=4)t[u]=t[u-I],t[u+1]=t[u+1-I],t[u+2]=t[u+2-I],t[u+3]=t[u+3-I];u=z}}r.l=h,r.p=M,r.b=u,r.f=o,h&&(o=1,r.m=l,r.d=y,r.n=p)}while(!o);return u==t.length?t:Ma(t,0,u)}(this.p,this.o,this.s);this.ondata(Ma(r,t,this.s.b),this.d),this.o=Ma(r,this.s.b-32768),this.s.b=this.o.length,this.p=Ma(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),Za=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,a=i,n=0|e.length,s=0;s!=n;){for(var o=Math.min(s+2655,n);s<o;++s)a+=t+=e[s];t=(65535&t)+15*(t>>16),a=(65535&a)+15*(a>>16)}r=t,i=a},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,Xa.call(this,e,t)}return e.prototype.push=function(e,t){Xa.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=$a(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),Ya=/*#__PURE__*/function(){function e(e){this.v=1,Qa.call(this,e)}return e.prototype.push=function(e,t){if(Qa.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&La(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),Qa.prototype.c.call(this,t)},e}(),Ja="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{Ja.decode(Wa,{stream:!0}),1}catch(e){}var en=[0,1,3,7,15,31,63,127,255],tn=function(e){this.stream=e,this.bitOffset=0,this.curByte=0,this.hasByte=!1};tn.prototype._ensureByte=function(){this.hasByte||(this.curByte=this.stream.readByte(),this.hasByte=!0)},tn.prototype.read=function(e){for(var t=0;e>0;){this._ensureByte();var r=8-this.bitOffset;if(e>=r)t<<=r,t|=en[r]&this.curByte,this.hasByte=!1,this.bitOffset=0,e-=r;else{t<<=e;var i=r-e;t|=(this.curByte&en[e]<<i)>>i,this.bitOffset+=e,e=0}}return t},tn.prototype.seek=function(e){var t=e%8,r=(e-t)/8;this.bitOffset=t,this.stream.seek(r),this.hasByte=!1},tn.prototype.pi=function(){var e,t=new Uint8Array(6);for(e=0;e<t.length;e++)t[e]=this.read(8);return function(e){return Array.prototype.map.call(e,(e=>("00"+e.toString(16)).slice(-2))).join("")}(t)};var rn=tn,an=function(){};an.prototype.readByte=function(){throw Error("abstract method readByte() not implemented")},an.prototype.read=function(e,t,r){for(var i=0;i<r;){var a=this.readByte();if(a<0)return 0===i?-1:i;e[t++]=a,i++}return i},an.prototype.seek=function(e){throw Error("abstract method seek() not implemented")},an.prototype.writeByte=function(e){throw Error("abstract method readByte() not implemented")},an.prototype.write=function(e,t,r){var i;for(i=0;i<r;i++)this.writeByte(e[t++]);return r},an.prototype.flush=function(){};var nn,sn=an,on=(nn=new Uint32Array([0,79764919,159529838,222504665,319059676,398814059,445009330,507990021,638119352,583659535,797628118,726387553,890018660,835552979,1015980042,944750013,1276238704,1221641927,1167319070,1095957929,1595256236,1540665371,1452775106,1381403509,1780037320,1859660671,1671105958,1733955601,2031960084,2111593891,1889500026,1952343757,2552477408,2632100695,2443283854,2506133561,2334638140,2414271883,2191915858,2254759653,3190512472,3135915759,3081330742,3009969537,2905550212,2850959411,2762807018,2691435357,3560074640,3505614887,3719321342,3648080713,3342211916,3287746299,3467911202,3396681109,4063920168,4143685023,4223187782,4286162673,3779000052,3858754371,3904687514,3967668269,881225847,809987520,1023691545,969234094,662832811,591600412,771767749,717299826,311336399,374308984,453813921,533576470,25881363,88864420,134795389,214552010,2023205639,2086057648,1897238633,1976864222,1804852699,1867694188,1645340341,1724971778,1587496639,1516133128,1461550545,1406951526,1302016099,1230646740,1142491917,1087903418,2896545431,2825181984,2770861561,2716262478,3215044683,3143675388,3055782693,3001194130,2326604591,2389456536,2200899649,2280525302,2578013683,2640855108,2418763421,2498394922,3769900519,3832873040,3912640137,3992402750,4088425275,4151408268,4197601365,4277358050,3334271071,3263032808,3476998961,3422541446,3585640067,3514407732,3694837229,3640369242,1762451694,1842216281,1619975040,1682949687,2047383090,2127137669,1938468188,2001449195,1325665622,1271206113,1183200824,1111960463,1543535498,1489069629,1434599652,1363369299,622672798,568075817,748617968,677256519,907627842,853037301,1067152940,995781531,51762726,131386257,177728840,240578815,269590778,349224269,429104020,491947555,4046411278,4126034873,4172115296,4234965207,3794477266,3874110821,3953728444,4016571915,3609705398,3555108353,3735388376,3664026991,3290680682,3236090077,3449943556,3378572211,3174993278,3120533705,3032266256,2961025959,2923101090,2868635157,2813903052,2742672763,2604032198,2683796849,2461293480,2524268063,2284983834,2364738477,2175806836,2238787779,1569362073,1498123566,1409854455,1355396672,1317987909,1246755826,1192025387,1137557660,2072149281,2135122070,1912620623,1992383480,1753615357,1816598090,1627664531,1707420964,295390185,358241886,404320391,483945776,43990325,106832002,186451547,266083308,932423249,861060070,1041341759,986742920,613929101,542559546,756411363,701822548,3316196985,3244833742,3425377559,3370778784,3601682597,3530312978,3744426955,3689838204,3819031489,3881883254,3928223919,4007849240,4037393693,4100235434,4180117107,4259748804,2310601993,2373574846,2151335527,2231098320,2596047829,2659030626,2470359227,2550115596,2947551409,2876312838,2788305887,2733848168,3165939309,3094707162,3040238851,2985771188]),function(){var e=4294967295;this.getCRC=function(){return~e>>>0},this.updateCRC=function(t){e=e<<8^nn[255&(e>>>24^t)]},this.updateCRCRun=function(t,r){for(;r-- >0;)e=e<<8^nn[255&(e>>>24^t)]}}),cn=rn,un=sn,hn=on,yn=function(e,t){var r,i=e[t];for(r=t;r>0;r--)e[r]=e[r-1];return e[0]=i,i},ln={OK:0,LAST_BLOCK:-1,NOT_BZIP_DATA:-2,UNEXPECTED_INPUT_EOF:-3,UNEXPECTED_OUTPUT_EOF:-4,DATA_ERROR:-5,OUT_OF_MEMORY:-6,OBSOLETE_INPUT:-7,END_OF_BLOCK:-8},pn={};pn[ln.LAST_BLOCK]="Bad file checksum",pn[ln.NOT_BZIP_DATA]="Not bzip data",pn[ln.UNEXPECTED_INPUT_EOF]="Unexpected input EOF",pn[ln.UNEXPECTED_OUTPUT_EOF]="Unexpected output EOF",pn[ln.DATA_ERROR]="Data error",pn[ln.OUT_OF_MEMORY]="Out of memory",pn[ln.OBSOLETE_INPUT]="Obsolete (pre 0.9.5) bzip format not supported.";var gn=function(e,t){var r=pn[e]||"unknown error";t&&(r+=": "+t);var i=new TypeError(r);throw i.errorCode=e,i},dn=function(e,t){this.writePos=this.writeCurrent=this.writeCount=0,this._start_bunzip(e,t)};dn.prototype._init_block=function(){return this._get_next_block()?(this.blockCRC=new hn,!0):(this.writeCount=-1,!1)},dn.prototype._start_bunzip=function(e,t){var r=new Uint8Array(4);4===e.read(r,0,4)&&"BZh"===String.fromCharCode(r[0],r[1],r[2])||gn(ln.NOT_BZIP_DATA,"bad magic");var i=r[3]-48;(i<1||i>9)&&gn(ln.NOT_BZIP_DATA,"level out of range"),this.reader=new cn(e),this.dbufSize=1e5*i,this.nextoutput=0,this.outputStream=t,this.streamCRC=0},dn.prototype._get_next_block=function(){var e,t,r,i=this.reader,a=i.pi();if("177245385090"===a)return!1;"314159265359"!==a&&gn(ln.NOT_BZIP_DATA),this.targetBlockCRC=i.read(32)>>>0,this.streamCRC=(this.targetBlockCRC^(this.streamCRC<<1|this.streamCRC>>>31))>>>0,i.read(1)&&gn(ln.OBSOLETE_INPUT);var n=i.read(24);n>this.dbufSize&&gn(ln.DATA_ERROR,"initial position out of bounds");var s=i.read(16),o=new Uint8Array(256),c=0;for(e=0;e<16;e++)if(s&1<<15-e){var u=16*e;for(r=i.read(16),t=0;t<16;t++)r&1<<15-t&&(o[c++]=u+t)}var h=i.read(3);(h<2||h>6)&&gn(ln.DATA_ERROR);var y=i.read(15);0===y&&gn(ln.DATA_ERROR);var l=new Uint8Array(256);for(e=0;e<h;e++)l[e]=e;var p=new Uint8Array(y);for(e=0;e<y;e++){for(t=0;i.read(1);t++)t>=h&&gn(ln.DATA_ERROR);p[e]=yn(l,t)}var g,d=c+2,f=[];for(t=0;t<h;t++){var m,w,b=new Uint8Array(d),k=new Uint16Array(21);for(s=i.read(5),e=0;e<d;e++){for(;(s<1||s>20)&&gn(ln.DATA_ERROR),i.read(1);)i.read(1)?s--:s++;b[e]=s}for(m=w=b[0],e=1;e<d;e++)b[e]>w?w=b[e]:b[e]<m&&(m=b[e]);g={},f.push(g),g.permute=new Uint16Array(258),g.limit=new Uint32Array(22),g.base=new Uint32Array(21),g.minLen=m,g.maxLen=w;var v=0;for(e=m;e<=w;e++)for(k[e]=g.limit[e]=0,s=0;s<d;s++)b[s]===e&&(g.permute[v++]=s);for(e=0;e<d;e++)k[b[e]]++;for(v=s=0,e=m;e<w;e++)v+=k[e],g.limit[e]=v-1,v<<=1,s+=k[e],g.base[e+1]=v-s;g.limit[w+1]=Number.MAX_VALUE,g.limit[w]=v+k[w]-1,g.base[m]=0}var A=new Uint32Array(256);for(e=0;e<256;e++)l[e]=e;var E,K=0,S=0,P=0,U=this.dbuf=new Uint32Array(this.dbufSize);for(d=0;;){for(d--||(d=49,P>=y&&gn(ln.DATA_ERROR),g=f[p[P++]]),e=g.minLen,t=i.read(e);e>g.maxLen&&gn(ln.DATA_ERROR),!(t<=g.limit[e]);e++)t=t<<1|i.read(1);((t-=g.base[e])<0||t>=258)&&gn(ln.DATA_ERROR);var D=g.permute[t];if(0!==D&&1!==D){if(K)for(K=0,S+s>this.dbufSize&&gn(ln.DATA_ERROR),A[E=o[l[0]]]+=s;s--;)U[S++]=E;if(D>c)break;S>=this.dbufSize&&gn(ln.DATA_ERROR),A[E=o[E=yn(l,e=D-1)]]++,U[S++]=E}else K||(K=1,s=0),s+=0===D?K:2*K,K<<=1}for((n<0||n>=S)&&gn(ln.DATA_ERROR),t=0,e=0;e<256;e++)r=t+A[e],A[e]=t,t=r;for(e=0;e<S;e++)U[A[E=255&U[e]]]|=e<<8,A[E]++;var C=0,x=0,T=0;return S&&(x=255&(C=U[n]),C>>=8,T=-1),this.writePos=C,this.writeCurrent=x,this.writeCount=S,this.writeRun=T,!0},dn.prototype._read_bunzip=function(e,t){var r,i,a;if(this.writeCount<0)return 0;var n=this.dbuf,s=this.writePos,o=this.writeCurrent,c=this.writeCount;this.outputsize;for(var u=this.writeRun;c;){for(c--,i=o,o=255&(s=n[s]),s>>=8,3==u++?(r=o,a=i,o=-1):(r=1,a=o),this.blockCRC.updateCRCRun(a,r);r--;)this.outputStream.writeByte(a),this.nextoutput++;o!=i&&(u=0)}return this.writeCount=c,this.blockCRC.getCRC()!==this.targetBlockCRC&&gn(ln.DATA_ERROR,"Bad block CRC (got "+this.blockCRC.getCRC().toString(16)+" expected "+this.targetBlockCRC.toString(16)+")"),this.nextoutput};var fn=function(e){if("readByte"in e)return e;var t=new un;return t.pos=0,t.readByte=function(){return e[this.pos++]},t.seek=function(e){this.pos=e},t.eof=function(){return this.pos>=e.length},t},mn=function(e){var t=new un,r=!0;if(e)if("number"==typeof e)t.buffer=new Uint8Array(e),r=!1;else{if("writeByte"in e)return e;t.buffer=e,r=!1}else t.buffer=new Uint8Array(16384);return t.pos=0,t.writeByte=function(e){if(r&&this.pos>=this.buffer.length){var t=new Uint8Array(2*this.buffer.length);t.set(this.buffer),this.buffer=t}this.buffer[this.pos++]=e},t.getBuffer=function(){if(this.pos!==this.buffer.length){if(!r)throw new TypeError("outputsize does not match decoded input");var e=new Uint8Array(this.pos);e.set(this.buffer.subarray(0,this.pos)),this.buffer=e}return this.buffer},t._coerced=!0,t};var wn=function(e,t,r){for(var i=fn(e),a=mn(t),n=new dn(i,a);!("eof"in i)||!i.eof();)if(n._init_block())n._read_bunzip();else{var s=n.reader.read(32)>>>0;if(s!==n.streamCRC&&gn(ln.DATA_ERROR,"Bad stream CRC (got "+n.streamCRC.toString(16)+" expected "+s.toString(16)+")"),!r||!("eof"in i)||i.eof())break;n._start_bunzip(i,a)}if("getBuffer"in a)return a.getBuffer()};class bn{static get tag(){return I.packet.literalData}constructor(e=new Date){this.format=I.literal.utf8,this.date=M.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=I.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||M.isStream(this.text))&&(this.text=M.decodeUTF8(M.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=M.canonicalizeEOL(M.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await v(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=M.decodeUTF8(await e.readBytes(r)),this.date=M.readDate(await e.readBytes(4));let i=e.remainder();n(i)&&(i=await P(i)),this.setBytes(i,t)}))}writeHeader(){const e=M.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=M.writeDate(this.date);return M.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return M.concat([e,t])}}class kn{constructor(){this.bytes=""}read(e){return this.bytes=M.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return M.stringToUint8Array(this.bytes)}toHex(){return M.uint8ArrayToHex(M.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new kn;return t.read(M.hexToUint8Array(e)),t}static wildcard(){const e=new kn;return e.read(new Uint8Array(8)),e}}const vn=Symbol("verified"),An="salt@notations.openpgpjs.org",En=new Set([I.signatureSubpacket.issuerKeyID,I.signatureSubpacket.issuerFingerprint,I.signatureSubpacket.embeddedSignature]);class Kn{static get tag(){return I.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new kn,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[vn]=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Fr(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[t++],this.publicKeyAlgorithm=e[t++],this.hashAlgorithm=e[t++],t+=this.readSubPackets(e.subarray(t,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,t),t+=this.readSubPackets(e.subarray(t,e.length),!1),this.signedHashValue=e.subarray(t,t+2),t+=2,6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r}const r=e.subarray(t,e.length),{read:i,signatureParams:a}=Yi.signature.parseSignatureParams(this.publicKeyAlgorithm,r);if(i<r.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?D((async()=>Yi.serializeParams(this.publicKeyAlgorithm,await this.params))):Yi.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),M.concat(e)}async sign(e,t,r=new Date,i=!1,a){this.version=e.version,this.created=M.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const n=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=Pn(this.hashAlgorithm);if(null===this.salt)this.salt=Yi.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(a.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===An)).length)throw Error("Unexpected existing salt notation");{const e=Yi.random.getRandomBytes(Pn(this.hashAlgorithm));this.rawNotations.push({name:An,value:e,humanReadable:!1,critical:!1})}}n.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=M.concat(n);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=S(A(o),0,2);const c=async()=>Yi.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await P(o));M.isStream(o)?this.params=c():(this.params=await c(),this[vn]=!0)}writeHashedSubPackets(){const e=I.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Sn(e.signatureCreationTime,!0,M.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Sn(e.signatureExpirationTime,!0,M.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Sn(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Sn(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Sn(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Sn(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Sn(e.keyExpirationTime,!0,M.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Sn(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=M.concat([r,this.revocationKeyFingerprint]),t.push(Sn(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Sn(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:a,humanReadable:n,critical:s})=>{r=[new Uint8Array([n?128:0,0,0,0])];const o=M.encodeUTF8(i);r.push(M.writeNumber(o.length,2)),r.push(M.writeNumber(a.length,2)),r.push(o),r.push(a),r=M.concat(r),t.push(Sn(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Sn(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Sn(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.keyServerPreferences)),t.push(Sn(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Sn(e.preferredKeyServer,!1,M.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Sn(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Sn(e.policyURI,!1,M.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.keyFlags)),t.push(Sn(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Sn(e.signersUserID,!1,M.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=M.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Sn(e.reasonForRevocation,!0,r))),null!==this.features&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.features)),t.push(Sn(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(M.stringToUint8Array(this.signatureTargetHash)),r=M.concat(r),t.push(Sn(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Sn(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=M.concat(r),t.push(Sn(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=M.stringToUint8Array(M.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Sn(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Sn(e.preferredCipherSuites,!1,r)));const i=M.concat(t),a=M.writeNumber(i.length,6===this.version?4:2);return M.concat([a,i])}writeUnhashedSubPackets(){const e=[];this.unhashedSubpackets.forEach((t=>{e.push(Ir(t.length)),e.push(t)}));const t=M.concat(e),r=M.writeNumber(t.length,6===this.version?4:2);return M.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),a=127&e[r];if(t||(this.unhashedSubpackets.push(e.subarray(r,e.length)),En.has(a)))switch(r++,a){case I.signatureSubpacket.signatureCreationTime:this.created=M.readDate(e.subarray(r,e.length));break;case I.signatureSubpacket.signatureExpirationTime:{const t=M.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case I.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case I.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case I.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case I.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case I.signatureSubpacket.keyExpirationTime:{const t=M.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case I.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case I.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case I.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const a=M.readNumber(e.subarray(r,r+2));r+=2;const n=M.readNumber(e.subarray(r,r+2));r+=2;const s=M.decodeUTF8(e.subarray(r,r+a)),o=e.subarray(r+a,r+a+n);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=M.decodeUTF8(o));break}case I.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=M.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case I.signatureSubpacket.policyURI:this.policyURI=M.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.signersUserID:this.signersUserID=M.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=M.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=Yi.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=M.uint8ArrayToString(e.subarray(r,r+t));break}case I.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Kn,this.embeddedSignature.read(e.subarray(r,e.length));break;case I.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case I.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:{const e=Error("Unknown signature subpacket type "+a);if(i)throw e;M.printDebug(e)}}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,a=M.readNumber(e.subarray(0,i));let n=i;for(;n<2+a;){const i=Tr(e.subarray(n,e.length));n+=i.offset,this.readSubPacket(e.subarray(n,n+i.len),t,r),n+=i.len}return n}toSign(e,t){const r=I.signature;switch(e){case r.binary:return null!==t.text?M.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return M.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const a=e.write();return M.concat([this.toSign(r.key,t),new Uint8Array([i]),M.writeNumber(a.length,4),a])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return M.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return b(A(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==I.signature.binary&&this.signatureType!==I.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(M.writeNumber(r,4)),M.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return M.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==Pn(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),Yi.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,a=!1,n=_){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===I.signature.binary||t===I.signature.text;if(!(this[vn]&&!s)){let i,n;if(this.hashed?n=await this.hashed:(i=this.toHash(t,r,a),n=await this.hash(t,r,i)),n=await P(n),this.signedHashValue[0]!==n[0]||this.signedHashValue[1]!==n[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===I.publicKey.hmac?e.privateParams:null;if(this[vn]=await Yi.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,n),!this[vn])throw Error("Signature verification failed")}const o=M.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(n.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+I.read(I.hash,this.hashAlgorithm).toUpperCase());if(n.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[I.signature.binary,I.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+I.read(I.hash,this.hashAlgorithm).toUpperCase());if(this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&n.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=M.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Sn(e,t,r){const i=[];return i.push(Ir(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),M.concat(i)}function Pn(e){switch(e){case I.hash.sha256:return 16;case I.hash.sha384:return 24;case I.hash.sha512:return 32;case I.hash.sha224:case I.hash.sha3_256:return 16;case I.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Un{static get tag(){return I.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Un;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Fr(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new kn,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new kn,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),M.concatUint8Array(e)}calculateTrailer(...e){return D((async()=>Kn.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==I.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!M.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!M.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Dn(e,t){if(!t[e]){let t;try{t=I.read(I.packet,e)}catch(t){throw new Nr("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Un.prototype.hash=Kn.prototype.hash,Un.prototype.toHash=Kn.prototype.toHash,Un.prototype.toSign=Kn.prototype.toSign;class Cn extends Array{static async fromBinary(e,t,r=_){const i=new Cn;return await i.read(e,t,r),i}async read(e,t,r=_){r.additionalAllowedPackets.length&&(t={...t,...M.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=k(e,(async(e,i)=>{const a=x(i);try{for(;;){await a.ready;if(await Lr(e,(async e=>{try{if(e.tag===I.packet.marker||e.tag===I.packet.trust||e.tag===I.packet.padding)return;const i=Dn(e.tag,t);i.packets=new Cn,i.fromStream=M.isStream(e.packet),await i.read(e.packet,r),await a.write(i)}catch(t){if(t instanceof Nr){if(!(e.tag<=39))return;await a.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof Fr,n=!(r.ignoreMalformedPackets||t instanceof Fr);if(i||n||Rr(e.tag))await a.abort(t);else{const t=new Or(e.tag,e.packet);await a.write(t)}M.printDebugError(t)}})))return await a.ready,void await a.close()}}catch(e){await a.abort(e)}}));const i=C(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Rr(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Or?this[t].tag:this[t].constructor.tag,i=this[t].write();if(M.isStream(i)&&Rr(this[t].constructor.tag)){let t=[],a=0;const n=512;e.push(Br(r)),e.push(b(i,(e=>{if(t.push(e),a+=e.length,a>=n){const e=Math.min(Math.log(a)/Math.LN2|0,30),r=2**e,i=M.concat([_r(e)].concat(t));return t=[i.subarray(1+r)],a=t[0].length,i.subarray(0,1+r)}}),(()=>M.concat([Ir(a)].concat(t)))))}else{if(M.isStream(i)){let t=0;e.push(b(A(i),(e=>{t+=e.length}),(()=>Mr(r,t))))}else e.push(Mr(r,i.length));e.push(i)}}return M.concat(e)}filterByTag(...e){const t=new Cn,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let a=0;a<this.length;a++)e.some(i(r[a].constructor.tag))&&t.push(a);return t}}const xn=/*#__PURE__*/M.constructAllowedPackets([bn,Un,Kn]);class Tn{static get tag(){return I.packet.compressedData}constructor(e=_){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=_){await v(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),M.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=_){const t=I.read(I.compression,this.algorithm),r=Rn[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Cn.fromBinary(r(this.compressed),xn,e)}compress(){const e=I.read(I.compression,this.algorithm),t=Mn[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function In(e,t){return r=>{if(!M.isStream(r)||n(r))return D((()=>P(r).then((e=>new Promise(((r,i)=>{const a=new t;a.ondata=e=>{r(e)};try{a.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),a=new t;return new ReadableStream({async start(e){for(a.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void a.push(new Uint8Array,!0);t.length&&a.push(t)}}})}}function _n(e){return function(t){return D((async()=>e(await P(t))))}}const Bn=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),Mn={zip:/*#__PURE__*/In(Bn("deflate-raw").compressor,Xa),zlib:/*#__PURE__*/In(Bn("deflate").compressor,Za)},Rn={uncompressed:e=>e,zip:/*#__PURE__*/In(Bn("deflate-raw").decompressor,Qa),zlib:/*#__PURE__*/In(Bn("deflate").decompressor,Ya),bzip2:/*#__PURE__*/_n(wn)},Ln=/*#__PURE__*/M.constructAllowedPackets([bn,Tn,Un,Kn]);class Fn{static get tag(){return I.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Fn;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await v(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new Fr(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?M.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):M.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=_){let i=this.packets.write();if(n(i)&&(i=await P(i)),2===this.version)this.cipherAlgorithm=e,this.salt=Yi.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Nn(this,"encrypt",t,i);else{const{blockSize:a}=Yi.getCipherParams(e),n=await Yi.getPrefixRandom(e),s=new Uint8Array([211,20]),o=M.concat([n,i,s]),c=await Yi.hash.sha1(E(o)),u=M.concat([o,c]);this.encrypted=await Yi.mode.cfb.encrypt(e,t,u,new Uint8Array(a),r)}return!0}async decrypt(e,t,r=_){let i,a=A(this.encrypted);if(n(a)&&(a=await P(a)),2===this.version)i=await Nn(this,"decrypt",t,a);else{const{blockSize:n}=Yi.getCipherParams(e),s=await Yi.mode.cfb.decrypt(e,t,a,new Uint8Array(n)),o=S(E(s),-20),c=S(s,0,-20),u=Promise.all([P(await Yi.hash.sha1(E(c))),P(o)]).then((([e,t])=>{if(!M.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=S(c,n+2);i=S(h,0,-2),i=d([i,D((()=>u))]),M.isStream(a)&&r.allowUnauthenticatedStream||(i=await P(i))}return this.packets=await Cn.fromBinary(i,Ln,r),!0}}async function Nn(e,t,r,i){const a=e instanceof Fn&&2===e.version,n=!a&&e.constructor.tag===I.packet.aeadEncryptedData;if(!a&&!n)throw Error("Unexpected packet type");const s=Yi.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=n?8:0,y=new ArrayBuffer(13+h),l=new Uint8Array(y,0,5+h),p=new Uint8Array(y),g=new DataView(y),d=new Uint8Array(y,5,8);l.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let m,w,b=0,v=Promise.resolve(),A=0,E=0;if(a){const{keySize:t}=Yi.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,a=new Uint8Array(y,0,5),n=await Di(I.hash.sha256,r,e.salt,a,t+i);r=n.subarray(0,t),m=n.subarray(t),m.fill(0,m.length-8),w=new DataView(m.buffer,m.byteOffset,m.byteLength)}else m=e.iv;const K=await s(e.cipherAlgorithm,r);return k(i,(async(r,i)=>{if("array"!==M.isStream(r)){const t=new TransformStream({},{highWaterMark:M.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});f(t.readable,i),i=t.writable}const n=C(r),s=x(i);try{for(;;){let e=await n.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,y,f;if(e=e.subarray(0,e.length-o),a)f=m;else{f=m.slice();for(let e=0;e<8;e++)f[m.length-8+e]^=d[e]}if(!b||e.length?(n.unshift(r),i=K[t](e,f,l),i.catch((()=>{})),E+=e.length-o+c):(g.setInt32(5+h+4,A),i=K[t](r,f,p),i.catch((()=>{})),E+=c,y=!0),A+=e.length-o,v=v.then((()=>i)).then((async e=>{await s.ready,await s.write(e),E-=e.length})).catch((e=>s.abort(e))),(y||E>s.desiredSize)&&await v,y){await s.close();break}a?w.setInt32(m.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const On=/*#__PURE__*/M.constructAllowedPackets([bn,Tn,Un,Kn]);class zn{static get tag(){return I.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=I.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await v(e,(async e=>{const t=await e.readByte();if(1!==t)throw new Fr(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=Yi.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return M.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=_){this.packets=await Cn.fromBinary(await Nn(this,"decrypt",t,A(this.encrypted)),On,r)}async encrypt(e,t,r=_){this.cipherAlgorithm=e;const{ivLength:i}=Yi.getAEADMode(this.aeadAlgorithm);this.iv=Yi.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const a=this.packets.write();this.encrypted=await Nn(this,"encrypt",t,a)}}class Hn{static get tag(){return I.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new kn,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:a}){const n=new Hn;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return n.version=e,6===e&&(n.publicKeyVersion=r?null:t.version,n.publicKeyFingerprint=r?null:t.getFingerprintBytes()),n.publicKeyID=r?kn.wildcard():t.getKeyID(),n.publicKeyAlgorithm=t.algorithm,n.sessionKey=i,n.sessionKeyAlgorithm=a,n}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Fr(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=kn.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=Yi.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),this.publicKeyAlgorithm===I.publicKey.x25519||this.publicKeyAlgorithm===I.publicKey.x448)if(3===this.version)this.sessionKeyAlgorithm=I.write(I.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),Yi.serializeParams(this.publicKeyAlgorithm,this.encrypted)),M.concatUint8Array(e)}async encrypt(e){const t=I.write(I.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=jn(this.version,t,r,this.sessionKey),a=t===I.publicKey.aead?e.privateParams:null;this.encrypted=await Yi.publicKeyEncrypt(t,r,e.publicParams,a,i,e.getFingerprintBytes())}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?jn(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=await Yi.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,e.getFingerprintBytes(),r),{sessionKey:a,sessionKeyAlgorithm:n}=function(e,t,r,i){switch(t){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.aead:{const t=r.subarray(0,r.length-2),a=r.subarray(r.length-2),n=M.writeChecksum(t.subarray(t.length%8)),s=n[0]===a[0]&n[1]===a[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:M.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:M.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||I.read(I.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case I.publicKey.x25519:case I.publicKey.x448:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,i,t);3===this.version&&this.publicKeyAlgorithm!==I.publicKey.x25519&&this.publicKeyAlgorithm!==I.publicKey.x448&&(this.sessionKeyAlgorithm=n),this.sessionKey=a}}function jn(e,t,r,i){switch(t){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.aead:return M.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,M.writeChecksum(i.subarray(i.length%8))]);case I.publicKey.x25519:case I.publicKey.x448:return i;default:throw Error("Unsupported public key algorithm")}}class Gn{static get tag(){return I.packet.symEncryptedSessionKey}constructor(e=_){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=I.symmetric.aes256,this.aeadAlgorithm=I.write(I.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Fr(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=sa(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=Yi.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,a=3+i+this.iv.length;t=M.concatUint8Array([new Uint8Array([this.version,a,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=M.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=M.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=M.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=Yi.getCipherParams(t),a=await this.s2k.produceKey(e,i);if(this.version>=5){const e=Yi.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|Gn.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),n=6===this.version?await Di(I.hash.sha256,a,new Uint8Array,r,i):a,s=await e(t,n);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await Yi.mode.cfb.decrypt(t,a,this.encrypted,new Uint8Array(r));this.sessionKeyAlgorithm=I.write(I.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length)}else this.sessionKey=a}async encrypt(e,t=_){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=oa(t),this.s2k.generateSalt();const{blockSize:i,keySize:a}=Yi.getCipherParams(r),n=await this.s2k.produceKey(e,a);if(null===this.sessionKey&&(this.sessionKey=Yi.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=Yi.getAEADMode(this.aeadAlgorithm);this.iv=Yi.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|Gn.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Di(I.hash.sha256,n,new Uint8Array,t,a):n,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=M.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await Yi.mode.cfb.encrypt(r,n,e,new Uint8Array(i),t)}}}class qn{static get tag(){return I.packet.publicKey}constructor(e=new Date,t=_){this.version=t.v6Keys?6:4,this.created=M.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new qn,{version:r,created:i,algorithm:a,publicParams:n,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=a,t.publicParams=n,t.keyID=s,t.fingerprint=o,t}async read(e){let t=0;if(this.version=e[t++],4===this.version||5===this.version||6===this.version){this.created=M.readDate(e.subarray(t,t+4)),t+=4,this.algorithm=e[t++],this.version>=5&&(t+=4);const{read:r,publicParams:i}=Yi.parsePublicKeyParams(this.algorithm,e.subarray(t));if(6===this.version&&i.oid&&(i.oid.getName()===I.curve.curve25519Legacy||i.oid.getName()===I.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");return this.publicParams=i,t+=r,await this.computeFingerprintAndKeyID(),t}throw new Fr(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(M.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=Yi.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(M.writeNumber(t.length,4)),e.push(t),M.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return M.concatUint8Array([new Uint8Array([r]),M.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new kn,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await Yi.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await Yi.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return M.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&M.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=I.read(I.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=M.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}qn.prototype.readPublicKey=qn.prototype.read,qn.prototype.writePublicKey=qn.prototype.write;const Vn=/*#__PURE__*/M.constructAllowedPackets([bn,Tn,Un,Kn]);class Wn{static get tag(){return I.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=_){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=Yi.getCipherParams(e),a=await P(A(this.encrypted)),n=await Yi.mode.cfb.decrypt(e,t,a.subarray(i+2),a.subarray(2,i+2));this.packets=await Cn.fromBinary(n,Vn,r)}async encrypt(e,t,r=_){const i=this.packets.write(),{blockSize:a}=Yi.getCipherParams(e),n=await Yi.getPrefixRandom(e),s=await Yi.mode.cfb.encrypt(e,t,n,new Uint8Array(a),r),o=await Yi.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=M.concat([s,o])}}class $n{static get tag(){return I.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class Xn extends qn{static get tag(){return I.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new Xn,{version:r,created:i,algorithm:a,publicParams:n,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=a,t.publicParams=n,t.keyID=s,t.fingerprint=o,t}}class Qn{static get tag(){return I.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Tr(e.subarray(t,e.length));t+=r.offset,this.attributes.push(M.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(Ir(this.attributes[t].length)),e.push(M.stringToUint8Array(this.attributes[t]));return M.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Qn)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Zn extends qn{static get tag(){return I.packet.secretKey}constructor(e=new Date,t=_){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=_){let r=await this.readPublicKey(e);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=sa(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+Yi.