npm - @protontech/openpgp - Versions diffs - 6.0.0-beta.3.patch.1 → 6.0.0 - Mend

@protontech/openpgp 6.0.0-beta.3.patch.1 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

package/README.md +34 -37
package/dist/lightweight/argon2id.min.mjs +1 -1
package/dist/lightweight/argon2id.min.mjs.map +1 -1
package/dist/lightweight/argon2id.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs.map +1 -1
package/dist/lightweight/legacy_ciphers.mjs +1 -1
package/dist/lightweight/noble_curves.min.mjs +1 -1
package/dist/lightweight/noble_curves.min.mjs.map +1 -1
package/dist/lightweight/noble_curves.mjs +1 -1
package/dist/lightweight/noble_hashes.min.mjs +1 -1
package/dist/lightweight/noble_hashes.min.mjs.map +1 -1
package/dist/lightweight/noble_hashes.mjs +1 -1
package/dist/lightweight/openpgp.min.mjs +4 -4
package/dist/lightweight/openpgp.min.mjs.map +1 -1
package/dist/lightweight/openpgp.mjs +247 -951
package/dist/lightweight/seek-bzip.min.mjs +3 -0
package/dist/lightweight/seek-bzip.min.mjs.map +1 -0
package/dist/lightweight/seek-bzip.mjs +866 -0
package/dist/lightweight/sha3.min.mjs +1 -1
package/dist/lightweight/sha3.min.mjs.map +1 -1
package/dist/lightweight/sha3.mjs +1 -1
package/dist/node/openpgp.cjs +11366 -11208
package/dist/node/openpgp.min.cjs +14 -14
package/dist/node/openpgp.min.cjs.map +1 -1
package/dist/node/openpgp.min.mjs +14 -14
package/dist/node/openpgp.min.mjs.map +1 -1
package/dist/node/openpgp.mjs +5459 -5301
package/dist/openpgp.js +6506 -6348
package/dist/openpgp.min.js +14 -14
package/dist/openpgp.min.js.map +1 -1
package/dist/openpgp.min.mjs +14 -14
package/dist/openpgp.min.mjs.map +1 -1
package/dist/openpgp.mjs +6506 -6348
package/package.json +23 -23

package/dist/lightweight/openpgp.min.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function f(e){if(c(e))return e;const t=new a;return(async()=>{const r=B(t);await r.write(e),await r.close()})(),t}function d(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=B(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=C(e=f(e)),o=B(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=B(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?d([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?d([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=f(e);const r=new a;return t(e,r),r}function A(e,t){let r;const i=v(e,((e,n)=>{const a=C(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function E(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function K(e){return s(e)?E(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=C(e),n=B(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(d(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?d([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=d(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=d){return s(e)?e.readToEnd(t):c(e)?C(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=B(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function C(e){return new p(e)}function B(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?d(t):void 0;const n=i.indexOf("\n")+1;n&&(e=d(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?d(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=d(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=d){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const I=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[I]||(e[I]=[],Object.entries(e).forEach((([t,r])=>{e[I][r]=t}))),void 0!==e[I][t])return e[I][t];throw Error("Invalid enum value.")}},R={preferredHashAlgorithm:T.hash.sha256,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.0-beta.3.patch.1",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const M=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),L={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!R.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=L.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return L.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return L.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=L.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return L.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+L.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!L.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:d,concatUint8Array:h,equalsUint8Array:function(e,t){if(!L.isUint8Array(e)||!L.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return L.writeNumber(t,2)},printDebug:function(e){M&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){M&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!L.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=L.