@protontech/openpgp 6.0.0-beta.3.patch.0 → 6.0.0-beta.3.patch.1

package/dist/lightweight/openpgp.mjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.0 - 2024-09-09 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
 const doneWritingPromise = Symbol('doneWritingPromise');
@@ -1682,7 +1682,7 @@ var config = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 6.0.0-beta.3.patch.0',
+  versionString: 'OpenPGP.js 6.0.0-beta.3.patch.1',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -9286,7 +9286,7 @@ async function sign$6(algo, hashAlgo, message, publicKey, privateKey, hashed) {
     case enums.publicKey.ed25519:
       try {
         const webCrypto = util.getWebCrypto();
-        const jwk = privateKeyToJWK$1(algo, publicKey, privateKey);
+        const jwk = privateKeyToJWK(algo, publicKey, privateKey);
         const key = await webCrypto.importKey('jwk', jwk, 'Ed25519', false, ['sign']);
 
         const signature = new Uint8Array(
@@ -9333,7 +9333,7 @@ async function verify$6(algo, hashAlgo, { RS }, m, publicKey, hashed) {
     case enums.publicKey.ed25519:
       try {
         const webCrypto = util.getWebCrypto();
-        const jwk = publicKeyToJWK$1(algo, publicKey);
+        const jwk = publicKeyToJWK(algo, publicKey);
         const key = await webCrypto.importKey('jwk', jwk, 'Ed25519', false, ['verify']);
         const verified = await webCrypto.verify('Ed25519', key, RS, hashed);
         return verified;
@@ -9408,7 +9408,7 @@ function getPreferredHashAlgo$2(algo) {
   }
 }
 
-const publicKeyToJWK$1 = (algo, publicKey) => {
+const publicKeyToJWK = (algo, publicKey) => {
   switch (algo) {
     case enums.publicKey.ed25519: {
       const jwk = {
@@ -9424,10 +9424,10 @@ const publicKeyToJWK$1 = (algo, publicKey) => {
   }
 };
 
-const privateKeyToJWK$1 = (algo, publicKey, privateKey) => {
+const privateKeyToJWK = (algo, publicKey, privateKey) => {
   switch (algo) {
     case enums.publicKey.ed25519: {
-      const jwk = publicKeyToJWK$1(algo, publicKey);
+      const jwk = publicKeyToJWK(algo, publicKey);
       jwk.d = uint8ArrayToB64(privateKey);
       return jwk;
     }
@@ -9576,27 +9576,12 @@ const HKDF_INFO = {
  */
 async function generate$3(algo) {
   switch (algo) {
-    case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const webCryptoKey = await webCrypto.generateKey('X25519', true, ['deriveKey', 'deriveBits']);
-
-        const privateKey = await webCrypto.exportKey('jwk', webCryptoKey.privateKey);
-        const publicKey = await webCrypto.exportKey('jwk', webCryptoKey.publicKey);
-
-        return {
-          A: new Uint8Array(b64ToUint8Array(publicKey.x)),
-          k: b64ToUint8Array(privateKey.d, true)
-        };
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        // k stays in little-endian, unlike legacy ECDH over curve25519
-        const k = getRandomBytes(32);
-        const { publicKey: A } = nacl.box.keyPair.fromSecretKey(k);
-        return { A, k };
-      }
+    case enums.publicKey.x25519: {
+      // k stays in little-endian, unlike legacy ECDH over curve25519
+      const k = getRandomBytes(32);
+      const { publicKey: A } = nacl.box.keyPair.fromSecretKey(k);
+      return { A, k };
+    }
 
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
@@ -9738,32 +9723,13 @@ function getPayloadSize(algo) {
  */
 async function generateEphemeralEncryptionMaterial(algo, recipientA) {
   switch (algo) {
-    case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const jwk = publicKeyToJWK(algo, recipientA);
-        const ephemeralKeyPair = await webCrypto.generateKey('X25519', true, ['deriveKey', 'deriveBits']);
-        const recipientPublicKey = await webCrypto.importKey('jwk', jwk, 'X25519', false, []);
-        const sharedSecretBuffer = await webCrypto.deriveBits(
-          { name: 'X25519', public: recipientPublicKey },
-          ephemeralKeyPair.privateKey,
-          getPayloadSize(algo) * 8 // in bits
-        );
-        const ephemeralPublicKeyJwt = await webCrypto.exportKey('jwk', ephemeralKeyPair.publicKey);
-        return {
-          sharedSecret: new Uint8Array(sharedSecretBuffer),
-          ephemeralPublicKey: new Uint8Array(b64ToUint8Array(ephemeralPublicKeyJwt.x))
-        };
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        const ephemeralSecretKey = getRandomBytes(getPayloadSize(algo));
-        const sharedSecret = nacl.scalarMult(ephemeralSecretKey, recipientA);
-        const { publicKey: ephemeralPublicKey } = nacl.box.keyPair.fromSecretKey(ephemeralSecretKey);
+    case enums.publicKey.x25519: {
+      const ephemeralSecretKey = getRandomBytes(getPayloadSize(algo));
+      const sharedSecret = nacl.scalarMult(ephemeralSecretKey, recipientA);
+      const { publicKey: ephemeralPublicKey } = nacl.box.keyPair.fromSecretKey(ephemeralSecretKey);
 