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+Yi.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!M.equalsUint8Array(M.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=Yi.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof Fr)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return M.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=Yi.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(M.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(M.writeChecksum(this.keyMaterial))),M.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=_){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=sa(I.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=I.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=_){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=oa(t),this.s2k.generateSalt();const r=Yi.serializeParams(this.algorithm,this.privateParams);this.symmetric=I.symmetric.aes256;const{blockSize:i}=Yi.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=I.aead.eax;const t=Yi.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Br(this.constructor.tag),n=await Yn(this.version,this.s2k,e,this.symmetric,this.aead,a),s=await t(this.symmetric,n);this.iv=this.isLegacyAEAD?Yi.random.getRandomBytes(i):Yi.random.getRandomBytes(t.ivLength);const o=this.isLegacyAEAD?new Uint8Array:M.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await s.encrypt(r,this.iv.subarray(0,t.ivLength),o)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const a=await Yn(this.version,this.s2k,e,this.symmetric);this.iv=Yi.random.getRandomBytes(i),this.keyMaterial=await Yi.mode.cfb.encrypt(this.symmetric,a,M.concatUint8Array([r,await Yi.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Br(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await Yn(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=Yi.getAEADMode(this.aead),a=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:M.concatUint8Array([r,this.writePublicKey()]);i=await a.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await Yi.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await Yi.hash.sha1(i);if(!M.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=Yi.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await Yi.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===I.publicKey.ecdh&&t===I.curve.curve25519Legacy||this.algorithm===I.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);const{privateParams:i,publicParams:a}=await Yi.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=a,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function Yn(e,t,r,i,a,n,s){const{keySize:o}=Yi.getCipherParams(i),c=await t.produceKey(r,o);if(!a||5===e||s)return c;const u=M.concatUint8Array([n,new Uint8Array([e,i,a])]);return Di(I.hash.sha256,c,new Uint8Array,u,o)}class Jn{static get tag(){return I.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(M.isString(e)||e.name&&!M.isString(e.name)||e.email&&!M.isEmailAddress(e.email)||e.comment&&!M.isString(e.comment))throw Error("Invalid user ID format");const t=new Jn;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=_){const r=M.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return M.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class es extends Zn{static get tag(){return I.packet.secretSubkey}constructor(e=new Date,t=_){super(e,t)}}class ts{static get tag(){return I.packet.trust}read(){throw new Fr("Trust packets are not supported")}write(){throw new Fr("Trust packets are not supported")}}class rs{static get tag(){return I.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await Yi.random.getRandomBytes(e)}}const is=/*#__PURE__*/M.constructAllowedPackets([Kn]);class as{constructor(e){this.packets=e||new Cn}write(){return this.packets.write()}armor(e=_){const t=this.packets.some((e=>e.constructor.tag===Kn.tag&&6!==e.version));return Z(I.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function ns({armoredSignature:e,binarySignature:t,config:r,...i}){r={..._,...r};let a=e||t;if(!a)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!M.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!M.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(e){const{type:e,data:t}=await Q(a);if(e!==I.armor.signature)throw Error("Armored text not of type signature");a=t}const s=await Cn.fromBinary(a,is,r);return new as(s)}async function ss(e,t){const r=new es(e.date,t);return r.packets=null,r.algorithm=I.write(I.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function os(e,t){const r=new Zn(e.date,t);return r.packets=null,r.algorithm=I.write(I.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function cs(e,t,r,i,a=new Date,n){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,a,void 0,n),s=e[c])}catch(e){o=e}if(!s)throw M.wrapError(`Could not find valid ${I.read(I.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function us(e,t,r=new Date){const i=M.normalizeDate(r);if(null!==i){const r=gs(e,t);return!(e.created<=i&&i<r)}return!1}async function hs(e,t,r,i){const a={};a.key=t,a.bind=e;const n={signatureType:I.signature.subkeyBinding};r.sign?(n.keyFlags=[I.keyFlags.signData],n.embeddedSignature=await ys(a,null,e,{signatureType:I.signature.keyBinding},r.date,void 0,void 0,void 0,i)):n.keyFlags=r.forwarding?[I.keyFlags.forwardedCommunication]:[I.keyFlags.encryptCommunication|I.keyFlags.encryptStorage],r.keyExpirationTime>0&&(n.keyExpirationTime=r.keyExpirationTime,n.keyNeverExpires=!1);return await ys(a,null,t,n,r.date,void 0,void 0,void 0,i)}async function ys(e,t,r,i,a,n,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Kn;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i={},a){let n=a.preferredHashAlgorithm,s=n;if(e){const t=await e.getPrimarySelfSignature(r,i,a);t.preferredHashAlgorithms&&([s]=t.preferredHashAlgorithms,n=Yi.hash.getHashByteLength(n)<=Yi.hash.getHashByteLength(s)?s:n)}switch(t.algorithm){case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ed25519:case I.publicKey.ed448:s=Yi.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid)}return Yi.hash.getHashByteLength(n)<=Yi.hash.getHashByteLength(s)?s:n}(t,r,a,n,c),u.rawNotations=[...s],await u.sign(r,e,a,o,c),u}async function ls(e,t,r,i=new Date,a){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||a&&!await a(e)||t[r].some((function(t){return M.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function ps(e,t,r,i,a,n,s=new Date,o){n=n||e;const c=[];return await Promise.all(i.map((async function(e){try{a&&!e.issuerKeyID.equals(a.issuerKeyID)||(await e.verify(n,t,r,s,!1,o),c.push(e.issuerKeyID))}catch(e){}}))),a?(a.revoked=!!c.some((e=>e.equals(a.issuerKeyID)))||(a.revoked||!1),a.revoked):c.length>0}function gs(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function ds(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=M.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"ecc":try{e.curve=I.write(I.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==I.curve.ed25519Legacy&&e.curve!==I.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?I.curve.ed25519Legacy:I.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===I.curve.ed25519Legacy?I.publicKey.eddsaLegacy:I.publicKey.ecdsa:e.algorithm=I.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?I.publicKey.ed25519:I.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?I.publicKey.ed448:I.publicKey.x448;break;case"rsa":e.algorithm=I.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=I.publicKey.hmac;try{e.symmetric=I.write(I.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=I.publicKey.aead;try{e.symmetric=I.write(I.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function fs(e,t,r){switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.dsa:case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ed25519:case I.publicKey.ed448:case I.publicKey.hmac:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.signData);default:return!1}}function ms(e,t,r){switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.x25519:case I.publicKey.x448:case I.publicKey.aead:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&I.keyFlags.encryptStorage);default:return!1}}function ws(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.x25519:case I.publicKey.x448:return!(!(!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&I.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&I.keyFlags.forwardedCommunication));default:return!1}}function bs(e,t){const r=I.write(I.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class ks{constructor(e,t){this.userID=e.constructor.tag===I.packet.userID?e:null,this.userAttribute=e.constructor.tag===I.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Cn;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new ks(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i},n=new ks(a.userID||a.userAttribute,this.mainKey);return n.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const n=await e.getSigningKey(void 0,t,void 0,r);return ys(a,e,n.keyPacket,{signatureType:I.signature.certGeneric,keyFlags:[I.keyFlags.certifyKeys|I.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await n.update(this,t,r),n}async isRevoked(e,t,r=new Date,i=_){const a=this.mainKey.keyPacket;return ps(a,I.signature.certRevocation,{key:a,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const a=this,n=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:n},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const n=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await a.isRevoked(e,n.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(n.keyPacket,I.signature.certGeneric,s,r,void 0,i)}catch(e){throw M.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,a=this.selfCertifications.concat(this.otherCertifications);return Promise.all(a.map((async a=>({keyID:a.issuerKeyID,valid:await i.verifyCertificate(a,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i};let n;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const n=this.selfCertifications[s];if(n.revoked||await r.isRevoked(n,void 0,e,t))throw Error("Self-certification is revoked");try{await n.verify(i,I.signature.certGeneric,a,e,void 0,t)}catch(e){throw M.wrapError("Self-certification is invalid",e)}return!0}catch(e){n=e}throw n}async update(e,t,r){const i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i};await ls(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,I.signature.certGeneric,a,t,!1,r),!0}catch(e){return!1}})),await ls(e,this,"otherCertifications",t),await ls(e,this,"revocationSignatures",t,(function(e){return ps(i,I.signature.certRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=I.reasonForRevocation.noReason,string:r=""}={},i=new Date,a=_){const n={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new ks(n.userID||n.userAttribute,this.mainKey);return s.revocationSignatures.push(await ys(n,null,e,{signatureType:I.signature.certRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,a)),await s.update(this),s}}class vs{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Cn;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new vs(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=_){const a=this.mainKey.keyPacket;return ps(a,I.signature.subkeyRevocation,{key:a,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},a=await cs(this.bindingSignatures,r,I.signature.subkeyBinding,i,e,t);if(a.revoked||await this.isRevoked(a,null,e,t))throw Error("Subkey is revoked");if(us(this.keyPacket,a,e))throw Error("Subkey is expired");return a}async getExpirationTime(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let a;try{a=await cs(this.bindingSignatures,r,I.signature.subkeyBinding,i,e,t)}catch(e){return null}const n=gs(this.keyPacket,a),s=a.getExpirationTime();return n<s?n:s}async update(e,t=new Date,r=_){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===I.packet.publicSubkey&&e.keyPacket.constructor.tag===I.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const a=this,n={key:i,bind:a.keyPacket};await ls(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<a.bindingSignatures.length;t++)if(a.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>a.bindingSignatures[t].created&&(a.bindingSignatures[t]=e),!1;try{return await e.verify(i,I.signature.subkeyBinding,n,t,void 0,r),!0}catch(e){return!1}})),await ls(e,this,"revocationSignatures",t,(function(e){return ps(i,I.signature.subkeyRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=I.reasonForRevocation.noReason,string:r=""}={},i=new Date,a=_){const n={key:e,bind:this.keyPacket},s=new vs(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await ys(n,null,e,{signatureType:I.signature.subkeyRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,a)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{vs.prototype[e]=function(){return this.keyPacket[e]()}}));const As=/*#__PURE__*/M.constructAllowedPackets([Kn]),Es=new Set([I.packet.publicKey,I.packet.privateKey]),Ks=new Set([I.packet.publicKey,I.packet.privateKey,I.packet.publicSubkey,I.packet.privateSubkey]);class Ss{packetListToStructure(e,t=new Set){let r,i,a,n;for(const s of e){if(s instanceof Or){Ks.has(s.tag)&&!n&&(n=Es.has(s.tag)?Es:Ks);continue}const e=s.constructor.tag;if(n){if(!n.has(e))continue;n=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case I.packet.publicKey:case I.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case I.packet.userID:case I.packet.userAttribute:r=new ks(s,this),this.users.push(r);break;case I.packet.publicSubkey:case I.packet.secretSubkey:r=null,a=new vs(s,this),this.subkeys.push(a);break;case I.packet.signature:switch(s.signatureType){case I.signature.certGeneric:case I.signature.certPersona:case I.signature.certCasual:case I.signature.certPositive:if(!r){M.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case I.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case I.signature.key:this.directSignatures.push(s);break;case I.signature.subkeyBinding:if(!a){M.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}a.bindingSignatures.push(s);break;case I.signature.keyRevocation:this.revocationSignatures.push(s);break;case I.signature.subkeyRevocation:if(!a){M.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}a.revocationSignatures.push(s)}}}}toPacketList(){const e=new Cn;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const a=this.keyPacket;try{bs(a,i)}catch(e){throw M.wrapError("Could not verify primary key",e)}const n=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of n)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:a,bind:r.keyPacket},n=await cs(r.bindingSignatures,a,I.signature.subkeyBinding,e,t,i);if(!fs(r.keyPacket,n,i))continue;if(!n.embeddedSignature)throw Error("Missing embedded signature");return await cs([n.embeddedSignature],r.keyPacket,I.signature.keyBinding,e,t,i),bs(r.keyPacket,i),r}catch(e){s=e}try{const n=await this.getPrimarySelfSignature(t,r,i);if((!e||a.getKeyID().equals(e))&&fs(a,n,i))return bs(a,i),this}catch(e){s=e}throw M.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const a=this.keyPacket;try{bs(a,i)}catch(e){throw M.wrapError("Could not verify primary key",e)}const n=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of n)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:a,bind:r.keyPacket},n=await cs(r.bindingSignatures,a,I.signature.subkeyBinding,e,t,i);if(ms(r.keyPacket,n,i))return bs(r.keyPacket,i),r}catch(e){s=e}try{const n=await this.getPrimarySelfSignature(t,r,i);if((!e||a.getKeyID().equals(e))&&ms(a,n,i))return bs(a,i),this}catch(e){s=e}throw M.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=_){return ps(this.keyPacket,I.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=_){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(us(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await cs(this.directSignatures,i,I.signature.key,{key:i},e,r).catch((()=>{}));if(t&&us(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=_){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),a=gs(this.keyPacket,i),n=i.getExpirationTime(),s=6!==this.keyPacket.version&&await cs(this.directSignatures,this.keyPacket,I.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=gs(this.keyPacket,s);r=Math.min(a,n,e)}else r=a<n?a:n}catch(e){r=null}return M.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=_){const i=this.keyPacket;if(6===i.version)return cs(this.directSignatures,i,I.signature.key,{key:i},e,r);const{selfCertification:a}=await this.getPrimaryUser(e,t,r);return a}async getPrimaryUser(e=new Date,t={},r=_){const i=this.keyPacket,a=[];let n;for(let s=0;s<this.users.length;s++)try{const n=this.users[s];if(!n.userID)continue;if(void 0!==t.name&&n.userID.name!==t.name||void 0!==t.email&&n.userID.email!==t.email||void 0!==t.comment&&n.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:n.userID,key:i},c=await cs(n.selfCertifications,i,I.signature.certGeneric,o,e,r);a.push({index:s,user:n,selfCertification:c})}catch(e){n=e}if(!a.length)throw n||Error("Could not find primary user");await Promise.all(a.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=a.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=_){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await ls(e,i,"revocationSignatures",t,(a=>ps(i.keyPacket,I.signature.keyRevocation,i,[a],null,e.keyPacket,t,r))),await ls(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const a=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(a.length>0)await Promise.all(a.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const a=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(a.length>0)await Promise.all(a.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=_){const r={key:this.keyPacket},i=await cs(this.revocationSignatures,this.keyPacket,I.signature.keyRevocation,r,e,t),a=new Cn;a.push(i);const n=6!==this.keyPacket.version;return Z(I.armor.publicKey,a.write(),null,null,"This is a revocation certificate",n,t)}async applyRevocationCertificate(e,t=new Date,r=_){const i=await Q(e),a=(await Cn.fromBinary(i.data,As,r)).findPacket(I.packet.signature);if(!a||a.signatureType!==I.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!a.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await a.verify(this.keyPacket,I.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw M.wrapError("Could not verify revocation signature",e)}const n=this.clone();return n.revocationSignatures.push(a),n}async signPrimaryUser(e,t,r,i=_){const{index:a,user:n}=await this.getPrimaryUser(t,r,i),s=await n.certify(e,t,i),o=this.clone();return o.users[a]=s,o}async signAllUsers(e,t=new Date,r=_){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=_){const a=this.keyPacket,{user:n}=await this.getPrimaryUser(t,r,i);return e?await n.verifyAllCertifications(e,t,i):[{keyID:a.getKeyID(),valid:await n.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=_){const i=this.keyPacket,a=[];return await Promise.all(this.users.map((async n=>{const s=e?await n.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await n.verify(t,r).catch((()=>!1))}];a.push(...s.map((e=>({userID:n.userID?n.userID.userID:null,userAttribute:n.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),a}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{Ss.prototype[e]=vs.prototype[e]}));class Ps extends Ss{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([I.packet.secretKey,I.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=_){const t=6!==this.keyPacket.version;return Z(I.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Us extends Ps{constructor(e){if(super(),this.packetListToStructure(e,new Set([I.packet.publicKey,I.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Cn,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==I.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case I.packet.secretKey:{if(i.algorithm===I.publicKey.aead||i.algorithm===I.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=qn.fromSecretKeyPacket(i);e.push(t);break}case I.packet.secretSubkey:{if(i.algorithm===I.publicKey.aead||i.algorithm===I.publicKey.hmac){r=!0;break}const t=Xn.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Ps(e)}armor(e=_){const t=6!==this.keyPacket.version;return Z(I.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=_){const a=this.keyPacket,n=[];for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0))try{const e={key:a,bind:this.subkeys[r].keyPacket},s=await cs(this.subkeys[r].bindingSignatures,a,I.signature.subkeyBinding,e,t,i);ws(this.subkeys[r].keyPacket,s,i)&&n.push(this.subkeys[r])}catch(e){}const s=await this.getPrimarySelfSignature(t,r,i);return e&&!a.getKeyID().equals(e,!0)||!ws(a,s,i)||n.push(this),n}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=_){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=I.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=_){if(!this.isPrivate())throw Error("Need private key for revoking");const a={key:this.keyPacket},n=this.clone();return n.revocationSignatures.push(await ys(a,null,this.keyPacket,{signatureType:I.signature.keyRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),n}async addSubkey(e={}){const t={..._,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(I.write(I.publicKey,e)){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.dsa:return"rsa";case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:return"ecc";case I.publicKey.ed25519:return"curve25519";case I.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=ds(e,i);const a=await ss(e,{...t,v6Keys:6===this.keyPacket.version});bs(a,t);const n=await hs(a,r,e,t),s=this.toPacketList();return s.push(a,n),new Us(s)}}const Ds=/*#__PURE__*/M.constructAllowedPackets([qn,Xn,Zn,es,Jn,Qn,Kn]);function Cs(e){for(const t of e)switch(t.constructor.tag){case I.packet.secretKey:return new Us(e);case I.packet.publicKey:return new Ps(e)}throw Error("No key packet found")}async function xs(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const a=r.subkeys[t].passphrase;a&&await e.encrypt(a,i)})));const a=new Cn;function n(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[I.keyFlags.certifyKeys|I.keyFlags.signData];const a=n([I.symmetric.aes256,I.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=a,i.aeadProtect){const e=n([I.aead.gcm,I.aead.eax,I.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>a.map((t=>[t,e]))))}return t.preferredHashAlgorithms=n([I.hash.sha256,I.hash.sha512,...6===e.version?[I.hash.sha3_256,I.hash.sha3_512]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=n([I.compression.uncompressed,I.compression.zlib,I.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=I.features.modificationDetection,i.aeadProtect&&(t.features[0]|=I.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(a.push(e),6===e.version){const t={key:e},n=s();n.signatureType=I.signature.key;const o=await ys(t,null,e,n,r.date,void 0,void 0,void 0,i);a.push(o)}await Promise.all(r.userIDs.map((async function(t,a){const n=Jn.fromObject(t),o={userID:n,key:e},c=6!==e.version?s():{};c.signatureType=I.signature.certGeneric,0===a&&(c.isPrimaryUserID=!0);return{userIDPacket:n,signaturePacket:await ys(o,null,e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{a.push(e),a.push(t)}))})),await Promise.all(t.map((async function(t,a){const n=r.subkeys[a];return{secretSubkeyPacket:t,subkeySignaturePacket:await hs(t,e,n,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{a.push(e),a.push(t)}))}));const o={key:e};return a.push(await ys(o,null,e,{signatureType:I.signature.keyRevocation,reasonForRevocationFlag:I.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Us(a)}async function Ts({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!M.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!M.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));let n;if(e){const{type:t,data:r}=await Q(e);if(t!==I.armor.publicKey&&t!==I.armor.privateKey)throw Error("Armored text not of type key");n=r}else n=t;return Cs(await Cn.fromBinary(n,Ds,r))}async function Is({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!M.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!M.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));let n;if(e){const{type:t,data:r}=await Q(e);if(t!==I.armor.privateKey)throw Error("Armored text not of type private key");n=r}else n=t;const s=await Cn.fromBinary(n,Ds,r);return new Us(s)}async function _s({armoredKeys:e,binaryKeys:t,config:r,...i}){r={..._,...r};let a=e||t;if(!a)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!M.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!M.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(e){const{type:t,data:r}=await Q(e);if(t!==I.armor.publicKey&&t!==I.armor.privateKey)throw Error("Armored text not of type key");a=r}const s=[],o=await Cn.fromBinary(a,Ds,r),c=o.indexOfTag(I.packet.publicKey,I.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=Cs(o.slice(c[e],c[e+1]));s.push(t)}return s}async function Bs({armoredKeys:e,binaryKeys:t,config:r}){r={..._,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!M.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!M.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await Q(e);if(t!==I.armor.privateKey)throw Error("Armored text not of type private key");i=r}const a=[],n=await Cn.fromBinary(i,Ds,r),s=n.indexOfTag(I.packet.secretKey);if(0===s.length)throw Error("No secret key packet found");for(let e=0;e<s.length;e++){const t=n.slice(s[e],s[e+1]),r=new Us(t);a.push(r)}return a}const Ms=/*#__PURE__*/M.constructAllowedPackets([bn,Tn,zn,Fn,Wn,Hn,Gn,Un,Kn]),Rs=/*#__PURE__*/M.constructAllowedPackets([Gn]),Ls=/*#__PURE__*/M.constructAllowedPackets([Kn]);class Fs{constructor(e){this.packets=e||new Cn}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(I.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(I.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(I.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,a=_){const n=this.packets.filterByTag(I.packet.symmetricallyEncryptedData,I.packet.symEncryptedIntegrityProtectedData,I.packet.aeadEncryptedData);if(0===n.length)throw Error("No encrypted data found");const s=n[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,a);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!M.isUint8Array(t)||!s.cipherAlgorithm&&!M.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||I.write(I.symmetric,e);await s.decrypt(r,t,a)}catch(e){M.printDebugError(e),u=e}})));if(U(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const y=new Fs(s.packets);return s.packets=new Cn,y}async decryptSessionKeys(e,t,r,i=new Date,a=_){let n,s=[];if(t){const e=this.packets.filterByTag(I.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Cn.fromBinary(e.write(),Rs,a):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){M.printDebugError(e),e instanceof Ji&&(n=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(I.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o=[I.symmetric.aes256,I.symmetric.aes128,I.symmetric.tripledes,I.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,a);t.preferredSymmetricAlgorithms&&(o=o.concat(t.preferredSymmetricAlgorithms))}catch(e){}const c=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,a)).map((e=>e.keyPacket));await Promise.all(c.map((async function(e){if(!e||e.isDummy())return;if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(a.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===I.publicKey.rsaEncrypt||t.publicKeyAlgorithm===I.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===I.publicKey.rsaSign||t.publicKeyAlgorithm===I.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(a.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Hn;r.read(i);const a={sessionKeyAlgorithm:t,sessionKey:Yi.generateSessionKey(t)};try{await r.decrypt(e,a),s.push(r)}catch(e){M.printDebugError(e),n=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!o.includes(I.write(I.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){M.printDebugError(e),n=e}})))}))),U(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+M.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&I.read(I.symmetric,e.sessionKeyAlgorithm)})))}throw n||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=_){const{symmetricAlgo:a,aeadAlgo:n}=await async function(e=[],t=new Date,r=[],i=_){const a=await Promise.all(e.map(((e,a)=>e.getPrimarySelfSignature(t,r[a],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&a.every((e=>e.features&&e.features[0]&I.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:I.symmetric.aes128,aeadAlgo:I.aead.ocb},t={symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm};return a.every((e=>e.preferredCipherSuites&&e.preferredCipherSuites.some((e=>e[0]===t.symmetricAlgo&&e[1]===t.aeadAlgo))))?t:e}const n=I.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:a.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:n,aeadAlgo:void 0}}(e,t,r,i),s=I.read(I.symmetric,a),o=n?I.read(I.aead,n):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===I.publicKey.x25519||e.keyPacket.algorithm===I.publicKey.x448)&&!o&&!M.isAES(a))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:Yi.generateSessionKey(a),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,a=[],n=new Date,s=[],o=_){if(r){if(!M.isUint8Array(r.data)||!M.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Fs.generateSessionKey(e,n,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Fs.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,y=await Fs.encryptSessionKey(c,u,h,e,t,i,a,n,s,o),l=Fn.fromObject({version:h?2:1,aeadAlgorithm:h?I.write(I.aead,h):null});l.packets=this.packets;const p=I.write(I.symmetric,u);return await l.encrypt(p,c,o),y.packets.push(l),l.packets=new Cn,y}static async encryptSessionKey(e,t,r,i,a,n=!1,s=[],o=new Date,c=[],u=_){const h=new Cn,y=I.write(I.symmetric,t),l=r&&I.write(I.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),a=Hn.fromObject({version:l?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:n,sessionKey:e,sessionKeyAlgorithm:y});return await a.encrypt(i.keyPacket),delete a.sessionKey,a})));h.push(...t)}if(a){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,n,s,o){const c=new Gn(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=n,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(a.map((e=>t(c,e))))).reduce(r))return i(e,n,o)}return delete c.sessionKey,c},n=await Promise.all(a.map((t=>i(e,y,l,t))));h.push(...n)}return new Fs(h)}async sign(e=[],t=null,r=[],i=new Date,a=[],n=[],s=_){const o=new Cn,c=this.packets.findPacket(I.packet.literalData);if(!c)throw Error("No literal data packet to sign.");const u=await Ns(c,e,t,r,i,a,n,!1,s),h=u.map(((e,t)=>Un.fromSignaturePacket(e,0===t))).reverse();return o.push(...h),o.push(c),o.push(...u),new Fs(o)}compress(e,t=_){if(e===I.compression.uncompressed)return this;const r=new Tn(t);r.algorithm=e,r.packets=this.packets;const i=new Cn;return i.push(r),new Fs(i)}async signDetached(e=[],t=null,r=[],i=new Date,a=[],n=[],s=_){const o=this.packets.findPacket(I.packet.literalData);if(!o)throw Error("No literal data packet to sign.");return new as(await Ns(o,e,t,r,i,a,n,!0,s))}async verify(e,t=new Date,r=_){const i=this.unwrapCompressed(),a=i.packets.filterByTag(I.packet.literalData);if(1!==a.length)throw Error("Can only verify message with one literal data packet.");n(i.packets.stream)&&i.packets.push(...await P(i.packets.stream,(e=>e||[])));const s=i.packets.filterByTag(I.packet.onePassSignature).reverse(),o=i.packets.filterByTag(I.packet.signature);return s.length&&!o.length&&M.isStream(i.packets.stream)&&!n(i.packets.stream)?(await Promise.all(s.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=D((async()=>(await e.correspondingSig).signatureData)),e.hashed=P(await e.hash(e.signatureType,a[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=k(i.packets.stream,(async(e,t)=>{const r=C(e),i=x(t);try{for(let e=0;e<s.length;e++){const{value:t}=await r.read();s[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){s.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Os(s,a,e,t,!1,r)):Os(o,a,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=_){const a=this.unwrapCompressed().packets.filterByTag(I.packet.literalData);if(1!==a.length)throw Error("Can only verify message with one literal data packet.");return Os(e.packets.filterByTag(I.packet.signature),a,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(I.packet.compressedData);return e.length?new Fs(e[0].packets):this}async appendSignature(e,t=_){await this.packets.read(M.isUint8Array(e)?e:(await Q(e)).data,Ls,t)}write(){return this.packets.write()}armor(e=_){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Fn.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Kn.tag&&6!==e.version));return Z(I.armor.message,this.write(),null,null,null,r,e)}}async function Ns(e,t,r=null,i=[],a=new Date,n=[],s=[],o=!1,c=_){const u=new Cn,h=null===e.text?I.signature.binary:I.signature.text;if(await Promise.all(t.map((async(t,r)=>{const u=n[r];if(!t.isPrivate())throw Error("Need private key for signing");const y=await t.getSigningKey(i[r],a,u,c);return ys(e,t,y.keyPacket,{signatureType:h},a,u,s,o,c)}))).then((e=>{u.push(...e)})),r){const e=r.packets.filterByTag(I.packet.signature);u.push(...e)}return u}async function Os(e,t,r,i=new Date,a=!1,n=_){return Promise.all(e.filter((function(e){return["text","binary"].includes(I.read(I.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,a=!1,n=_){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Un?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,a,n);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,n)}catch(e){if(!n.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,n)}return!0})(),signature:(async()=>{const e=await c,t=new Cn;return e&&t.push(e),new as(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,a,n)})))}async function zs({armoredMessage:e,binaryMessage:t,config:r,...i}){r={..._,...r};let a=e||t;if(!a)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!M.isString(e)&&!M.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!M.isUint8Array(t)&&!M.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));const s=M.isStream(a);if(e){const{type:e,data:t}=await Q(a);if(e!==I.armor.message)throw Error("Armored text not of type message");a=t}const o=await Cn.fromBinary(a,Ms,r),c=new Fs(o);return c.fromStream=s,c}async function Hs({text:e,binary:t,filename:r,date:i=new Date,format:a=(void 0!==e?"utf8":"binary"),...n}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!M.isString(e)&&!M.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!M.isUint8Array(t)&&!M.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(n);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=M.isStream(s),u=new bn(i);void 0!==e?u.setText(s,I.write(I.literal,a)):u.setBytes(s,I.write(I.literal,a)),void 0!==r&&u.setFilename(r);const h=new Cn;h.push(u);const y=new Fs(h);return y.fromStream=c,y}const js=/*#__PURE__*/M.constructAllowedPackets([Kn]);class Gs{constructor(e,t){if(this.text=M.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof as))throw Error("Invalid signature input");this.signature=t||new as(new Cn)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=null,r=[],i=new Date,a=[],n=[],s=_){const o=new bn;o.setText(this.text);const c=new as(await Ns(o,e,t,r,i,a,n,!0,s));return new Gs(this.text,c)}verify(e,t=new Date,r=_){const i=this.signature.packets.filterByTag(I.packet.signature),a=new bn;return a.setText(this.text),Os(i,[a],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=_){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>I.read(I.