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?L.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},F=L.getNodeBuffer();let _,O;function N(e){let t=new Uint8Array;return k(e,(e=>{t=L.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=_(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?_(t)+"\n":""))}function z(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=O(t.substr(0,n));return t=t.substr(n),a}),(()=>O(t)))}function H(e){return z(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=N(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function G(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function q(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}F?(_=e=>F.from(e).toString("base64"),O=e=>{const t=F.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(_=e=>btoa(L.uint8ArrayToString(e)),O=e=>L.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Z(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||L.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||L.printDebugError(Error("Unknown header: "+e[t]))}function X(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function Q(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=z(v(e,(async(e,y)=>{const p=C(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=L.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Z(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Z(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=G(e))}}catch(e){return void r(e)}const g=B(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=L.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=X(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=R){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&K(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return L.concat(h)}async function J(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function ee(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function te(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function re(e){return{keySize:te(e),blockSize:ee(e)}}var ie=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:re,getLegacyCipher:J});function ne(e,t){let r=e[0],i=e[1],n=e[2],a=e[3];r=se(r,i,n,a,t[0],7,-680876936),a=se(a,r,i,n,t[1],12,-389564586),n=se(n,a,r,i,t[2],17,606105819),i=se(i,n,a,r,t[3],22,-1044525330),r=se(r,i,n,a,t[4],7,-176418897),a=se(a,r,i,n,t[5],12,1200080426),n=se(n,a,r,i,t[6],17,-1473231341),i=se(i,n,a,r,t[7],22,-45705983),r=se(r,i,n,a,t[8],7,1770035416),a=se(a,r,i,n,t[9],12,-1958414417),n=se(n,a,r,i,t[10],17,-42063),i=se(i,n,a,r,t[11],22,-1990404162),r=se(r,i,n,a,t[12],7,1804603682),a=se(a,r,i,n,t[13],12,-40341101),n=se(n,a,r,i,t[14],17,-1502002290),i=se(i,n,a,r,t[15],22,1236535329),r=oe(r,i,n,a,t[1],5,-165796510),a=oe(a,r,i,n,t[6],9,-1069501632),n=oe(n,a,r,i,t[11],14,643717713),i=oe(i,n,a,r,t[0],20,-373897302),r=oe(r,i,n,a,t[5],5,-701558691),a=oe(a,r,i,n,t[10],9,38016083),n=oe(n,a,r,i,t[15],14,-660478335),i=oe(i,n,a,r,t[4],20,-405537848),r=oe(r,i,n,a,t[9],5,568446438),a=oe(a,r,i,n,t[14],9,-1019803690),n=oe(n,a,r,i,t[3],14,-187363961),i=oe(i,n,a,r,t[8],20,1163531501),r=oe(r,i,n,a,t[13],5,-1444681467),a=oe(a,r,i,n,t[2],9,-51403784),n=oe(n,a,r,i,t[7],14,1735328473),i=oe(i,n,a,r,t[12],20,-1926607734),r=ce(r,i,n,a,t[5],4,-378558),a=ce(a,r,i,n,t[8],11,-2022574463),n=ce(n,a,r,i,t[11],16,1839030562),i=ce(i,n,a,r,t[14],23,-35309556),r=ce(r,i,n,a,t[1],4,-1530992060),a=ce(a,r,i,n,t[4],11,1272893353),n=ce(n,a,r,i,t[7],16,-155497632),i=ce(i,n,a,r,t[10],23,-1094730640),r=ce(r,i,n,a,t[13],4,681279174),a=ce(a,r,i,n,t[0],11,-358537222),n=ce(n,a,r,i,t[3],16,-722521979),i=ce(i,n,a,r,t[6],23,76029189),r=ce(r,i,n,a,t[9],4,-640364487),a=ce(a,r,i,n,t[12],11,-421815835),n=ce(n,a,r,i,t[15],16,530742520),i=ce(i,n,a,r,t[2],23,-995338651),r=ue(r,i,n,a,t[0],6,-198630844),a=ue(a,r,i,n,t[7],10,1126891415),n=ue(n,a,r,i,t[14],15,-1416354905),i=ue(i,n,a,r,t[5],21,-57434055),r=ue(r,i,n,a,t[12],6,1700485571),a=ue(a,r,i,n,t[3],10,-1894986606),n=ue(n,a,r,i,t[10],15,-1051523),i=ue(i,n,a,r,t[1],21,-2054922799),r=ue(r,i,n,a,t[8],6,1873313359),a=ue(a,r,i,n,t[15],10,-30611744),n=ue(n,a,r,i,t[6],15,-1560198380),i=ue(i,n,a,r,t[13],21,1309151649),r=ue(r,i,n,a,t[4],6,-145523070),a=ue(a,r,i,n,t[11],10,-1120210379),n=ue(n,a,r,i,t[2],15,718787259),i=ue(i,n,a,r,t[9],21,-343485551),e[0]=pe(r,e[0]),e[1]=pe(i,e[1]),e[2]=pe(n,e[2]),e[3]=pe(a,e[3])}function ae(e,t,r,i,n,a){return t=pe(pe(t,e),pe(i,a)),pe(t<<n|t>>>32-n,r)}function se(e,t,r,i,n,a,s){return ae(t&r|~t&i,e,t,n,a,s)}function oe(e,t,r,i,n,a,s){return ae(t&i|r&~i,e,t,n,a,s)}function ce(e,t,r,i,n,a,s){return ae(t^r^i,e,t,n,a,s)}function ue(e,t,r,i,n,a,s){return ae(r^(t|~i),e,t,n,a,s)}function he(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const le="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=le[e>>8*r+4&15]+le[e>>8*r&15];return t}function pe(e,t){return e+t&4294967295}const ge=L.getWebCrypto(),fe=L.getNodeCrypto(),de=fe&&fe.getHashes();function me(e){if(fe&&de.includes(e))return async function(t){const r=fe.