-        return { ephemeralPublicKey, sharedSecret };
-      }
+      return { ephemeralPublicKey, sharedSecret };
+    }
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
       const ephemeralSecretKey = x448.utils.randomPrivateKey();
@@ -9779,24 +9745,7 @@ async function generateEphemeralEncryptionMaterial(algo, recipientA) {
 async function recomputeSharedSecret(algo, ephemeralPublicKey, A, k) {
   switch (algo) {
     case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const privateKeyJWK = privateKeyToJWK(algo, A, k);
-        const ephemeralPublicKeyJWK = publicKeyToJWK(algo, ephemeralPublicKey);
-        const privateKey = await webCrypto.importKey('jwk', privateKeyJWK, 'X25519', false, ['deriveKey', 'deriveBits']);
-        const ephemeralPublicKeyReference = await webCrypto.importKey('jwk', ephemeralPublicKeyJWK, 'X25519', false, []);
-        const sharedSecretBuffer = await webCrypto.deriveBits(
-          { name: 'X25519', public: ephemeralPublicKeyReference },
-          privateKey,
-          getPayloadSize(algo) * 8 // in bits
-        );
-        return new Uint8Array(sharedSecretBuffer);
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        return nacl.scalarMult(k, ephemeralPublicKey);
-      }
+      return nacl.scalarMult(k, ephemeralPublicKey);
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
       const sharedSecret = x448.getSharedSecret(k, ephemeralPublicKey);
@@ -9807,35 +9756,6 @@ async function recomputeSharedSecret(algo, ephemeralPublicKey, A, k) {
   }
 }
 
-
-function publicKeyToJWK(algo, publicKey) {
-  switch (algo) {
-    case enums.publicKey.x25519: {
-      const jwk = {
-        kty: 'OKP',
-        crv: 'X25519',
-        x: uint8ArrayToB64(publicKey),
-        ext: true
-      };
-      return jwk;
-    }
-    default:
-      throw new Error('Unsupported ECDH algorithm');
-  }
-}
-
-function privateKeyToJWK(algo, publicKey, privateKey) {
-  switch (algo) {
-    case enums.publicKey.x25519: {
-      const jwk = publicKeyToJWK(algo, publicKey);
-      jwk.d = uint8ArrayToB64(privateKey);
-      return jwk;
-    }
-    default:
-      throw new Error('Unsupported ECDH algorithm');
-  }
-}
-
 var ecdh_x = /*#__PURE__*/Object.freeze({
   __proto__: null,
   decrypt: decrypt$2,
@@ -12536,13 +12456,25 @@ class Argon2S2K {
     const { passes, parallelism, memoryExponent } = config$1.s2kArgon2Params;
 
     this.type = 'argon2';
-    /**  @type {Uint8Array} 16 bytes of salt */
+    /**
+     * 16 bytes of salt
+     * @type {Uint8Array}
+     */
     this.salt = null;
-    /** @type {Integer} number of passes */
+    /**
+     * number of passes
+     * @type {Integer}
+     */
     this.t = passes;
-    /** @type {Integer} degree of parallelism (lanes) */
+    /**
+     * degree of parallelism (lanes)
+     * @type {Integer}
+     */
     this.p = parallelism;
-    /** @type {Integer} exponent indicating memory size */
+    /**
+     * exponent indicating memory size
+     * @type {Integer}
+     */
     this.encodedM = memoryExponent;
   }
 