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Z(I.armor.signed,r,void 0,void 0,void 0,t,e)}}async function qs({cleartextMessage:e,config:t,...r}){if(t={..._,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!M.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const a=await Q(e);if(a.type!==I.armor.signed)throw Error("No cleartext signed message.");const n=await Cn.fromBinary(a.data,js,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===I.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return I.write(I.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(a.headers,n);const s=new as(n);return new Gs(a.text,s)}async function Vs({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!M.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new Gs(e)}async function Ws({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:a=4096,symmetricHash:n="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:y,...l}){uo(y={..._,...y}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=y.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=ho(e);const p=Object.keys(l);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!y.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&a<y.minRSABits)throw Error(`rsaBits should be at least ${y.minRSABits}, got: ${a}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:a,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:n,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=ds(e)).subkeys=e.subkeys.map(((t,r)=>ds(e.subkeys[r],e)));let r=[os(e,t)];r=r.concat(e.subkeys.map((e=>ss(e,t))));const i=await Promise.all(r),a=await xs(i[0],i.slice(1),e,t),n=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:n}}(g,y);return e.getKeys().forEach((({keyPacket:e})=>bs(e,y))),{privateKey:po(e,h,y),publicKey:"symmetric"!==r?po(e.toPublic(),h,y):null,revocationCertificate:t}}catch(e){throw M.wrapError("Error generating keypair",e)}}async function $s({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:a,format:n="armored",config:s,...o}){uo(s={..._,...s}),t=ho(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:a};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,a={key:i,bind:r},n=await cs(e.bindingSignatures,i,I.signature.subkeyBinding,a,null,t).catch((()=>({})));return{sign:n.keyFlags&&n.keyFlags[0]&I.keyFlags.signData,forwarding:n.keyFlags&&n.keyFlags[0]&I.keyFlags.forwardedCommunication}}))));const a=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==a.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const n=await xs(i,a,e,t),s=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=M.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:po(e,n,s),publicKey:po(e.toPublic(),n,s),revocationCertificate:t}}catch(e){throw M.wrapError("Error reformatting keypair",e)}}async function Xs({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:a="armored",config:n,...s}){uo(n={..._,...n});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,n):await e.revoke(r,i,n);return s.isPrivate()?{privateKey:po(s,a,n),publicKey:po(s.toPublic(),a,n)}:{privateKey:null,publicKey:po(s,a,n)}}catch(e){throw M.wrapError("Error revoking key",e)}}async function Qs({privateKey:e,passphrase:t,config:r,...i}){uo(r={..._,...r});const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const n=e.clone(!0),s=M.isArray(t)?t:[t];try{return await Promise.all(n.getKeys().map((e=>M.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await n.validate(r),n}catch(e){throw n.clearPrivateParams(),M.wrapError("Error decrypting private key",e)}}async function Zs({privateKey:e,passphrase:t,config:r,...i}){uo(r={..._,...r});const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const n=e.clone(!0),s=n.getKeys(),o=M.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),n}catch(e){throw n.clearPrivateParams(),M.wrapError("Error encrypting private key",e)}}async function Ys({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:a,format:n="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:y=[],encryptionUserIDs:l=[],signatureNotations:p=[],config:g,...d}){if(uo(g={..._,...g}),no(e),oo(n),t=ho(t),r=ho(r),i=ho(i),c=ho(c),u=ho(u),y=ho(y),l=ho(l),p=ho(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,s,c,h,y,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=_){const a=I.compression.uncompressed,n=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,a){const s=(await e.getPrimarySelfSignature(t,r[a],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(n)>=0})));return s.every(Boolean)?n:a}(t,h,l,g),g),e=await e.encrypt(t,i,a,o,u,h,l,g),"object"===n)return e;return yo("armored"===n?e.armor(g):e.write())}catch(e){throw M.wrapError("Error encrypting message",e)}}async function Js({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:a,expectSigned:n=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(uo(u={..._,...u}),no(e),a=ho(a),t=ho(t),r=ho(r),i=ho(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const y=Object.keys(h);if(y.length>0)throw Error("Unknown option: "+y.join(", "));try{const h=await e.decrypt(t,r,i,c,u);a||(a=[]);const y={};if(y.signatures=o?await h.verifyDetached(o,a,c,u):await h.verify(a,c,u),y.data="binary"===s?h.getLiteralData():h.getText(),y.filename=h.getFilename(),lo(y,e),n){if(0===a.length)throw Error("Verification keys are required to verify message signatures");if(0===y.signatures.length)throw Error("Message is not signed");y.data=d([y.data,D((async()=>{await M.anyPromise(y.signatures.map((e=>e.verified)))}))])}return y.data=await yo(y.data),y}catch(e){throw M.wrapError("Error decrypting message",e)}}async function eo({message:e,signingKeys:t,format:r="armored",detached:i=!1,signingKeyIDs:a=[],date:n=new Date,signingUserIDs:s=[],signatureNotations:o=[],config:c,...u}){if(uo(c={..._,...c}),so(e),oo(r),t=ho(t),a=ho(a),s=ho(s),o=ho(o),u.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==u.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const h=Object.keys(u);if(h.length>0)throw Error("Unknown option: "+h.join(", "));if(e instanceof Gs&&"binary"===r)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof Gs&&i)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let u;if(u=i?await e.signDetached(t,void 0,a,n,s,o,c):await e.sign(t,void 0,a,n,s,o,c),"object"===r)return u;return u="armored"===r?u.armor(c):u.write(),i&&(u=k(e.packets.write(),(async(e,t)=>{await Promise.all([f(u,t),P(e).catch((()=>{}))])}))),yo(u)}catch(e){throw M.wrapError("Error signing message",e)}}async function to({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:a=null,date:n=new Date,config:s,...o}){if(uo(s={..._,...s}),so(e),t=ho(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof Gs&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof Gs&&a)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=a?await e.verifyDetached(a,t,n,s):await e.verify(t,n,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&lo(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=d([o.data,D((async()=>{await M.anyPromise(o.signatures.map((e=>e.verified)))}))])}return o.data=await yo(o.data),o}catch(e){throw M.wrapError("Error verifying signed message",e)}}async function ro({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...a}){if(uo(i={..._,...i}),e=ho(e),r=ho(r),a.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const n=Object.keys(a);if(n.length>0)throw Error("Unknown option: "+n.join(", "));try{return await Fs.generateSessionKey(e,t,r,i)}catch(e){throw M.wrapError("Error generating session key",e)}}async function io({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:a,format:n="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...y}){if(uo(h={..._,...h}),function(e,t){if(!M.isUint8Array(e))throw Error("Parameter ["+(t||"data")+"] must be of type Uint8Array")}(e),function(e,t){if(!M.isString(e))throw Error("Parameter ["+(t||"data")+"] must be of type String")}(t,"algorithm"),oo(n),i=ho(i),a=ho(a),o=ho(o),u=ho(u),y.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const l=Object.keys(y);if(l.length>0)throw Error("Unknown option: "+l.join(", "));if(!(i&&0!==i.length||a&&0!==a.length))throw Error("No encryption keys or passwords provided.");try{return po(await Fs.encryptSessionKey(e,t,r,i,a,s,o,c,u,h),n,h)}catch(e){throw M.wrapError("Error encrypting session key",e)}}async function ao({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:a,...n}){if(uo(a={..._,...a}),no(e),t=ho(t),r=ho(r),n.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(n);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,a)}catch(e){throw M.wrapError("Error decrypting session keys",e)}}function no(e){if(!(e instanceof Fs))throw Error("Parameter [message] needs to be of type Message")}function so(e){if(!(e instanceof Gs||e instanceof Fs))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function oo(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const co=Object.keys(_).length;function uo(e){const t=Object.keys(e);if(t.length!==co)for(const e of t)if(void 0===_[e])throw Error("Unknown config property: "+e)}function ho(e){return e&&!M.isArray(e)&&(e=[e]),e}async function yo(e){return"array"===M.isStream(e)?P(e):e}function lo(e,t){e.data=k(t.packets.stream,(async(t,r)=>{await f(e.data,r,{preventClose:!0});const i=x(r);try{await P(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function po(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{zn as AEADEncryptedDataPacket,Ji as Argon2OutOfMemoryError,ia as Argon2S2K,Gs as CleartextMessage,Tn as CompressedDataPacket,Oi as KDFParams,bn as LiteralDataPacket,$n as MarkerPacket,Fs as Message,Un as OnePassSignaturePacket,Cn as PacketList,rs as PaddingPacket,Us as PrivateKey,Ps as PublicKey,Hn as PublicKeyEncryptedSessionKeyPacket,qn as PublicKeyPacket,Xn as PublicSubkeyPacket,Zn as SecretKeyPacket,es as SecretSubkeyPacket,as as Signature,Kn as SignaturePacket,vs as Subkey,Fn as SymEncryptedIntegrityProtectedDataPacket,Gn as SymEncryptedSessionKeyPacket,Wn as SymmetricallyEncryptedDataPacket,ts as TrustPacket,Or as UnparseablePacket,Qn as UserAttributePacket,Jn as UserIDPacket,Z as armor,_ as config,Vs as createCleartextMessage,Hs as createMessage,Js as decrypt,Qs as decryptKey,ao as decryptSessionKeys,Ys as encrypt,Zs as encryptKey,io as encryptSessionKey,I as enums,Ws as generateKey,ro as generateSessionKey,qs as readCleartextMessage,Ts as readKey,_s as readKeys,zs as readMessage,Is as readPrivateKey,Bs as readPrivateKeys,ns as readSignature,$s as reformatKey,Xs as revokeKey,eo as sign,Q as unarmor,to as verify};
+/*! OpenPGP.js v6.0.0-beta.2 - 2024-07-05 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),a=Symbol("readingIndex");class ArrayStream extends Array{constructor(){super(),Object.setPrototypeOf(this,ArrayStream.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function n(e){return e&&e.getReader&&Array.isArray(e)}function s(e){if(!n(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function o(t){if(n(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function c(e){return Uint8Array.prototype.isPrototypeOf(e)}function u(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!c(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}ArrayStream.prototype.getReader=function(){return void 0===this[a]&&(this[a]=0),{read:async()=>(await this[t],this[a]===this.length?{value:void 0,done:!0}:{value:this[this[a]++],done:!1})}},ArrayStream.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[a]));return this.length=0,r},ArrayStream.prototype.clone=function(){const e=new ArrayStream;return e[t]=this[t].then((()=>{e.push(...this)})),e},s.prototype.write=async function(e){this.stream.push(e)},s.prototype.close=async function(){this.stream[r]()},s.prototype.abort=async function(e){return this.stream[i](e),e},s.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const h=new WeakSet,y=Symbol("externalBuffer");function l(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),n(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(o(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||h.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{h.add(e)}catch(e){}}}function p(e){return o(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function g(e){if(o(e))return e;const t=new ArrayStream;return(async()=>{const r=x(t);await r.write(e),await r.close()})(),t}function d(e){return e.some((e=>o(e)&&!n(e)))?function(e){e=e.map(p);const t=w((async function(e){await Promise.all(i.map((t=>U(t,e))))}));let r=Promise.resolve();const i=e.map(((i,a)=>k(i,((i,n)=>(r=r.then((()=>f(i,t.writable,{preventClose:a!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>n(e)))?function(e){const t=new ArrayStream;let r=Promise.resolve();return e.forEach(((i,a)=>(r=r.then((()=>f(i,t,{preventClose:a!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):u(e)}async function f(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:a=!1}={}){if(o(e)&&!n(e)){e=p(e);try{if(e[y]){const r=x(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:a})}catch(e){}return}const s=C(e=g(e)),c=x(t);try{for(;;){await c.ready;const{done:e,value:t}=await s.read();if(e){r||await c.close();break}await c.write(t)}}catch(e){i||await c.abort(e)}finally{s.releaseLock(),c.releaseLock()}}function m(e,t){const r=new TransformStream(t);return f(e,r.writable),r.readable}function w(e){let t,r,i,a=!1,n=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():a=!0},async cancel(t){n=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(n)throw Error("Stream is cancelled");i.enqueue(e),a?a=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function b(e,t=(()=>{}),r=(()=>{})){if(n(e)){const i=new ArrayStream;return(async()=>{const a=x(i);try{const i=await P(e),n=t(i),s=r();let o;o=void 0!==n&&void 0!==s?d([n,s]):void 0!==n?n:s,await a.write(o),await a.close()}catch(e){await a.abort(e)}})(),i}if(o(e))return m(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),a=r();return void 0!==i&&void 0!==a?d([i,a]):void 0!==i?i:a}function k(e,t){if(o(e)&&!n(e)){let r;const i=new TransformStream({start(e){r=e}}),a=f(e,i.writable),n=w((async function(e){r.error(e),await a,await new Promise(setTimeout)}));return t(i.readable,n.writable),n.readable}e=g(e);const r=new ArrayStream;return t(e,r),r}function v(e,t){let r;const i=k(e,((e,a)=>{const n=C(e);n.remainder=()=>(n.releaseLock(),f(e,a),i),r=t(n)}));return r}function A(e){if(n(e))return e.clone();if(o(e)){const t=function(e){if(n(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(o(e)){const t=p(e).tee();return t[0][y]=t[1][y]=e[y],t}return[S(e),S(e)]}(e);return K(e,t[0]),t[1]}return S(e)}function E(e){return n(e)?A(e):o(e)?new ReadableStream({start(t){const r=k(e,(async(e,r)=>{const i=C(e),a=x(r);try{for(;;){await a.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await a.close()}try{t.enqueue(r)}catch(e){}await a.write(r)}}catch(e){t.error(e),await a.abort(e)}}));K(e,r)}}):S(e)}function K(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function S(e,t=0,r=1/0){if(n(e))throw Error("Not implemented");if(o(e)){if(t>=0&&r>=0){let i=0;return m(e,{transform(e,a){i<r?(i+e.length>=t&&a.enqueue(S(e,Math.max(t-i,0),r-i)),i+=e.length):a.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return b(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>S(d(i),t,r)))}if(0===t&&r<0){let i;return b(e,(e=>{const a=i?d([i,e]):e;if(a.length>=-r)return i=S(a,r),S(a,t,r);i=a}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),D((async()=>S(await P(e),t,r)))}return e[y]&&(e=d(e[y].concat([e]))),c(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function P(e,t=d){return n(e)?e.readToEnd(t):o(e)?C(e).readToEnd(t):e}async function U(e,t){if(o(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function D(e){const t=new ArrayStream;return(async()=>{const r=x(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function C(e){return new l(e)}function x(e){return new s(e)}l.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},l.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},l.prototype.cancel=function(e){return this._cancel(e)},l.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?d(t):void 0;const a=i.indexOf("\n")+1;a&&(e=d(t.concat(i.substr(0,a))),t=[]),a!==i.length&&t.push(i.substr(a))}return this.unshift(...t),e},l.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(S(t,1)),r},l.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:a}=await this.read();if(i)return t.length?d(t):void 0;if(t.push(a),r+=a.length,r>=e){const r=d(t);return this.unshift(S(r,e)),S(r,0,e)}}},l.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},l.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&c(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},l.prototype.readToEnd=async function(e=d){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const B=Symbol("byValue");var I={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[B]||(e[B]=[],Object.entries(e).forEach((([t,r])=>{e[B][r]=t}))),void 0!==e[B][t])return e[B][t];throw Error("Invalid enum value.")}},T={preferredHashAlgorithm:I.hash.sha256,preferredSymmetricAlgorithm:I.symmetric.aes256,preferredCompressionAlgorithm:I.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:I.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:I.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([I.symmetric.aes128,I.symmetric.aes192,I.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.0-beta.2",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([I.hash.md5,I.hash.ripemd]),rejectMessageHashAlgorithms:new Set([I.hash.md5,I.hash.ripemd,I.hash.sha1]),rejectPublicKeyAlgorithms:new Set([I.publicKey.elgamal,I.publicKey.dsa]),rejectCurves:new Set([I.curve.secp256k1])};const _=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),R={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:c,isStream:o,getNobleCurve:async(e,t)=>{if(!T.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case I.publicKey.ecdh:case I.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case I.publicKey.x448:return r.get("x448");case I.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=R.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return R.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return R.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=R.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return R.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+R.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return b(e,(e=>{if(!R.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let a=0;a<i;a+=r)t.push(String.fromCharCode.apply(String,e.subarray(a,a+r<i?a+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return b(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return b(e,r,(()=>r(new Uint8Array,!0)))},concat:d,concatUint8Array:u,equalsUint8Array:function(e,t){if(!R.isUint8Array(e)||!R.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return R.writeNumber(t,2)},printDebug:function(e){_&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){_&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!R.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return b(e,(e=>{let r;t&&(e=R.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const a=new Uint8Array(e.length+i.length);let n=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);a.set(r,n),n+=r.length,a[n-1]=13,a[n]=10,n++}return a.set(e.subarray(i[i.length-1]||0),n),a}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return b(e,(e=>{let r;13===(e=t&&10!==e[0]?R.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const a=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,a),i+=a-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),a=new Uint8Array(i);let n=0;for(let i=0;i<a.length;i++)a[i]=t[i]&256-e|r[i]&255+e,n+=e&i<t.length|1-e&i<r.length;return a.subarray(0,n)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===I.symmetric.aes128||e===I.symmetric.aes192||e===I.symmetric.aes256}},M=R.getNodeBuffer();let F,L;function N(e){let t=new Uint8Array;return b(e,(e=>{t=R.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),a=45*i,n=F(t.subarray(0,a));for(let e=0;e<i;e++)r.push(n.substr(60*e,60)),r.push("\n");return t=t.subarray(a),r.join("")}),(()=>t.length?F(t)+"\n":""))}function O(e){let t="";return b(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const a=i[e];for(let e=t.indexOf(a);-1!==e;e=t.indexOf(a,e+1))r++}let a=t.length;for(;a>0&&(a-r)%4!=0;a--)i.includes(t[a])&&r--;const n=L(t.substr(0,a));return t=t.substr(a),n}),(()=>L(t)))}function z(e){return O(e.replace(/-/g,"+").replace(/_/g,"/"))}function H(e,t){let r=N(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function j(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?I.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?I.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?I.armor.signed:/MESSAGE/.test(t[1])?I.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?I.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?I.armor.privateKey:/SIGNATURE/.test(t[1])?I.armor.signature:void 0}function G(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function q(e){const t=function(e){let t=13501623;return b(e,(e=>{const r=W?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=V[0][t>>24&255]^V[1][t>>16&255]^V[2][t>>8&255]^V[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^V[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}M?(F=e=>M.from(e).toString("base64"),L=e=>{const t=M.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(F=e=>btoa(R.uint8ArrayToString(e)),L=e=>R.stringToUint8Array(atob(e)));const V=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);V[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)V[1][e]=V[0][e]>>8^V[0][255&V[0][e]];for(let e=0;e<=255;e++)V[2][e]=V[1][e]>>8^V[0][255&V[1][e]];for(let e=0;e<=255;e++)V[3][e]=V[2][e]>>8^V[0][255&V[2][e]];const W=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function $(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||R.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||R.printDebugError(Error("Unknown header: "+e[t]))}function Z(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function X(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,a=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let n;const s=[];let o,c,u=s,h=[];const y=O(k(e,(async(e,l)=>{const p=C(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=R.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),n)if(o)c||n!==I.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,$(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),a.test(e)){if($(u),o=!0,c||n!==I.armor.signed){t({text:h,data:y,headers:s,type:n});break}}else u.push(e);else i.test(e)&&(n=j(e))}}catch(e){return void r(e)}const g=x(l);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=R.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const a=Z(t[0].slice(0,-1));await g.write(a);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(n(e.data)&&(e.data=await P(e.data)),e)))}function Q(e,t,r,i,a,n=!1,s=T){let o,c;e===I.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=n&&E(t),h=[];switch(e){case I.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case I.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case I.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP SIGNATURE-----\n");break;case I.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP MESSAGE-----\n");break;case I.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case I.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case I.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(G(a,s)),h.push(N(t)),u&&h.push("=",q(u)),h.push("-----END PGP SIGNATURE-----\n")}return R.concat(h)}async function Y(e){switch(e){case I.symmetric.aes128:case I.symmetric.aes192:case I.symmetric.aes256:throw Error("Not a legacy cipher");case I.symmetric.cast5:case I.symmetric.blowfish:case I.symmetric.twofish:case I.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function J(e){switch(e){case I.symmetric.aes128:case I.symmetric.aes192:case I.symmetric.aes256:case I.symmetric.twofish:return 16;case I.symmetric.blowfish:case I.symmetric.cast5:case I.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function ee(e){switch(e){case I.symmetric.aes128:case I.symmetric.blowfish:case I.symmetric.cast5:return 16;case I.symmetric.aes192:case I.symmetric.tripledes:return 24;case I.symmetric.aes256:case I.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function te(e){return{keySize:ee(e),blockSize:J(e)}}var re=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:te,getLegacyCipher:Y});function ie(e,t){let r=e[0],i=e[1],a=e[2],n=e[3];r=ne(r,i,a,n,t[0],7,-680876936),n=ne(n,r,i,a,t[1],12,-389564586),a=ne(a,n,r,i,t[2],17,606105819),i=ne(i,a,n,r,t[3],22,-1044525330),r=ne(r,i,a,n,t[4],7,-176418897),n=ne(n,r,i,a,t[5],12,1200080426),a=ne(a,n,r,i,t[6],17,-1473231341),i=ne(i,a,n,r,t[7],22,-45705983),r=ne(r,i,a,n,t[8],7,1770035416),n=ne(n,r,i,a,t[9],12,-1958414417),a=ne(a,n,r,i,t[10],17,-42063),i=ne(i,a,n,r,t[11],22,-1990404162),r=ne(r,i,a,n,t[12],7,1804603682),n=ne(n,r,i,a,t[13],12,-40341101),a=ne(a,n,r,i,t[14],17,-1502002290),i=ne(i,a,n,r,t[15],22,1236535329),r=se(r,i,a,n,t[1],5,-165796510),n=se(n,r,i,a,t[6],9,-1069501632),a=se(a,n,r,i,t[11],14,643717713),i=se(i,a,n,r,t[0],20,-373897302),r=se(r,i,a,n,t[5],5,-701558691),n=se(n,r,i,a,t[10],9,38016083),a=se(a,n,r,i,t[15],14,-660478335),i=se(i,a,n,r,t[4],20,-405537848),r=se(r,i,a,n,t[9],5,568446438),n=se(n,r,i,a,t[14],9,-1019803690),a=se(a,n,r,i,t[3],14,-187363961),i=se(i,a,n,r,t[8],20,1163531501),r=se(r,i,a,n,t[13],5,-1444681467),n=se(n,r,i,a,t[2],9,-51403784),a=se(a,n,r,i,t[7],14,1735328473),i=se(i,a,n,r,t[12],20,-1926607734),r=oe(r,i,a,n,t[5],4,-378558),n=oe(n,r,i,a,t[8],11,-2022574463),a=oe(a,n,r,i,t[11],16,1839030562),i=oe(i,a,n,r,t[14],23,-35309556),r=oe(r,i,a,n,t[1],4,-1530992060),n=oe(n,r,i,a,t[4],11,1272893353),a=oe(a,n,r,i,t[7],16,-155497632),i=oe(i,a,n,r,t[10],23,-1094730640),r=oe(r,i,a,n,t[13],4,681279174),n=oe(n,r,i,a,t[0],11,-358537222),a=oe(a,n,r,i,t[3],16,-722521979),i=oe(i,a,n,r,t[6],23,76029189),r=oe(r,i,a,n,t[9],4,-640364487),n=oe(n,r,i,a,t[12],11,-421815835),a=oe(a,n,r,i,t[15],16,530742520),i=oe(i,a,n,r,t[2],23,-995338651),r=ce(r,i,a,n,t[0],6,-198630844),n=ce(n,r,i,a,t[7],10,1126891415),a=ce(a,n,r,i,t[14],15,-1416354905),i=ce(i,a,n,r,t[5],21,-57434055),r=ce(r,i,a,n,t[12],6,1700485571),n=ce(n,r,i,a,t[3],10,-1894986606),a=ce(a,n,r,i,t[10],15,-1051523),i=ce(i,a,n,r,t[1],21,-2054922799),r=ce(r,i,a,n,t[8],6,1873313359),n=ce(n,r,i,a,t[15],10,-30611744),a=ce(a,n,r,i,t[6],15,-1560198380),i=ce(i,a,n,r,t[13],21,1309151649),r=ce(r,i,a,n,t[4],6,-145523070),n=ce(n,r,i,a,t[11],10,-1120210379),a=ce(a,n,r,i,t[2],15,718787259),i=ce(i,a,n,r,t[9],21,-343485551),e[0]=le(r,e[0]),e[1]=le(i,e[1]),e[2]=le(a,e[2]),e[3]=le(n,e[3])}function ae(e,t,r,i,a,n){return t=le(le(t,e),le(i,n)),le(t<<a|t>>>32-a,r)}function ne(e,t,r,i,a,n,s){return ae(t&r|~t&i,e,t,a,n,s)}function se(e,t,r,i,a,n,s){return ae(t&i|r&~i,e,t,a,n,s)}function oe(e,t,r,i,a,n,s){return ae(t^r^i,e,t,a,n,s)}function ce(e,t,r,i,a,n,s){return ae(r^(t|~i),e,t,a,n,s)}function ue(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const he="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=he[e>>8*r+4&15]+he[e>>8*r&15];return t}function le(e,t){return e+t&4294967295}const pe=R.getWebCrypto(),ge=R.getNodeCrypto(),de=ge&&ge.getHashes();function fe(e){if(ge&&de.includes(e))return async function(t){const r=ge.createHash(e);return b(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function me(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(n(e)&&(e=await P(e)),R.isStream(e)){const t=(await r()).create();return b(e,(e=>{t.update(e)}),(()=>t.digest()))}if(pe&&t)return new Uint8Array(await pe.digest(t,e));return(await r())(e)}}var we={md5:fe("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ie(r,ue(e.substring(i-64,i)));e=e.substring(i-64);const a=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)a[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(a[i>>2]|=128<<(i%4<<3),i>55)for(ie(r,a),i=0;i<16;i++)a[i]=0;return a[14]=8*t,ie(r,a),r}(R.uint8ArrayToString(e));return R.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:fe("sha1")||me("sha1","SHA-1"),sha224:fe("sha224")||me("sha224"),sha256:fe("sha256")||me("sha256","SHA-256"),sha384:fe("sha384")||me("sha384","SHA-384"),sha512:fe("sha512")||me("sha512","SHA-512"),ripemd:fe("ripemd160")||me("ripemd160"),sha3_256:fe("sha3-256")||me("sha3_256"),sha3_512:fe("sha3-512")||me("sha3_512"),digest:function(e,t){switch(e){case I.hash.md5:return this.md5(t);case I.hash.sha1:return this.sha1(t);case I.hash.ripemd:return this.ripemd(t);case I.hash.sha256:return this.sha256(t);case I.hash.sha384:return this.sha384(t);case I.hash.sha512:return this.sha512(t);case I.hash.sha224:return this.sha224(t);case I.hash.sha3_256:return this.sha3_256(t);case I.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case I.hash.md5:return 16;case I.hash.sha1:case I.hash.ripemd:return 20;case I.hash.sha256:return 32;case I.hash.sha384:return 48;case I.hash.sha512:return 64;case I.hash.sha224:return 28;case I.hash.sha3_256:return 32;case I.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case I.hash.md5:case I.hash.sha1:case I.hash.ripemd:case I.hash.sha224:case I.hash.sha256:return 64;case I.hash.sha384:case I.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}},be=function(){var e,t,r=!1;function i(r,i){var a=e[(t[r]+t[i])%255];return 0!==r&&0!==i||(a=0),a}var a,n,s,o,c=!1;function u(){function u(r){var i,a,n;for(a=n=function(r){var i=e[255-t[r]];return 0===r&&(i=0),i}(r),i=0;i<4;i++)n^=a=255&(a<<1|a>>>7);return n^=99}r||function(){e=[],t=[];var i,a,n=1;for(i=0;i<255;i++)e[i]=n,a=128&n,n<<=1,n&=255,128===a&&(n^=27),n^=e[i],t[e[i]]=i;e[255]=e[0],t[0]=0,r=!0}(),a=[],n=[],s=[[],[],[],[]],o=[[],[],[],[]];for(var h=0;h<256;h++){var y=u(h);a[h]=y,n[y]=h,s[0][h]=i(2,y)<<24|y<<16|y<<8|i(3,y),o[0][y]=i(14,h)<<24|i(9,h)<<16|i(13,h)<<8|i(11,h);for(var l=1;l<4;l++)s[l][h]=s[l-1][h]>>>8|s[l-1][h]<<24,o[l][y]=o[l-1][y]>>>8|o[l-1][y]<<24}c=!0}var h=function(e,t){c||u();var r=new Uint32Array(t);r.set(a,512),r.set(n,768);for(var i=0;i<4;i++)r.set(s[i],4096+1024*i>>2),r.set(o[i],8192+1024*i>>2);var h=function(e,t,r){"use asm";var i=0,a=0,n=0,s=0,o=0,c=0,u=0,h=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0;var K=new e.Uint32Array(r),S=new e.Uint8Array(r);function P(e,t,r,o,c,u,h,y){e=e|0;t=t|0;r=r|0;o=o|0;c=c|0;u=u|0;h=h|0;y=y|0;var l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0;l=r|0x400,p=r|0x800,g=r|0xc00;c=c^K[(e|0)>>2],u=u^K[(e|4)>>2],h=h^K[(e|8)>>2],y=y^K[(e|12)>>2];for(b=16;(b|0)<=o<<4;b=b+16|0){d=K[(r|c>>22&1020)>>2]^K[(l|u>>14&1020)>>2]^K[(p|h>>6&1020)>>2]^K[(g|y<<2&1020)>>2]^K[(e|b|0)>>2],f=K[(r|u>>22&1020)>>2]^K[(l|h>>14&1020)>>2]^K[(p|y>>6&1020)>>2]^K[(g|c<<2&1020)>>2]^K[(e|b|4)>>2],m=K[(r|h>>22&1020)>>2]^K[(l|y>>14&1020)>>2]^K[(p|c>>6&1020)>>2]^K[(g|u<<2&1020)>>2]^K[(e|b|8)>>2],w=K[(r|y>>22&1020)>>2]^K[(l|c>>14&1020)>>2]^K[(p|u>>6&1020)>>2]^K[(g|h<<2&1020)>>2]^K[(e|b|12)>>2];c=d,u=f,h=m,y=w}i=K[(t|c>>22&1020)>>2]<<24^K[(t|u>>14&1020)>>2]<<16^K[(t|h>>6&1020)>>2]<<8^K[(t|y<<2&1020)>>2]^K[(e|b|0)>>2],a=K[(t|u>>22&1020)>>2]<<24^K[(t|h>>14&1020)>>2]<<16^K[(t|y>>6&1020)>>2]<<8^K[(t|c<<2&1020)>>2]^K[(e|b|4)>>2],n=K[(t|h>>22&1020)>>2]<<24^K[(t|y>>14&1020)>>2]<<16^K[(t|c>>6&1020)>>2]<<8^K[(t|u<<2&1020)>>2]^K[(e|b|8)>>2],s=K[(t|y>>22&1020)>>2]<<24^K[(t|c>>14&1020)>>2]<<16^K[(t|u>>6&1020)>>2]<<8^K[(t|h<<2&1020)>>2]^K[(e|b|12)>>2]}function U(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;P(0x0000,0x0800,0x1000,E,e,t,r,i)}function D(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;var n=0;P(0x0400,0x0c00,0x2000,E,e,i,r,t);n=a,a=s,s=n}function C(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o^e,c^t,u^r,h^y);o=i,c=a,u=n,h=s}function x(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;var l=0;P(0x0400,0x0c00,0x2000,E,e,y,r,t);l=a,a=s,s=l;i=i^o,a=a^c,n=n^u,s=s^h;o=e,c=t,u=r,h=y}function B(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);o=i=i^e,c=a=a^t,u=n=n^r,h=s=s^y}function I(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);i=i^e,a=a^t,n=n^r,s=s^y;o=e,c=t,u=r,h=y}function T(e,t,r,y){e=e|0;t=t|0;r=r|0;y=y|0;P(0x0000,0x0800,0x1000,E,o,c,u,h);o=i,c=a,u=n,h=s;i=i^e,a=a^t,n=n^r,s=s^y}function _(e,t,r,o){e=e|0;t=t|0;r=r|0;o=o|0;P(0x0000,0x0800,0x1000,E,y,l,p,g);g=~w&g|w&g+1;p=~m&p|m&p+((g|0)==0);l=~f&l|f&l+((p|0)==0);y=~d&y|d&y+((l|0)==0);i=i^e;a=a^t;n=n^r;s=s^o}function R(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;var a=0,n=0,s=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0;e=e^o,t=t^c,r=r^u,i=i^h;a=b|0,n=k|0,s=v|0,y=A|0;for(;(f|0)<128;f=f+1|0){if(a>>>31){l=l^e,p=p^t,g=g^r,d=d^i}a=a<<1|n>>>31,n=n<<1|s>>>31,s=s<<1|y>>>31,y=y<<1;m=i&1;i=i>>>1|r<<31,r=r>>>1|t<<31,t=t>>>1|e<<31,e=e>>>1;if(m)e=e^0xe1000000}o=l,c=p,u=g,h=d}function M(e){e=e|0;E=e}function F(e,t,r,o){e=e|0;t=t|0;r=r|0;o=o|0;i=e,a=t,n=r,s=o}function L(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;o=e,c=t,u=r,h=i}function N(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;y=e,l=t,p=r,g=i}function O(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;d=e,f=t,m=r,w=i}function z(e,t,r,i){e=e|0;t=t|0;r=r|0;i=i|0;g=~w&g|w&i,p=~m&p|m&r,l=~f&l|f&t,y=~d&y|d&e}function H(e){e=e|0;if(e&15)return-1;S[e|0]=i>>>24,S[e|1]=i>>>16&255,S[e|2]=i>>>8&255,S[e|3]=i&255,S[e|4]=a>>>24,S[e|5]=a>>>16&255,S[e|6]=a>>>8&255,S[e|7]=a&255,S[e|8]=n>>>24,S[e|9]=n>>>16&255,S[e|10]=n>>>8&255,S[e|11]=n&255,S[e|12]=s>>>24,S[e|13]=s>>>16&255,S[e|14]=s>>>8&255,S[e|15]=s&255;return 16}function j(e){e=e|0;if(e&15)return-1;S[e|0]=o>>>24,S[e|1]=o>>>16&255,S[e|2]=o>>>8&255,S[e|3]=o&255,S[e|4]=c>>>24,S[e|5]=c>>>16&255,S[e|6]=c>>>8&255,S[e|7]=c&255,S[e|8]=u>>>24,S[e|9]=u>>>16&255,S[e|10]=u>>>8&255,S[e|11]=u&255,S[e|12]=h>>>24,S[e|13]=h>>>16&255,S[e|14]=h>>>8&255,S[e|15]=h&255;return 16}function G(){U(0,0,0,0);b=i,k=a,v=n,A=s}function q(e,t,r){e=e|0;t=t|0;r=r|0;var o=0;if(t&15)return-1;while((r|0)>=16){W[e&7](S[t|0]<<24|S[t|1]<<16|S[t|2]<<8|S[t|3],S[t|4]<<24|S[t|5]<<16|S[t|6]<<8|S[t|7],S[t|8]<<24|S[t|9]<<16|S[t|10]<<8|S[t|11],S[t|12]<<24|S[t|13]<<16|S[t|14]<<8|S[t|15]);S[t|0]=i>>>24,S[t|1]=i>>>16&255,S[t|2]=i>>>8&255,S[t|3]=i&255,S[t|4]=a>>>24,S[t|5]=a>>>16&255,S[t|6]=a>>>8&255,S[t|7]=a&255,S[t|8]=n>>>24,S[t|9]=n>>>16&255,S[t|10]=n>>>8&255,S[t|11]=n&255,S[t|12]=s>>>24,S[t|13]=s>>>16&255,S[t|14]=s>>>8&255,S[t|15]=s&255;o=o+16|0,t=t+16|0,r=r-16|0}return o|0}function V(e,t,r){e=e|0;t=t|0;r=r|0;var i=0;if(t&15)return-1;while((r|0)>=16){$[e&1](S[t|0]<<24|S[t|1]<<16|S[t|2]<<8|S[t|3],S[t|4]<<24|S[t|5]<<16|S[t|6]<<8|S[t|7],S[t|8]<<24|S[t|9]<<16|S[t|10]<<8|S[t|11],S[t|12]<<24|S[t|13]<<16|S[t|14]<<8|S[t|15]);i=i+16|0,t=t+16|0,r=r-16|0}return i|0}var W=[U,D,C,x,B,I,T,_];var $=[C,R];return{set_rounds:M,set_state:F,set_iv:L,set_nonce:N,set_mask:O,set_counter:z,get_state:H,get_iv:j,gcm_init:G,cipher:q,mac:V}}({Uint8Array,Uint32Array},e,t);return h.set_key=function(e,t,i,n,s,c,u,y,l){var p=r.subarray(0,60),g=r.subarray(256,316);p.set([t,i,n,s,c,u,y,l]);for(var d=e,f=1;d<4*e+28;d++){var m=p[d-1];(d%e==0||8===e&&d%e==4)&&(m=a[m>>>24]<<24^a[m>>>16&255]<<16^a[m>>>8&255]<<8^a[255&m]),d%e==0&&(m=m<<8^m>>>24^f<<24,f=f<<1^(128&f?27:0)),p[d]=p[d-e]^m}for(var w=0;w<d;w+=4)for(var b=0;b<4;b++){m=p[d-(4+w)+(4-b)%4];g[w+b]=w<4||w>=d-4?m:o[0][a[m>>>24]]^o[1][a[m>>>16&255]]^o[2][a[m>>>8&255]]^o[3][a[255&m]]}h.set_rounds(e+5)},h};return h.ENC={ECB:0,CBC:2,CFB:4,OFB:6,CTR:7},h.DEC={ECB:1,CBC:3,CFB:5,OFB:6,CTR:7},h.MAC={CBC:0,GCM:1},h.HEAP_DATA=16384,h}();function ke(e){return e instanceof Uint8Array}function ve(e,t,r,i,a){const n=e.length-t,s=n<a?n:a;return e.set(r.subarray(i,i+s),t),s}function Ae(...e){const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);let i=0;for(let t=0;t<e.length;t++)r.set(e[t],i),i+=e[t].length;return r}class Ee extends Error{constructor(...e){super(...e)}}class Ke extends Error{constructor(...e){super(...e)}}class Se extends Error{constructor(...e){super(...e)}}const Pe=[],Ue=[];class De{constructor(e,t,r=!0,i,a,n){this.pos=0,this.len=0,this.mode=i,this.pos=0,this.len=0,this.key=e,this.iv=t,this.padding=r,this.acquire_asm(a,n)}acquire_asm(e,t){return void 0!