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function we(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),L.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ge&&t)return new Uint8Array(await ge.digest(t,e));return(await r())(e)}}var be={md5:me("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ne(r,he(e.substring(i-64,i)));e=e.substring(i-64);const n=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)n[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(n[i>>2]|=128<<(i%4<<3),i>55)for(ne(r,n),i=0;i<16;i++)n[i]=0;return n[14]=8*t,ne(r,n),r}(L.uint8ArrayToString(e));return L.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:me("sha1")||we("sha1","SHA-1"),sha224:me("sha224")||we("sha224"),sha256:me("sha256")||we("sha256","SHA-256"),sha384:me("sha384")||we("sha384","SHA-384"),sha512:me("sha512")||we("sha512","SHA-512"),ripemd:me("ripemd160")||we("ripemd160"),sha3_256:me("sha3-256")||we("sha3_256"),sha3_512:me("sha3-512")||we("sha3_512"),digest:function(e,t){switch(e){case T.hash.md5:return this.md5(t);case T.hash.sha1:return this.sha1(t);case T.hash.ripemd:return this.ripemd(t);case T.hash.sha256:return this.sha256(t);case T.hash.sha384:return this.sha384(t);case T.hash.sha512:return this.sha512(t);case T.hash.sha224:return this.sha224(t);case T.hash.sha3_256:return this.sha3_256(t);case T.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case T.hash.md5:case T.hash.sha1:case T.hash.ripemd:case T.hash.sha224:case T.hash.sha256:return 64;case T.hash.sha384:case T.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}};function ke(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function ve(e,...t){if(!ke(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Ae(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ee(e,t){ve(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
-/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const Ke=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),Se=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),Pe=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function Ue(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!ke(e))throw Error("Uint8Array expected, got "+typeof e);e=Ie(e)}return e}function De(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const xe=(e,t)=>(Object.assign(t,e),t);function Ce(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function Be(e){return e.byteOffset%4==0}function Ie(e){return Uint8Array.from(e)}function Te(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const Re=16,Me=/* @__PURE__ */new Uint8Array(16),Le=Se(Me),Fe=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class _e{constructor(e,t){this.blockLen=Re,this.outputLen=Re,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,ve(e=Ue(e),16);const r=Pe(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:Fe(i),s1:Fe(n),s2:Fe(a),s3:Fe(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,f=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}f.push({s0:r,s1:i,s2:n,s3:a})}this.t=f}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:f}=a[y*s+r];o^=i,c^=p,u^=g,h^=f,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=Ue(e),Ae(this);const t=Se(e),r=Math.floor(e.length/Re),i=e.length%Re;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(Me.set(e.subarray(r*Re)),this._updateBlock(Le[0],Le[1],Le[2],Le[3]),Te(Le)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Ae(this),Ee(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(Re);return this.digestInto(e),this.destroy(),e}}class Oe extends _e{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(Ie(e=Ue(e)));super(r,t),Te(r)}update(e){e=Ue(e),Ae(this);const t=Se(e),r=e.length%Re,i=Math.floor(e.length/Re);for(let e=0;e<i;e++)this._updateBlock(Fe(t[4*e+3]),Fe(t[4*e+2]),Fe(t[4*e+1]),Fe(t[4*e+0]));return r&&(Me.set(e.subarray(i*Re)),this._updateBlock(Fe(Le[3]),Fe(Le[2]),Fe(Le[1]),Fe(Le[0])),Te(Le)),this}digestInto(e){Ae(this),Ee(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function Ne(e){const t=(t,r)=>e(r,t.length).update(Ue(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const ze=Ne(((e,t)=>new _e(e,t)));Ne(((e,t)=>new Oe(e,t)));const He=16,je=new Uint8Array(He),Ge=283;function qe(e){return