package/dist/lightweight/sha3.min.mjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.0 - 2024-09-09 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const t="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function e(t){if(!Number.isSafeInteger(t)||t<0)throw Error("positive integer expected, not "+t)}function s(t,...e){if(!((s=t)instanceof Uint8Array||null!=s&&"object"==typeof s&&"Uint8Array"===s.constructor.name))throw Error("Uint8Array expected");var s;if(e.length>0&&!e.includes(t.length))throw Error(`Uint8Array expected of length ${e}, not of length=${t.length}`)}function i(t){if("function"!=typeof t||"function"!=typeof t.create)throw Error("Hash should be wrapped by utils.wrapConstructor");e(t.outputLen),e(t.blockLen)}function n(t,e=!0){if(t.destroyed)throw Error("Hash instance has been destroyed");if(e&&t.finished)throw Error("Hash#digest() has already been called")}function h(t,e){s(t);const i=e.outputLen;if(t.length<i)throw Error("digestInto() expects output buffer of length at least "+i)}const r="object"==typeof t&&"crypto"in t?t.crypto:void 0,o=t=>new DataView(t.buffer,t.byteOffset,t.byteLength),c=(t,e)=>t<<32-e|t>>>e,a=(t,e)=>t<<e|t>>>32-e>>>0,f=68===new Uint8Array(new Uint32Array([287454020]).buffer)[0];
 /*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */function d(t){for(let s=0;s<t.length;s++)t[s]=(e=t[s])<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;var e}function l(t){if("string"!=typeof t)throw Error("utf8ToBytes expected string, got "+typeof t);return new Uint8Array((new TextEncoder).encode(t))}function u(t){return"string"==typeof t&&(t=l(t)),s(t),t}function b(...t){let e=0;for(let i=0;i<t.length;i++){const n=t[i];s(n),e+=n.length}const i=new Uint8Array(e);for(let e=0,s=0;e<t.length;e++){const n=t[e];i.set(n,s),s+=n.length}return i}class x{clone(){return this._cloneInto()}}function p(t){const e=e=>t().update(u(e)).digest(),s=t();return e.outputLen=s.outputLen,e.blockLen=s.blockLen,e.create=()=>t(),e}function g(t=32){if(r&&"function"==typeof r.getRandomValues)return r.getRandomValues(new Uint8Array(t));if(r&&"function"==typeof r.randomBytes)return r.randomBytes(t);throw Error("crypto.getRandomValues must be defined")}const y=(t,e,s)=>t&e^~t&s,L=(t,e,s)=>t&e^t&s^e&s;class w extends x{constructor(t,e,s,i){super(),this.blockLen=t,this.outputLen=e,this.padOffset=s,this.isLE=i,this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.buffer=new Uint8Array(t),this.view=o(this.buffer)}update(t){n(this);const{view:e,buffer:s,blockLen:i}=this,h=(t=u(t)).length;for(let n=0;n<h;){const r=Math.min(i-this.pos,h-n);if(r!==i)s.set(t.subarray(n,n+r),this.pos),this.pos+=r,n+=r,this.pos===i&&(this.process(e,0),this.pos=0);else{const e=o(t);for(;i<=h-n;n+=i)this.process(e,n)}}return this.length+=t.length,this.roundClean(),this}digestInto(t){n(this),h(t,this),this.finished=!0;const{buffer:e,view:s,blockLen:i,isLE:r}=this;let{pos:c}=this;e[c++]=128,this.buffer.subarray(c).fill(0),this.padOffset>i-c&&(this.process(s,0),c=0);for(let t=c;t<i;t++)e[t]=0;!function(t,e,s,i){if("function"==typeof t.setBigUint64)return t.setBigUint64(e,s,i);const n=BigInt(32),h=BigInt(4294967295),r=Number(s>>n&h),o=Number(s&h),c=i?4:0,a=i?0:4;t.setUint32(e+c,r,i),t.setUint32(e+a,o,i)}(s,i-8,BigInt(8*this.length),r),this.process(s,0);const a=o(t),f=this.outputLen;if(f%4)throw Error("_sha2: outputLen should be aligned to 32bit");const d=f/4,l=this.get();if(d>l.length)throw Error("_sha2: outputLen bigger than state");for(let t=0;t<d;t++)a.setUint32(4*t,l[t],r)}digest(){const{buffer:t,outputLen:e}=this;this.digestInto(t);const