==this.heap&&void 0!==this.asm||(this.heap=e||Pe.pop()||function(e,t){const r=e?e.byteLength:65536;if(4095&r||r<=0)throw Error("heap size must be a positive integer and a multiple of 4096");return e||new Uint8Array(new ArrayBuffer(r))}().subarray(be.HEAP_DATA),this.asm=t||Ue.pop()||new be(null,this.heap.buffer),this.reset(this.key,this.iv)),{heap:this.heap,asm:this.asm}}release_asm(){void 0!==this.heap&&void 0!==this.asm&&(Pe.push(this.heap),Ue.push(this.asm)),this.heap=void 0,this.asm=void 0}reset(e,t){const{asm:r}=this.acquire_asm(),i=e.length;if(16!==i&&24!==i&&32!==i)throw new Ke("illegal key size");const a=new DataView(e.buffer,e.byteOffset,e.byteLength);if(r.set_key(i>>2,a.getUint32(0),a.getUint32(4),a.getUint32(8),a.getUint32(12),i>16?a.getUint32(16):0,i>16?a.getUint32(20):0,i>24?a.getUint32(24):0,i>24?a.getUint32(28):0),void 0!==t){if(16!==t.length)throw new Ke("illegal iv size");let e=new DataView(t.buffer,t.byteOffset,t.byteLength);r.set_iv(e.getUint32(0),e.getUint32(4),e.getUint32(8),e.getUint32(12))}else r.set_iv(0,0,0,0)}AES_Encrypt_process(e){if(!ke(e))throw new TypeError("data isn't of expected type");let{heap:t,asm:r}=this.acquire_asm(),i=be.ENC[this.mode],a=be.HEAP_DATA,n=this.pos,s=this.len,o=0,c=e.length||0,u=0,h=0,y=new Uint8Array(s+c&-16);for(;c>0;)h=ve(t,n+s,e,o,c),s+=h,o+=h,c-=h,h=r.cipher(i,a+n,s),h&&y.set(t.subarray(n,n+h),u),u+=h,h<s?(n+=h,s-=h):(n=0,s=0);return this.pos=n,this.len=s,y}AES_Encrypt_finish(){let{heap:e,asm:t}=this.acquire_asm(),r=be.ENC[this.mode],i=be.HEAP_DATA,a=this.pos,n=this.len,s=16-n%16,o=n;if(this.hasOwnProperty("padding")){if(this.padding){for(let t=0;t<s;++t)e[a+n+t]=s;n+=s,o=n}else if(n%16)throw new Ke("data length must be a multiple of the block size")}else n+=s;const c=new Uint8Array(o);return n&&t.cipher(r,i+a,n),o&&c.set(e.subarray(a,a+o)),this.pos=0,this.len=0,this.release_asm(),c}AES_Decrypt_process(e){if(!ke(e))throw new TypeError("data isn't of expected type");let{heap:t,asm:r}=this.acquire_asm(),i=be.DEC[this.mode],a=be.HEAP_DATA,n=this.pos,s=this.len,o=0,c=e.length||0,u=0,h=s+c&-16,y=0,l=0;this.padding&&(y=s+c-h||16,h-=y);const p=new Uint8Array(h);for(;c>0;)l=ve(t,n+s,e,o,c),s+=l,o+=l,c-=l,l=r.cipher(i,a+n,s-(c?0:y)),l&&p.set(t.subarray(n,n+l),u),u+=l,l<s?(n+=l,s-=l):(n=0,s=0);return this.pos=n,this.len=s,p}AES_Decrypt_finish(){let{heap:e,asm:t}=this.acquire_asm(),r=be.DEC[this.mode],i=be.HEAP_DATA,a=this.pos,n=this.len,s=n;if(n>0){if(n%16){if(this.hasOwnProperty("padding"))throw new Ke("data length must be a multiple of the block size");n+=16-n%16}if(t.cipher(r,i+a,n),this.hasOwnProperty("padding")&&this.padding){let t=e[a+s-1];if(t<1||t>16||t>s)throw new Se("bad padding");let r=0;for(let i=t;i>1;i--)r|=t^e[a+s-i];if(r)throw new Se("bad padding");s-=t}}const o=new Uint8Array(s);return s>0&&o.set(e.subarray(a,a+s)),this.pos=0,this.len=0,this.release_asm(),o}}class Ce{static encrypt(e,t,r){return new Ce(t,r).encrypt(e)}static decrypt(e,t,r){return new Ce(t,r).decrypt(e)}constructor(e,t,r){this.aes=r||new De(e,t,!0,"CFB"),delete this.aes.padding}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Decrypt_process(e),this.aes.AES_Decrypt_finish())}}const xe=R.getWebCrypto(),Be=R.getNodeCrypto(),Ie=Be?Be.getCiphers():[],Te={idea:Ie.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Ie.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Ie.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Ie.includes("bf-cfb")?"bf-cfb":void 0,aes128:Ie.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Ie.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Ie.includes("aes-256-cfb")?"aes-256-cfb":void 0};class _e{constructor(e,t,r){const{blockSize:i}=te(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=te(e);return xe.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await xe.importKey("raw",this.key,r,!1,["encrypt"]);const i=await xe.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=R.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),a=R.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),n=await this._runCBC(a);return Re(n,i),this.prevBlock=n.subarray(-this.blockSize).slice(),r>0&&this.nextBlock.set(e.subarray(-r).slice()),this.i=r,n}this.i+=r.length;let i=new Uint8Array;if(this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Re(i,t),this.prevBlock=i.slice(),this.i=0;const a=e.subarray(r.length);this.nextBlock.set(a,this.i),this.i+=a.length}return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Re(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(R.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Re(t,e),this.clearSensitiveData(),t}}function Re(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}var Me=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const a=I.read(I.symmetric,e);if(Be&&Te[a])return function(e,t,r,i){const a=I.read(I.symmetric,e),n=new Be.createDecipheriv(Te[a],t,i);return b(r,(e=>new Uint8Array(n.update(e))))}(e,t,r,i);if(R.isAES(e))return function(e,t,r,i){if(R.isStream(r)){const e=new Ce(t,i);return b(r,(t=>e.aes.AES_Decrypt_process(t)),(()=>e.aes.AES_Decrypt_finish()))}return Ce.decrypt(r,t,i)}(0,t,r,i);const n=new(await Y(e))(t),s=n.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=R.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=n.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return b(r,u,u)},encrypt:async function(e,t,r,i,a){const n=I.read(I.symmetric,e);if(R.getNodeCrypto()&&Te[n])return function(e,t,r,i){const a=I.read(I.symmetric,e),n=new Be.createCipheriv(Te[a],t,i);return b(r,(e=>new Uint8Array(n.update(e))))}(e,t,r,i);if(R.isAES(e))return async function(e,t,r,i){if(xe&&await _e.isSupported(e)){const a=new _e(e,t,i);return R.isStream(r)?b(r,(e=>a.encryptChunk(e)),(()=>a.finish())):a.encrypt(r)}{const e=new Ce(t,i);return b(r,(t=>e.aes.AES_Encrypt_process(t)),(()=>e.aes.AES_Encrypt_finish()))}}(e,t,r,i);const s=new(await Y(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=R.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return b(r,h,h)}});class Fe{static encrypt(e,t,r){return new Fe(t,r).encrypt(e)}static decrypt(e,t,r){return new Fe(t,r).encrypt(e)}constructor(e,t,r){this.aes=r||new De(e,void 0,!1,"CTR"),delete this.aes.padding,this.AES_CTR_set_options(t)}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}AES_CTR_set_options(e,t,r){let{asm:i}=this.aes.acquire_asm();if(void 0!==r){if(r<8||r>48)throw new Ke("illegal counter size");let e=Math.pow(2,r)-1;i.set_mask(0,0,e/4294967296|0,0|e)}else r=48,i.set_mask(0,0,65535,4294967295);if(void 0===e)throw Error("nonce is required");{let t=e.length;if(!t||t>16)throw new Ke("illegal nonce size");let r=new DataView(new ArrayBuffer(16));new Uint8Array(r.buffer).set(e),i.set_nonce(r.getUint32(0),r.getUint32(4),r.getUint32(8),r.getUint32(12))}if(void 0!==t){if(t<0||t>=Math.pow(2,r))throw new Ke("illegal counter value");i.set_counter(0,0,t/4294967296|0,0|t)}}}class Le{static encrypt(e,t,r=!0,i){return new Le(t,i,r).encrypt(e)}static decrypt(e,t,r=!0,i){return new Le(t,i,r).decrypt(e)}constructor(e,t,r=!0,i){this.aes=i||new De(e,t,r,"CBC")}encrypt(e){return Ae(this.aes.AES_Encrypt_process(e),this.aes.AES_Encrypt_finish())}decrypt(e){return Ae(this.aes.AES_Decrypt_process(e),this.aes.AES_Decrypt_finish())}}const Ne=R.getWebCrypto(),Oe=R.getNodeCrypto(),ze=16;function He(e,t){const r=e.length-ze;for(let i=0;i<ze;i++)e[i+r]^=t[i];return e}const je=new Uint8Array(ze);async function Ge(e){const t=await async function(e){if(R.getNodeCrypto())return async function(t){const r=new Oe.createCipheriv("aes-"+8*e.length+"-cbc",e,je).update(t);return new Uint8Array(r)};if(R.getWebCrypto())try{return e=await Ne.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Ne.encrypt({name:"AES-CBC",iv:je,length:8*ze},e,t);return new Uint8Array(r).subarray(0,r.byteLength-ze)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;R.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return Le.encrypt(t,e,!1,je)}}(e),r=R.double(await t(je)),i=R.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%ze==0)return He(e,t);const i=new Uint8Array(e.length+(ze-e.length%ze));return i.set(e),i[e.length]=128,He(i,r)}(e,r,i))).subarray(-ze)}}const qe=R.getWebCrypto(),Ve=R.getNodeCrypto(),We=R.getNodeBuffer(),$e=16,Ze=$e,Xe=$e,Qe=new Uint8Array($e),Ye=new Uint8Array($e);Ye[$e-1]=1;const Je=new Uint8Array($e);async function et(e){const t=await Ge(e);return function(e,r){return t(R.concatUint8Array([e,r]))}}async function tt(e){if(R.getNodeCrypto())return async function(t,r){const i=new Ve.createCipheriv("aes-"+8*e.length+"-ctr",e,r),a=We.concat([i.update(t),i.final()]);return new Uint8Array(a)};if(R.getWebCrypto())try{const t=await qe.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await qe.encrypt({name:"AES-CTR",counter:r,length:8*$e},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;R.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return Fe.encrypt(t,e,r)}}async function rt(e,t){if(e!==I.symmetric.aes128&&e!==I.symmetric.aes192&&e!==I.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([et(t),tt(t)]);return{encrypt:async function(e,t,a){const[n,s]=await Promise.all([r(Qe,t),r(Ye,a)]),o=await i(e,n),c=await r(Je,o);for(let e=0;e<Xe;e++)c[e]^=s[e]^n[e];return R.concatUint8Array([o,c])},decrypt:async function(e,t,a){if(e.length<Xe)throw Error("Invalid EAX ciphertext");const n=e.subarray(0,-Xe),s=e.subarray(-Xe),[o,c,u]=await Promise.all([r(Qe,t),r(Ye,a),r(Je,n)]),h=u;for(let e=0;e<Xe;e++)h[e]^=c[e]^o[e];if(!R.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(n,o)}}}Je[$e-1]=2,rt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},rt.blockLength=$e,rt.ivLength=Ze,rt.tagLength=Xe;const it=16,at=16;function nt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function st(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function ot(e,t){return st(e.slice(),t)}const ct=new Uint8Array(it),ut=new Uint8Array([1]);async function ht(e,t){const{keySize:r}=te(e);if(!R.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const a=e=>Le.encrypt(e,t,!1),n=e=>Le.decrypt(e,t,!1);let s;function o(e,t,r,n){const o=t.length/it|0;!function(e,t){const r=R.nbits(Math.max(e.length,t.length)/it|0)-1;for(let e=i+1;e<=r;e++)s[e]=R.double(s[e-1]);i=r}(t,n);const c=R.concatUint8Array([ct.subarray(0,15-r.length),ut,r]),u=63&c[15];c[15]&=192;const h=a(c),y=R.concatUint8Array([h,ot(h.subarray(0,8),h.subarray(1,9))]),l=R.shiftRight(y.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(it),g=new Uint8Array(t.length+at);let d,f=0;for(d=0;d<o;d++)st(l,s[nt(d+1)]),g.set(st(e(ot(l,t)),l),f),st(p,e===a?t:g.subarray(f)),t=t.subarray(it),f+=it;if(t.length){st(l,s.x);const r=a(l);g.set(ot(t,r),f);const i=new Uint8Array(it);i.set(e===a?t:g.subarray(f,-16),0),i[t.length]=128,st(p,i),f+=t.length}const m=st(a(st(st(p,l),s.$)),function(e){if(!e.length)return ct;const t=e.length/it|0,r=new Uint8Array(it),i=new Uint8Array(it);for(let n=0;n<t;n++)st(r,s[nt(n+1)]),st(i,a(ot(r,e))),e=e.subarray(it);if(e.length){st(r,s.x);const t=new Uint8Array(it);t.set(e,0),t[e.length]=128,st(t,r),st(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(ct),t=R.double(e);s=[],s[0]=R.double(t),s.x=e,s.$=t}(),{encrypt:async function(e,t,r){return o(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<at)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const a=o(n,e,t,r);if(R.equalsUint8Array(i,a.subarray(-16)))return a.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ht.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ht.blockLength=it,ht.ivLength=15,ht.tagLength=at;const yt=68719476704;class lt{static encrypt(e,t,r,i,a){return new lt(t,r,i,a).encrypt(e)}static decrypt(e,t,r,i,a){return new lt(t,r,i,a).decrypt(e)}constructor(e,t,r,i=16,a){this.tagSize=i,this.gamma0=0,this.counter=1,this.aes=a||new De(e,void 0,!1,"CTR");let{asm:n,heap:s}=this.aes.acquire_asm();if(n.gcm_init(),this.tagSize<4||this.tagSize>16)throw new Ke("illegal tagSize value");const o=t.length||0,c=new Uint8Array(16);12!==o?(this._gcm_mac_process(t),s[0]=0,s[1]=0,s[2]=0,s[3]=0,s[4]=0,s[5]=0,s[6]=0,s[7]=0,s[8]=0,s[9]=0,s[10]=0,s[11]=o>>>29,s[12]=o>>>21&255,s[13]=o>>>13&255,s[14]=o>>>5&255,s[15]=o<<3&255,n.mac(be.MAC.GCM,be.HEAP_DATA,16),n.get_iv(be.HEAP_DATA),n.set_iv(0,0,0,0),c.set(s.subarray(0,16))):(c.set(t),c[15]=1);const u=new DataView(c.buffer);if(this.gamma0=u.getUint32(12),n.set_nonce(u.getUint32(0),u.getUint32(4),u.getUint32(8),0),n.set_mask(0,0,0,4294967295),void 0!==r){if(r.length>yt)throw new Ke("illegal adata length");r.length?(this.adata=r,this._gcm_mac_process(r)):this.adata=void 0}else this.adata=void 0;if(this.counter<1||this.counter>4294967295)throw new RangeError("counter must be a positive 32-bit integer");n.set_counter(0,0,0,this.gamma0+this.counter|0)}encrypt(e){return this.AES_GCM_encrypt(e)}decrypt(e){return this.AES_GCM_decrypt(e)}AES_GCM_Encrypt_process(e){let t=0,r=e.length||0,{asm:i,heap:a}=this.aes.acquire_asm(),n=this.counter,s=this.aes.pos,o=this.aes.len,c=0,u=o+r&-16,h=0;if((n-1<<4)+o+r>yt)throw new RangeError("counter overflow");const y=new Uint8Array(u);for(;r>0;)h=ve(a,s+o,e,t,r),o+=h,t+=h,r-=h,h=i.cipher(be.ENC.CTR,be.HEAP_DATA+s,o),h=i.mac(be.MAC.GCM,be.HEAP_DATA+s,h),h&&y.set(a.subarray(s,s+h),c),n+=h>>>4,c+=h,h<o?(s+=h,o-=h):(s=0,o=0);return this.counter=n,this.aes.pos=s,this.aes.len=o,y}AES_GCM_Encrypt_finish(){let{asm:e,heap:t}=this.aes.acquire_asm(),r=this.counter,i=this.tagSize,a=this.adata,n=this.aes.pos,s=this.aes.len;const o=new Uint8Array(s+i);e.cipher(be.ENC.CTR,be.HEAP_DATA+n,s+15&-16),s&&o.set(t.subarray(n,n+s));let c=s;for(;15&c;c++)t[n+c]=0;e.mac(be.MAC.GCM,be.HEAP_DATA+n,c);const u=void 0!==a?a.length:0,h=(r-1<<4)+s;return t[0]=0,t[1]=0,t[2]=0,t[3]=u>>>29,t[4]=u>>>21,t[5]=u>>>13&255,t[6]=u>>>5&255,t[7]=u<<3&255,t[8]=t[9]=t[10]=0,t[11]=h>>>29,t[12]=h>>>21&255,t[13]=h>>>13&255,t[14]=h>>>5&255,t[15]=h<<3&255,e.mac(be.MAC.GCM,be.HEAP_DATA,16),e.get_iv(be.HEAP_DATA),e.set_counter(0,0,0,this.gamma0),e.cipher(be.ENC.CTR,be.HEAP_DATA,16),o.set(t.subarray(0,i),s),this.counter=1,this.aes.pos=0,this.aes.len=0,o}AES_GCM_Decrypt_process(e){let t=0,r=e.length||0,{asm:i,heap:a}=this.aes.acquire_asm(),n=this.counter,s=this.tagSize,o=this.aes.pos,c=this.aes.len,u=0,h=c+r>s?c+r-s&-16:0,y=c+r-h,l=0;if((n-1<<4)+c+r>yt)throw new RangeError("counter overflow");const p=new Uint8Array(h);for(;r>y;)l=ve(a,o+c,e,t,r-y),c+=l,t+=l,r-=l,l=i.mac(be.MAC.GCM,be.HEAP_DATA+o,l),l=i.cipher(be.DEC.CTR,be.HEAP_DATA+o,l),l&&p.set(a.subarray(o,o+l),u),n+=l>>>4,u+=l,o=0,c=0;return r>0&&(c+=ve(a,0,e,t,r)),this.counter=n,this.aes.pos=o,this.aes.len=c,p}AES_GCM_Decrypt_finish(){let{asm:e,heap:t}=this.aes.acquire_asm(),r=this.tagSize,i=this.adata,a=this.counter,n=this.aes.pos,s=this.aes.len,o=s-r;if(s<r)throw new Ee("authentication tag not found");const c=new Uint8Array(o),u=new Uint8Array(t.subarray(n+o,n+s));let h=o;for(;15&h;h++)t[n+h]=0;e.mac(be.MAC.GCM,be.HEAP_DATA+n,h),e.cipher(be.DEC.CTR,be.HEAP_DATA+n,h),o&&c.set(t.subarray(n,n+o));const y=void 0!==i?i.length:0,l=(a-1<<4)+s-r;t[0]=0,t[1]=0,t[2]=0,t[3]=y>>>29,t[4]=y>>>21,t[5]=y>>>13&255,t[6]=y>>>5&255,t[7]=y<<3&255,t[8]=t[9]=t[10]=0,t[11]=l>>>29,t[12]=l>>>21&255,t[13]=l>>>13&255,t[14]=l>>>5&255,t[15]=l<<3&255,e.mac(be.MAC.GCM,be.HEAP_DATA,16),e.get_iv(be.HEAP_DATA),e.set_counter(0,0,0,this.gamma0),e.cipher(be.ENC.CTR,be.HEAP_DATA,16);let p=0;for(let e=0;e<r;++e)p|=u[e]^t[e];if(p)throw new Se("data integrity check failed");return this.counter=1,this.aes.pos=0,this.aes.len=0,c}AES_GCM_decrypt(e){const t=this.AES_GCM_Decrypt_process(e),r=this.AES_GCM_Decrypt_finish(),i=new Uint8Array(t.length+r.length);return t.length&&i.set(t),r.length&&i.set(r,t.length),i}AES_GCM_encrypt(e){const t=this.AES_GCM_Encrypt_process(e),r=this.AES_GCM_Encrypt_finish(),i=new Uint8Array(t.length+r.length);return t.length&&i.set(t),r.length&&i.set(r,t.length),i}_gcm_mac_process(e){let{asm:t,heap:r}=this.aes.acquire_asm(),i=0,a=e.length||0,n=0;for(;a>0;){for(n=ve(r,0,e,i,a),i+=n,a-=n;15&n;)r[n++]=0;t.mac(be.MAC.GCM,be.HEAP_DATA,n)}}}const pt=R.getWebCrypto(),gt=R.getNodeCrypto(),dt=R.getNodeBuffer(),ft=16,mt="AES-GCM";async function wt(e,t){if(e!==I.symmetric.aes128&&e!==I.symmetric.aes192&&e!==I.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(R.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const a=new gt.createCipheriv("aes-"+8*t.length+"-gcm",t,r);a.setAAD(i);const n=dt.concat([a.update(e),a.final(),a.getAuthTag()]);return new Uint8Array(n)},decrypt:async function(e,r,i=new Uint8Array){const a=new gt.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);a.setAAD(i),a.setAuthTag(e.slice(e.length-ft,e.length));const n=dt.concat([a.update(e.slice(0,e.length-ft)),a.final()]);return new Uint8Array(n)}};if(R.getWebCrypto())try{const e=await pt.importKey("raw",t,{name:mt},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,a,n=new Uint8Array){if(r&&!i.length)return lt.encrypt(i,t,a,n);const s=await pt.encrypt({name:mt,iv:a,additionalData:n,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,a,n=new Uint8Array){if(r&&i.length===ft)return lt.decrypt(i,t,a,n);try{const t=await pt.decrypt({name:mt,iv:a,additionalData:n,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;R.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return lt.encrypt(e,t,r,i)},decrypt:async function(e,r,i){return lt.decrypt(e,t,r,i)}}}wt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},wt.blockLength=16,wt.ivLength=12,wt.tagLength=ft;var bt={cfb:Me,gcm:wt,experimentalGCM:wt,eax:rt,ocb:ht};const kt=BigInt(0),vt=BigInt(1);function At(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function Et(e,t){const r=e%t;return r<kt?r+t:r}function Kt(e,t,r){if(r===kt)throw Error("Modulo cannot be zero");if(r===vt)return BigInt(0);if(t<kt)throw Error("Unsopported negative exponent");let i=t,a=e;a%=r;let n=BigInt(1);for(;i>kt;){const e=i&vt;i>>=vt;n=e?n*a%r:n,a=a*a%r}return n}function St(e){return e>=kt?e:-e}function Pt(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),a=BigInt(1),n=BigInt(0),s=St(e),o=St(t);const c=e<kt,u=t<kt;for(;o!==kt;){const e=s/o;let t=r;r=a-e*r,a=t,t=i,i=n-e*i,n=t,t=o,o=s%o,s=t}return{x:c?-a:a,y:u?-n:n,gcd:s}}(e,t);if(r!==vt)throw Error("Inverse does not exist");return Et(i+t,t)}function Ut(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function Dt(e,t){return(e>>BigInt(t)&vt)===kt?0:1}function Ct(e){const t=e<kt?BigInt(-1):kt;let r=1,i=e;for(;(i>>=vt)!==t;)r++;return r}function xt(e){const t=e<kt?BigInt(-1):kt,r=BigInt(8);let i=1,a=e;for(;(a>>=r)!==t;)i++;return i}function Bt(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const a=i.length/2,n=new Uint8Array(r||a),s=r?r-a:0;let o=0;for(;o<a;)n[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&n.reverse(),n}const It=R.getNodeCrypto();function Tt(e){const t=new Uint8Array(e);if(It){const e=It.randomBytes(t.length);t.set(e)}else{if("undefined"==typeof crypto||!crypto.getRandomValues)throw Error("No secure random number generator available.");crypto.getRandomValues(t)}return t}function _t(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return Et(At(Tt(xt(r)+8)),r)+e}var Rt=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:_t,getRandomBytes:Tt});const Mt=BigInt(1);function Ft(e,t,r){const i=BigInt(30),a=Mt<<BigInt(e-1),n=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=_t(a,a<<Mt),o=Ut(Et(s,i));do{s+=BigInt(n[o]),o=(o+n[o])%n.length,Ct(s)>e&&(s=Et(s,a<<Mt),s+=a,o=Ut(Et(s,i)))}while(!Lt(s,t,r));return s}function Lt(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==kt;){const e=i;i=r%i,r=e}return r}(e-Mt,t)===Mt)&&(!!function(e){const t=BigInt(0);return Nt.every((r=>Et(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return Kt(t,e-Mt,e)===Mt}(e)&&!!function(e,t,r){const i=Ct(e);t||(t=Math.max(1,i/48|0));const a=e-Mt;let n=0;for(;!Dt(a,n);)n++;const s=e>>BigInt(n);for(;t>0;t--){let t,r=Kt(_t(BigInt(2),a),s,e);if(r!==Mt&&r!==a){for(t=1;t<n;t++){if(r=Et(r*r,e),r===Mt)return!1;if(r===a)break}if(t===n)return!1}}return!0}(e,r)))}const Nt=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Ot=[];function zt(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Tt(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),a=new Uint8Array(t);return a[1]=2,a.set(i,2),a.set(e,t-r),a}function Ht(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const a=r-2,n=e.subarray(r+1),s=0===e[0]&2===e[1]&a>=8&!i;if(t)return R.selectUint8Array(s,n,t);if(s)return n;throw Error("Decryption error")}function jt(e,t,r){let i;if(t.length!==we.getHashByteLength(e))throw Error("Invalid hash length");const a=new Uint8Array(Ot[e].length);for(i=0;i<Ot[e].length;i++)a[i]=Ot[e][i];const n=a.length+t.length;if(r<n+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-n-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(a,r-n),o.set(t,r-t.length),o}Ot[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Ot[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Ot[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Ot[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Ot[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Ot[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Ot[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Gt=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Ht,emeEncode:zt,emsaEncode:jt});const qt=R.getWebCrypto(),Vt=R.getNodeCrypto(),Wt=BigInt(1);async function $t(e,t,r,i,a,n){const s=At(i),o=At(a),c=At(r);let u=Et(c,o-Wt),h=Et(c,s-Wt);return h=Bt(h),u=Bt(u),{kty:"RSA",n:H(e),e:H(t),d:H(r),p:H(a),q:H(i),dp:H(u),dq:H(h),qi:H(n),ext:!0}}function Zt(e,t){return{kty:"RSA",n:H(e),e:H(t),ext:!0}}function Xt(e,t){return{n:z(e.n),e:Bt(t),d:z(e.d),p:z(e.q),q:z(e.p),u:z(e.qi)}}var Qt=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a,n,s,o){if(R.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,a,n,s){const o=await $t(t,r,i,a,n,s),c={key:o,format:"jwk",type:"pkcs1",padding:Vt.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Vt.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,a,n,s)}catch(e){R.printDebugError(e)}return async function(e,t,r,i,a,n,s,o){if(e=At(e),t=At(t),r=At(r),i=At(i),a=At(a),n=At(n),s=At(s),e>=t)throw Error("Data too large.");const c=Et(i,n-Wt),u=Et(i,a-Wt),h=_t(BigInt(2),t),y=Kt(Pt(h,t),r,t);e=Et(e*y,t);const l=Kt(e,u,a),p=Kt(e,c,n),g=Et(s*(p-l),n);let d=g*a+l;return d=Et(d*h,t),Ht(Bt(d,"be",xt(t)),o)}(e,t,r,i,a,n,s,o)},encrypt:async function(e,t,r){return R.getNodeCrypto()?async function(e,t,r){const i=Zt(t,r),a={key:i,format:"jwk",type:"pkcs1",padding:Vt.constants.RSA_PKCS1_PADDING};return new Uint8Array(Vt.publicEncrypt(a,e))}(e,t,r):async function(e,t,r){if(t=At(t),e=At(zt(e,xt(t))),r=At(r),e>=t)throw Error("Message size cannot exceed modulus size");return Bt(Kt(e,r,t),"be",xt(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),R.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Bt(t),hash:{name:"SHA-1"}},i=await qt.generateKey(r,!0,["sign","verify"]);return Xt(await qt.exportKey("jwk",i.privateKey),t)}if(R.getNodeCrypto()){const r={modulusLength:e,publicExponent:Ut(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Vt.generateKeyPair("rsa",r,((r,i,a)=>{r?t(r):e(a)}))}));return Xt(i,t)}let r,i,a;do{i=Ft(e-(e>>1),t,40),r=Ft(e>>1,t,40),a=r*i}while(Ct(a)!==e);const n=(r-Wt)*(i-Wt);return i<r&&([r,i]=[i,r]),{n:Bt(a),e:Bt(t),d:Bt(Pt(t,n)),p:Bt(r),q:Bt(i),u:Bt(Pt(r,i))}},sign:async function(e,t,r,i,a,n,s,o,c){if(t&&!R.isStream(t))if(R.getWebCrypto())try{return await async function(e,t,r,i,a,n,s,o){const c=await $t(r,i,a,n,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await qt.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await qt.sign("RSASSA-PKCS1-v1_5",h,t))}(I.read(I.webHash,e),t,r,i,a,n,s,o)}catch(e){R.printDebugError(e)}else if(R.getNodeCrypto())return async function(e,t,r,i,a,n,s,o){const c=Vt.createSign(I.read(I.hash,e));c.write(t),c.end();const u=await $t(r,i,a,n,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,a,n,s,o);return async function(e,t,r,i){t=At(t);const a=At(jt(e,i,xt(t)));if(r=At(r),a>=t)throw Error("Message size cannot exceed modulus size");return Bt(Kt(a,r,t),"be",xt(t))}(e,r,a,c)},validateParams:async function(e,t,r,i,a,n){if(e=At(e),(i=At(i))*(a=At(a))!==e)return!1;const s=BigInt(2);if(Et(i*(n=At(n)),a)!==BigInt(1))return!1;t=At(t),r=At(r);const o=_t(s,s<<BigInt(Math.floor(Ct(e)/3))),c=o*r*t;return!(Et(c,i-Wt)!==o||Et(c,a-Wt)!==o)},verify:async function(e,t,r,i,a,n){if(t&&!R.isStream(t))if(R.getWebCrypto())try{return await async function(e,t,r,i,a){const n=Zt(i,a),s=await qt.importKey("jwk",n,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return qt.verify("RSASSA-PKCS1-v1_5",s,r,t)}(I.read(I.webHash,e),t,r,i,a)}catch(e){R.printDebugError(e)}else if(R.getNodeCrypto())return async function(e,t,r,i,a){const n=Zt(i,a),s={key:n,format:"jwk",type:"pkcs1"},o=Vt.createVerify(I.read(I.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,a);return async function(e,t,r,i,a){if(r=At(r),t=At(t),i=At(i),t>=r)throw Error("Signature size cannot exceed modulus size");const n=Bt(Kt(t,i,r),"be",xt(r)),s=jt(e,a,xt(r));return R.equalsUint8Array(n,s)}(e,r,i,a,n)}});const Yt=BigInt(1);var Jt=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a){return e=At(e),t=At(t),r=At(r),Ht(Bt(Et(Pt(Kt(e,i=At(i),r),r)*t,r),"be",xt(r)),a)},encrypt:async function(e,t,r,i){t=At(t),r=At(r),i=At(i);const a=At(zt(e,xt(t))),n=_t(Yt,t-Yt);return{c1:Bt(Kt(r,n,t)),c2:Bt(Et(Kt(i,n,t)*a,t))}},validateParams:async function(e,t,r,i){if(e=At(e),t=At(t),r=At(r),t<=Yt||t>=e)return!1;const a=BigInt(Ct(e));if(a<BigInt(1023))return!1;if(Kt(t,e-Yt,e)!==Yt)return!1;let n=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(n=Et(n*t,e),n===Yt)return!1;s++}i=At(i);const u=_t(o<<a-Yt,o<<a);return r===Kt(t,(e-Yt)*u+i,e)}});const er="object"==typeof e&&"crypto"in e?e.crypto:void 0,tr={};var rr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},ir=function(){throw Error("no PRNG")},ar=new Uint8Array(32);ar[0]=9;var nr=rr(),sr=rr([1]),or=rr([56129,1]),cr=rr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ur=rr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),hr=rr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),yr=rr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),lr=rr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function pr(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function gr(e,t,r,i){return function(e,t,r,i,a){var n,s=0;for(n=0;n<a;n++)s|=e[t+n]^r[i+n];return(1&s-1>>>8)-1}(e,t,r,i,32)}function dr(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function fr(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function mr(e,t,r){for(var i,a=~(r-1),n=0;n<16;n++)i=a&(e[n]^t[n]),e[n]^=i,t[n]^=i}function wr(e,t){var r,i,a,n=rr(),s=rr();for(r=0;r<16;r++)s[r]=t[r];for(fr(s),fr(s),fr(s),i=0;i<2;i++){for(n[0]=s[0]-65517,r=1;r<15;r++)n[r]=s[r]-65535-(n[r-1]>>16&1),n[r-1]&=65535;n[15]=s[15]-32767-(n[14]>>16&1),a=n[15]>>16&1,n[14]&=65535,mr(s,n,1-a)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function br(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return wr(r,e),wr(i,t),gr(r,0,i,0)}function kr(e){var t=new Uint8Array(32);return wr(t,e),1&t[0]}function vr(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function Ar(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function Er(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function Kr(e,t,r){var i,a,n=0,s=0,o=0,c=0,u=0,h=0,y=0,l=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0,K=0,S=0,P=0,U=0,D=0,C=0,x=0,B=0,I=0,T=0,_=0,R=0,M=r[0],F=r[1],L=r[2],N=r[3],O=r[4],z=r[5],H=r[6],j=r[7],G=r[8],q=r[9],V=r[10],W=r[11],$=r[12],Z=r[13],X=r[14],Q=r[15];n+=(i=t[0])*M,s+=i*F,o+=i*L,c+=i*N,u+=i*O,h+=i*z,y+=i*H,l+=i*j,p+=i*G,g+=i*q,d+=i*V,f+=i*W,m+=i*$,w+=i*Z,b+=i*X,k+=i*Q,s+=(i=t[1])*M,o+=i*F,c+=i*L,u+=i*N,h+=i*O,y+=i*z,l+=i*H,p+=i*j,g+=i*G,d+=i*q,f+=i*V,m+=i*W,w+=i*$,b+=i*Z,k+=i*X,v+=i*Q,o+=(i=t[2])*M,c+=i*F,u+=i*L,h+=i*N,y+=i*O,l+=i*z,p+=i*H,g+=i*j,d+=i*G,f+=i*q,m+=i*V,w+=i*W,b+=i*$,k+=i*Z,v+=i*X,A+=i*Q,c+=(i=t[3])*M,u+=i*F,h+=i*L,y+=i*N,l+=i*O,p+=i*z,g+=i*H,d+=i*j,f+=i*G,m+=i*q,w+=i*V,b+=i*W,k+=i*$,v+=i*Z,A+=i*X,E+=i*Q,u+=(i=t[4])*M,h+=i*F,y+=i*L,l+=i*N,p+=i*O,g+=i*z,d+=i*H,f+=i*j,m+=i*G,w+=i*q,b+=i*V,k+=i*W,v+=i*$,A+=i*Z,E+=i*X,K+=i*Q,h+=(i=t[5])*M,y+=i*F,l+=i*L,p+=i*N,g+=i*O,d+=i*z,f+=i*H,m+=i*j,w+=i*G,b+=i*q,k+=i*V,v+=i*W,A+=i*$,E+=i*Z,K+=i*X,S+=i*Q,y+=(i=t[6])*M,l+=i*F,p+=i*L,g+=i*N,d+=i*O,f+=i*z,m+=i*H,w+=i*j,b+=i*G,k+=i*q,v+=i*V,A+=i*W,E+=i*$,K+=i*Z,S+=i*X,P+=i*Q,l+=(i=t[7])*M,p+=i*F,g+=i*L,d+=i*N,f+=i*O,m+=i*z,w+=i*H,b+=i*j,k+=i*G,v+=i*q,A+=i*V,E+=i*W,K+=i*$,S+=i*Z,P+=i*X,U+=i*Q,p+=(i=t[8])*M,g+=i*F,d+=i*L,f+=i*N,m+=i*O,w+=i*z,b+=i*H,k+=i*j,v+=i*G,A+=i*q,E+=i*V,K+=i*W,S+=i*$,P+=i*Z,U+=i*X,D+=i*Q,g+=(i=t[9])*M,d+=i*F,f+=i*L,m+=i*N,w+=i*O,b+=i*z,k+=i*H,v+=i*j,A+=i*G,E+=i*q,K+=i*V,S+=i*W,P+=i*$,U+=i*Z,D+=i*X,C+=i*Q,d+=(i=t[10])*M,f+=i*F,m+=i*L,w+=i*N,b+=i*O,k+=i*z,v+=i*H,A+=i*j,E+=i*G,K+=i*q,S+=i*V,P+=i*W,U+=i*$,D+=i*Z,C+=i*X,x+=i*Q,f+=(i=t[11])*M,m+=i*F,w+=i*L,b+=i*N,k+=i*O,v+=i*z,A+=i*H,E+=i*j,K+=i*G,S+=i*q,P+=i*V,U+=i*W,D+=i*$,C+=i*Z,x+=i*X,B+=i*Q,m+=(i=t[12])*M,w+=i*F,b+=i*L,k+=i*N,v+=i*O,A+=i*z,E+=i*H,K+=i*j,S+=i*G,P+=i*q,U+=i*V,D+=i*W,C+=i*$,x+=i*Z,B+=i*X,I+=i*Q,w+=(i=t[13])*M,b+=i*F,k+=i*L,v+=i*N,A+=i*O,E+=i*z,K+=i*H,S+=i*j,P+=i*G,U+=i*q,D+=i*V,C+=i*W,x+=i*$,B+=i*Z,I+=i*X,T+=i*Q,b+=(i=t[14])*M,k+=i*F,v+=i*L,A+=i*N,E+=i*O,K+=i*z,S+=i*H,P+=i*j,U+=i*G,D+=i*q,C+=i*V,x+=i*W,B+=i*$,I+=i*Z,T+=i*X,_+=i*Q,k+=(i=t[15])*M,s+=38*(A+=i*L),o+=38*(E+=i*N),c+=38*(K+=i*O),u+=38*(S+=i*z),h+=38*(P+=i*H),y+=38*(U+=i*j),l+=38*(D+=i*G),p+=38*(C+=i*q),g+=38*(x+=i*V),d+=38*(B+=i*W),f+=38*(I+=i*$),m+=38*(T+=i*Z),w+=38*(_+=i*X),b+=38*(R+=i*Q),n=(i=(n+=38*(v+=i*F))+(a=1)+65535)-65536*(a=Math.floor(i/65536)),s=(i=s+a+65535)-65536*(a=Math.floor(i/65536)),o=(i=o+a+65535)-65536*(a=Math.floor(i/65536)),c=(i=c+a+65535)-65536*(a=Math.floor(i/65536)),u=(i=u+a+65535)-65536*(a=Math.floor(i/65536)),h=(i=h+a+65535)-65536*(a=Math.floor(i/65536)),y=(i=y+a+65535)-65536*(a=Math.floor(i/65536)),l=(i=l+a+65535)-65536*(a=Math.floor(i/65536)),p=(i=p+a+65535)-65536*(a=Math.floor(i/65536)),g=(i=g+a+65535)-65536*(a=Math.floor(i/65536)),d=(i=d+a+65535)-65536*(a=Math.floor(i/65536)),f=(i=f+a+65535)-65536*(a=Math.floor(i/65536)),m=(i=m+a+65535)-65536*(a=Math.floor(i/65536)),w=(i=w+a+65535)-65536*(a=Math.floor(i/65536)),b=(i=b+a+65535)-65536*(a=Math.floor(i/65536)),k=(i=k+a+65535)-65536*(a=Math.floor(i/65536)),n=(i=(n+=a-1+37*(a-1))+(a=1)+65535)-65536*(a=Math.floor(i/65536)),s=(i=s+a+65535)-65536*(a=Math.floor(i/65536)),o=(i=o+a+65535)-65536*(a=Math.floor(i/65536)),c=(i=c+a+65535)-65536*(a=Math.floor(i/65536)),u=(i=u+a+65535)-65536*(a=Math.floor(i/65536)),h=(i=h+a+65535)-65536*(a=Math.floor(i/65536)),y=(i=y+a+65535)-65536*(a=Math.floor(i/65536)),l=(i=l+a+65535)-65536*(a=Math.floor(i/65536)),p=(i=p+a+65535)-65536*(a=Math.floor(i/65536)),g=(i=g+a+65535)-65536*(a=Math.floor(i/65536)),d=(i=d+a+65535)-65536*(a=Math.floor(i/65536)),f=(i=f+a+65535)-65536*(a=Math.floor(i/65536)),m=(i=m+a+65535)-65536*(a=Math.floor(i/65536)),w=(i=w+a+65535)-65536*(a=Math.floor(i/65536)),b=(i=b+a+65535)-65536*(a=Math.floor(i/65536)),k=(i=k+a+65535)-65536*(a=Math.floor(i/65536)),n+=a-1+37*(a-1),e[0]=n,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=y,e[7]=l,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function Sr(e,t){Kr(e,t,t)}function Pr(e,t){var r,i=rr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)Sr(i,i),2!==r&&4!==r&&Kr(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function Ur(e,t,r){var i,a,n=new Uint8Array(32),s=new Float64Array(80),o=rr(),c=rr(),u=rr(),h=rr(),y=rr(),l=rr();for(a=0;a<31;a++)n[a]=t[a];for(n[31]=127&t[31]|64,n[0]&=248,vr(s,r),a=0;a<16;a++)c[a]=s[a],h[a]=o[a]=u[a]=0;for(o[0]=h[0]=1,a=254;a>=0;--a)mr(o,c,i=n[a>>>3]>>>(7&a)&1),mr(u,h,i),Ar(y,o,u),Er(o,o,u),Ar(u,c,h),Er(c,c,h),Sr(h,y),Sr(l,o),Kr(o,u,o),Kr(u,c,y),Ar(y,o,u),Er(o,o,u),Sr(c,o),Er(u,h,l),Kr(o,u,or),Ar(o,o,h),Kr(u,u,o),Kr(o,h,l),Kr(h,c,s),Sr(c,y),mr(o,c,i),mr(u,h,i);for(a=0;a<16;a++)s[a+16]=o[a],s[a+32]=u[a],s[a+48]=c[a],s[a+64]=h[a];var p=s.subarray(32),g=s.subarray(16);return Pr(p,p),Kr(g,g,p),wr(e,g),0}function Dr(e,t){return Ur(e,t,ar)}var Cr=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function xr(e,t,r,i){for(var a,n,s,o,c,u,h,y,l,p,g,d,f,m,w,b,k,v,A,E,K,S,P,U,D,C,x=new Int32Array(16),B=new Int32Array(16),I=e[0],T=e[1],_=e[2],R=e[3],M=e[4],F=e[5],L=e[6],N=e[7],O=t[0],z=t[1],H=t[2],j=t[3],G=t[4],q=t[5],V=t[6],W=t[7],$=0;i>=128;){for(A=0;A<16;A++)E=8*A+$,x[A]=r[E+0]<<24|r[E+1]<<16|r[E+2]<<8|r[E+3],B[A]=r[E+4]<<24|r[E+5]<<16|r[E+6]<<8|r[E+7];for(A=0;A<80;A++)if(a=I,n=T,s=_,o=R,c=M,u=F,h=L,N,l=O,p=z,g=H,d=j,f=G,m=q,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(K=N),C=K>>>16,P+=65535&(S=(G>>>14|M<<18)^(G>>>18|M<<14)^(M>>>9|G<<23)),U+=S>>>16,D+=65535&(K=(M>>>14|G<<18)^(M>>>18|G<<14)^(G>>>9|M<<23)),C+=K>>>16,P+=65535&(S=G&q^~G&V),U+=S>>>16,D+=65535&(K=M&F^~M&L),C+=K>>>16,K=Cr[2*A],P+=65535&(S=Cr[2*A+1]),U+=S>>>16,D+=65535&K,C+=K>>>16,K=x[A%16],U+=(S=B[A%16])>>>16,D+=65535&K,C+=K>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(K=k=65535&D|(C+=D>>>16)<<16),C=K>>>16,P+=65535&(S=(O>>>28|I<<4)^(I>>>2|O<<30)^(I>>>7|O<<25)),U+=S>>>16,D+=65535&(K=(I>>>28|O<<4)^(O>>>2|I<<30)^(O>>>7|I<<25)),C+=K>>>16,U+=(S=O&z^O&H^z&H)>>>16,D+=65535&(K=I&T^I&_^T&_),C+=K>>>16,y=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(C+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(K=o),C=K>>>16,U+=(S=v)>>>16,D+=65535&(K=k),C+=K>>>16,T=a,_=n,R=s,M=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(C+=D>>>16)<<16,F=c,L=u,N=h,I=y,z=l,H=p,j=g,G=d=65535&P|U<<16,q=f,V=m,W=w,O=b,A%16==15)for(E=0;E<16;E++)K=x[E],P=65535&(S=B[E]),U=S>>>16,D=65535&K,C=K>>>16,K=x[(E+9)%16],P+=65535&(S=B[(E+9)%16]),U+=S>>>16,D+=65535&K,C+=K>>>16,k=x[(E+1)%16],P+=65535&(S=((v=B[(E+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(K=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),C+=K>>>16,k=x[(E+14)%16],U+=(S=((v=B[(E+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(K=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,x[E]=65535&D|C<<16,B[E]=65535&P|U<<16;P=65535&(S=O),U=S>>>16,D=65535&(K=I),C=K>>>16,K=e[0],U+=(S=t[0])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=I=65535&D|C<<16,t[0]=O=65535&P|U<<16,P=65535&(S=z),U=S>>>16,D=65535&(K=T),C=K>>>16,K=e[1],U+=(S=t[1])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|C<<16,t[1]=z=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(K=_),C=K>>>16,K=e[2],U+=(S=t[2])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=_=65535&D|C<<16,t[2]=H=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(K=R),C=K>>>16,K=e[3],U+=(S=t[3])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=R=65535&D|C<<16,t[3]=j=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(K=M),C=K>>>16,K=e[4],U+=(S=t[4])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=M=65535&D|C<<16,t[4]=G=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(K=F),C=K>>>16,K=e[5],U+=(S=t[5])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=F=65535&D|C<<16,t[5]=q=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(K=L),C=K>>>16,K=e[6],U+=(S=t[6])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=L=65535&D|C<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(K=N),C=K>>>16,K=e[7],U+=(S=t[7])>>>16,D+=65535&K,C+=K>>>16,C+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=N=65535&D|C<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Br(e,t,r){var i,a=new Int32Array(8),n=new Int32Array(8),s=new Uint8Array(256),o=r;for(a[0]=1779033703,a[1]=3144134277,a[2]=1013904242,a[3]=2773480762,a[4]=1359893119,a[5]=2600822924,a[6]=528734635,a[7]=1541459225,n[0]=4089235720,n[1]=2227873595,n[2]=4271175723,n[3]=1595750129,n[4]=2917565137,n[5]=725511199,n[6]=4215389547,n[7]=327033209,xr(a,n,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,pr(s,r-8,o/536870912|0,o<<3),xr(a,n,s,r),i=0;i<8;i++)pr(e,8*i,a[i],n[i]);return 0}function Ir(e,t){var r=rr(),i=rr(),a=rr(),n=rr(),s=rr(),o=rr(),c=rr(),u=rr(),h=rr();Er(r,e[1],e[0]),Er(h,t[1],t[0]),Kr(r,r,h),Ar(i,e[0],e[1]),Ar(h,t[0],t[1]),Kr(i,i,h),Kr(a,e[3],t[3]),Kr(a,a,ur),Kr(n,e[2],t[2]),Ar(n,n,n),Er(s,i,r),Er(o,n,a),Ar(c,n,a),Ar(u,i,r),Kr(e[0],s,o),Kr(e[1],u,c),Kr(e[2],c,o),Kr(e[3],s,u)}function Tr(e,t,r){var i;for(i=0;i<4;i++)mr(e[i],t[i],r)}function _r(e,t){var r=rr(),i=rr(),a=rr();Pr(a,t[2]),Kr(r,t[0],a),Kr(i,t[1],a),wr(e,i),e[31]^=kr(r)<<7}function Rr(e,t,r){var i,a;for(dr(e[0],nr),dr(e[1],sr),dr(e[2],sr),dr(e[3],nr),a=255;a>=0;--a)Tr(e,t,i=r[a/8|0]>>(7&a)&1),Ir(t,e),Ir(e,e),Tr(e,t,i)}function Mr(e,t){var r=[rr(),rr(),rr(),rr()];dr(r[0],hr),dr(r[1],yr),dr(r[2],sr),Kr(r[3],hr,yr),Rr(e,r,t)}function Fr(e,t,r){var i,a=new Uint8Array(64),n=[rr(),rr(),rr(),rr()];for(r||ir(t,32),Br(a,t,32),a[0]&=248,a[31]&=127,a[31]|=64,Mr(n,a),_r(e,n),i=0;i<32;i++)t[i+32]=e[i];return 0}var Lr=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Nr(e,t){var r,i,a,n;for(i=63;i>=32;--i){for(r=0,a=i-32,n=i-12;a<n;++a)t[a]+=r-16*t[i]*Lr[a-(i-32)],r=Math.floor((t[a]+128)/256),t[a]-=256*r;t[a]+=r,t[i]=0}for(r=0,a=0;a<32;a++)t[a]+=r-(t[31]>>4)*Lr[a],r=t[a]>>8,t[a]&=255;for(a=0;a<32;a++)t[a]-=r*Lr[a];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Or(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Nr(e,r)}function zr(e,t){var r=rr(),i=rr(),a=rr(),n=rr(),s=rr(),o=rr(),c=rr();return dr(e[2],sr),vr(e[1],t),Sr(a,e[1]),Kr(n,a,cr),Er(a,a,e[2]),Ar(n,e[2],n),Sr(s,n),Sr(o,s),Kr(c,o,s),Kr(r,c,a),Kr(r,r,n),function(e,t){var r,i=rr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)Sr(i,i),1!