e<<1^Ge&-(e>>7)}function Ve(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=qe(e);return r}const We=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=qe(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return Te(e),t})(),$e=/* @__PURE__ */We.map(((e,t)=>We.indexOf(t))),Ze=e=>e<<24|e>>>8,Xe=e=>e<<8|e>>>24,Qe=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Ye(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Xe),n=i.map(Xe),a=n.map(Xe),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const Je=/* @__PURE__ */Ye(We,(e=>Ve(e,3)<<24|e<<16|e<<8|Ve(e,2))),et=/* @__PURE__ */Ye($e,(e=>Ve(e,11)<<24|Ve(e,13)<<16|Ve(e,9)<<8|Ve(e,14))),tt=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=qe(r))e[t]=r;return e})();function rt(e){ve(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=Je,i=[];Be(e)||i.push(e=Ie(e));const n=Se(e),a=n.length,s=e=>at(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Ze(t))^tt[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return Te(...i),o}function it(e){const t=rt(e),r=t.slice(),i=t.length,{sbox2:n}=Je,{T0:a,T1:s,T2:o,T3:c}=et;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];Te(t);for(let e=4;e<i-4;e++){const t=r[e],i=at(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function nt(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function at(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function st(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Je;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,r,i,n),u=e[c++]^nt(s,o,r,i,n,t),h=e[c++]^nt(s,o,i,n,t,r),l=e[c++]^nt(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,r,i,n),s1:e[c++]^at(a,r,i,n,t),s2:e[c++]^at(a,i,n,t,r),s3:e[c++]^at(a,n,t,r,i)}}function ot(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=et;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,n,i,r),u=e[c++]^nt(s,o,r,t,n,i),h=e[c++]^nt(s,o,i,r,t,n),l=e[c++]^nt(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,n,i,r),s1:e[c++]^at(a,r,t,n,i),s2:e[c++]^at(a,i,r,t,n),s3:e[c++]^at(a,n,i,r,t)}}function ct(e,t){if(void 0===t)return new Uint8Array(e);if(ve(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!Be(t))throw Error("unaligned dst");return t}function ut(e,t,r,i){ve(t,He),ve(r);const n=r.length;i=ct(n,i);const a=t,s=Se(a);let{s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]);const l=Se(r),y=Se(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]))}const p=He*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=Ke(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];Te(e)}return i}function ht(e,t,r,i,n){ve(r,He),ve(i),n=ct(i.length,n);const a=r,s=Se(a),o=Pe(a),c=Se(i),u=Se(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:f,s3:d}=st(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^f,u[r+3]=c[r+3]^d,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:f,s3:d}=st(e,s[0],s[1],s[2],s[3]));const m=He*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,f,d]),t=Ke(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];Te(e)}return n}const lt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(ve(r),void 0!==i&&(ve(i),!Be(i)))throw Error("unaligned destination");const n=rt(e),a=Ie(t),s=[n,a];Be(r)||s.push(r=Ie(r));const o=ut(n,a,r,i);return Te(...s),o}return ve(e),ve(t,He),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const yt=xe({blockSize:16,nonceLength:16},(function(e,t,r={}){ve(e),ve(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=rt(e),{b:s,o,out:c}=function(e,t,r){ve(e);let i=e.length;const n=i%He;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Be(e)||(e=Ie(e));const a=Se(e);if(t){let e=He-n;e||(e=He),i+=e}const s=ct(i,r);return{b:a,o:Se(s),out:s}}(r,i,n);let u=t;const h=[a];Be(u)||h.push(u=Ie(u));const l=Se(u);let y=l[0],p=l[1],g=l[2],f=l[3],d=0;for(;d+4<=s.length;)y^=s[d+0],p^=s[d+1],g^=s[d+2],f^=s[d+3],({s0:y,s1:p,s2:g,s3:f}=st(a,y,p,g,f)),o[d++]=y,o[d++]=p,o[d++]=g,o[d++]=f;if(i){const e=function(e){const t=new Uint8Array(16),r=Se(t);t.set(e);const i=He-e.length;for(let e=He-i;e<He;e++)t[e]=i;return r}(r.subarray(4*d));y^=e[0],p^=e[1],g^=e[2],f^=e[3],({s0:y,s1:p,s2:g,s3:f}=st(a,y,p,g,f)),o[d++]=y,o[d++]=p,o[d++]=g,o[d++]=f}return Te(...h),c},decrypt(r,n){!function(e){if(ve(e),e.length%He!