s=t.slice(0,e);return this.destroy(),s}_cloneInto(t){t||(t=new this.constructor),t.set(...this.get());const{blockLen:e,buffer:s,length:i,finished:n,destroyed:h,pos:r}=this;return t.length=i,t.pos=r,t.finished=n,t.destroyed=h,i%e&&t.buffer.set(s),t}}const B=/* @__PURE__ */new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),H=/* @__PURE__ */new Uint32Array([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),A=/* @__PURE__ */new Uint32Array(64);class E extends w{constructor(){super(64,32,8,!1),this.A=0|H[0],this.B=0|H[1],this.C=0|H[2],this.D=0|H[3],this.E=0|H[4],this.F=0|H[5],this.G=0|H[6],this.H=0|H[7]}get(){const{A:t,B:e,C:s,D:i,E:n,F:h,G:r,H:o}=this;return[t,e,s,i,n,h,r,o]}set(t,e,s,i,n,h,r,o){this.A=0|t,this.B=0|e,this.C=0|s,this.D=0|i,this.E=0|n,this.F=0|h,this.G=0|r,this.H=0|o}process(t,e){for(let s=0;s<16;s++,e+=4)A[s]=t.getUint32(e,!1);for(let t=16;t<64;t++){const e=A[t-15],s=A[t-2],i=c(e,7)^c(e,18)^e>>>3,n=c(s,17)^c(s,19)^s>>>10;A[t]=n+A[t-7]+i+A[t-16]|0}let{A:s,B:i,C:n,D:h,E:r,F:o,G:a,H:f}=this;for(let t=0;t<64;t++){const e=f+(c(r,6)^c(r,11)^c(r,25))+y(r,o,a)+B[t]+A[t]|0,d=(c(s,2)^c(s,13)^c(s,22))+L(s,i,n)|0;f=a,a=o,o=r,r=h+e|0,h=n,n=i,i=s,s=e+d|0}s=s+this.A|0,i=i+this.B|0,n=n+this.C|0,h=h+this.D|0,r=r+this.E|0,o=o+this.F|0,a=a+this.G|0,f=f+this.H|0,this.set(s,i,n,h,r,o,a,f)}roundClean(){A.fill(0)}destroy(){this.set(0,0,0,0,0,0,0,0),this.buffer.fill(0)}}class k extends E{constructor(){super(),this.A=-1056596264,this.B=914150663,this.C=812702999,this.D=-150054599,this.E=-4191439,this.F=1750603025,this.G=1694076839,this.H=-1090891868,this.outputLen=28}}const U=/* @__PURE__ */p((()=>new E)),I=/* @__PURE__ */p((()=>new k)),S=/* @__PURE__ */BigInt(2**32-1),C=/* @__PURE__ */BigInt(32);function F(t,e=!1){return e?{h:Number(t&S),l:Number(t>>C&S)}:{h:0|Number(t>>C&S),l:0|Number(t&S)}}function m(t,e=!1){let s=new Uint32Array(t.length),i=new Uint32Array(t.length);for(let n=0;n<t.length;n++){const{h,l:r}=F(t[n],e);[s[n],i[n]]=[h,r]}return[s,i]}const D=(t,e,s)=>t<<s|e>>>32-s,G=(t,e,s)=>e<<s|t>>>32-s,O=(t,e,s)=>e<<s-32|t>>>64-s,v=(t,e,s)=>t<<s-32|e>>>64-s;const N={fromBig:F,split:m,toBig:(t,e)=>BigInt(t>>>0)<<C|BigInt(e>>>0),shrSH:(t,e,s)=>t>>>s,shrSL:(t,e,s)=>t<<32-s|e>>>s,rotrSH:(t,e,s)=>t>>>s|e<<32-s,rotrSL:(t,e,s)=>t<<32-s|e>>>s,rotrBH:(t,e,s)=>t<<64-s|e>>>s-32,rotrBL:(t,e,s)=>t>>>s-32|e<<64-s,rotr32H:(t,e)=>e,rotr32L:(t,e)=>t,rotlSH:D,rotlSL:G,rotlBH:O,rotlBL:v,add:function(t,e,s,i){const n=(e>>>0)+(i>>>0);return{h:t+s+(n/2**32|0)|0,l:0|n}},add3L:(t,e,s)=>(t>>>0)+(e>>>0)+(s>>>0),add3H:(t,e,s,i)=>e+s+i+(t/2**32|0)|0,add4L:(t,e,s,i)=>(t>>>0)+(e>>>0)+(s>>>0)+(i>>>0),add4H:(t,e,s,i,n)=>e+s+i+n+(t/2**32|0)|0,add5H:(t,e,s,i,n,h)=>e+s+i+n+h+(t/2**32|0)|0,add5L:(t,e,s,i,n)=>(t>>>0)+(e>>>0)+(s>>>0)+(i>>>0)+(n>>>0)},[M,X]=/* @__PURE__ */(()=>N.split(["0x428a2f98d728ae22","0x7137449123ef65cd","0xb5c0fbcfec4d3b2f","0xe9b5dba58189dbbc","0x3956c25bf348b538","0x59f111f1b605d019","0x923f82a4af194f9b","0xab1c5ed5da6d8118","0xd807aa98a3030242","0x12835b0145706fbe","0x243185be4ee4b28c","0x550c7dc3d5ffb4e2","0x72be5d74f27b896f","0x80deb1fe3b1696b1","0x9bdc06a725c71235","0xc19bf174cf692694","0xe49b69c19ef14ad2","0xefbe4786384f25e3","0x0fc19dc68b8cd5b5","0x240ca1cc77ac9c65","0x2de92c6f592b0275","0x4a7484aa6ea6e483","0x5cb0a9dcbd41fbd4","0x76f988da831153b5","0x983e5152ee66dfab","0xa831c66d2db43210","0xb00327c898fb213f","0xbf597fc7beef0ee4","0xc6e00bf33da88fc2","0xd5a79147930aa725","0x06ca6351e003826f","0x142929670a0e6e70","0x27b70a8546d22ffc","0x2e1b21385c26c926","0x4d2c6dfc5