==r&&Kr(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),Kr(r,r,a),Kr(r,r,n),Kr(r,r,n),Kr(e[0],r,n),Sr(i,e[0]),Kr(i,i,n),br(i,a)&&Kr(e[0],e[0],lr),Sr(i,e[0]),Kr(i,i,n),br(i,a)?-1:(kr(e[0])===t[31]>>7&&Er(e[0],nr,e[0]),Kr(e[3],e[0],e[1]),0)}var Hr=64;function jr(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}tr.scalarMult=function(e,t){if(jr(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return Ur(r,e,t),r},tr.box={},tr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){ir(t,32),Dr(e,t)}(e,t),{publicKey:e,secretKey:t}},tr.box.keyPair.fromSecretKey=function(e){if(jr(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return Dr(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},tr.sign=function(e,t){if(jr(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Hr+e.length);return function(e,t,r,i){var a,n,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[rr(),rr(),rr(),rr()];Br(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var y=r+64;for(a=0;a<r;a++)e[64+a]=t[a];for(a=0;a<32;a++)e[32+a]=s[32+a];for(Br(c,e.subarray(32),r+32),Or(c),Mr(h,c),_r(e,h),a=32;a<64;a++)e[a]=i[a];for(Br(o,e,r+64),Or(o),a=0;a<64;a++)u[a]=0;for(a=0;a<32;a++)u[a]=c[a];for(a=0;a<32;a++)for(n=0;n<32;n++)u[a+n]+=o[a]*s[n];Nr(e.subarray(32),u)}(r,e,e.length,t),r},tr.sign.detached=function(e,t){for(var r=tr.sign(e,t),i=new Uint8Array(Hr),a=0;a<i.length;a++)i[a]=r[a];return i},tr.sign.detached.verify=function(e,t,r){if(jr(e,t,r),t.length!==Hr)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,a=new Uint8Array(Hr+e.length),n=new Uint8Array(Hr+e.length);for(i=0;i<Hr;i++)a[i]=t[i];for(i=0;i<e.length;i++)a[i+Hr]=e[i];return function(e,t,r,i){var a,n=new Uint8Array(32),s=new Uint8Array(64),o=[rr(),rr(),rr(),rr()],c=[rr(),rr(),rr(),rr()];if(r<64)return-1;if(zr(c,i))return-1;for(a=0;a<r;a++)e[a]=t[a];for(a=0;a<32;a++)e[a+32]=i[a];if(Br(s,e,r),Or(s),Rr(o,c,s),Mr(c,t.subarray(32)),Ir(o,c),_r(n,o),r-=64,gr(t,0,n,0)){for(a=0;a<r;a++)e[a]=0;return-1}for(a=0;a<r;a++)e[a]=t[a+64];return r}(n,a,a.length,r)>=0},tr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Fr(e,t),{publicKey:e,secretKey:t}},tr.sign.keyPair.fromSecretKey=function(e){if(jr(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},tr.sign.keyPair.fromSeed=function(e){if(jr(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Fr(t,r,!0),{publicKey:t,secretKey:r}},tr.setPRNG=function(e){ir=e},function(){if(er&&er.getRandomValues){tr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)er.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Gr={"2a8648ce3d030107":I.curve.nistP256,"2b81040022":I.curve.nistP384,"2b81040023":I.curve.nistP521,"2b8104000a":I.curve.secp256k1,"2b06010401da470f01":I.curve.ed25519Legacy,"2b060104019755010501":I.curve.curve25519Legacy,"2b2403030208010107":I.curve.brainpoolP256r1,"2b240303020801010b":I.curve.brainpoolP384r1,"2b240303020801010d":I.curve.brainpoolP512r1};class qr{constructor(e){if(e instanceof qr)this.oid=e.oid;else if(R.isArray(e)||R.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return R.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return R.uint8ArrayToHex(this.oid)}getName(){const e=Gr[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Vr(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=R.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function Wr(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):R.concatUint8Array([new Uint8Array([255]),R.writeNumber(e,4)])}function $r(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Zr(e){return new Uint8Array([192|e])}function Xr(e,t){return R.concatUint8Array([Zr(e),Wr(t)])}function Qr(e){return[I.packet.literalData,I.packet.compressedData,I.packet.symmetricallyEncryptedData,I.packet.symEncryptedIntegrityProtectedData,I.packet.aeadEncryptedData].includes(e)}async function Yr(e,t){const r=C(e);let i,a;try{const n=await r.peekBytes(2);if(!n||n.length<2||!(128&n[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const s=await r.readByte();let o,c,u=-1,h=-1;h=0,64&s&&(h=1),h?u=63&s:(u=(63&s)>>2,c=3&s);const y=Qr(u);let l,p=null;if(y){if("array"===R.isStream(e)){const e=new ArrayStream;i=x(e),p=e}else{const e=new TransformStream;i=x(e.writable),p=e.readable}a=t({tag:u,packet:p})}else p=[];do{if(h){const e=await r.readByte();if(l=!1,e<192)o=e;else if(e>=192&&e<224)o=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(o=1<<(31&e),l=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else o=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(c){case 0:o=await r.readByte();break;case 1:o=await r.readByte()<<8|await r.readByte();break;case 2:o=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:o=1/0}if(o>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:a}=await r.read();if(t){if(o===1/0)break;throw Error("Unexpected end of packet")}const n=o===1/0?a:a.subarray(0,o-e);if(i?await i.write(n):p.push(n),e+=a.length,e>=o){r.unshift(a.subarray(o-e+a.length));break}}}}while(l);const g=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(p=R.concatUint8Array(p),await t({tag:u,packet:p})),!g||!g.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await a,r.releaseLock()}}class Jr extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Jr),this.name="UnsupportedError"}}class ei extends Jr{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Jr),this.name="UnknownPacketError"}}class ti{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}const ri=R.getWebCrypto(),ii=R.getNodeCrypto(),ai={[I.curve.nistP256]:"P-256",[I.curve.nistP384]:"P-384",[I.curve.nistP521]:"P-521"},ni=ii?ii.getCurves():[],si=ii?{[I.curve.secp256k1]:ni.includes("secp256k1")?"secp256k1":void 0,[I.curve.nistP256]:ni.includes("prime256v1")?"prime256v1":void 0,[I.curve.nistP384]:ni.includes("secp384r1")?"secp384r1":void 0,[I.curve.nistP521]:ni.includes("secp521r1")?"secp521r1":void 0,[I.curve.ed25519Legacy]:ni.includes("ED25519")?"ED25519":void 0,[I.curve.curve25519Legacy]:ni.includes("X25519")?"X25519":void 0,[I.curve.brainpoolP256r1]:ni.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[I.curve.brainpoolP384r1]:ni.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[I.curve.brainpoolP512r1]:ni.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},oi={[I.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:si[I.curve.nistP256],web:ai[I.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[I.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:I.publicKey.ecdsa,hash:I.hash.sha384,cipher:I.symmetric.aes192,node:si[I.curve.nistP384],web:ai[I.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[I.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:I.publicKey.ecdsa,hash:I.hash.sha512,cipher:I.symmetric.aes256,node:si[I.curve.nistP521],web:ai[I.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[I.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:si[I.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[I.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:I.publicKey.eddsaLegacy,hash:I.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[I.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:I.publicKey.ecdh,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[I.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:I.publicKey.ecdsa,hash:I.hash.sha256,cipher:I.symmetric.aes128,node:si[I.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[I.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:I.publicKey.ecdsa,hash:I.hash.sha384,cipher:I.symmetric.aes192,node:si[I.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[I.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:I.publicKey.ecdsa,hash:I.hash.sha512,cipher:I.symmetric.aes256,node:si[I.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class ci{constructor(e){try{this.name=e instanceof qr?e.getName():I.write(I.curve,e)}catch(e){throw new Jr("Unknown curve")}const t=oi[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&R.getWebCrypto()?this.type="web":this.node&&R.getNodeCrypto()?this.type="node":this.name===I.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===I.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await ri.generateKey({name:"ECDSA",namedCurve:ai[e]},!0,["sign","verify"]),i=await ri.exportKey("jwk",r.privateKey),a=await ri.exportKey("jwk",r.publicKey);return{publicKey:li(a,t),privateKey:z(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return R.printDebugError("Browser did not support generating ec key "+e.message),yi(this.name)}case"node":return async function(e){const t=ii.createECDH(si[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const e=Tt(32);e[0]=127&e[0]|64,e[31]&=248;const t=e.slice().reverse(),{publicKey:r}=tr.box.keyPair.fromSecretKey(t);return{publicKey:R.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),r]),privateKey:e}}case"ed25519Legacy":{const e=Tt(32),t=tr.sign.keyPair.fromSeed(e);return{publicKey:R.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t.publicKey]),privateKey:e}}default:return yi(this.name)}}}async function ui(e,t,r,i){const a={[I.curve.nistP256]:!0,[I.curve.nistP384]:!0,[I.curve.nistP521]:!0,[I.curve.secp256k1]:!0,[I.curve.curve25519Legacy]:e===I.publicKey.ecdh,[I.curve.brainpoolP256r1]:!0,[I.curve.brainpoolP384r1]:!0,[I.curve.brainpoolP512r1]:!0},n=t.getName();if(!a[n])return!1;if(n===I.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=tr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!R.equalsUint8Array(t,r)}const s=(await R.getNobleCurve(I.publicKey.ecdsa,n)).getPublicKey(i,!1);return!!R.equalsUint8Array(s,r)}function hi(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:a}=e,n=a===I.curve.curve25519Legacy||a===I.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==n+1)throw Error("Invalid point encoding")}async function yi(e){const t=await R.getNobleCurve(I.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function li(e,t){const r=z(e.x),i=z(e.y),a=new Uint8Array(r.length+i.length+1);return a[0]=t,a.set(r,1),a.set(i,r.length+1),a}function pi(e,t,r){const i=e,a=r.slice(1,i+1),n=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:H(a),y:H(n),ext:!0}}function gi(e,t,r,i){const a=pi(e,t,r);return a.d=H(i),a}const di=R.getWebCrypto(),fi=R.getNodeCrypto();async function mi(e,t,r,i,a,n){const s=new ci(e);if(hi(s,i),r&&!R.isStream(r)){const e={publicKey:i,privateKey:a};switch(s.type){case"web":try{return await async function(e,t,r,i){const a=e.payloadSize,n=gi(e.payloadSize,ai[e.name],i.publicKey,i.privateKey),s=await di.importKey("jwk",n,{name:"ECDSA",namedCurve:ai[e.name],hash:{name:I.read(I.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await di.sign({name:"ECDSA",namedCurve:ai[e.name],hash:{name:I.read(I.webHash,t)}},s,r));return{r:o.slice(0,a),s:o.slice(a,a<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;R.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const a=R.nodeRequire("eckey-utils"),n=R.getNodeBuffer(),{privateKey:s}=a.generateDer({curveName:si[e.name],privateKey:n.from(i)}),o=fi.createSign(I.read(I.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,a)}}const o=(await R.getNobleCurve(I.publicKey.ecdsa,s.name)).sign(n,a,{lowS:!1});return{r:Bt(o.r,"be",s.payloadSize),s:Bt(o.s,"be",s.payloadSize)}}async function wi(e,t,r,i,a,n){const s=new ci(e);hi(s,a);const o=async()=>0===n[0]&&bi(s,r,n.subarray(1),a);if(i&&!R.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},a,n){const s=pi(e.payloadSize,ai[e.name],n),o=await di.importKey("jwk",s,{name:"ECDSA",namedCurve:ai[e.name],hash:{name:I.read(I.webHash,e.hash)}},!1,["verify"]),c=R.concatUint8Array([r,i]).buffer;return di.verify({name:"ECDSA",namedCurve:ai[e.name],hash:{name:I.read(I.webHash,t)}},o,c,a)}(s,t,r,i,a);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;R.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},a,n){const s=R.nodeRequire("eckey-utils"),o=R.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:si[e.name],publicKey:o.from(n)}),u=fi.createVerify(I.read(I.hash,t));u.write(a),u.end();const h=R.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,a);return e||o()}}return await bi(s,r,n,a)||o()}async function bi(e,t,r,i){return(await R.getNobleCurve(I.publicKey.ecdsa,e.name)).verify(R.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var ki=/*#__PURE__*/Object.freeze({__proto__:null,sign:mi,validateParams:async function(e,t,r){const i=new ci(e);if(i.keyType!==I.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Tt(8),a=I.hash.sha256,n=await we.digest(a,i);try{const s=await mi(e,a,i,t,r,n);return await wi(e,a,s,i,t,n)}catch(e){return!1}}default:return ui(I.publicKey.ecdsa,e,t,r)}},verify:wi});
+/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const vi=BigInt(0),Ai=BigInt(1),Ei=BigInt(2),Ki=BigInt(8),Si=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Pi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Si,n:Si,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ui=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),Di=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const Ci=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),xi=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),Bi=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),Ii=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class Ti{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof Oi))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(Oi.ZERO)?Ti.ZERO:new Ti(e.x,e.y,Ai,Yi(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Pi.P){const r=Array(e.length),i=e.reduce(((e,i,a)=>i===vi?e:(r[a]=e,Yi(e*i,t))),Ai),a=Ji(i,t);return e.reduceRight(((e,i,a)=>i===vi?e:(r[a]=Yi(e*r[a],t),Yi(e*i,t))),a),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){Ri(e);const{x:t,y:r,z:i}=this,{x:a,y:n,z:s}=e,o=Yi(t*s),c=Yi(a*i),u=Yi(r*s),h=Yi(n*i);return o===c&&u===h}negate(){return new Ti(Yi(-this.x),this.y,this.z,Yi(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Pi,a=Yi(e*e),n=Yi(t*t),s=Yi(Ei*Yi(r*r)),o=Yi(i*a),c=e+t,u=Yi(Yi(c*c)-a-n),h=o+n,y=h-s,l=o-n,p=Yi(u*y),g=Yi(h*l),d=Yi(u*l),f=Yi(y*h);return new Ti(p,g,f,d)}add(e){Ri(e);const{x:t,y:r,z:i,t:a}=this,{x:n,y:s,z:o,t:c}=e,u=Yi((r-t)*(s+n)),h=Yi((r+t)*(s-n)),y=Yi(h-u);if(y===vi)return this.double();const l=Yi(i*Ei*c),p=Yi(a*Ei*o),g=p+l,d=h+u,f=p-l,m=Yi(g*y),w=Yi(d*f),b=Yi(g*f),k=Yi(y*d);return new Ti(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,a=i;for(let n=0;n<t;n++){a=i,r.push(a);for(let t=1;t<2**(e-1);t++)a=a.add(i),r.push(a);i=a.double()}return r}wNAF(e,t){!t&&this.equals(Ti.BASE)&&(t=Oi.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&Ni.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=Ti.normalizeZ(i),Ni.set(t,i)));let a=Ti.ZERO,n=Ti.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=Ai);const y=r,l=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?n=n.add(_i(p,i[y])):a=a.add(_i(g,i[l]))}return Ti.normalizeZ([a,n])[0]}multiply(e,t){return this.wNAF(na(e,Pi.l),t)}multiplyUnsafe(e){let t=na(e,Pi.l,!1);const r=Ti.BASE,i=Ti.ZERO;if(t===vi)return i;if(this.equals(i)||t===Ai)return this;if(this.equals(r))return this.wNAF(t);let a=i,n=this;for(;t>vi;)t&Ai&&(a=a.add(n)),n=n.double(),t>>=Ai;return a}isSmallOrder(){return this.multiplyUnsafe(Pi.h).equals(Ti.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Pi.l/Ei).double();return Pi.l%Ei&&(e=e.add(this)),e.equals(Ti.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,a=this.equals(Ti.ZERO);null==e&&(e=a?Ki:Ji(i));const n=Yi(t*e),s=Yi(r*e),o=Yi(i*e);if(a)return Oi.ZERO;if(o!==Ai)throw Error("invZ was invalid");return new Oi(n,s)}fromRistrettoBytes(){Fi()}toRistrettoBytes(){Fi()}fromRistrettoHash(){Fi()}}function _i(e,t){const r=t.negate();return e?r:t}function Ri(e){if(!(e instanceof Ti))throw new TypeError("ExtendedPoint expected")}function Mi(e){if(!(e instanceof Li))throw new TypeError("RistrettoPoint expected")}function Fi(){throw Error("Legacy method: switch to RistrettoPoint")}Ti.BASE=new Ti(Pi.Gx,Pi.Gy,Ai,Yi(Pi.Gx*Pi.Gy)),Ti.ZERO=new Ti(vi,Ai,Ai,vi);class Li{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Pi,r=Yi(Di*e*e),i=Yi((r+Ai)*Bi);let a=BigInt(-1);const n=Yi((a-t*r)*Yi(r+t));let{isValid:s,value:o}=ta(i,n),c=Yi(o*e);$i(c)||(c=Yi(-c)),s||(o=c),s||(a=r);const u=Yi(a*(r-Ai)*Ii-n),h=o*o,y=Yi((o+o)*n),l=Yi(u*Ci),p=Yi(Ai-h),g=Yi(Ai+h);return new Ti(Yi(y*g),Yi(p*l),Yi(l*g),Yi(y*p))}static hashToCurve(e){const t=Qi((e=aa(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=Qi(e.slice(32,64)),a=this.calcElligatorRistrettoMap(i);return new Li(r.add(a))}static fromHex(e){e=aa(e,32);const{a:t,d:r}=Pi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",a=Qi(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(Wi(a),e)||$i(a))throw Error(i);const n=Yi(a*a),s=Yi(Ai+t*n),o=Yi(Ai-t*n),c=Yi(s*s),u=Yi(o*o),h=Yi(t*r*c-u),{isValid:y,value:l}=ra(Yi(h*u)),p=Yi(l*o),g=Yi(l*p*h);let d=Yi((a+a)*p);$i(d)&&(d=Yi(-d));const f=Yi(s*g),m=Yi(d*f);if(!y||$i(m)||f===vi)throw Error(i);return new Li(new Ti(d,f,Ai,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const a=Yi(Yi(r+t)*Yi(r-t)),n=Yi(e*t),s=Yi(n*n),{value:o}=ra(Yi(a*s)),c=Yi(o*a),u=Yi(o*n),h=Yi(c*u*i);let y;if($i(i*h)){let r=Yi(t*Di),i=Yi(e*Di);e=r,t=i,y=Yi(c*xi)}else y=u;$i(e*h)&&(t=Yi(-t));let l=Yi((r-t)*y);return $i(l)&&(l=Yi(-l)),Wi(l)}toHex(){return Gi(this.toRawBytes())}toString(){return this.toHex()}equals(e){Mi(e);const t=this.ep,r=e.ep,i=Yi(t.x*r.y)===Yi(t.y*r.x),a=Yi(t.y*r.y)===Yi(t.x*r.x);return i||a}add(e){return Mi(e),new Li(this.ep.add(e.ep))}subtract(e){return Mi(e),new Li(this.ep.subtract(e.ep))}multiply(e){return new Li(this.ep.multiply(e))}multiplyUnsafe(e){return new Li(this.ep.multiplyUnsafe(e))}}Li.BASE=new Li(Ti.BASE),Li.ZERO=new Li(Ti.ZERO);const Ni=new WeakMap;class Oi{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,Ni.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Pi,a=(e=aa(e,32)).slice();a[31]=-129&e[31];const n=Zi(a);if(t&&n>=i)throw Error("Expected 0 < hex < P");if(!t&&n>=Ui)throw Error("Expected 0 < hex < 2**256");const s=Yi(n*n),o=Yi(s-Ai),c=Yi(r*s+Ai);let{isValid:u,value:h}=ta(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const y=(h&Ai)===Ai;return!!(128&e[31])!==y&&(h=Yi(-h)),new Oi(h,n)}static async fromPrivateKey(e){return(await oa(e)).point}toRawBytes(){const e=Wi(this.y);return e[31]|=this.x&Ai?128:0,e}toHex(){return Gi(this.toRawBytes())}toX25519(){const{y:e}=this;return Wi(Yi((Ai+e)*Ji(Ai-e)))}isTorsionFree(){return Ti.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new Oi(Yi(-this.x),this.y)}add(e){return Ti.fromAffine(this).add(Ti.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return Ti.fromAffine(this).multiply(e,this).toAffine()}}Oi.BASE=new Oi(Pi.Gx,Pi.Gy),Oi.ZERO=new Oi(vi,Ai);let zi=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=aa(t,64),i=Oi.fromHex(r.slice(0,32),!1),a=Zi(r.slice(32,64));return new e(i,a)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof Oi))throw Error("Expected Point instance");return na(t,Pi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(Wi(this.s),32),e}toHex(){return Gi(this.toRawBytes())}};function Hi(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const a=e[t];r.set(a,i),i+=a.length}return r}const ji=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function Gi(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=ji[e[r]];return t}function qi(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,a=e.slice(i,i+2),n=Number.parseInt(a,16);if(Number.isNaN(n)||n<0)throw Error("Invalid byte sequence");t[r]=n}return t}function Vi(e){return qi(e.toString(16).padStart(64,"0"))}function Wi(e){return Vi(e).reverse()}function $i(e){return(Yi(e)&Ai)===Ai}function Zi(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+Gi(Uint8Array.from(e).reverse()))}const Xi=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function Qi(e){return Yi(Zi(e)&Xi)}function Yi(e,t=Pi.P){const r=e%t;return r>=vi?r:t+r}function Ji(e,t=Pi.P){if(e===vi||t<=vi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Yi(e,t),i=t,a=vi,n=Ai;for(;r!==vi;){const e=i%r,t=a-n*(i/r);i=r,r=e,a=n,n=t}if(i!==Ai)throw Error("invert: does not exist");return Yi(a,t)}function ea(e,t){const{P:r}=Pi;let i=e;for(;t-- >vi;)i*=i,i%=r;return i}function ta(e,t){const r=Yi(t*t*t),i=function(e){const{P:t}=Pi,r=BigInt(5),i=BigInt(10),a=BigInt(20),n=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=ea(o,Ei)*o%t,u=ea(c,Ai)*e%t,h=ea(u,r)*u%t,y=ea(h,i)*h%t,l=ea(y,a)*y%t,p=ea(l,n)*l%t,g=ea(p,s)*p%t,d=ea(g,s)*p%t,f=ea(d,i)*h%t;return{pow_p_5_8:ea(f,Ei)*e%t,b2:o}}(e*Yi(r*r*t)).pow_p_5_8;let a=Yi(e*r*i);const n=Yi(t*a*a),s=a,o=Yi(a*Di),c=n===e,u=n===Yi(-e),h=n===Yi(-e*Di);return c&&(a=s),(u||h)&&(a=o),$i(a)&&(a=Yi(-a)),{isValid:c||u,value:a}}function ra(e){return ta(Ai,e)}function ia(e){return Yi(Zi(e),Pi.l)}function aa(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):qi(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function na(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(vi<e)return e}else if(vi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let sa;async function oa(e){return function(e){const t=((r=e.slice(0,32))[0]&=248,r[31]&=127,r[31]|=64,r);var r;const i=e.slice(32,64),a=ia(t),n=Oi.BASE.multiply(a),s=n.toRawBytes();return{head:t,prefix:i,scalar:a,point:n,pointBytes:s}}(await ha.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?Vi(na(e,Ui)):aa(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function ca(e,t,r){const{r:i,SB:a,msg:n,pub:s}=function(e,t,r){t=aa(t),r instanceof Oi||(r=Oi.fromHex(r,!1));const{r:i,s:a}=e instanceof zi?e.assertValidity():zi.fromHex(e);return{r:i,s:a,SB:Ti.BASE.multiplyUnsafe(a),pub:r,msg:t}}(e,t,r),o=await ha.sha512(i.toRawBytes(),s.toRawBytes(),n);return function(e,t,r,i){const a=ia(i),n=Ti.fromAffine(e).multiplyUnsafe(a);return Ti.fromAffine(t).add(n).subtract(r).multiplyUnsafe(Pi.h).equals(Ti.ZERO)}(s,i,a,o)}Oi.BASE._setWindowSize(8);const ua={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},ha={bytesToHex:Gi,hexToBytes:qi,concatBytes:Hi,getExtendedPublicKey:oa,mod:Yi,invert:Ji,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=aa(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Yi(Zi(e),Pi.l-Ai)+Ai},randomBytes:(e=32)=>{if(ua.web)return ua.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>ha.randomBytes(32),sha512:async(...e)=>{const t=Hi(...e);if(ua.web){const e=await ua.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=Oi.BASE){const r=t.equals(Oi.BASE)?t:new Oi(t.x,t.y);return r._setWindowSize(e),r.multiply(Ei),r},sha512Sync:void 0};Object.defineProperties(ha,{sha512Sync:{configurable:!1,get:()=>sa,set(e){sa||(sa=e)}}});var ya=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,a,n){if(hi(new ci(e),i),we.getHashByteLength(t)<we.getHashByteLength(I.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const s=R.concatUint8Array([a,i.subarray(1)]),o=tr.sign.detached(n,s);return{r:o.subarray(0,32),s:o.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==I.curve.ed25519Legacy)return!1;const{publicKey:i}=tr.sign.keyPair.fromSeed(r),a=new Uint8Array([64,...i]);return R.equalsUint8Array(t,a)},verify:async function(e,t,{r,s:i},a,n,s){if(hi(new ci(e),n),we.getHashByteLength(t)<we.getHashByteLength(I.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");return ca(R.concatUint8Array([r,i]),s,n.subarray(1))}});function la(e){switch(e){case I.publicKey.ed25519:return 32;case I.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function pa(e){switch(e){case I.publicKey.ed25519:return I.hash.sha256;case I.publicKey.ed448:return I.hash.sha512;default:throw Error("Unknown EdDSA algo")}}var ga=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){switch(e){case I.publicKey.ed25519:{const t=Tt(la(e)),{publicKey:r}=tr.sign.keyPair.fromSeed(t);return{A:r,seed:t}}case I.publicKey.ed448:{const e=await R.getNobleCurve(I.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}},getPayloadSize:la,getPreferredHashAlgo:pa,sign:async function(e,t,r,i,a,n){if(we.getHashByteLength(t)<we.getHashByteLength(pa(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case I.publicKey.ed25519:{const e=R.concatUint8Array([a,i]);return{RS:tr.sign.detached(n,e)}}case I.publicKey.ed448:return{RS:(await R.getNobleCurve(I.publicKey.ed448)).sign(n,a)};default:throw Error("Unsupported EdDSA algorithm")}},validateParams:async function(e,t,r){switch(e){case I.publicKey.ed25519:{const{publicKey:e}=tr.sign.keyPair.fromSeed(r);return R.equalsUint8Array(t,e)}case I.publicKey.ed448:{const e=(await R.getNobleCurve(I.publicKey.ed448)).getPublicKey(r);return R.equalsUint8Array(t,e)}default:return!1}},verify:async function(e,t,{RS:r},i,a,n){if(we.getHashByteLength(t)<we.getHashByteLength(pa(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case I.publicKey.ed25519:return ca(r,n,a);case I.publicKey.ed448:return(await R.getNobleCurve(I.publicKey.ed448)).verify(r,n,a);default:throw Error("Unsupported EdDSA algorithm")}}});const da=R.getWebCrypto();async function fa(e,t,r){const{keySize:i}=te(e);if(!R.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await da.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await da.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),a=await da.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(a)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;R.printDebugError("Browser did not support operation: "+e.message)}return function(e,t,r){const i=new Le(t,new Uint8Array(16),!1),a=new Uint32Array([2795939494,2795939494]),n=wa(r);let s=a;const o=n,c=n.length/2,u=new Uint32Array([0,0]);let h=new Uint32Array(4);for(let e=0;e<=5;++e)for(let t=0;t<c;++t)u[1]=c*e+(1+t),h[0]=s[0],h[1]=s[1],h[2]=o[2*t],h[3]=o[2*t+1],h=wa(i.encrypt(ba(h))),s=h.subarray(0,2),s[0]^=u[0],s[1]^=u[1],o[2*t]=h[2],o[2*t+1]=h[3];return ba(s,o)}(0,t,r)}async function ma(e,t,r){const{keySize:i}=te(e);if(!R.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let a;try{a=await da.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return R.printDebugError("Browser did not support operation: "+e.message),function(e,t,r){const i=new Le(t,new Uint8Array(16),!1),a=new Uint32Array([2795939494,2795939494]),n=wa(r);let s=n.subarray(0,2);const o=n.subarray(2),c=n.length/2-1,u=new Uint32Array([0,0]);let h=new Uint32Array(4);for(let e=5;e>=0;--e)for(let t=c-1;t>=0;--t)u[1]=c*e+(t+1),h[0]=s[0]^u[0],h[1]=s[1]^u[1],h[2]=o[2*t],h[3]=o[2*t+1],h=wa(i.decrypt(ba(h))),s=h.subarray(0,2),o[2*t]=h[2],o[2*t+1]=h[3];if(s[0]===a[0]&&s[1]===a[1])return ba(o);throw Error("Key Data Integrity failed")}(0,t,r)}try{const e=await da.unwrapKey("raw",r,a,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await da.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}function wa(e){const t=e.buffer,r=new DataView(t),i=new Uint32Array(e.length/4);for(let t=0;t<e.length/4;++t)i[t]=r.getUint32(4*t);return i}function ba(){let e=0;for(let t=0;t<arguments.length;++t)e+=4*arguments[t].length;const t=new ArrayBuffer(e),r=new DataView(t);let i=0;for(let e=0;e<arguments.length;++e){for(let t=0;t<arguments[e].length;++t)r.setUint32(i+4*t,arguments[e][t]);i+=4*arguments[e].length}return new Uint8Array(t)}var ka=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:ma,wrap:fa});function va(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Aa(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),a=new Uint8Array(r).fill(r);if(R.equalsUint8Array(i,a))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var Ea=/*#__PURE__*/Object.freeze({__proto__:null,decode:Aa,encode:va});const Ka=R.getWebCrypto(),Sa=R.getNodeCrypto();function Pa(e,t,r,i){return R.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),R.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ua(e,t,r,i,a=!1,n=!1){let s;if(a){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(n){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await we.digest(e,R.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function Da(e,t){switch(e.type){case"curve25519Legacy":{const r=Tt(32),{secretKey:i,sharedKey:a}=await Ca(e,t,null,r);let{publicKey:n}=tr.box.keyPair.fromSecretKey(i);return n=R.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),n]),{publicKey:n,sharedKey:a}}case"web":if(e.web&&R.getWebCrypto())try{return await async function(e,t){const r=pi(e.payloadSize,e.web,t);let i=Ka.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),a=Ka.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,a]=await Promise.all([i,a]);let n=Ka.deriveBits({name:"ECDH",namedCurve:e.web,public:a},i.privateKey,e.sharedSize),s=Ka.exportKey("jwk",i.publicKey);[n,s]=await Promise.all([n,s]);const o=new Uint8Array(n),c=new Uint8Array(li(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return R.printDebugError(r),Ba(e,t)}break;case"node":return async function(e,t){const r=Sa.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),a=new Uint8Array(r.getPublicKey());return{publicKey:a,sharedKey:i}}(e,t);default:return Ba(e,t)}}async function Ca(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:tr.scalarMult(e,t.subarray(1))}}case"web":if(e.web&&R.getWebCrypto())try{return await async function(e,t,r,i){const a=gi(e.payloadSize,e.web,r,i);let n=Ka.importKey("jwk",a,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=pi(e.payloadSize,e.web,t);let o=Ka.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[n,o]=await Promise.all([n,o]);let c=Ka.deriveBits({name:"ECDH",namedCurve:e.web,public:o},n,e.sharedSize),u=Ka.exportKey("jwk",n);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:z(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return R.printDebugError(r),xa(e,t,i)}break;case"node":return async function(e,t,r){const i=Sa.createECDH(e.node);i.setPrivateKey(r);const a=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:a}}(e,t,i);default:return xa(e,t,i)}}async function xa(e,t,r){return{secretKey:r,sharedKey:(await R.getNobleCurve(I.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Ba(e,t){const r=await R.getNobleCurve(I.publicKey.ecdh,e.name),{publicKey:i,privateKey:a}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(a,t).subarray(1)}}var Ia=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a,n,s){const o=new ci(e);hi(o,a),hi(o,r);const{sharedKey:c}=await Ca(o,r,a,n),u=Pa(I.publicKey.ecdh,e,t,s),{keySize:h}=te(t.cipher);let y;for(let e=0;e<3;e++)try{const r=await Ua(t.hash,c,h,u,1===e,2===e);return Aa(await ma(t.cipher,r,i))}catch(e){y=e}throw y},encrypt:async function(e,t,r,i,a){const n=va(r),s=new ci(e);hi(s,i);const{publicKey:o,sharedKey:c}=await Da(s,i),u=Pa(I.publicKey.ecdh,e,t,a),{keySize:h}=te(t.cipher),y=await Ua(t.hash,c,h,u);return{publicKey:o,wrappedKey:await fa(t.cipher,y,n)}},validateParams:async function(e,t,r){return ui(I.publicKey.ecdh,e,t,r)}});const Ta=R.getWebCrypto();async function _a(e,t,r,i,a){const n=I.read(I.webHash,e);if(!n)throw Error("Hash algo not supported with HKDF");const s=await Ta.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Ta.deriveBits({name:"HKDF",hash:n,salt:r,info:i},s,8*a);return new Uint8Array(o)}const Ra={x25519:R.encodeUTF8("OpenPGP X25519"),x448:R.encodeUTF8("OpenPGP X448")};var Ma=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,a){switch(e){case I.publicKey.x25519:{const e=tr.scalarMult(a,t),n=R.concatUint8Array([t,i,e]),s=I.symmetric.aes128,{keySize:o}=te(s);return ma(s,await _a(I.hash.sha256,n,new Uint8Array,Ra.x25519,o),r)}case I.publicKey.x448:{const e=(await R.getNobleCurve(I.publicKey.x448)).getSharedSecret(a,t),n=R.concatUint8Array([t,i,e]),s=I.symmetric.aes256,{keySize:o}=te(I.symmetric.aes256);return ma(s,await _a(I.hash.sha512,n,new Uint8Array,Ra.x448,o),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){switch(e){case I.publicKey.x25519:{const e=Tt(32),i=tr.scalarMult(e,r),{publicKey:a}=tr.box.keyPair.fromSecretKey(e),n=R.concatUint8Array([a,r,i]),s=I.symmetric.aes128,{keySize:o}=te(s),c=await _a(I.hash.sha256,n,new Uint8Array,Ra.x25519,o);return{ephemeralPublicKey:a,wrappedKey:await fa(s,c,t)}}case I.publicKey.x448:{const e=await R.getNobleCurve(I.publicKey.x448),i=e.utils.randomPrivateKey(),a=e.getSharedSecret(i,r),n=e.getPublicKey(i),s=R.concatUint8Array([n,r,a]),o=I.symmetric.aes256,{keySize:c}=te(I.symmetric.aes256),u=await _a(I.hash.sha512,s,new Uint8Array,Ra.x448,c);return{ephemeralPublicKey:n,wrappedKey:await fa(o,u,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:async function(e){switch(e){case I.publicKey.x25519:{const e=Tt(32),{publicKey:t}=tr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case I.publicKey.x448:{const e=await R.getNobleCurve(I.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}},getPayloadSize:function(e){switch(e){case I.publicKey.x25519:return 32;case I.