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=it(e);let s=t;const o=[a];Be(s)||o.push(s=Ie(s));const c=Se(s),u=ct(r.length,n);Be(r)||o.push(r=Ie(r));const h=Se(r),l=Se(u);let y=c[0],p=c[1],g=c[2],f=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=f;y=h[e+0],p=h[e+1],g=h[e+2],f=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=ot(a,y,p,g,f);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return Te(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding byte: "+i);const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),pt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){ve(r);const a=r.length;n=ct(a,n);const s=rt(e);let o=t;const c=[s];Be(o)||c.push(o=Ie(o)),Be(r)||c.push(r=Ie(r));const u=Se(r),h=Se(n),l=i?h:u,y=Se(o);let p=y[0],g=y[1],f=y[2],d=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=st(s,p,g,f,d);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],f=l[e++],d=l[e++]}const m=He*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:f,s3:d}=st(s,p,g,f,d));const e=Ke(new Uint32Array([p,g,f,d]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];Te(e)}return Te(...c),n}return ve(e),ve(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const gt=xe({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(ve(e),ve(t),void 0!==r&&ve(r),0===t.length)throw Error("aes/gcm: empty nonce");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=Pe(o);n&&Ce(c,0,BigInt(8*a),t),Ce(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return Te(o),u}(ze,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=rt(e),i=je.slice(),n=je.slice();if(ht(r,!1,n,n,i),12===t.length)n.set(t);else{const e=je.slice();Ce(Pe(e),8,BigInt(8*t.length),!1);const r=ze.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:ht(r,!1,n,je)}}return{encrypt(e){ve(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];Be(e)||u.push(e=Ie(e)),ht(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),Te(...u),c},decrypt(e){if(ve(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];Be(e)||c.push(e=Ie(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!De(l,h))throw Error("aes/gcm: invalid ghash tag");const y=ht(t,!1,s,u);return Te(...c),y}}}));function ft(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function dt(e,t){if(ve(t,16),!ft(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=st(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function mt(e,t){if(ve(t,16),!ft(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=ot(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const wt={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=rt(e);if(16===t.length)dt(r,t);else{const e=Se(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=st(r,i,n,e[t],e[t+1]);i=s,n=o^Qe(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=it(e),i=t.length/8-1;if(1===i)mt(r,t);else{const e=Se(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Qe(s);const{s0:i,s1:o,s2:c,s3:u}=ot(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},bt=new Uint8Array(8).fill(166),kt=xe({blockSize:8},(e=>({encrypt(t){if(ve(t),!t.length||t.length%8!=0)throw Error("plaintext length must be non-empty and a multiple of 8 bytes");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];ve(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(bt,t);return wt.encrypt(e,r),r},decrypt(t){if(ve(t),t.length%8!=0||t.length<24)throw Error("ciphertext must be at least 24 bytes and a multiple of 8 bytes");const r=Ie(t);if(wt.decrypt(e,r),!De(r.subarray(0,8),bt))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),vt={expandKeyLE:rt,expandKeyDecLE:it,encrypt:st,decrypt:ot,encryptBlock:dt,decryptBlock:mt,ctrCounter:ut,ctr32:ht},At=L.getWebCrypto(),Et=L.getNodeCrypto(),Kt=Et?Et.getCiphers():[],St={idea:Kt.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Kt.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Kt.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Kt.includes("bf-cfb")?"bf-cfb":void 0,aes128:Kt.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Kt.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Kt.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Pt{constructor(e,t,r){const{blockSize:i}=re(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=re(e);return At.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await At.importKey("raw",this.key,r,!1,["encrypt"]);const i=await At.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=L.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return Dt(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Dt(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Dt(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(L.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Dt(t,e),this.clearSensitiveData(),t}}class Ut{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=re(t);this.key=vt.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=xt(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=xt(e),r=new Uint8Array(e.length),i=xt(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=vt.