ac42aed","0x53380d139d95b3df","0x650a73548baf63de","0x766a0abb3c77b2a8","0x81c2c92e47edaee6","0x92722c851482353b","0xa2bfe8a14cf10364","0xa81a664bbc423001","0xc24b8b70d0f89791","0xc76c51a30654be30","0xd192e819d6ef5218","0xd69906245565a910","0xf40e35855771202a","0x106aa07032bbd1b8","0x19a4c116b8d2d0c8","0x1e376c085141ab53","0x2748774cdf8eeb99","0x34b0bcb5e19b48a8","0x391c0cb3c5c95a63","0x4ed8aa4ae3418acb","0x5b9cca4f7763e373","0x682e6ff3d6b2b8a3","0x748f82ee5defb2fc","0x78a5636f43172f60","0x84c87814a1f0ab72","0x8cc702081a6439ec","0x90befffa23631e28","0xa4506cebde82bde9","0xbef9a3f7b2c67915","0xc67178f2e372532b","0xca273eceea26619c","0xd186b8c721c0c207","0xeada7dd6cde0eb1e","0xf57d4f7fee6ed178","0x06f067aa72176fba","0x0a637dc5a2c898a6","0x113f9804bef90dae","0x1b710b35131c471b","0x28db77f523047d84","0x32caab7b40c72493","0x3c9ebe0a15c9bebc","0x431d67c49c100d4c","0x4cc5d4becb3e42b6","0x597f299cfc657e2a","0x5fcb6fab3ad6faec","0x6c44198c4a475817"].map((t=>BigInt(t)))))(),_=/* @__PURE__ */new Uint32Array(80),V=/* @__PURE__ */new Uint32Array(80);class j extends w{constructor(){super(128,64,16,!1),this.Ah=1779033703,this.Al=-205731576,this.Bh=-1150833019,this.Bl=-2067093701,this.Ch=1013904242,this.Cl=-23791573,this.Dh=-1521486534,this.Dl=1595750129,this.Eh=1359893119,this.El=-1377402159,this.Fh=-1694144372,this.Fl=725511199,this.Gh=528734635,this.Gl=-79577749,this.Hh=1541459225,this.Hl=327033209}get(){const{Ah:t,Al:e,Bh:s,Bl:i,Ch:n,Cl:h,Dh:r,Dl:o,Eh:c,El:a,Fh:f,Fl:d,Gh:l,Gl:u,Hh:b,Hl:x}=this;return[t,e,s,i,n,h,r,o,c,a,f,d,l,u,b,x]}set(t,e,s,i,n,h,r,o,c,a,f,d,l,u,b,x){this.Ah=0|t,this.Al=0|e,this.Bh=0|s,this.Bl=0|i,this.Ch=0|n,this.Cl=0|h,this.Dh=0|r,this.Dl=0|o,this.Eh=0|c,this.El=0|a,this.Fh=0|f,this.Fl=0|d,this.Gh=0|l,this.Gl=0|u,this.Hh=0|b,this.Hl=0|x}process(t,e){for(let s=0;s<16;s++,e+=4)_[s]=t.getUint32(e),V[s]=t.getUint32(e+=4);for(let t=16;t<80;t++){const e=0|_[t-15],s=0|V[t-15],i=N.rotrSH(e,s,1)^N.rotrSH(e,s,8)^N.shrSH(e,s,7),n=N.rotrSL(e,s,1)^N.rotrSL(e,s,8)^N.shrSL(e,s,7),h=0|_[t-2],r=0|V[t-2],o=N.rotrSH(h,r,19)^N.rotrBH(h,r,61)^N.shrSH(h,r,6),c=N.rotrSL(h,r,19)^N.rotrBL(h,r,61)^N.shrSL(h,r,6),a=N.add4L(n,c,V[t-7],V[t-16]),f=N.add4H(a,i,o,_[t-7],_[t-16]);_[t]=0|f,V[t]=0|a}let{Ah:s,Al:i,Bh:n,Bl:h,Ch:r,Cl:o,Dh:c,Dl:a,Eh:f,El:d,Fh:l,Fl:u,Gh:b,Gl:x,Hh:p,Hl:g}=this;for(let t=0;t<80;t++){const e=N.rotrSH(f,d,14)^N.rotrSH(f,d,18)^N.rotrBH(f,d,41),y=N.rotrSL(f,d,14)^N.rotrSL(f,d,18)^N.rotrBL(f,d,41),L=f&l^~f&b,w=d&u^~d&x,B=N.add5L(g,y,w,X[t],V[t]),H=N.add5H(B,p,e,L,M[t],_[t]),A=0|B,E=N.rotrSH(s,i,28)^N.rotrBH(s,i,34)^N.rotrBH(s,i,39),k=N.rotrSL(s,i,28)^N.rotrBL(s,i,34)^N.rotrBL(s,i,39),U=s&n^s&r^n&r,I=i&h^i&o^h&o;p=0|b,g=0|x,b=0|l,x=0|u,l=0|f,u=0|d,({h:f,l:d}=N.add(0|c,0|a,0|H,0|A)),c=0|r,a=0|o,r=0|n,o=0|h,n=0|s,h=0|i;const S=N.add3L(A,k,I);s=N.add3H(S,H,E,U),i=0|S}({h:s,l:i}=N.add(0|this.Ah,0|this.Al,0|s,0|i)),({h:n,l:h}=N.add(0|this.Bh,0|this.Bl,0|n,0|h)),({h:r,l:o}=N.add(0|this.Ch,0|this.Cl,0|r,0|o)),({h:c,l:a}=N.add(0|this.Dh,0|this.Dl,0|c,0|a)),({h:f,l:d}=N.add(0|this.Eh,0|this.El,0|f,0|d)),({h:l,l:u}=N.add(0|this.Fh,0|this.Fl,0|l,0|u)),({h:b,l:x}=N.add(0|this.Gh,0|this.Gl,0|b,0|x)),({h:p,l:g}=N.add(0|this.Hh,0|this.Hl,0|p,0|g)),this.set(s,i,n,h,r,o,c,a,f,d,l,u,b,x,p,g)}roundClean(){_.fill(0),V.fill(0)}destroy(){this.buffer.fill(0),this.set(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)}}class R extends j{constructor(){super(),this.Ah=-876896931,this.Al=-1056596264,this.Bh=1654270250,this.Bl=914150663,this.Ch=-1856437926,this.Cl=812702999,this.Dh=355462360,this.Dl=-150054599,this.Eh=1731405415,this.El=-4191439,this.Fh=-1900787065,this.Fl=1750603025,this.Gh=-619958771,this.Gl=1694076839,this.Hh=1203062813,this.Hl=-1090891868,this.outputLen=48}}const