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}},validateParams:async function(e,t,r){switch(e){case I.publicKey.x25519:{const{publicKey:e}=tr.box.keyPair.fromSecretKey(r);return R.equalsUint8Array(t,e)}case I.publicKey.x448:{const e=(await R.getNobleCurve(I.publicKey.x448)).getPublicKey(r);return R.equalsUint8Array(t,e)}default:return!1}}}),Fa=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:ci,ecdh:Ia,ecdhX:Ma,ecdsa:ki,eddsa:ga,eddsaLegacy:ya,generate:async function(e){const t=new ci(e),{oid:r,hash:i,cipher:a}=t,n=await t.genKeyPair();return{oid:r,Q:n.publicKey,secret:R.leftPad(n.privateKey,t.payloadSize),hash:i,cipher:a}},getPreferredHashAlgo:function(e){return oi[e.getName()].hash}});const La=BigInt(0),Na=BigInt(1);var Oa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,a,n){const s=BigInt(0);let o,c,u,h;i=At(i),a=At(a),r=At(r),n=At(n),r=Et(r,i),n=Et(n,a);const y=Et(At(t.subarray(0,xt(a))),a);for(;;){if(o=_t(Na,a),c=Et(Kt(r,o,i),a),c===s)continue;const e=Et(n*c,a);if(h=Et(y+e,a),u=Et(Pt(o,a)*h,a),u!==s)break}return{r:Bt(c,"be",xt(i)),s:Bt(u,"be",xt(i))}},validateParams:async function(e,t,r,i,a){if(e=At(e),t=At(t),r=At(r),i=At(i),r<=Na||r>=e)return!1;if(Et(e-Na,t)!==La)return!1;if(Kt(r,t,e)!==Na)return!1;const n=BigInt(Ct(t));if(n<BigInt(150)||!Lt(t,null,32))return!1;a=At(a);const s=BigInt(2);return i===Kt(r,t*_t(s<<n-Na,s<<n)+a,e)},verify:async function(e,t,r,i,a,n,s,o){if(t=At(t),r=At(r),n=At(n),s=At(s),a=At(a),o=At(o),t<=La||t>=s||r<=La||r>=s)return R.printDebug("invalid DSA Signature"),!1;const c=Et(At(i.subarray(0,xt(s))),s),u=Pt(r,s);if(u===La)return R.printDebug("invalid DSA Signature"),!1;a=Et(a,n),o=Et(o,n);const h=Et(c*u,s),y=Et(t*u,s);return Et(Et(Kt(a,h,n)*Kt(o,y,n),n),s)===t}});const za=new Set([I.hash.sha1,I.hash.sha256,I.hash.sha512]),Ha=R.getWebCrypto(),ja=R.getNodeCrypto();var Ga={rsa:Qt,elgamal:Jt,elliptic:Fa,dsa:Oa,hmac:/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!za.has(e))throw Error("Unsupported hash algorithm.");const t=I.read(I.webHash,e),r=Ha||ja.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),a=await r.exportKey("raw",i);return new Uint8Array(a)},sign:async function(e,t,r){if(!za.has(e))throw Error("Unsupported hash algorithm.");const i=I.read(I.webHash,e),a=Ha||ja.webcrypto.subtle,n=await a.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await a.sign("HMAC",n,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!za.has(e))throw Error("Unsupported hash algorithm.");const a=I.read(I.webHash,e),n=Ha||ja.webcrypto.subtle,s=await n.importKey("raw",t,{name:"HMAC",hash:{name:a}},!1,["verify"]);return n.verify("HMAC",s,r,i)}})};class qa{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!R.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return R.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var Va=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const e=R.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case I.publicKey.dsa:case I.publicKey.ecdsa:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case I.publicKey.eddsaLegacy:{let e=R.readMPI(t.subarray(r));r+=e.length+2,e=R.leftPad(e,32);let i=R.readMPI(t.subarray(r));return r+=i.length+2,i=R.leftPad(i,32),{read:r,signatureParams:{r:e,s:i}}}case I.publicKey.ed25519:case I.publicKey.ed448:{const i=2*Ga.elliptic.eddsa.getPayloadSize(e),a=R.readExactSubarray(t,r,r+i);return r+=a.length,{read:r,signatureParams:{RS:a}}}case I.publicKey.hmac:{const e=new qa;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}default:throw new Jr("Unknown signature algorithm.")}},sign:async function(e,t,r,i,a,n){if(!r||!i)throw Error("Missing key parameters");switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Ga.rsa.sign(t,a,e,s,o,c,u,h,n)}}case I.publicKey.dsa:{const{g:e,p:a,q:s}=r,{x:o}=i;return Ga.dsa.sign(t,n,e,a,s,o)}case I.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case I.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return Ga.elliptic.ecdsa.sign(e,t,a,s,o,n)}case I.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return Ga.elliptic.eddsaLegacy.sign(e,t,a,s,o,n)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return Ga.elliptic.eddsa.sign(e,t,a,s,o,n)}case I.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,a=await Ga.hmac.sign(e.getValue(),t,n);return{mac:new qa(a)}}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,a,n,s){switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.rsaSign:{const{n:e,e:a}=i,o=R.leftPad(r.s,e.length);return Ga.rsa.verify(t,n,o,e,a,s)}case I.publicKey.dsa:{const{g:e,p:a,q:n,y:o}=i,{r:c,s:u}=r;return Ga.dsa.verify(t,c,u,s,e,a,n,o)}case I.publicKey.ecdsa:{const{oid:e,Q:a}=i,o=new Ga.elliptic.CurveWithOID(e).payloadSize,c=R.leftPad(r.r,o),u=R.leftPad(r.s,o);return Ga.elliptic.ecdsa.verify(e,t,{r:c,s:u},n,a,s)}case I.publicKey.eddsaLegacy:{const{oid:e,Q:a}=i;return Ga.elliptic.eddsaLegacy.verify(e,t,r,n,a,s)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:a}=i;return Ga.elliptic.eddsa.verify(e,t,r,n,a,s)}case I.publicKey.hmac:{if(!a)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=a;return Ga.hmac.verify(e.getValue(),t,r.mac.data,s)}default:throw Error("Unknown signature algorithm.")}}});class Wa{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return R.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class $a{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:a}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=a}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new Jr("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return R.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const Za=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=I.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return I.read(e,this.data)}getValue(){return this.data}},Xa=Za(I.aead),Qa=Za(I.symmetric),Ya=Za(I.hash);class Ja{static fromObject({wrappedKey:e,algorithm:t}){const r=new Ja;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=R.readExactSubarray(e,t,t+r),t+=r}write(){return R.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function en(e,t){const r=Tt(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await we.sha256(r)}}}function tn(e){const{keySize:t}=te(e);return Tt(t)}function rn(e){const t=I.read(I.aead,e);return bt[t]}function an(e){try{e.getName()}catch(e){throw new Jr("Unknown curve OID")}}function nn(e,t){switch(e){case I.publicKey.ecdsa:case I.publicKey.ecdh:case I.publicKey.eddsaLegacy:return new Ga.elliptic.CurveWithOID(t).payloadSize;case I.publicKey.ed25519:case I.publicKey.ed448:return Ga.elliptic.eddsa.getPayloadSize(e);case I.publicKey.x25519:case I.publicKey.x448:return Ga.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var sn=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:return Ga.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:a,u:n})=>({privateParams:{d:r,p:i,q:a,u:n},publicParams:{n:e,e:t}})));case I.publicKey.ecdsa:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new qr(e),Q:t}})));case I.publicKey.eddsaLegacy:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new qr(e),Q:t}})));case I.publicKey.ecdh:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:a})=>({privateParams:{d:r},publicParams:{oid:new qr(e),Q:t,kdfParams:new $a({hash:i,cipher:a})}})));case I.publicKey.ed25519:case I.publicKey.ed448:return Ga.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case I.publicKey.x25519:case I.publicKey.x448:return Ga.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case I.publicKey.hmac:return en(await Ga.hmac.generate(i),new Ya(i));case I.publicKey.aead:return en(tn(i),new Qa(i));case I.publicKey.dsa:case I.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:tn,getAEADMode:rn,getCipherParams:te,getCurvePayloadSize:nn,getPreferredCurveHashAlgo:function(e,t){switch(e){case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:return Ga.elliptic.getPreferredHashAlgo(t);case I.publicKey.ed25519:case I.publicKey.ed448:return Ga.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=te(e),r=await Tt(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return R.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:return{c:R.readMPI(t.subarray(r))};case I.publicKey.elgamal:{const e=R.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:R.readMPI(t.subarray(r))}}case I.publicKey.ecdh:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=new Wa;return i.read(t.subarray(r)),{V:e,C:i}}case I.publicKey.x25519:case I.publicKey.x448:{const i=nn(e),a=R.readExactSubarray(t,r,r+i);r+=a.length;const n=new Ja;return n.read(t.subarray(r)),{ephemeralPublicKey:a,C:n}}case I.publicKey.aead:{const e=new Xa;r+=e.read(t.subarray(r));const{ivLength:i}=rn(e.getValue()),a=t.subarray(r,r+i);r+=i;const n=new qa;return r+=n.read(t.subarray(r)),{aeadMode:e,iv:a,c:n}}default:throw new Jr("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:function(e,t,r){let i=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const e=R.readMPI(t.subarray(i));i+=e.length+2;const r=R.readMPI(t.subarray(i));i+=r.length+2;const a=R.readMPI(t.subarray(i));i+=a.length+2;const n=R.readMPI(t.subarray(i));return i+=n.length+2,{read:i,privateParams:{d:e,p:r,q:a,u:n}}}case I.publicKey.dsa:case I.publicKey.elgamal:{const e=R.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case I.publicKey.ecdsa:case I.publicKey.ecdh:{const a=nn(e,r.oid);let n=R.readMPI(t.subarray(i));return i+=n.length+2,n=R.leftPad(n,a),{read:i,privateParams:{d:n}}}case I.publicKey.eddsaLegacy:{const a=nn(e,r.oid);if(r.oid.getName()!==I.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let n=R.readMPI(t.subarray(i));return i+=n.length+2,n=R.leftPad(n,a),{read:i,privateParams:{seed:n}}}case I.publicKey.ed25519:case I.publicKey.ed448:{const r=nn(e),a=R.readExactSubarray(t,i,i+r);return i+=a.length,{read:i,privateParams:{seed:a}}}case I.publicKey.x25519:case I.publicKey.x448:{const r=nn(e),a=R.readExactSubarray(t,i,i+r);return i+=a.length,{read:i,privateParams:{k:a}}}case I.publicKey.hmac:{const{cipher:e}=r,a=we.getHashByteLength(e.getValue()),n=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}case I.publicKey.aead:{const{cipher:e}=r,a=t.subarray(i,i+32);i+=32;const{keySize:n}=te(e.getValue()),s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}default:throw new Jr("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case I.publicKey.dsa:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));r+=i.length+2;const a=R.readMPI(t.subarray(r));r+=a.length+2;const n=R.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,q:i,g:a,y:n}}}case I.publicKey.elgamal:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));r+=i.length+2;const a=R.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,g:i,y:a}}}case I.publicKey.ecdsa:{const e=new qr;r+=e.read(t),an(e);const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case I.publicKey.eddsaLegacy:{const e=new qr;if(r+=e.read(t),an(e),e.getName()!==I.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=R.readMPI(t.subarray(r));return r+=i.length+2,i=R.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case I.publicKey.ecdh:{const e=new qr;r+=e.read(t),an(e);const i=R.readMPI(t.subarray(r));r+=i.length+2;const a=new $a;return r+=a.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:a}}}case I.publicKey.ed25519:case I.publicKey.ed448:case I.publicKey.x25519:case I.publicKey.x448:{const i=R.readExactSubarray(t,r,r+nn(e));return r+=i.length,{read:r,publicParams:{A:i}}}case I.publicKey.hmac:case I.publicKey.aead:{const e=new Qa;r+=e.read(t);const i=we.getHashByteLength(I.hash.sha256),a=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:a}}}default:throw new Jr("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,a,n){switch(e){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:{const{c:e}=i,{n:a,e:s}=t,{d:o,p:c,q:u,u:h}=r;return Ga.rsa.decrypt(e,a,s,o,c,u,h,n)}case I.publicKey.elgamal:{const{c1:e,c2:a}=i,s=t.p,o=r.x;return Ga.elgamal.decrypt(e,a,s,o,n)}case I.publicKey.ecdh:{const{oid:e,Q:n,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Ga.elliptic.ecdh.decrypt(e,s,c,u.data,n,o,a)}case I.publicKey.x25519:case I.publicKey.x448:{const{A:a}=t,{k:n}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!R.isAES(o.algorithm))throw Error("AES session key expected");return Ga.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,a,n)}case I.publicKey.aead:{const{cipher:e}=t,a=e.getValue(),{keyMaterial:n}=r,{aeadMode:s,iv:o,c}=i,u=rn(s.getValue());return(await u(a,n)).decrypt(c.data,o,new Uint8Array)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,a,n){switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ga.rsa.encrypt(a,e,t)}}case I.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return Ga.elgamal.encrypt(a,e,t,i)}case I.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Ga.elliptic.ecdh.encrypt(e,i,a,t,n);return{V:s,C:new Wa(o)}}case I.publicKey.x25519:case I.publicKey.x448:{if(t&&!R.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:n,wrappedKey:s}=await Ga.elliptic.ecdhX.encrypt(e,a,i);return{ephemeralPublicKey:n,C:Ja.fromObject({algorithm:t,wrappedKey:s})}}case I.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:n}=i,s=T.preferredAEADAlgorithm,o=rn(T.preferredAEADAlgorithm),{ivLength:c}=o,u=Tt(c),h=await o(t,n),y=await h.encrypt(a,u,new Uint8Array);return{aeadMode:new Xa(s),iv:u,c:new qa(y)}}default:return[]}},serializeParams:function(e,t){const r=new Set([I.publicKey.ed25519,I.publicKey.x25519,I.publicKey.ed448,I.publicKey.x448,I.publicKey.aead,I.publicKey.hmac]),i=Object.keys(t).map((i=>{const a=t[i];return R.isUint8Array(a)?r.has(e)?a:R.uint8ArrayToMPI(a):a.write()}));return R.concatUint8Array(i)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:{const{n:e,e:i}=t,{d:a,p:n,q:s,u:o}=r;return Ga.rsa.validateParams(e,i,a,n,s,o)}case I.publicKey.dsa:{const{p:e,q:i,g:a,y:n}=t,{x:s}=r;return Ga.dsa.validateParams(e,i,a,n,s)}case I.publicKey.elgamal:{const{p:e,g:i,y:a}=t,{x:n}=r;return Ga.elgamal.validateParams(e,i,a,n)}case I.publicKey.ecdsa:case I.publicKey.ecdh:{const i=Ga.elliptic[I.read(I.publicKey,e)],{oid:a,Q:n}=t,{d:s}=r;return i.validateParams(a,n,s)}case I.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:a}=r;return Ga.elliptic.eddsaLegacy.validateParams(i,e,a)}case I.publicKey.ed25519:case I.publicKey.ed448:{const{A:i}=t,{seed:a}=r;return Ga.elliptic.eddsa.validateParams(e,i,a)}case I.publicKey.x25519:case I.publicKey.x448:{const{A:i}=t,{k:a}=r;return Ga.elliptic.ecdhX.validateParams(e,i,a)}case I.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:a,keyMaterial:n}=r;return we.getHashByteLength(e.getValue())===n.length&&R.equalsUint8Array(i,await we.sha256(a))}case I.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:a,keyMaterial:n}=r,{keySize:s}=te(e.getValue());return s===n.length&&R.equalsUint8Array(i,await we.sha256(a))}default:throw Error("Unknown public key algorithm.")}}});const on={cipher:re,hash:we,mode:bt,publicKey:Ga,signature:Va,random:Rt,pkcs1:Gt,pkcs5:Ea,aesKW:ka};Object.assign(on,sn);class cn extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,cn),this.name="Argon2OutOfMemoryError"}}let un,hn,yn=2<<19;class ln{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return yn}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){yn=e}static reloadWasmModule(){un&&(hn=un(),hn.catch((()=>{})))}constructor(e=T){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=on.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([I.write(I.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return R.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{un=un||(await import("./argon2id.min.mjs")).default,hn=hn||un();const i=await hn,a=i({version:19,type:2,password:R.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ln.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ln.reloadWasmModule(),a}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new cn("Could not allocate required memory for Argon2"):e}}}class pn{constructor(e,t=T){this.algorithm=I.hash.sha256,this.type=I.read(I.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=on.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==R.uint8ArrayToString(e.subarray(t,t+3)))throw new Jr("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new Jr("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new Jr("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...R.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([I.write(I.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return R.concatUint8Array(e)}async produceKey(e,t){e=R.encodeUTF8(e);const r=[];let i=0,a=0;for(;i<t;){let t;switch(this.type){case"simple":t=R.concatUint8Array([new Uint8Array(a),e]);break;case"salted":t=R.concatUint8Array([new Uint8Array(a),this.salt,e]);break;case"iterated":{const r=R.concatUint8Array([this.salt,e]);let i=r.length;const n=Math.max(this.getCount(),i);t=new Uint8Array(a+n),t.set(r,a);for(let e=a+i;e<n;e+=i,i*=2)t.copyWithin(e,a,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const n=await on.hash.digest(this.algorithm,t);r.push(n),i+=n.length,a++}return R.concatUint8Array(r).subarray(0,t)}}const gn=new Set([I.s2k.argon2,I.s2k.iterated]);function dn(e,t=T){switch(e){case I.s2k.argon2:return new ln(t);case I.s2k.iterated:case I.s2k.gnu:case I.s2k.salted:case I.s2k.simple:return new pn(e,t);default:throw new Jr("Unsupported S2K type")}}function fn(e){const{s2kType:t}=e;if(!gn.has(t))throw Error("The provided `config.s2kType` value is not allowed");return dn(t,e)}var mn=Uint8Array,wn=Uint16Array,bn=Uint32Array,kn=new mn([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),vn=new mn([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),An=new mn([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),En=function(e,t){for(var r=new wn(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var a=new bn(r[30]);for(i=1;i<30;++i)for(var n=r[i];n<r[i+1];++n)a[n]=n-r[i]<<5|i;return[r,a]},Kn=En(kn,2),Sn=Kn[0],Pn=Kn[1];Sn[28]=258,Pn[258]=28;for(var Un=En(vn,0),Dn=Un[0],Cn=Un[1],xn=new wn(32768),Bn=0;Bn<32768;++Bn){var In=(43690&Bn)>>>1|(21845&Bn)<<1;In=(61680&(In=(52428&In)>>>2|(13107&In)<<2))>>>4|(3855&In)<<4,xn[Bn]=((65280&In)>>>8|(255&In)<<8)>>>1}var Tn=function(e,t,r){for(var i=e.length,a=0,n=new wn(t);a<i;++a)e[a]&&++n[e[a]-1];var s,o=new wn(t);for(a=0;a<t;++a)o[a]=o[a-1]+n[a-1]<<1;if(r){s=new wn(1<<t);var c=15-t;for(a=0;a<i;++a)if(e[a])for(var u=a<<4|e[a],h=t-e[a],y=o[e[a]-1]++<<h,l=y|(1<<h)-1;y<=l;++y)s[xn[y]>>>c]=u}else for(s=new wn(i),a=0;a<i;++a)e[a]&&(s[a]=xn[o[e[a]-1]++]>>>15-e[a]);return s},_n=new mn(288);for(Bn=0;Bn<144;++Bn)_n[Bn]=8;for(Bn=144;Bn<256;++Bn)_n[Bn]=9;for(Bn=256;Bn<280;++Bn)_n[Bn]=7;for(Bn=280;Bn<288;++Bn)_n[Bn]=8;var Rn=new mn(32);for(Bn=0;Bn<32;++Bn)Rn[Bn]=5;var Mn=/*#__PURE__*/Tn(_n,9,0),Fn=/*#__PURE__*/Tn(_n,9,1),Ln=/*#__PURE__*/Tn(Rn,5,0),Nn=/*#__PURE__*/Tn(Rn,5,1),On=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},zn=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Hn=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},jn=function(e){return(e+7)/8|0},Gn=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?wn:4==e.BYTES_PER_ELEMENT?bn:mn)(r-t);return i.set(e.subarray(t,r)),i},qn=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],Vn=function(e,t,r){var i=Error(t||qn[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,Vn),!r)throw i;return i},Wn=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},$n=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},Zn=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var a=r.length,n=r.slice();if(!a)return[rs,0];if(1==a){var s=new mn(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,y=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=a-1;)o=r[r[u].f<r[y].f?u++:y++],c=r[u!=h&&r[u].f<r[y].f?u++:y++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var l=n[0].s;for(i=1;i<a;++i)n[i].s>l&&(l=n[i].s);var p=new wn(l+1),g=Xn(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(n.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<a;++i){var w=n[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=n[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=n[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new mn(p),g]},Xn=function(e,t,r){return-1==e.s?Math.max(Xn(e.l,t,r+1),Xn(e.r,t,r+1)):t[e.s]=r},Qn=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new wn(++t),i=0,a=e[0],n=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==a&&o!=t)++n;else{if(!a&&n>2){for(;n>138;n-=138)s(32754);n>2&&(s(n>10?n-11<<5|28690:n-3<<5|12305),n=0)}else if(n>3){for(s(a),--n;n>6;n-=6)s(8304);n>2&&(s(n-3<<5|8208),n=0)}for(;n--;)s(a);n=1,a=e[o]}return[r.subarray(0,i),t]},Yn=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Jn=function(e,t,r){var i=r.length,a=jn(t+2);e[a]=255&i,e[a+1]=i>>>8,e[a+2]=255^e[a],e[a+3]=255^e[a+1];for(var n=0;n<i;++n)e[a+n+4]=r[n];return 8*(a+4+i)},es=function(e,t,r,i,a,n,s,o,c,u,h){Wn(t,h++,r),++a[256];for(var y=Zn(a,15),l=y[0],p=y[1],g=Zn(n,15),d=g[0],f=g[1],m=Qn(l),w=m[0],b=m[1],k=Qn(d),v=k[0],A=k[1],E=new wn(19),K=0;K<w.length;++K)E[31&w[K]]++;for(K=0;K<v.length;++K)E[31&v[K]]++;for(var S=Zn(E,7),P=S[0],U=S[1],D=19;D>4&&!P[An[D-1]];--D);var C,x,B,I,T=u+5<<3,_=Yn(a,_n)+Yn(n,Rn)+s,R=Yn(a,l)+Yn(n,d)+s+14+3*D+Yn(E,P)+(2*E[16]+3*E[17]+7*E[18]);if(T<=_&&T<=R)return Jn(t,h,e.subarray(c,c+u));if(Wn(t,h,1+(R<_)),h+=2,R<_){C=Tn(l,p,0),x=l,B=Tn(d,f,0),I=d;var M=Tn(P,U,0);Wn(t,h,b-257),Wn(t,h+5,A-1),Wn(t,h+10,D-4),h+=14;for(K=0;K<D;++K)Wn(t,h+3*K,P[An[K]]);h+=3*D;for(var F=[w,v],L=0;L<2;++L){var N=F[L];for(K=0;K<N.length;++K){var O=31&N[K];Wn(t,h,M[O]),h+=P[O],O>15&&(Wn(t,h,N[K]>>>5&127),h+=N[K]>>>12)}}}else C=Mn,x=_n,B=Ln,I=Rn;for(K=0;K<o;++K)if(i[K]>255){O=i[K]>>>18&31;$n(t,h,C[O+257]),h+=x[O+257],O>7&&(Wn(t,h,i[K]>>>23&31),h+=kn[O]);var z=31&i[K];$n(t,h,B[z]),h+=I[z],z>3&&($n(t,h,i[K]>>>5&8191),h+=vn[z])}else $n(t,h,C[i[K]]),h+=x[i[K]];return $n(t,h,C[256]),h+x[256]},ts=/*#__PURE__*/new bn([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),rs=/*#__PURE__*/new mn(0),is=function(e,t,r,i,a){return function(e,t,r,i,a,n){var s=e.length,o=new mn(i+s+5*(1+Math.ceil(s/7e3))+a),c=o.subarray(i,o.length-a),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var y=h+65535;y>=s&&(c[u>>3]=n),u=Jn(c,u+1,e.subarray(h,y))}else{for(var l=ts[t-1],p=l>>>13,g=8191&l,d=(1<<r)-1,f=new wn(32768),m=new wn(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new bn(25e3),A=new wn(288),E=new wn(32),K=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var C=k(h),x=32767&h,B=m[C];if(f[x]=B,m[C]=x,U<=h){var I=s-h;if((K>7e3||P>24576)&&I>423){u=es(e,c,0,v,A,E,S,P,D,h-D,u),P=K=S=0,D=h;for(var T=0;T<286;++T)A[T]=0;for(T=0;T<30;++T)E[T]=0}var _=2,R=0,M=g,F=x-B&32767;if(I>2&&C==k(h-F))for(var L=Math.min(p,I)-1,N=Math.min(32767,h),O=Math.min(258,I);F<=N&&--M&&x!=B;){if(e[h+_]==e[h+_-F]){for(var z=0;z<O&&e[h+z]==e[h+z-F];++z);if(z>_){if(_=z,R=F,z>L)break;var H=Math.min(F,z-2),j=0;for(T=0;T<H;++T){var G=h-F+T+32768&32767,q=G-f[G]+32768&32767;q>j&&(j=q,B=G)}}}F+=(x=B)-(B=f[x])+32768&32767}if(R){v[P++]=268435456|Pn[_]<<18|Cn[R];var V=31&Pn[_],W=31&Cn[R];S+=kn[V]+vn[W],++A[257+V],++E[W],U=h+_,++K}else v[P++]=e[h],++A[e[h]]}}u=es(e,c,n,v,A,E,S,P,D,h-D,u),!n&&7&u&&(u=Jn(c,u+1,rs))}return Gn(o,0,i+jn(u)+a)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!a)},as=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(is(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||Vn(5),this.d&&Vn(4),this.d=t,this.p(e,t||!1)},e}(),ns=/*#__PURE__*/function(){function e(e){this.s={},this.p=new mn(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||Vn(5),this.d&&Vn(4);var t=this.p.length,r=new mn(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new mn(0);var a=!t||r,n=!r||r.i;r||(r={}),t||(t=new mn(3*i));var s=function(e){var r=t.length;if(e>r){var i=new mn(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,y=r.d,l=r.m,p=r.n,g=8*i;do{if(!h){o=zn(e,c,1);var d=zn(e,c+1,3);if(c+=3,!d){var f=e[(U=jn(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){n&&Vn(0);break}a&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=Fn,y=Nn,l=9,p=5;else if(2==d){var w=zn(e,c,31)+257,b=zn(e,c+10,15)+4,k=w+zn(e,c+5,31)+1;c+=14;for(var v=new mn(k),A=new mn(19),E=0;E<b;++E)A[An[E]]=zn(e,c+3*E,7);c+=3*b;var K=On(A),S=(1<<K)-1,P=Tn(A,K,1);for(E=0;E<k;){var U,D=P[zn(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[E++]=U;else{var C=0,x=0;for(16==U?(x=3+zn(e,c,3),c+=2,C=v[E-1]):17==U?(x=3+zn(e,c,7),c+=3):18==U&&(x=11+zn(e,c,127),c+=7);x--;)v[E++]=C}}var B=v.subarray(0,w),I=v.subarray(w);l=On(B),p=On(I),h=Tn(B,l,1),y=Tn(I,p,1)}else Vn(1);if(c>g){n&&Vn(0);break}}a&&s(u+131072);for(var T=(1<<l)-1,_=(1<<p)-1,R=c;;R=c){var M=(C=h[Hn(e,c)&T])>>>4;if((c+=15&C)>g){n&&Vn(0);break}if(C||Vn(2),M<256)t[u++]=M;else{if(256==M){R=c,h=null;break}var F=M-254;if(M>264){var L=kn[E=M-257];F=zn(e,c,(1<<L)-1)+Sn[E],c+=L}var N=y[Hn(e,c)&_],O=N>>>4;if(N||Vn(3),c+=15&N,I=Dn[O],O>3&&(L=vn[O],I+=Hn(e,c)&(1<<L)-1,c+=L),c>g){n&&Vn(0);break}a&&s(u+131072);for(var z=u+F;u<z;u+=4)t[u]=t[u-I],t[u+1]=t[u+1-I],t[u+2]=t[u+2-I],t[u+3]=t[u+3-I];u=z}}r.l=h,r.p=R,r.b=u,r.f=o,h&&(o=1,r.m=l,r.d=y,r.n=p)}while(!o);return u==t.length?t:Gn(t,0,u)}(this.p,this.o,this.s);this.ondata(Gn(r,t,this.s.b),this.d),this.o=Gn(r,this.s.b-32768),this.s.b=this.o.length,this.p=Gn(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),ss=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,a=i,n=0|e.length,s=0;s!=n;){for(var o=Math.min(s+2655,n);s<o;++s)a+=t+=e[s];t=(65535&t)+15*(t>>16),a=(65535&a)+15*(a>>16)}r=t,i=a},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,as.call(this,e,t)}return e.prototype.push=function(e,t){as.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=is(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),os=/*#__PURE__*/function(){function e(e){this.v=1,ns.call(this,e)}return e.prototype.push=function(e,t){if(ns.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&Vn(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),ns.prototype.c.call(this,t)},e}(),cs="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{cs.decode(rs,{stream:!0}),1}catch(e){}var us=[0,1,3,7,15,31,63,127,255],hs=function(e){this.stream=e,this.bitOffset=0,this.curByte=0,this.hasByte=!1};hs.prototype._ensureByte=function(){this.hasByte||(this.curByte=this.stream.readByte(),this.hasByte=!0)},hs.prototype.read=function(e){for(var t=0;e>0;){this._ensureByte();var r=8-this.bitOffset;if(e>=r)t<<=r,t|=us[r]&this.curByte,this.hasByte=!1,this.bitOffset=0,e-=r;else{t<<=e;var i=r-e;t|=(this.curByte&us[e]<<i)>>i,this.bitOffset+=e,e=0}}return t},hs.prototype.seek=function(e){var t=e%8,r=(e-t)/8;this.bitOffset=t,this.stream.seek(r),this.hasByte=!1},hs.prototype.pi=function(){var e,t=new Uint8Array(6);for(e=0;e<t.length;e++)t[e]=this.read(8);return function(e){return Array.prototype.map.call(e,(e=>("00"+e.toString(16)).slice(-2))).join("")}(t)};var ys=hs,ls=function(){};ls.prototype.readByte=function(){throw Error("abstract method readByte() not implemented")},ls.prototype.read=function(e,t,r){for(var i=0;i<r;){var a=this.readByte();if(a<0)return 0===i?-1:i;e[t++]=a,i++}return i},ls.prototype.seek=function(e){throw Error("abstract method seek() not implemented")},ls.prototype.writeByte=function(e){throw Error("abstract method readByte() not implemented")},ls.prototype.write=function(e,t,r){var i;for(i=0;i<r;i++)this.writeByte(e[t++]);return r},ls.prototype.flush=function(){};var ps,gs=ls,ds=(ps=new Uint32Array([0,79764919,159529838,222504665,319059676,398814059,445009330,507990021,638119352,583659535,797628118,726387553,890018660,835552979,1015980042,944750013,1276238704,1221641927,1167319070,1095957929,1595256236,1540665371,1452775106,1381403509,1780037320,1859660671,1671105958,1733955601,2031960084,2111593891,1889500026,1952343757,2552477408,2632100695,2443283854,2506133561,2334638140,2414271883,2191915858,2254759653,3190512472,3135915759,3081330742,3009969537,2905550212,2850959411,2762807018,2691435357,3560074640,3505614887,3719321342,3648080713,3342211916,3287746299,3467911202,3396681109,4063920168,4143685023,4223187782,4286162673,3779000052,3858754371,3904687514,3967668269,881225847,809987520,1023691545,969234094,662832811,591600412,771767749,717299826,311336399,374308984,453813921,533576470,25881363,88864420,134795389,214552010,2023205639,2086057648,1897238633,1976864222,1804852699,1867694188,1645340341,1724971778,1587496639,1516133128,1461550545,1406951526,1302016099,1230646740,1142491917,1087903418,2896545431,2825181984,2770861561,2716262478,3215044683,3143675388,3055782693,3001194130,2326604591,2389456536,2200899649,2280525302,2578013683,2640855108,2418763421,2498394922,3769900519,3832873040,3912640137,3992402750,4088425275,4151408268,4197601365,4277358050,3334271071,3263032808,3476998961,3422541446,3585640067,3514407732,3694837229,3640369242,1762451694,1842216281,1619975040,1682949687,2047383090,2127137669,1938468188,2001449195,1325665622,1271206113,1183200824,1111960463,1543535498,1489069629,1434599652,1363369299,622672798,568075817,748617968,677256519,907627842,853037301,1067152940,995781531,51762726,131386257,177728840,240578815,269590778,349224269,429104020,491947555,4046411278,4126034873,4172115296,4234965207,3794477266,3874110821,3953728444,4016571915,3609705398,3555108353,3735388376,3664026991,3290680682,3236090077,3449943556,3378572211,3174993278,3120533705,3032266256,2961025959,2923101090,2868635157,2813903052,2742672763,2604032198,2683796849,2461293480,2524268063,2284983834,2364738477,2175806836,2238787779,1569362073,1498123566,1409854455,1355396672,1317987909,1246755826,1192025387,1137557660,2072149281,2135122070,1912620623,1992383480,1753615357,1816598090,1627664531,1707420964,295390185,358241886,404320391,483945776,43990325,106832002,186451547,266083308,932423249,861060070,1041341759,986742920,613929101,542559546,756411363,701822548,3316196985,3244833742,3425377559,3370778784,3601682597,3530312978,3744426955,3689838204,3819031489,3881883254,3928223919,4007849240,4037393693,4100235434,4180117107,4259748804,2310601993,2373574846,2151335527,2231098320,2596047829,2659030626,2470359227,2550115596,2947551409,2876312838,2788305887,2733848168,3165939309,3094707162,3040238851,2985771188]),function(){var e=4294967295;this.getCRC=function(){return~e>>>0},this.updateCRC=function(t){e=e<<8^ps[255&(e>>>24^t)]},this.updateCRCRun=function(t,r){for(;r-- >0;)e=e<<8^ps[255&(e>>>24^t)]}}),fs=ys,ms=gs,ws=ds,bs=function(e,t){var r,i=e[t];for(r=t;r>0;r--)e[r]=e[r-1];return e[0]=i,i},ks={OK:0,LAST_BLOCK:-1,NOT_BZIP_DATA:-2,UNEXPECTED_INPUT_EOF:-3,UNEXPECTED_OUTPUT_EOF:-4,DATA_ERROR:-5,OUT_OF_MEMORY:-6,OBSOLETE_INPUT:-7,END_OF_BLOCK:-8},vs={};vs[ks.LAST_BLOCK]="Bad file checksum",vs[ks.NOT_BZIP_DATA]="Not bzip data",vs[ks.UNEXPECTED_INPUT_EOF]="Unexpected input EOF",vs[ks.UNEXPECTED_OUTPUT_EOF]="Unexpected output EOF",vs[ks.DATA_ERROR]="Data error",vs[ks.OUT_OF_MEMORY]="Out of memory",vs[ks.OBSOLETE_INPUT]="Obsolete (pre 0.9.5) bzip format not supported.";var As=function(e,t){var r=vs[e]||"unknown error";t&&(r+=": "+t);var i=new TypeError(r);throw i.errorCode=e,i},Es=function(e,t){this.writePos=this.writeCurrent=this.writeCount=0,this._start_bunzip(e,t)};Es.prototype._init_block=function(){return this._get_next_block()?(this.blockCRC=new ws,!0):(this.writeCount=-1,!1)},Es.prototype._start_bunzip=function(e,t){var r=new Uint8Array(4);4===e.read(r,0,4)&&"BZh"===String.fromCharCode(r[0],r[1],r[2])||As(ks.NOT_BZIP_DATA,"bad magic");var i=r[3]-48;(i<1||i>9)&&As(ks.NOT_BZIP_DATA,"level out of range"),this.reader=new fs(e),this.dbufSize=1e5*i,this.nextoutput=0,this.outputStream=t,this.streamCRC=0},Es.prototype._get_next_block=function(){var e,t,r,i=this.reader,a=i.pi();if("177245385090"===a)return!1;"314159265359"!==a&&As(ks.NOT_BZIP_DATA),this.targetBlockCRC=i.read(32)>>>0,this.streamCRC=(this.targetBlockCRC^(this.streamCRC<<1|this.streamCRC>>>31))>>>0,i.read(1)&&As(ks.OBSOLETE_INPUT);var n=i.read(24);n>this.dbufSize&&As(ks.DATA_ERROR,"initial position out of bounds");var s=i.read(16),o=new Uint8Array(256),c=0;for(e=0;e<16;e++)if(s&1<<15-e){var u=16*e;for(r=i.read(16),t=0;t<16;t++)r&1<<15-t&&(o[c++]=u+t)}var h=i.read(3);(h<2||h>6)&&As(ks.DATA_ERROR);var y=i.read(15);0===y&&As(ks.DATA_ERROR);var l=new Uint8Array(256);for(e=0;e<h;e++)l[e]=e;var p=new Uint8Array(y);for(e=0;e<y;e++){for(t=0;i.read(1);t++)t>=h&&As(ks.DATA_ERROR);p[e]=bs(l,t)}var g,d=c+2,f=[];for(t=0;t<h;t++){var m,w,b=new Uint8Array(d),k=new Uint16Array(21);for(s=i.read(5),e=0;e<d;e++){for(;(s<1||s>20)&&As(ks.DATA_ERROR),i.read(1);)i.read(1)?s--:s++;b[e]=s}for(m=w=b[0],e=1;e<d;e++)b[e]>w?w=b[e]:b[e]<m&&(m=b[e]);g={},f.push(g),g.permute=new Uint16Array(258),g.limit=new Uint32Array(22),g.base=new Uint32Array(21),g.minLen=m,g.maxLen=w;var v=0;for(e=m;e<=w;e++)for(k[e]=g.limit[e]=0,s=0;s<d;s++)b[s]===e&&(g.permute[v++]=s);for(e=0;e<d;e++)k[b[e]]++;for(v=s=0,e=m;e<w;e++)v+=k[e],g.limit[e]=v-1,v<<=1,s+=k[e],g.base[e+1]=v-s;g.limit[w+1]=Number.MAX_VALUE,g.limit[w]=v+k[w]-1,g.base[m]=0}var A=new Uint32Array(256);for(e=0;e<256;e++)l[e]=e;var E,K=0,S=0,P=0,U=this.dbuf=new Uint32Array(this.dbufSize);for(d=0;;){for(d--||(d=49,P>=y&&As(ks.DATA_ERROR),g=f[p[P++]]),e=g.minLen,t=i.read(e);e>g.maxLen&&As(ks.DATA_ERROR),!(t<=g.limit[e]);e++)t=t<<1|i.read(1);((t-=g.base[e])<0||t>=258)&&As(ks.DATA_ERROR);var D=g.permute[t];if(0!==D&&1!==D){if(K)for(K=0,S+s>this.dbufSize&&As(ks.DATA_ERROR),A[E=o[l[0]]]+=s;s--;)U[S++]=E;if(D>c)break;S>=this.dbufSize&&As(ks.DATA_ERROR),A[E=o[E=bs(l,e=D-1)]]++,U[S++]=E}else K||(K=1,s=0),s+=0===D?K:2*K,K<<=1}for((n<0||n>=S)&&As(ks.DATA_ERROR),t=0,e=0;e<256;e++)r=t+A[e],A[e]=t,t=r;for(e=0;e<S;e++)U[A[E=255&U[e]]]|=e<<8,A[E]++;var C=0,x=0,B=0;return S&&(x=255&(C=U[n]),C>>=8,B=-1),this.writePos=C,this.writeCurrent=x,this.writeCount=S,this.writeRun=B,!0},Es.prototype._read_bunzip=function(e,t){var r,i,a;if(this.writeCount<0)return 0;var n=this.dbuf,s=this.writePos,o=this.writeCurrent,c=this.writeCount;this.outputsize;for(var u=this.writeRun;c;){for(c--,i=o,o=255&(s=n[s]),s>>=8,3==u++?(r=o,a=i,o=-1):(r=1,a=o),this.blockCRC.updateCRCRun(a,r);r--;)this.outputStream.writeByte(a),this.nextoutput++;o!=i&&(u=0)}return this.writeCount=c,this.blockCRC.getCRC()!==this.targetBlockCRC&&As(ks.DATA_ERROR,"Bad block CRC (got "+this.blockCRC.getCRC().toString(16)+" expected "+this.targetBlockCRC.toString(16)+")"),this.nextoutput};var Ks=function(e){if("readByte"in e)return e;var t=new ms;return t.pos=0,t.readByte=function(){return e[this.pos++]},t.seek=function(e){this.pos=e},t.eof=function(){return this.pos>=e.length},t},Ss=function(e){var t=new ms,r=!0;if(e)if("number"==typeof e)t.buffer=new Uint8Array(e),r=!1;else{if("writeByte"in e)return e;t.buffer=e,r=!1}else t.buffer=new Uint8Array(16384);return t.pos=0,t.writeByte=function(e){if(r&&this.pos>=this.buffer.length){var t=new Uint8Array(2*this.buffer.length);t.set(this.buffer),this.buffer=t}this.buffer[this.pos++]=e},t.getBuffer=function(){if(this.pos!==this.buffer.length){if(!r)throw new TypeError("outputsize does not match decoded input");var e=new Uint8Array(this.pos);e.set(this.buffer.subarray(0,this.pos)),this.buffer=e}return this.buffer},t._coerced=!0,t};var Ps=function(e,t,r){for(var i=Ks(e),a=Ss(t),n=new Es(i,a);!("eof"in i)||!i.eof();)if(n._init_block())n._read_bunzip();else{var s=n.reader.read(32)>>>0;if(s!==n.streamCRC&&As(ks.DATA_ERROR,"Bad stream CRC (got "+n.streamCRC.toString(16)+" expected "+s.toString(16)+")"),!r||!("eof"in i)||i.eof())break;n._start_bunzip(i,a)}if("getBuffer"in a)return a.getBuffer()};class Us{static get tag(){return I.packet.literalData}constructor(e=new Date){this.format=I.literal.utf8,this.date=R.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=I.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||R.isStream(this.text))&&(this.text=R.decodeUTF8(R.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=R.canonicalizeEOL(R.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await v(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=R.decodeUTF8(await e.readBytes(r)),this.date=R.readDate(await e.readBytes(4));let i=e.remainder();n(i)&&(i=await P(i)),this.setBytes(i,t)}))}writeHeader(){const e=R.