T=/* @__PURE__ */p((()=>new j)),$=/* @__PURE__ */p((()=>new R)),q=[],z=[],J=[],K=/* @__PURE__ */BigInt(0),P=/* @__PURE__ */BigInt(1),Q=/* @__PURE__ */BigInt(2),W=/* @__PURE__ */BigInt(7),Y=/* @__PURE__ */BigInt(256),Z=/* @__PURE__ */BigInt(113);for(let t=0,e=P,s=1,i=0;t<24;t++){[s,i]=[i,(2*s+3*i)%5],q.push(2*(5*i+s)),z.push((t+1)*(t+2)/2%64);let n=K;for(let t=0;t<7;t++)e=(e<<P^(e>>W)*Z)%Y,e&Q&&(n^=P<<(P<</* @__PURE__ */BigInt(t))-P);J.push(n)}const[tt,et]=/* @__PURE__ */m(J,!0),st=(t,e,s)=>s>32?O(t,e,s):D(t,e,s),it=(t,e,s)=>s>32?v(t,e,s):G(t,e,s);class nt extends x{constructor(t,s,i,n=!1,h=24){if(super(),this.blockLen=t,this.suffix=s,this.outputLen=i,this.enableXOF=n,this.rounds=h,this.pos=0,this.posOut=0,this.finished=!1,this.destroyed=!1,e(i),0>=this.blockLen||this.blockLen>=200)throw Error("Sha3 supports only keccak-f1600 function");var r;this.state=new Uint8Array(200),this.state32=(r=this.state,new Uint32Array(r.buffer,r.byteOffset,Math.floor(r.byteLength/4)))}keccak(){f||d(this.state32),function(t,e=24){const s=new Uint32Array(10);for(let i=24-e;i<24;i++){for(let e=0;e<10;e++)s[e]=t[e]^t[e+10]^t[e+20]^t[e+30]^t[e+40];for(let e=0;e<10;e+=2){const i=(e+8)%10,n=(e+2)%10,h=s[n],r=s[n+1],o=st(h,r,1)^s[i],c=it(h,r,1)^s[i+1];for(let s=0;s<50;s+=10)t[e+s]^=o,t[e+s+1]^=c}let e=t[2],n=t[3];for(let s=0;s<24;s++){const i=z[s],h=st(e,n,i),r=it(e,n,i),o=q[s];e=t[o],n=t[o+1],t[o]=h,t[o+1]=r}for(let e=0;e<50;e+=10){for(let i=0;i<10;i++)s[i]=t[e+i];for(let i=0;i<10;i++)t[e+i]^=~s[(i+2)%10]&s[(i+4)%10]}t[0]^=tt[i],t[1]^=et[i]}s.fill(0)}(this.state32,this.rounds),f||d(this.state32),this.posOut=0,this.pos=0}update(t){n(this);const{blockLen:e,state:s}=this,i=(t=u(t)).length;for(let n=0;n<i;){const h=Math.min(e-this.pos,i-n);for(let e=0;e<h;e++)s[this.pos++]^=t[n++];this.pos===e&&this.keccak()}return this}finish(){if(this.finished)return;this.finished=!0;const{state:t,suffix:e,pos:s,blockLen:i}=this;t[s]^=e,128&e&&s===i-1&&this.keccak(),t[i-1]^=128,this.keccak()}writeInto(t){n(this,!1),s(t),this.finish();const e=this.state,{blockLen:i}=this;for(let s=0,n=t.length;s<n;){this.posOut>=i&&this.keccak();const h=Math.min(i-this.posOut,n-s);t.set(e.subarray(this.posOut,this.posOut+h),s),this.posOut+=h,s+=h}return t}xofInto(t){if(!this.enableXOF)throw Error("XOF is not possible for this instance");return this.writeInto(t)}xof(t){return e(t),this.xofInto(new Uint8Array(t))}digestInto(t){if(h(t,this),this.finished)throw Error("digest() was already called");return this.writeInto(t),this.destroy(),t}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,this.state.fill(0)}_cloneInto(t){const{blockLen:e,suffix:s,outputLen:i,rounds:n,enableXOF:h}=this;return t||(t=new nt(e,s,i,h,n)),t.state32.set(this.state32),t.pos=this.pos,t.posOut=this.posOut,t.finished=this.finished,t.rounds=n,t.suffix=s,t.outputLen=i,t.enableXOF=h,t.destroyed=this.destroyed,t}}const ht=(t,e,s)=>p((()=>new nt(e,t,s))),rt=/* @__PURE__ */ht(6,136,32),ot=/* @__PURE__ */ht(6,72,64),ct=/* @__PURE__ */((t,e,s)=>function(t){const e=(e,s)=>t(s).update(u(e)).digest(),s=t({});return e.outputLen=s.outputLen,e.blockLen=s.blockLen,e.create=e=>t(e),e}(((i={})=>new nt(e,t,void 0===i.dkLen?s:i.dkLen,!0))))(31,136,32);export{y as C,x as H,L as M,$ as a,s as b,b as c,T as d,n as e,ct as f,w as g,i as h,a as i,I as j,rt as k,ot as l,g as r,U as s,u as t,l as u,p as w};
 //# sourceMappingURL=sha3.min.mjs.map