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=R.writeDate(this.date);return R.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return R.concat([e,t])}}class Ds{constructor(){this.bytes=""}read(e){return this.bytes=R.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return R.stringToUint8Array(this.bytes)}toHex(){return R.uint8ArrayToHex(R.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new Ds;return t.read(R.hexToUint8Array(e)),t}static wildcard(){const e=new Ds;return e.read(new Uint8Array(8)),e}}const Cs=Symbol("verified"),xs="salt@notations.openpgpjs.org",Bs=new Set([I.signatureSubpacket.issuerKeyID,I.signatureSubpacket.issuerFingerprint,I.signatureSubpacket.embeddedSignature]);class Is{static get tag(){return I.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new Ds,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[Cs]=null}read(e,t=T){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Jr("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new Jr(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:a,signatureParams:n}=on.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(a<i.length)throw Error("Error reading MPIs");this.params=n}writeParams(){return this.params instanceof Promise?D((async()=>on.serializeParams(this.publicKeyAlgorithm,await this.params))):on.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),R.concat(e)}async sign(e,t,r=new Date,i=!1,a){this.version=e.version,this.created=R.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const n=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=_s(this.hashAlgorithm);if(null===this.salt)this.salt=on.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(a.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===xs)).length)throw Error("Unexpected existing salt notation");{const e=on.random.getRandomBytes(_s(this.hashAlgorithm));this.rawNotations.push({name:xs,value:e,humanReadable:!1,critical:!1})}}n.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=R.concat(n);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=S(A(o),0,2);const c=async()=>on.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await P(o));R.isStream(o)?this.params=c():(this.params=await c(),this[Cs]=!0)}writeHashedSubPackets(){const e=I.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Ts(e.signatureCreationTime,!0,R.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Ts(e.signatureExpirationTime,!0,R.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Ts(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Ts(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Ts(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Ts(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Ts(e.keyExpirationTime,!0,R.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Ts(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=R.concat([r,this.revocationKeyFingerprint]),t.push(Ts(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Ts(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:a,humanReadable:n,critical:s})=>{r=[new Uint8Array([n?128:0,0,0,0])];const o=R.encodeUTF8(i);r.push(R.writeNumber(o.length,2)),r.push(R.writeNumber(a.length,2)),r.push(o),r.push(a),r=R.concat(r),t.push(Ts(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Ts(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Ts(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.keyServerPreferences)),t.push(Ts(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Ts(e.preferredKeyServer,!1,R.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Ts(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Ts(e.policyURI,!1,R.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.keyFlags)),t.push(Ts(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Ts(e.signersUserID,!1,R.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=R.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Ts(e.reasonForRevocation,!0,r))),null!==this.features&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.features)),t.push(Ts(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(R.stringToUint8Array(this.signatureTargetHash)),r=R.concat(r),t.push(Ts(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Ts(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=R.concat(r),t.push(Ts(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Ts(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Ts(e.preferredCipherSuites,!1,r)));const i=R.concat(t),a=R.writeNumber(i.length,6===this.version?4:2);return R.concat([a,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Ts(e,t,r))),t=R.concat(e),r=R.writeNumber(t.length,6===this.version?4:2);return R.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),a=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:a,critical:i,body:e.subarray(r,e.length)}),Bs.has(a)))switch(a){case I.signatureSubpacket.signatureCreationTime:this.created=R.readDate(e.subarray(r,e.length));break;case I.signatureSubpacket.signatureExpirationTime:{const t=R.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case I.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case I.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case I.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case I.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case I.signatureSubpacket.keyExpirationTime:{const t=R.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case I.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case I.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case I.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const a=R.readNumber(e.subarray(r,r+2));r+=2;const n=R.readNumber(e.subarray(r,r+2));r+=2;const s=R.decodeUTF8(e.subarray(r,r+a)),o=e.subarray(r+a,r+a+n);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=R.decodeUTF8(o));break}case I.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=R.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case I.signatureSubpacket.policyURI:this.policyURI=R.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.signersUserID:this.signersUserID=R.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=R.decodeUTF8(e.subarray(r,e.length));break;case I.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=on.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=R.uint8ArrayToString(e.subarray(r,r+t));break}case I.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Is,this.embeddedSignature.read(e.subarray(r,e.length));break;case I.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case I.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case I.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:a,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,a=R.readNumber(e.subarray(0,i));let n=i;for(;n<2+a;){const i=Vr(e.subarray(n,e.length));n+=i.offset,this.readSubPacket(e.subarray(n,n+i.len),t,r),n+=i.len}return n}toSign(e,t){const r=I.signature;switch(e){case r.binary:return null!==t.text?R.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return R.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const a=e.write();return R.concat([this.toSign(r.key,t),new Uint8Array([i]),R.writeNumber(a.length,4),a])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return R.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return b(A(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==I.signature.binary&&this.signatureType!==I.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(R.writeNumber(r,4)),R.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return R.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==_s(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),on.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,a=!1,n=T){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===I.signature.binary||t===I.signature.text;if(!(this[Cs]&&!s)){let i,n;if(this.hashed?n=await this.hashed:(i=this.toHash(t,r,a),n=await this.hash(t,r,i)),n=await P(n),this.signedHashValue[0]!==n[0]||this.signedHashValue[1]!==n[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===I.publicKey.hmac?e.privateParams:null;if(this[Cs]=await on.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,n),!this[Cs])throw Error("Signature verification failed")}const o=R.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(n.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+I.read(I.hash,this.hashAlgorithm).toUpperCase());if(n.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[I.signature.binary,I.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+I.read(I.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&n.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=R.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Ts(e,t,r){const i=[];return i.push(Wr(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),R.concat(i)}function _s(e){switch(e){case I.hash.sha256:return 16;case I.hash.sha384:return 24;case I.hash.sha512:return 32;case I.hash.sha224:case I.hash.sha3_256:return 16;case I.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Rs{static get tag(){return I.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Rs;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Jr(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new Ds,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new Ds,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),R.concatUint8Array(e)}calculateTrailer(...e){return D((async()=>Is.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==I.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!R.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!R.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Ms(e,t){if(!t[e]){let t;try{t=I.read(I.packet,e)}catch(t){throw new ei("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Rs.prototype.hash=Is.prototype.hash,Rs.prototype.toHash=Is.prototype.toHash,Rs.prototype.toSign=Is.prototype.toSign;class Fs extends Array{static async fromBinary(e,t,r=T){const i=new Fs;return await i.read(e,t,r),i}async read(e,t,r=T){r.additionalAllowedPackets.length&&(t={...t,...R.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=k(e,(async(e,i)=>{const a=x(i);try{for(;;){await a.ready;if(await Yr(e,(async e=>{try{if(e.tag===I.packet.marker||e.tag===I.packet.trust||e.tag===I.packet.padding)return;const i=Ms(e.tag,t);i.packets=new Fs,i.fromStream=R.isStream(e.packet),await i.read(e.packet,r),await a.write(i)}catch(t){if(t instanceof ei){if(!(e.tag<=39))return;await a.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof Jr,n=!(r.ignoreMalformedPackets||t instanceof Jr);if(i||n||Qr(e.tag))await a.abort(t);else{const t=new ti(e.tag,e.packet);await a.write(t)}R.printDebugError(t)}})))return await a.ready,void await a.close()}}catch(e){await a.abort(e)}}));const i=C(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Qr(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof ti?this[t].tag:this[t].constructor.tag,i=this[t].write();if(R.isStream(i)&&Qr(this[t].constructor.tag)){let t=[],a=0;const n=512;e.push(Zr(r)),e.push(b(i,(e=>{if(t.push(e),a+=e.length,a>=n){const e=Math.min(Math.log(a)/Math.LN2|0,30),r=2**e,i=R.concat([$r(e)].concat(t));return t=[i.subarray(1+r)],a=t[0].length,i.subarray(0,1+r)}}),(()=>R.concat([Wr(a)].concat(t)))))}else{if(R.isStream(i)){let t=0;e.push(b(A(i),(e=>{t+=e.length}),(()=>Xr(r,t))))}else e.push(Xr(r,i.length));e.push(i)}}return R.concat(e)}filterByTag(...e){const t=new Fs,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let a=0;a<this.length;a++)e.some(i(r[a].constructor.tag))&&t.push(a);return t}}const Ls=/*#__PURE__*/R.constructAllowedPackets([Us,Rs,Is]);class Ns{static get tag(){return I.packet.compressedData}constructor(e=T){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=T){await v(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),R.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=T){const t=I.read(I.compression,this.algorithm),r=Gs[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Fs.fromBinary(r(this.compressed),Ls,e)}compress(){const e=I.read(I.compression,this.algorithm),t=js[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Os(e,t){return r=>{if(!R.isStream(r)||n(r))return D((()=>P(r).then((e=>new Promise(((r,i)=>{const a=new t;a.ondata=e=>{r(e)};try{a.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),a=new t;return new ReadableStream({async start(e){for(a.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void a.push(new Uint8Array,!0);t.length&&a.push(t)}}})}}function zs(e){return function(t){return D((async()=>e(await P(t))))}}const Hs=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),js={zip:/*#__PURE__*/Os(Hs("deflate-raw").compressor,as),zlib:/*#__PURE__*/Os(Hs("deflate").compressor,ss)},Gs={uncompressed:e=>e,zip:/*#__PURE__*/Os(Hs("deflate-raw").decompressor,ns),zlib:/*#__PURE__*/Os(Hs("deflate").decompressor,os),bzip2:/*#__PURE__*/zs(Ps)},qs=/*#__PURE__*/R.constructAllowedPackets([Us,Ns,Rs,Is]);class Vs{static get tag(){return I.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Vs;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await v(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new Jr(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?R.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):R.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=T){let i=this.packets.write();if(n(i)&&(i=await P(i)),2===this.version)this.cipherAlgorithm=e,this.salt=on.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Ws(this,"encrypt",t,i);else{const{blockSize:a}=on.getCipherParams(e),n=await on.getPrefixRandom(e),s=new Uint8Array([211,20]),o=R.concat([n,i,s]),c=await on.hash.sha1(E(o)),u=R.concat([o,c]);this.encrypted=await on.mode.cfb.encrypt(e,t,u,new Uint8Array(a),r)}return!0}async decrypt(e,t,r=T){let i,a=A(this.encrypted);if(n(a)&&(a=await P(a)),2===this.version)i=await Ws(this,"decrypt",t,a);else{const{blockSize:n}=on.getCipherParams(e),s=await on.mode.cfb.decrypt(e,t,a,new Uint8Array(n)),o=S(E(s),-20),c=S(s,0,-20),u=Promise.all([P(await on.hash.sha1(E(c))),P(o)]).then((([e,t])=>{if(!R.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=S(c,n+2);i=S(h,0,-2),i=d([i,D((()=>u))]),R.isStream(a)&&r.allowUnauthenticatedStream||(i=await P(i))}return this.packets=await Fs.fromBinary(i,qs,r),!0}}async function Ws(e,t,r,i){const a=e instanceof Vs&&2===e.version,n=!a&&e.constructor.tag===I.packet.aeadEncryptedData;if(!a&&!n)throw Error("Unexpected packet type");const s=on.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=n?8:0,y=new ArrayBuffer(13+h),l=new Uint8Array(y,0,5+h),p=new Uint8Array(y),g=new DataView(y),d=new Uint8Array(y,5,8);l.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let m,w,b=0,v=Promise.resolve(),A=0,E=0;if(a){const{keySize:t}=on.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,a=new Uint8Array(y,0,5),n=await _a(I.hash.sha256,r,e.salt,a,t+i);r=n.subarray(0,t),m=n.subarray(t),m.fill(0,m.length-8),w=new DataView(m.buffer,m.byteOffset,m.byteLength)}else m=e.iv;const K=await s(e.cipherAlgorithm,r);return k(i,(async(r,i)=>{if("array"!==R.isStream(r)){const t=new TransformStream({},{highWaterMark:R.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});f(t.readable,i),i=t.writable}const n=C(r),s=x(i);try{for(;;){let e=await n.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,y,f;if(e=e.subarray(0,e.length-o),a)f=m;else{f=m.slice();for(let e=0;e<8;e++)f[m.length-8+e]^=d[e]}if(!b||e.length?(n.unshift(r),i=K[t](e,f,l),i.catch((()=>{})),E+=e.length-o+c):(g.setInt32(5+h+4,A),i=K[t](r,f,p),i.catch((()=>{})),E+=c,y=!0),A+=e.length-o,v=v.then((()=>i)).then((async e=>{await s.ready,await s.write(e),E-=e.length})).catch((e=>s.abort(e))),(y||E>s.desiredSize)&&await v,y){await s.close();break}a?w.setInt32(m.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const $s=/*#__PURE__*/R.constructAllowedPackets([Us,Ns,Rs,Is]);class Zs{static get tag(){return I.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=I.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await v(e,(async e=>{const t=await e.readByte();if(1!==t)throw new Jr(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=on.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return R.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=T){this.packets=await Fs.fromBinary(await Ws(this,"decrypt",t,A(this.encrypted)),$s,r)}async encrypt(e,t,r=T){this.cipherAlgorithm=e;const{ivLength:i}=on.getAEADMode(this.aeadAlgorithm);this.iv=on.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const a=this.packets.write();this.encrypted=await Ws(this,"encrypt",t,a)}}class Xs{static get tag(){return I.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new Ds,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:a}){const n=new Xs;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return n.version=e,6===e&&(n.publicKeyVersion=r?null:t.version,n.publicKeyFingerprint=r?null:t.getFingerprintBytes()),n.publicKeyID=r?Ds.wildcard():t.getKeyID(),n.publicKeyAlgorithm=t.algorithm,n.sessionKey=i,n.sessionKeyAlgorithm=a,n}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Jr(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=Ds.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=on.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),this.publicKeyAlgorithm===I.publicKey.x25519||this.publicKeyAlgorithm===I.publicKey.x448)if(3===this.version)this.sessionKeyAlgorithm=I.write(I.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),on.serializeParams(this.publicKeyAlgorithm,this.encrypted)),R.concatUint8Array(e)}async encrypt(e){const t=I.write(I.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),a=Qs(this.version,t,r,this.sessionKey),n=t===I.publicKey.aead?e.privateParams:null;this.encrypted=await on.publicKeyEncrypt(t,r,e.publicParams,n,a,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?Qs(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),a=await on.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:n,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.aead:{const t=r.subarray(0,r.length-2),a=r.subarray(r.length-2),n=R.writeChecksum(t.subarray(t.length%8)),s=n[0]===a[0]&n[1]===a[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:R.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:R.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||I.read(I.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case I.publicKey.x25519:case I.publicKey.x448:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,a,t);3===this.version&&this.publicKeyAlgorithm!==I.publicKey.x25519&&this.publicKeyAlgorithm!==I.publicKey.x448&&(this.sessionKeyAlgorithm=s),this.sessionKey=n}}function Qs(e,t,r,i){switch(t){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.aead:return R.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,R.writeChecksum(i.subarray(i.length%8))]);case I.publicKey.x25519:case I.publicKey.x448:return i;default:throw Error("Unsupported public key algorithm")}}class Ys{static get tag(){return I.packet.symEncryptedSessionKey}constructor(e=T){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=I.symmetric.aes256,this.aeadAlgorithm=I.write(I.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Jr(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=dn(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=on.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,a=3+i+this.iv.length;t=R.concatUint8Array([new Uint8Array([this.version,a,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=R.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=R.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=R.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=on.getCipherParams(t),a=await this.s2k.produceKey(e,i);if(this.version>=5){const e=on.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|Ys.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),n=6===this.version?await _a(I.hash.sha256,a,new Uint8Array,r,i):a,s=await e(t,n);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await on.mode.cfb.decrypt(t,a,this.encrypted,new Uint8Array(r));this.sessionKeyAlgorithm=I.write(I.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length)}else this.sessionKey=a}async encrypt(e,t=T){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=fn(t),this.s2k.generateSalt();const{blockSize:i,keySize:a}=on.getCipherParams(r),n=await this.s2k.produceKey(e,a);if(null===this.sessionKey&&(this.sessionKey=on.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=on.getAEADMode(this.aeadAlgorithm);this.iv=on.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|Ys.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await _a(I.hash.sha256,n,new Uint8Array,t,a):n,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=R.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await on.mode.cfb.encrypt(r,n,e,new Uint8Array(i),t)}}}class Js{static get tag(){return I.packet.publicKey}constructor(e=new Date,t=T){this.version=t.v6Keys?6:4,this.created=R.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Js,{version:r,created:i,algorithm:a,publicParams:n,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=a,t.publicParams=n,t.keyID=s,t.fingerprint=o,t}async read(e,t=T){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Jr("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=R.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=on.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===I.curve.curve25519Legacy||i.oid.getName()===I.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new Jr(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(R.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=on.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(R.writeNumber(t.length,4)),e.push(t),R.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return R.concatUint8Array([new Uint8Array([r]),R.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new Ds,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await on.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await on.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return R.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&R.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=I.read(I.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=R.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Js.prototype.readPublicKey=Js.prototype.read,Js.prototype.writePublicKey=Js.prototype.write;const eo=/*#__PURE__*/R.constructAllowedPackets([Us,Ns,Rs,Is]);class to{static get tag(){return I.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=T){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=on.getCipherParams(e),a=await P(A(this.encrypted)),n=await on.mode.cfb.decrypt(e,t,a.subarray(i+2),a.subarray(2,i+2));this.packets=await Fs.fromBinary(n,eo,r)}async encrypt(e,t,r=T){const i=this.packets.write(),{blockSize:a}=on.getCipherParams(e),n=await on.getPrefixRandom(e),s=await on.mode.cfb.encrypt(e,t,n,new Uint8Array(a),r),o=await on.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=R.concat([s,o])}}class ro{static get tag(){return I.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class io extends Js{static get tag(){return I.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new io,{version:r,created:i,algorithm:a,publicParams:n,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=a,t.publicParams=n,t.keyID=s,t.fingerprint=o,t}}class ao{static get tag(){return I.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Vr(e.subarray(t,e.length));t+=r.offset,this.attributes.push(R.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(Wr(this.attributes[t].length)),e.push(R.stringToUint8Array(this.attributes[t]));return R.concatUint8Array(e)}equals(e){return!!(e&&e instanceof ao)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class no extends Js{static get tag(){return I.packet.secretKey}constructor(e=new Date,t=T){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=T){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=dn(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+on.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+on.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!R.equalsUint8Array(R.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=on.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof Jr)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return R.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=on.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(R.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(R.writeChecksum(this.keyMaterial))),R.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=T){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=dn(I.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=I.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=T){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=fn(t),this.s2k.generateSalt();const r=on.serializeParams(this.algorithm,this.privateParams);this.symmetric=I.symmetric.aes256;const{blockSize:i}=on.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const a=on.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const n=Zr(this.constructor.tag),s=await so(this.version,this.s2k,e,this.symmetric,this.aead,n,this.isLegacyAEAD),o=await a(this.symmetric,s);this.iv=this.isLegacyAEAD?on.random.getRandomBytes(i):on.random.getRandomBytes(a.ivLength);const c=this.isLegacyAEAD?new Uint8Array:R.concatUint8Array([n,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,a.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const a=await so(this.version,this.s2k,e,this.symmetric);this.iv=on.random.getRandomBytes(i),this.keyMaterial=await on.mode.cfb.encrypt(this.symmetric,a,R.concatUint8Array([r,await on.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Zr(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await so(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=on.getAEADMode(this.aead),a=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:R.concatUint8Array([r,this.writePublicKey()]);i=await a.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await on.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await on.hash.sha1(i);if(!R.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=on.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await on.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===I.publicKey.ecdh&&t===I.curve.curve25519Legacy||this.algorithm===I.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);const{privateParams:i,publicParams:a}=await on.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=a,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function so(e,t,r,i,a,n,s){if("argon2"===t.type&&!a)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=on.getCipherParams(i),c=await t.produceKey(r,o);if(!a||5===e||s)return c;const u=R.concatUint8Array([n,new Uint8Array([e,i,a])]);return _a(I.hash.sha256,c,new Uint8Array,u,o)}class oo{static get tag(){return I.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(R.isString(e)||e.name&&!R.isString(e.name)||e.email&&!R.isEmailAddress(e.email)||e.comment&&!R.isString(e.comment))throw Error("Invalid user ID format");const t=new oo;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=T){const r=R.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return R.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class co extends no{static get tag(){return I.packet.secretSubkey}constructor(e=new Date,t=T){super(e,t)}}class uo{static get tag(){return I.packet.trust}read(){throw new Jr("Trust packets are not supported")}write(){throw new Jr("Trust packets are not supported")}}class ho{static get tag(){return I.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await on.random.getRandomBytes(e)}}const yo=/*#__PURE__*/R.constructAllowedPackets([Is]);class lo{constructor(e){this.packets=e||new Fs}write(){return this.packets.write()}armor(e=T){const t=this.packets.some((e=>e.constructor.tag===Is.tag&&6!==e.version));return Q(I.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function po({armoredSignature:e,binarySignature:t,config:r,...i}){r={...T,...r};let a=e||t;if(!a)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!R.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!R.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(e){const{type:e,data:t}=await X(a);if(e!==I.armor.signature)throw Error("Armored text not of type signature");a=t}const s=await Fs.fromBinary(a,yo,r);return new lo(s)}async function go(e,t){const r=new co(e.date,t);return r.packets=null,r.algorithm=I.write(I.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function fo(e,t){const r=new no(e.date,t);return r.packets=null,r.algorithm=I.write(I.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function mo(e,t,r,i,a=new Date,n){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,a,void 0,n),s=e[c])}catch(e){o=e}if(!s)throw R.wrapError(`Could not find valid ${I.read(I.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function wo(e,t,r=new Date){const i=R.normalizeDate(r);if(null!==i){const r=Eo(e,t);return!(e.created<=i&&i<r)}return!1}async function bo(e,t,r,i){const a={};a.key=t,a.bind=e;const n={signatureType:I.signature.subkeyBinding};r.sign?(n.keyFlags=[I.keyFlags.signData],n.embeddedSignature=await ko(a,null,e,{signatureType:I.signature.keyBinding},r.date,void 0,void 0,void 0,i)):n.keyFlags=r.forwarding?[I.keyFlags.forwardedCommunication]:[I.keyFlags.encryptCommunication|I.keyFlags.encryptStorage],r.keyExpirationTime>0&&(n.keyExpirationTime=r.keyExpirationTime,n.keyNeverExpires=!1);return await ko(a,null,t,n,r.date,void 0,void 0,void 0,i)}async function ko(e,t,r,i,a,n,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Is;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i={},a){let n=a.preferredHashAlgorithm,s=n;if(e){const t=await e.getPrimarySelfSignature(r,i,a);t.preferredHashAlgorithms&&([s]=t.preferredHashAlgorithms,n=on.hash.getHashByteLength(n)<=on.hash.getHashByteLength(s)?s:n)}switch(t.algorithm){case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ed25519:case I.publicKey.ed448:s=on.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid)}return on.hash.getHashByteLength(n)<=on.hash.getHashByteLength(s)?s:n}(t,r,a,n,c),u.rawNotations=[...s],await u.sign(r,e,a,o,c),u}async function vo(e,t,r,i=new Date,a){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||a&&!await a(e)||t[r].some((function(t){return R.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function Ao(e,t,r,i,a,n,s=new Date,o){n=n||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!a||e.issuerKeyID.equals(a.issuerKeyID)){const i=![I.reasonForRevocation.keyRetired,I.reasonForRevocation.keySuperseded,I.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(n,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),a?(a.revoked=!!c.some((e=>e.equals(a.issuerKeyID)))||(a.revoked||!1),a.revoked):c.length>0}function Eo(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function Ko(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=R.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"ecc":try{e.curve=I.write(I.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==I.curve.ed25519Legacy&&e.curve!==I.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?I.curve.ed25519Legacy:I.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===I.curve.ed25519Legacy?I.publicKey.eddsaLegacy:I.publicKey.ecdsa:e.algorithm=I.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?I.publicKey.ed25519:I.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?I.publicKey.ed448:I.publicKey.x448;break;case"rsa":e.algorithm=I.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=I.publicKey.hmac;try{e.symmetric=I.write(I.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=I.publicKey.aead;try{e.symmetric=I.write(I.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function So(e,t,r){switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.dsa:case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ed25519:case I.publicKey.ed448:case I.publicKey.hmac:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.signData);default:return!1}}function Po(e,t,r){switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.x25519:case I.publicKey.x448:case I.publicKey.aead:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&I.keyFlags.encryptStorage);default:return!1}}function Uo(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaEncrypt:case I.publicKey.elgamal:case I.publicKey.ecdh:case I.publicKey.x25519:case I.publicKey.x448:return!(!(!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&I.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&I.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&I.keyFlags.forwardedCommunication));default:return!1}}function Do(e,t){const r=I.write(I.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:case I.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class Co{constructor(e,t){this.userID=e.constructor.tag===I.packet.userID?e:null,this.userAttribute=e.constructor.tag===I.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Fs;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new Co(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i},n=new Co(a.userID||a.userAttribute,this.mainKey);return n.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const n=await e.getSigningKey(void 0,t,void 0,r);return ko(a,e,n.keyPacket,{signatureType:I.signature.certGeneric,keyFlags:[I.keyFlags.certifyKeys|I.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await n.update(this,t,r),n}async isRevoked(e,t,r=new Date,i=T){const a=this.mainKey.keyPacket;return Ao(a,I.signature.certRevocation,{key:a,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const a=this,n=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:n},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const n=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await a.isRevoked(e,n.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(n.keyPacket,I.signature.certGeneric,s,r,void 0,i)}catch(e){throw R.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,a=this.selfCertifications.concat(this.otherCertifications);return Promise.all(a.map((async a=>({keyID:a.issuerKeyID,valid:await i.verifyCertificate(a,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i};let n;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const n=this.selfCertifications[s];if(n.revoked||await r.isRevoked(n,void 0,e,t))throw Error("Self-certification is revoked");try{await n.verify(i,I.signature.certGeneric,a,e,void 0,t)}catch(e){throw R.wrapError("Self-certification is invalid",e)}return!0}catch(e){n=e}throw n}async update(e,t,r){const i=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:i};await vo(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,I.signature.certGeneric,a,t,!1,r),!0}catch(e){return!1}})),await vo(e,this,"otherCertifications",t),await vo(e,this,"revocationSignatures",t,(function(e){return Ao(i,I.signature.certRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=I.reasonForRevocation.noReason,string:r=""}={},i=new Date,a=T){const n={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new Co(n.userID||n.userAttribute,this.mainKey);return s.revocationSignatures.push(await ko(n,null,e,{signatureType:I.signature.certRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,a)),await s.update(this),s}}class xo{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Fs;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new xo(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=T){const a=this.mainKey.keyPacket;return Ao(a,I.signature.subkeyRevocation,{key:a,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=T){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},a=await mo(this.bindingSignatures,r,I.signature.subkeyBinding,i,e,t);if(a.revoked||await this.isRevoked(a,null,e,t))throw Error("Subkey is revoked");if(wo(this.keyPacket,a,e))throw Error("Subkey is expired");return a}async getExpirationTime(e=new Date,t=T){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let a;try{a=await mo(this.bindingSignatures,r,I.signature.subkeyBinding,i,e,t)}catch(e){return null}const n=Eo(this.keyPacket,a),s=a.getExpirationTime();return n<s?n:s}async update(e,t=new Date,r=T){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===I.packet.publicSubkey&&e.keyPacket.constructor.tag===I.