package/dist/lightweight/sha3.mjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.0 - 2024-09-09 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
 function number(n) {

package/dist/node/openpgp.cjs

@@ -1,4 +1,4 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.0 - 2024-09-09 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 'use strict';
 
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
@@ -1709,7 +1709,7 @@ var config = {
    * @memberof module:config
    * @property {String} versionString A version string to be included in armored messages
    */
-  versionString: 'OpenPGP.js 6.0.0-beta.3.patch.0',
+  versionString: 'OpenPGP.js 6.0.0-beta.3.patch.1',
   /**
    * @memberof module:config
    * @property {String} commentString A comment string to be included in armored messages
@@ -9325,7 +9325,7 @@ async function sign$6(algo, hashAlgo, message, publicKey, privateKey, hashed) {
     case enums.publicKey.ed25519:
       try {
         const webCrypto = util.getWebCrypto();
-        const jwk = privateKeyToJWK$1(algo, publicKey, privateKey);
+        const jwk = privateKeyToJWK(algo, publicKey, privateKey);
         const key = await webCrypto.importKey('jwk', jwk, 'Ed25519', false, ['sign']);
 
         const signature = new Uint8Array(
@@ -9372,7 +9372,7 @@ async function verify$6(algo, hashAlgo, { RS }, m, publicKey, hashed) {
     case enums.publicKey.ed25519:
       try {
         const webCrypto = util.getWebCrypto();
-        const jwk = publicKeyToJWK$1(algo, publicKey);
+        const jwk = publicKeyToJWK(algo, publicKey);
         const key = await webCrypto.importKey('jwk', jwk, 'Ed25519', false, ['verify']);
         const verified = await webCrypto.verify('Ed25519', key, RS, hashed);
         return verified;
@@ -9447,7 +9447,7 @@ function getPreferredHashAlgo$2(algo) {
   }
 }
 
-const publicKeyToJWK$1 = (algo, publicKey) => {
+const publicKeyToJWK = (algo, publicKey) => {
   switch (algo) {
     case enums.publicKey.ed25519: {
       const jwk = {
@@ -9463,10 +9463,10 @@ const publicKeyToJWK$1 = (algo, publicKey) => {
   }
 };
 
-const privateKeyToJWK$1 = (algo, publicKey, privateKey) => {
+const privateKeyToJWK = (algo, publicKey, privateKey) => {
   switch (algo) {
     case enums.publicKey.ed25519: {
-      const jwk = publicKeyToJWK$1(algo, publicKey);
+      const jwk = publicKeyToJWK(algo, publicKey);
       jwk.d = uint8ArrayToB64(privateKey);
       return jwk;
     }
@@ -9615,27 +9615,12 @@ const HKDF_INFO = {
  */
 async function generate$3(algo) {
   switch (algo) {
-    case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const webCryptoKey = await webCrypto.generateKey('X25519', true, ['deriveKey', 'deriveBits']);
-
-        const privateKey = await webCrypto.exportKey('jwk', webCryptoKey.privateKey);
-        const publicKey = await webCrypto.exportKey('jwk', webCryptoKey.publicKey);
-
-        return {
-          A: new Uint8Array(b64ToUint8Array(publicKey.x)),
-          k: b64ToUint8Array(privateKey.d, true)
-        };
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        // k stays in little-endian, unlike legacy ECDH over curve25519
-        const k = getRandomBytes(32);
-        const { publicKey: A } = nacl.box.keyPair.fromSecretKey(k);
-        return { A, k };
-      }
+    case enums.publicKey.x25519: {
+      // k stays in little-endian, unlike legacy ECDH over curve25519
+      const k = getRandomBytes(32);
+      const { publicKey: A } = nacl.box.keyPair.fromSecretKey(k);
+      return { A, k };
+    }
 