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const a=this,n={key:i,bind:a.keyPacket};await vo(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<a.bindingSignatures.length;t++)if(a.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>a.bindingSignatures[t].created&&(a.bindingSignatures[t]=e),!1;try{return await e.verify(i,I.signature.subkeyBinding,n,t,void 0,r),!0}catch(e){return!1}})),await vo(e,this,"revocationSignatures",t,(function(e){return Ao(i,I.signature.subkeyRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=I.reasonForRevocation.noReason,string:r=""}={},i=new Date,a=T){const n={key:e,bind:this.keyPacket},s=new xo(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await ko(n,null,e,{signatureType:I.signature.subkeyRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,a)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{xo.prototype[e]=function(){return this.keyPacket[e]()}}));const Bo=/*#__PURE__*/R.constructAllowedPackets([Is]),Io=new Set([I.packet.publicKey,I.packet.privateKey]),To=new Set([I.packet.publicKey,I.packet.privateKey,I.packet.publicSubkey,I.packet.privateSubkey]);class _o{packetListToStructure(e,t=new Set){let r,i,a,n;for(const s of e){if(s instanceof ti){To.has(s.tag)&&!n&&(n=Io.has(s.tag)?Io:To);continue}const e=s.constructor.tag;if(n){if(!n.has(e))continue;n=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case I.packet.publicKey:case I.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case I.packet.userID:case I.packet.userAttribute:r=new Co(s,this),this.users.push(r);break;case I.packet.publicSubkey:case I.packet.secretSubkey:r=null,a=new xo(s,this),this.subkeys.push(a);break;case I.packet.signature:switch(s.signatureType){case I.signature.certGeneric:case I.signature.certPersona:case I.signature.certCasual:case I.signature.certPositive:if(!r){R.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case I.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case I.signature.key:this.directSignatures.push(s);break;case I.signature.subkeyBinding:if(!a){R.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}a.bindingSignatures.push(s);break;case I.signature.keyRevocation:this.revocationSignatures.push(s);break;case I.signature.subkeyRevocation:if(!a){R.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}a.revocationSignatures.push(s)}}}}toPacketList(){const e=new Fs;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=T){await this.verifyPrimaryKey(t,r,i);const a=this.keyPacket;try{Do(a,i)}catch(e){throw R.wrapError("Could not verify primary key",e)}const n=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of n)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:a,bind:r.keyPacket},n=await mo(r.bindingSignatures,a,I.signature.subkeyBinding,e,t,i);if(!So(r.keyPacket,n,i))continue;if(!n.embeddedSignature)throw Error("Missing embedded signature");return await mo([n.embeddedSignature],r.keyPacket,I.signature.keyBinding,e,t,i),Do(r.keyPacket,i),r}catch(e){s=e}try{const n=await this.getPrimarySelfSignature(t,r,i);if((!e||a.getKeyID().equals(e))&&So(a,n,i))return Do(a,i),this}catch(e){s=e}throw R.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=T){await this.verifyPrimaryKey(t,r,i);const a=this.keyPacket;try{Do(a,i)}catch(e){throw R.wrapError("Could not verify primary key",e)}const n=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of n)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:a,bind:r.keyPacket},n=await mo(r.bindingSignatures,a,I.signature.subkeyBinding,e,t,i);if(Po(r.keyPacket,n,i))return Do(r.keyPacket,i),r}catch(e){s=e}try{const n=await this.getPrimarySelfSignature(t,r,i);if((!e||a.getKeyID().equals(e))&&Po(a,n,i))return Do(a,i),this}catch(e){s=e}throw R.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=T){return Ao(this.keyPacket,I.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=T){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(wo(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await mo(this.directSignatures,i,I.signature.key,{key:i},e,r).catch((()=>{}));if(t&&wo(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=T){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),a=Eo(this.keyPacket,i),n=i.getExpirationTime(),s=6!==this.keyPacket.version&&await mo(this.directSignatures,this.keyPacket,I.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=Eo(this.keyPacket,s);r=Math.min(a,n,e)}else r=a<n?a:n}catch(e){r=null}return R.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=T){const i=this.keyPacket;if(6===i.version)return mo(this.directSignatures,i,I.signature.key,{key:i},e,r);const{selfCertification:a}=await this.getPrimaryUser(e,t,r);return a}async getPrimaryUser(e=new Date,t={},r=T){const i=this.keyPacket,a=[];let n;for(let s=0;s<this.users.length;s++)try{const n=this.users[s];if(!n.userID)continue;if(void 0!==t.name&&n.userID.name!==t.name||void 0!==t.email&&n.userID.email!==t.email||void 0!==t.comment&&n.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:n.userID,key:i},c=await mo(n.selfCertifications,i,I.signature.certGeneric,o,e,r);a.push({index:s,user:n,selfCertification:c})}catch(e){n=e}if(!a.length)throw n||Error("Could not find primary user");await Promise.all(a.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=a.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=T){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await vo(e,i,"revocationSignatures",t,(a=>Ao(i.keyPacket,I.signature.keyRevocation,i,[a],null,e.keyPacket,t,r))),await vo(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const a=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(a.length>0)await Promise.all(a.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const a=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(a.length>0)await Promise.all(a.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=T){const r={key:this.keyPacket},i=await mo(this.revocationSignatures,this.keyPacket,I.signature.keyRevocation,r,e,t),a=new Fs;a.push(i);const n=6!==this.keyPacket.version;return Q(I.armor.publicKey,a.write(),null,null,"This is a revocation certificate",n,t)}async applyRevocationCertificate(e,t=new Date,r=T){const i=await X(e),a=(await Fs.fromBinary(i.data,Bo,r)).findPacket(I.packet.signature);if(!a||a.signatureType!==I.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!a.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await a.verify(this.keyPacket,I.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw R.wrapError("Could not verify revocation signature",e)}const n=this.clone();return n.revocationSignatures.push(a),n}async signPrimaryUser(e,t,r,i=T){const{index:a,user:n}=await this.getPrimaryUser(t,r,i),s=await n.certify(e,t,i),o=this.clone();return o.users[a]=s,o}async signAllUsers(e,t=new Date,r=T){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=T){const a=this.keyPacket,{user:n}=await this.getPrimaryUser(t,r,i);return e?await n.verifyAllCertifications(e,t,i):[{keyID:a.getKeyID(),valid:await n.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=T){const i=this.keyPacket,a=[];return await Promise.all(this.users.map((async n=>{const s=e?await n.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await n.verify(t,r).catch((()=>!1))}];a.push(...s.map((e=>({userID:n.userID?n.userID.userID:null,userAttribute:n.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),a}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{_o.prototype[e]=xo.prototype[e]}));class Ro extends _o{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([I.packet.secretKey,I.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=T){const t=6!==this.keyPacket.version;return Q(I.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Mo extends Ro{constructor(e){if(super(),this.packetListToStructure(e,new Set([I.packet.publicKey,I.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Fs,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==I.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case I.packet.secretKey:{if(i.algorithm===I.publicKey.aead||i.algorithm===I.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Js.fromSecretKeyPacket(i);e.push(t);break}case I.packet.secretSubkey:{if(i.algorithm===I.publicKey.aead||i.algorithm===I.publicKey.hmac){r=!0;break}const t=io.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Ro(e)}armor(e=T){const t=6!==this.keyPacket.version;return Q(I.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=T){const a=this.keyPacket,n=[];for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0))try{const e={key:a,bind:this.subkeys[r].keyPacket},s=await mo(this.subkeys[r].bindingSignatures,a,I.signature.subkeyBinding,e,t,i);Uo(this.subkeys[r].keyPacket,s,i)&&n.push(this.subkeys[r])}catch(e){}const s=await this.getPrimarySelfSignature(t,r,i);return e&&!a.getKeyID().equals(e,!0)||!Uo(a,s,i)||n.push(this),n}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=T){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=I.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=T){if(!this.isPrivate())throw Error("Need private key for revoking");const a={key:this.keyPacket},n=this.clone();return n.revocationSignatures.push(await ko(a,null,this.keyPacket,{signatureType:I.signature.keyRevocation,reasonForRevocationFlag:I.write(I.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),n}async addSubkey(e={}){const t={...T,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(I.write(I.publicKey,e)){case I.publicKey.rsaEncrypt:case I.publicKey.rsaEncryptSign:case I.publicKey.rsaSign:case I.publicKey.dsa:return"rsa";case I.publicKey.ecdsa:case I.publicKey.eddsaLegacy:return"ecc";case I.publicKey.ed25519:return"curve25519";case I.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=Ko(e,i);const a=await go(e,{...t,v6Keys:6===this.keyPacket.version});Do(a,t);const n=await bo(a,r,e,t),s=this.toPacketList();return s.push(a,n),new Mo(s)}}const Fo=/*#__PURE__*/R.constructAllowedPackets([Js,io,no,co,oo,ao,Is]);function Lo(e){for(const t of e)switch(t.constructor.tag){case I.packet.secretKey:return new Mo(e);case I.packet.publicKey:return new Ro(e)}throw Error("No key packet found")}async function No(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const a=r.subkeys[t].passphrase;a&&await e.encrypt(a,i)})));const a=new Fs;function n(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[I.keyFlags.certifyKeys|I.keyFlags.signData];const a=n([I.symmetric.aes256,I.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=a,i.aeadProtect){const e=n([I.aead.gcm,I.aead.eax,I.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>a.map((t=>[t,e]))))}return t.preferredHashAlgorithms=n([I.hash.sha256,I.hash.sha512,...6===e.version?[I.hash.sha3_256,I.hash.sha3_512]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=n([I.compression.uncompressed,I.compression.zlib,I.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=I.features.modificationDetection,i.aeadProtect&&(t.features[0]|=I.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(a.push(e),6===e.version){const t={key:e},n=s();n.signatureType=I.signature.key;const o=await ko(t,null,e,n,r.date,void 0,void 0,void 0,i);a.push(o)}await Promise.all(r.userIDs.map((async function(t,a){const n=oo.fromObject(t),o={userID:n,key:e},c=6!==e.version?s():{};c.signatureType=I.signature.certPositive,0===a&&(c.isPrimaryUserID=!0);return{userIDPacket:n,signaturePacket:await ko(o,null,e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{a.push(e),a.push(t)}))})),await Promise.all(t.map((async function(t,a){const n=r.subkeys[a];return{secretSubkeyPacket:t,subkeySignaturePacket:await bo(t,e,n,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{a.push(e),a.push(t)}))}));const o={key:e};return a.push(await ko(o,null,e,{signatureType:I.signature.keyRevocation,reasonForRevocationFlag:I.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Mo(a)}async function Oo({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...T,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!R.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!R.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));let n;if(e){const{type:t,data:r}=await X(e);if(t!==I.armor.publicKey&&t!==I.armor.privateKey)throw Error("Armored text not of type key");n=r}else n=t;const s=await Fs.fromBinary(n,Fo,r),o=s.indexOfTag(I.packet.publicKey,I.packet.secretKey);if(0===o.length)throw Error("No key packet found");return Lo(s.slice(o[0],o[1]))}async function zo({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...T,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!R.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!R.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));let n;if(e){const{type:t,data:r}=await X(e);if(t!==I.armor.privateKey)throw Error("Armored text not of type private key");n=r}else n=t;const s=await Fs.fromBinary(n,Fo,r),o=s.indexOfTag(I.packet.publicKey,I.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===I.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new Mo(t)}throw Error("No secret key packet found")}async function Ho({armoredKeys:e,binaryKeys:t,config:r,...i}){r={...T,...r};let a=e||t;if(!a)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!R.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!R.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(e){const{type:t,data:r}=await X(e);if(t!==I.armor.publicKey&&t!==I.armor.privateKey)throw Error("Armored text not of type key");a=r}const s=[],o=await Fs.fromBinary(a,Fo,r),c=o.indexOfTag(I.packet.publicKey,I.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=Lo(o.slice(c[e],c[e+1]));s.push(t)}return s}async function jo({armoredKeys:e,binaryKeys:t,config:r}){r={...T,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!R.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!R.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await X(e);if(t!==I.armor.privateKey)throw Error("Armored text not of type private key");i=r}const a=[],n=await Fs.fromBinary(i,Fo,r),s=n.indexOfTag(I.packet.publicKey,I.packet.secretKey);for(let e=0;e<s.length;e++){if(n[s[e]].constructor.tag===I.packet.publicKey)continue;const t=n.slice(s[e],s[e+1]),r=new Mo(t);a.push(r)}if(0===a.length)throw Error("No secret key packet found");return a}const Go=/*#__PURE__*/R.constructAllowedPackets([Us,Ns,Zs,Vs,to,Xs,Ys,Rs,Is]),qo=/*#__PURE__*/R.constructAllowedPackets([Ys]),Vo=/*#__PURE__*/R.constructAllowedPackets([Is]);class Wo{constructor(e){this.packets=e||new Fs}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(I.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(I.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(I.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,a=T){const n=this.packets.filterByTag(I.packet.symmetricallyEncryptedData,I.packet.symEncryptedIntegrityProtectedData,I.packet.aeadEncryptedData);if(0===n.length)throw Error("No encrypted data found");const s=n[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,a);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!R.isUint8Array(t)||!s.cipherAlgorithm&&!R.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||I.write(I.symmetric,e);await s.decrypt(r,t,a)}catch(e){R.printDebugError(e),u=e}})));if(U(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const y=new Wo(s.packets);return s.packets=new Fs,y}async decryptSessionKeys(e,t,r,i=new Date,a=T){let n,s=[];if(t){const e=this.packets.filterByTag(I.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Fs.fromBinary(e.write(),qo,a):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){R.printDebugError(e),e instanceof cn&&(n=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(I.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o=[I.symmetric.aes256,I.symmetric.aes128,I.symmetric.tripledes,I.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,a);t.preferredSymmetricAlgorithms&&(o=o.concat(t.preferredSymmetricAlgorithms))}catch(e){}const c=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,a)).map((e=>e.keyPacket));await Promise.all(c.map((async function(e){if(!e||e.isDummy())return;if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(a.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===I.publicKey.rsaEncrypt||t.publicKeyAlgorithm===I.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===I.publicKey.rsaSign||t.publicKeyAlgorithm===I.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(a.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Xs;r.read(i);const a={sessionKeyAlgorithm:t,sessionKey:on.generateSessionKey(t)};try{await r.decrypt(e,a),s.push(r)}catch(e){R.printDebugError(e),n=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!o.includes(I.write(I.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){R.printDebugError(e),n=e}})))}))),U(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+R.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&I.read(I.symmetric,e.sessionKeyAlgorithm)})))}throw n||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(I.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=T){const{symmetricAlgo:a,aeadAlgo:n}=await async function(e=[],t=new Date,r=[],i=T){const a=await Promise.all(e.map(((e,a)=>e.getPrimarySelfSignature(t,r[a],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&a.every((e=>e.features&&e.features[0]&I.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:I.symmetric.aes128,aeadAlgo:I.aead.ocb},t={symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm};return a.every((e=>e.preferredCipherSuites&&e.preferredCipherSuites.some((e=>e[0]===t.symmetricAlgo&&e[1]===t.aeadAlgo))))?t:e}const n=I.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:a.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:n,aeadAlgo:void 0}}(e,t,r,i),s=I.read(I.symmetric,a),o=n?I.read(I.aead,n):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===I.publicKey.x25519||e.keyPacket.algorithm===I.publicKey.x448)&&!o&&!R.isAES(a))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:on.generateSessionKey(a),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,a=[],n=new Date,s=[],o=T){if(r){if(!R.isUint8Array(r.data)||!R.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Wo.generateSessionKey(e,n,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Wo.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,y=await Wo.encryptSessionKey(c,u,h,e,t,i,a,n,s,o),l=Vs.fromObject({version:h?2:1,aeadAlgorithm:h?I.write(I.aead,h):null});l.packets=this.packets;const p=I.write(I.symmetric,u);return await l.encrypt(p,c,o),y.packets.push(l),l.packets=new Fs,y}static async encryptSessionKey(e,t,r,i,a,n=!1,s=[],o=new Date,c=[],u=T){const h=new Fs,y=I.write(I.symmetric,t),l=r&&I.write(I.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),a=Xs.fromObject({version:l?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:n,sessionKey:e,sessionKeyAlgorithm:y});return await a.encrypt(i.keyPacket),delete a.sessionKey,a})));h.push(...t)}if(a){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,n,s,o){const c=new Ys(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=n,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(a.map((e=>t(c,e))))).reduce(r))return i(e,n,o)}return delete c.sessionKey,c},n=await Promise.all(a.map((t=>i(e,y,l,t))));h.push(...n)}return new Wo(h)}async sign(e=[],t=null,r=[],i=new Date,a=[],n=[],s=T){const o=new Fs,c=this.packets.findPacket(I.packet.literalData);if(!c)throw Error("No literal data packet to sign.");const u=await $o(c,e,t,r,i,a,n,!1,s),h=u.map(((e,t)=>Rs.fromSignaturePacket(e,0===t))).reverse();return o.push(...h),o.push(c),o.push(...u),new Wo(o)}compress(e,t=T){if(e===I.compression.uncompressed)return this;const r=new Ns(t);r.algorithm=e,r.packets=this.packets;const i=new Fs;return i.push(r),new Wo(i)}async signDetached(e=[],t=null,r=[],i=new Date,a=[],n=[],s=T){const o=this.packets.findPacket(I.packet.literalData);if(!o)throw Error("No literal data packet to sign.");return new lo(await $o(o,e,t,r,i,a,n,!0,s))}async verify(e,t=new Date,r=T){const i=this.unwrapCompressed(),a=i.packets.filterByTag(I.packet.literalData);if(1!==a.length)throw Error("Can only verify message with one literal data packet.");n(i.packets.stream)&&i.packets.push(...await P(i.packets.stream,(e=>e||[])));const s=i.packets.filterByTag(I.packet.onePassSignature).reverse(),o=i.packets.filterByTag(I.packet.signature);return s.length&&!o.length&&R.isStream(i.packets.stream)&&!n(i.packets.stream)?(await Promise.all(s.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=D((async()=>(await e.correspondingSig).signatureData)),e.hashed=P(await e.hash(e.signatureType,a[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=k(i.packets.stream,(async(e,t)=>{const r=C(e),i=x(t);try{for(let e=0;e<s.length;e++){const{value:t}=await r.read();s[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){s.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Zo(s,a,e,t,!1,r)):Zo(o,a,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=T){const a=this.unwrapCompressed().packets.filterByTag(I.packet.literalData);if(1!==a.length)throw Error("Can only verify message with one literal data packet.");return Zo(e.packets.filterByTag(I.packet.signature),a,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(I.packet.compressedData);return e.length?new Wo(e[0].packets):this}async appendSignature(e,t=T){await this.packets.read(R.isUint8Array(e)?e:(await X(e)).data,Vo,t)}write(){return this.packets.write()}armor(e=T){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Vs.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Is.tag&&6!==e.version));return Q(I.armor.message,this.write(),null,null,null,r,e)}}async function $o(e,t,r=null,i=[],a=new Date,n=[],s=[],o=!1,c=T){const u=new Fs,h=null===e.text?I.signature.binary:I.signature.text;if(await Promise.all(t.map((async(t,r)=>{const u=n[r];if(!t.isPrivate())throw Error("Need private key for signing");const y=await t.getSigningKey(i[r],a,u,c);return ko(e,t,y.keyPacket,{signatureType:h},a,u,s,o,c)}))).then((e=>{u.push(...e)})),r){const e=r.packets.filterByTag(I.packet.signature);u.push(...e)}return u}async function Zo(e,t,r,i=new Date,a=!1,n=T){return Promise.all(e.filter((function(e){return["text","binary"].includes(I.read(I.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,a=!1,n=T){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Rs?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,a,n);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,n)}catch(e){if(!n.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,n)}return!0})(),signature:(async()=>{const e=await c,t=new Fs;return e&&t.push(e),new lo(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,a,n)})))}async function Xo({armoredMessage:e,binaryMessage:t,config:r,...i}){r={...T,...r};let a=e||t;if(!a)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!R.isString(e)&&!R.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!R.isUint8Array(t)&&!R.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));const s=R.isStream(a);if(e){const{type:e,data:t}=await X(a);if(e!==I.armor.message)throw Error("Armored text not of type message");a=t}const o=await Fs.fromBinary(a,Go,r),c=new Wo(o);return c.fromStream=s,c}async function Qo({text:e,binary:t,filename:r,date:i=new Date,format:a=(void 0!==e?"utf8":"binary"),...n}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!R.isString(e)&&!R.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!R.isUint8Array(t)&&!R.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(n);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=R.isStream(s),u=new Us(i);void 0!==e?u.setText(s,I.write(I.literal,a)):u.setBytes(s,I.write(I.literal,a)),void 0!==r&&u.setFilename(r);const h=new Fs;h.push(u);const y=new Wo(h);return y.fromStream=c,y}const Yo=/*#__PURE__*/R.constructAllowedPackets([Is]);class Jo{constructor(e,t){if(this.text=R.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof lo))throw Error("Invalid signature input");this.signature=t||new lo(new Fs)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=null,r=[],i=new Date,a=[],n=[],s=T){const o=new Us;o.setText(this.text);const c=new lo(await $o(o,e,t,r,i,a,n,!0,s));return new Jo(this.text,c)}verify(e,t=new Date,r=T){const i=this.signature.packets.filterByTag(I.packet.signature),a=new Us;return a.setText(this.text),Zo(i,[a],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=T){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>I.read(I.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Q(I.armor.signed,r,void 0,void 0,void 0,t,e)}}async function ec({cleartextMessage:e,config:t,...r}){if(t={...T,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!R.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const a=await X(e);if(a.type!==I.armor.signed)throw Error("No cleartext signed message.");const n=await Fs.fromBinary(a.data,Yo,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===I.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return I.write(I.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(a.headers,n);const s=new lo(n);return new Jo(a.text,s)}async function tc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!R.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new Jo(e)}async function rc({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:a=4096,symmetricHash:n="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:y,...l}){wc(y={...T,...y}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=y.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=bc(e);const p=Object.keys(l);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!y.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&a<y.minRSABits)throw Error(`rsaBits should be at least ${y.minRSABits}, got: ${a}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:a,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:n,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=Ko(e)).subkeys=e.subkeys.map(((t,r)=>Ko(e.subkeys[r],e)));let r=[fo(e,t)];r=r.concat(e.subkeys.map((e=>go(e,t))));const i=await Promise.all(r),a=await No(i[0],i.slice(1),e,t),n=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:n}}(g,y);return e.getKeys().forEach((({keyPacket:e})=>Do(e,y))),{privateKey:Ac(e,h,y),publicKey:"symmetric"!==r?Ac(e.toPublic(),h,y):null,revocationCertificate:t}}catch(e){throw R.wrapError("Error generating keypair",e)}}async function ic({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:a,format:n="armored",config:s,...o}){wc(s={...T,...s}),t=bc(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:a};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,a={key:i,bind:r},n=await mo(e.bindingSignatures,i,I.signature.subkeyBinding,a,null,t).catch((()=>({})));return{sign:n.keyFlags&&n.keyFlags[0]&I.keyFlags.signData,forwarding:n.keyFlags&&n.keyFlags[0]&I.keyFlags.forwardedCommunication}}))));const a=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==a.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const n=await No(i,a,e,t),s=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=R.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:Ac(e,n,s),publicKey:Ac(e.toPublic(),n,s),revocationCertificate:t}}catch(e){throw R.wrapError("Error reformatting keypair",e)}}async function ac({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:a="armored",config:n,...s}){wc(n={...T,...n});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,n):await e.revoke(r,i,n);return s.isPrivate()?{privateKey:Ac(s,a,n),publicKey:Ac(s.toPublic(),a,n)}:{privateKey:null,publicKey:Ac(s,a,n)}}catch(e){throw R.wrapError("Error revoking key",e)}}async function nc({privateKey:e,passphrase:t,config:r,...i}){wc(r={...T,...r});const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const n=e.clone(!0),s=R.isArray(t)?t:[t];try{return await Promise.all(n.getKeys().map((e=>R.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await n.validate(r),n}catch(e){throw n.clearPrivateParams(),R.wrapError("Error decrypting private key",e)}}async function sc({privateKey:e,passphrase:t,config:r,...i}){wc(r={...T,...r});const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const n=e.clone(!0),s=n.getKeys(),o=R.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),n}catch(e){throw n.clearPrivateParams(),R.wrapError("Error encrypting private key",e)}}async function oc({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:a,format:n="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:y=[],encryptionUserIDs:l=[],signatureNotations:p=[],config:g,...d}){if(wc(g={...T,...g}),gc(e),fc(n),t=bc(t),r=bc(r),i=bc(i),c=bc(c),u=bc(u),y=bc(y),l=bc(l),p=bc(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,s,c,h,y,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=T){const a=I.compression.uncompressed,n=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,a){const s=(await e.getPrimarySelfSignature(t,r[a],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(n)>=0})));return s.every(Boolean)?n:a}(t,h,l,g),g),e=await e.encrypt(t,i,a,o,u,h,l,g),"object"===n)return e;const d="armored"===n?e.armor(g):e.write();return await kc(d)}catch(e){throw R.wrapError("Error encrypting message",e)}}async function cc({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:a,expectSigned:n=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(wc(u={...T,...u}),gc(e),a=bc(a),t=bc(t),r=bc(r),i=bc(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const y=Object.keys(h);if(y.length>0)throw Error("Unknown option: "+y.join(", "));try{const h=await e.decrypt(t,r,i,c,u);a||(a=[]);const y={};if(y.signatures=o?await h.verifyDetached(o,a,c,u):await h.verify(a,c,u),y.data="binary"===s?h.getLiteralData():h.getText(),y.filename=h.getFilename(),vc(y,e),n){if(0===a.length)throw Error("Verification keys are required to verify message signatures");if(0===y.signatures.length)throw Error("Message is not signed");y.data=d([y.data,D((async()=>{await R.anyPromise(y.signatures.map((e=>e.verified)))}))])}return y.data=await kc(y.data),y}catch(e){throw R.wrapError("Error decrypting message",e)}}async function uc({message:e,signingKeys:t,format:r="armored",detached:i=!1,signingKeyIDs:a=[],date:n=new Date,signingUserIDs:s=[],signatureNotations:o=[],config:c,...u}){if(wc(c={...T,...c}),dc(e),fc(r),t=bc(t),a=bc(a),s=bc(s),o=bc(o),u.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==u.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const h=Object.keys(u);if(h.length>0)throw Error("Unknown option: "+h.join(", "));if(e instanceof Jo&&"binary"===r)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof Jo&&i)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let u;if(u=i?await e.signDetached(t,void 0,a,n,s,o,c):await e.sign(t,void 0,a,n,s,o,c),"object"===r)return u;return u="armored"===r?u.armor(c):u.write(),i&&(u=k(e.packets.write(),(async(e,t)=>{await Promise.all([f(u,t),P(e).catch((()=>{}))])}))),await kc(u)}catch(e){throw R.wrapError("Error signing message",e)}}async function hc({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:a=null,date:n=new Date,config:s,...o}){if(wc(s={...T,...s}),dc(e),t=bc(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof Jo&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof Jo&&a)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=a?await e.verifyDetached(a,t,n,s):await e.verify(t,n,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!a&&vc(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=d([o.data,D((async()=>{await R.anyPromise(o.signatures.map((e=>e.verified)))}))])}return o.data=await kc(o.data),o}catch(e){throw R.wrapError("Error verifying signed message",e)}}async function yc({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...a}){if(wc(i={...T,...i}),e=bc(e),r=bc(r),a.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const n=Object.keys(a);if(n.length>0)throw Error("Unknown option: "+n.join(", "));try{return await Wo.generateSessionKey(e,t,r,i)}catch(e){throw R.wrapError("Error generating session key",e)}}async function lc({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:a,format:n="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...y}){if(wc(h={...T,...h}),function(e,t){if(!R.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!R.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),fc(n),i=bc(i),a=bc(a),o=bc(o),u=bc(u),y.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const l=Object.keys(y);if(l.length>0)throw Error("Unknown option: "+l.join(", "));if(!(i&&0!==i.length||a&&0!==a.length))throw Error("No encryption keys or passwords provided.");try{return Ac(await Wo.encryptSessionKey(e,t,r,i,a,s,o,c,u,h),n,h)}catch(e){throw R.wrapError("Error encrypting session key",e)}}async function pc({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:a,...n}){if(wc(a={...T,...a}),gc(e),t=bc(t),r=bc(r),n.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(n);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,a)}catch(e){throw R.wrapError("Error decrypting session keys",e)}}function gc(e){if(!(e instanceof Wo))throw Error("Parameter [message] needs to be of type Message")}function dc(e){if(!(e instanceof Jo||e instanceof Wo))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function fc(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const mc=Object.keys(T).length;function wc(e){const t=Object.keys(e);if(t.length!==mc)for(const e of t)if(void 0===T[e])throw Error("Unknown config property: "+e)}function bc(e){return e&&!R.isArray(e)&&(e=[e]),e}async function kc(e){return"array"===R.isStream(e)?P(e):e}function vc(e,t){e.data=k(t.packets.stream,(async(t,r)=>{await f(e.data,r,{preventClose:!0});const i=x(r);try{await P(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function Ac(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{Zs as AEADEncryptedDataPacket,cn as Argon2OutOfMemoryError,ln as Argon2S2K,Jo as CleartextMessage,Ns as CompressedDataPacket,$a as KDFParams,Us as LiteralDataPacket,ro as MarkerPacket,Wo as Message,Rs as OnePassSignaturePacket,Fs as PacketList,ho as PaddingPacket,Mo as PrivateKey,Ro as PublicKey,Xs as PublicKeyEncryptedSessionKeyPacket,Js as PublicKeyPacket,io as PublicSubkeyPacket,no as SecretKeyPacket,co as SecretSubkeyPacket,lo as Signature,Is as SignaturePacket,xo as Subkey,Vs as SymEncryptedIntegrityProtectedDataPacket,Ys as SymEncryptedSessionKeyPacket,to as SymmetricallyEncryptedDataPacket,uo as TrustPacket,ti as UnparseablePacket,ao as UserAttributePacket,oo as UserIDPacket,Q as armor,T as config,tc as createCleartextMessage,Qo as createMessage,cc as decrypt,nc as decryptKey,pc as decryptSessionKeys,oc as encrypt,sc as encryptKey,lc as encryptSessionKey,I as enums,rc as generateKey,yc as generateSessionKey,ec as readCleartextMessage,Oo as readKey,Ho as readKeys,Xo as readMessage,zo as readPrivateKey,jo as readPrivateKeys,po as readSignature,ic as reformatKey,ac as revokeKey,uc as sign,X as unarmor,hc as verify};
 //# sourceMappingURL=openpgp.min.mjs.map