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
@@ -9777,32 +9762,13 @@ function getPayloadSize(algo) {
  */
 async function generateEphemeralEncryptionMaterial(algo, recipientA) {
   switch (algo) {
-    case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const jwk = publicKeyToJWK(algo, recipientA);
-        const ephemeralKeyPair = await webCrypto.generateKey('X25519', true, ['deriveKey', 'deriveBits']);
-        const recipientPublicKey = await webCrypto.importKey('jwk', jwk, 'X25519', false, []);
-        const sharedSecretBuffer = await webCrypto.deriveBits(
-          { name: 'X25519', public: recipientPublicKey },
-          ephemeralKeyPair.privateKey,
-          getPayloadSize(algo) * 8 // in bits
-        );
-        const ephemeralPublicKeyJwt = await webCrypto.exportKey('jwk', ephemeralKeyPair.publicKey);
-        return {
-          sharedSecret: new Uint8Array(sharedSecretBuffer),
-          ephemeralPublicKey: new Uint8Array(b64ToUint8Array(ephemeralPublicKeyJwt.x))
-        };
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        const ephemeralSecretKey = getRandomBytes(getPayloadSize(algo));
-        const sharedSecret = nacl.scalarMult(ephemeralSecretKey, recipientA);
-        const { publicKey: ephemeralPublicKey } = nacl.box.keyPair.fromSecretKey(ephemeralSecretKey);
+    case enums.publicKey.x25519: {
+      const ephemeralSecretKey = getRandomBytes(getPayloadSize(algo));
+      const sharedSecret = nacl.scalarMult(ephemeralSecretKey, recipientA);
+      const { publicKey: ephemeralPublicKey } = nacl.box.keyPair.fromSecretKey(ephemeralSecretKey);
 
-        return { ephemeralPublicKey, sharedSecret };
-      }
+      return { ephemeralPublicKey, sharedSecret };
+    }
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
       const ephemeralSecretKey = x448.utils.randomPrivateKey();
@@ -9818,24 +9784,7 @@ async function generateEphemeralEncryptionMaterial(algo, recipientA) {
 async function recomputeSharedSecret(algo, ephemeralPublicKey, A, k) {
   switch (algo) {
     case enums.publicKey.x25519:
-      try {
-        const webCrypto = util.getWebCrypto();
-        const privateKeyJWK = privateKeyToJWK(algo, A, k);
-        const ephemeralPublicKeyJWK = publicKeyToJWK(algo, ephemeralPublicKey);
-        const privateKey = await webCrypto.importKey('jwk', privateKeyJWK, 'X25519', false, ['deriveKey', 'deriveBits']);
-        const ephemeralPublicKeyReference = await webCrypto.importKey('jwk', ephemeralPublicKeyJWK, 'X25519', false, []);
-        const sharedSecretBuffer = await webCrypto.deriveBits(
-          { name: 'X25519', public: ephemeralPublicKeyReference },
-          privateKey,
-          getPayloadSize(algo) * 8 // in bits
-        );
-        return new Uint8Array(sharedSecretBuffer);
-      } catch (err) {
-        if (err.name !== 'NotSupportedError') {
-          throw err;
-        }
-        return nacl.scalarMult(k, ephemeralPublicKey);
-      }
+      return nacl.scalarMult(k, ephemeralPublicKey);
     case enums.publicKey.x448: {
       const x448 = await util.getNobleCurve(enums.publicKey.x448);
       const sharedSecret = x448.getSharedSecret(k, ephemeralPublicKey);
@@ -9846,35 +9795,6 @@ async function recomputeSharedSecret(algo, ephemeralPublicKey, A, k) {
   }
 }
 
-
-function publicKeyToJWK(algo, publicKey) {
-  switch (algo) {
-    case enums.publicKey.x25519: {
-      const jwk = {
-        kty: 'OKP',
-        crv: 'X25519',
-        x: uint8ArrayToB64(publicKey),
-        ext: true
-      };
-      return jwk;
-    }
-    default:
-      throw new Error('Unsupported ECDH algorithm');
-  }
-}
-
-function privateKeyToJWK(algo, publicKey, privateKey) {
-  switch (algo) {
-    case enums.publicKey.x25519: {
-      const jwk = publicKeyToJWK(algo, publicKey);
-      jwk.d = uint8ArrayToB64(privateKey);
-      return jwk;
-    }
-    default:
-      throw new Error('Unsupported ECDH algorithm');
-  }
-}
-
 var ecdh_x = /*#__PURE__*/Object.freeze({
   __proto__: null,
   decrypt: decrypt$2,
@@ -12575,13 +12495,25 @@ class Argon2S2K {
     const { passes, parallelism, memoryExponent } = config$1.s2kArgon2Params;
 
     this.type = 'argon2';
-    /**  @type {Uint8Array} 16 bytes of salt */
+    /**
+     * 16 bytes of salt
+     * @type {Uint8Array}
+     */
     this.salt = null;
-    /** @type {Integer} number of passes */
+    /**
+     * number of passes
+     * @type {Integer}
+     */
     this.t = passes;
-    /** @type {Integer} degree of parallelism (lanes) */
+    /**
+     * degree of parallelism (lanes)
+     * @type {Integer}
+     */
     this.p = parallelism;
-    /** @type {Integer} exponent indicating memory size */
+    /**
+     * exponent indicating memory size
+     * @type {Integer}
+     */
     this.encodedM = memoryExponent;
   }