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function Dt(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const xt=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));var Ct=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const n=T.read(T.symmetric,e);if(Et&&St[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Et.createDecipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(L.isStream(r)){const n=new Ut(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).decrypt(r)}(e,t,r,i);const a=new(await J(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=L.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)},encrypt:async function(e,t,r,i,n){const a=T.read(T.symmetric,e);if(L.getNodeCrypto()&&St[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Et.createCipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(At&&await Pt.isSupported(e)){const n=new Pt(e,t,i);return L.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(L.isStream(r)){const n=new Ut(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).encrypt(r)}(e,t,r,i);const s=new(await J(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=L.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}});const Bt=L.getWebCrypto(),It=L.getNodeCrypto(),Tt=16;function Rt(e,t){const r=e.length-Tt;for(let i=0;i<Tt;i++)e[i+r]^=t[i];return e}const Mt=new Uint8Array(Tt);async function Lt(e){const t=await Ft(e),r=L.double(await t(Mt)),i=L.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Tt==0)return Rt(e,t);const i=new Uint8Array(e.length+(Tt-e.length%Tt));return i.set(e),i[e.length]=128,Rt(i,r)}(e,r,i))).subarray(-Tt)}}async function Ft(e){if(L.getNodeCrypto())return async function(t){const r=new It.createCipheriv("aes-"+8*e.length+"-cbc",e,Mt).update(t);return new Uint8Array(r)};if(L.getWebCrypto())try{return e=await Bt.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Bt.encrypt({name:"AES-CBC",iv:Mt,length:8*Tt},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Tt)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return yt(e,Mt,{disablePadding:!0}).encrypt(t)}}const _t=L.getWebCrypto(),Ot=L.getNodeCrypto(),Nt=L.getNodeBuffer(),zt=16,Ht=zt,jt=zt,Gt=new Uint8Array(zt),qt=new Uint8Array(zt);qt[zt-1]=1;const Vt=new Uint8Array(zt);async function Wt(e){const t=await Lt(e);return function(e,r){return t(L.concatUint8Array([e,r]))}}async function $t(e){if(L.getNodeCrypto())return async function(t,r){const i=new Ot.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Nt.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(L.getWebCrypto())try{const t=await _t.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await _t.encrypt({name:"AES-CTR",counter:r,length:8*zt},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return lt(e,r).encrypt(t)}}async function Zt(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Wt(t),$t(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(Gt,t),r(qt,n)]),o=await i(e,a),c=await r(Vt,o);for(let e=0;e<jt;e++)c[e]^=s[e]^a[e];return L.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<jt)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-jt),s=e.subarray(-jt),[o,c,u]=await Promise.all([r(Gt,t),r(qt,n),r(Vt,a)]),h=u;for(let e=0;e<jt;e++)h[e]^=c[e]^o[e];if(!L.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Vt[zt-1]=2,Zt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Zt.blockLength=zt,Zt.ivLength=Ht,Zt.tagLength=jt;const Xt=16,Qt=16;function Yt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Jt(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function er(e,t){return Jt(e.slice(),t)}const tr=new Uint8Array(Xt),rr=new Uint8Array([1]);async function ir(e,t){const{keySize:r}=re(e);if(!L.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=yt(t,tr,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/Xt|0;!function(e,t){const r=L.nbits(Math.max(e.length,t.length)/Xt|0)-1;for(let e=i+1;e<=r;e++)o[e]=L.double(o[e-1]);i=r}(t,n);const c=L.concatUint8Array([tr.subarray(0,15-r.length),rr,r]),u=63&c[15];c[15]&=192;const h=a(c),l=L.concatUint8Array([h,er(h.subarray(0,8),h.subarray(1,9))]),y=L.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(Xt),g=new Uint8Array(t.length+Qt);let f,d=0;for(f=0;f<s;f++)Jt(y,o[Yt(f+1)]),g.set(Jt(e(er(y,t)),y),d),Jt(p,e===a?t:g.subarray(d)),t=t.subarray(Xt),d+=Xt;if(t.length){Jt(y,o.x);const r=a(y);g.set(er(t,r),d);const i=new Uint8Array(Xt);i.set(e===a?t:g.subarray(d,-16),0),i[t.length]=128,Jt(p,i),d+=t.length}const m=Jt(a(Jt(Jt(p,y),o.$)),function(e){if(!e.length)return tr;const t=e.length/Xt|0,r=new Uint8Array(Xt),i=new Uint8Array(Xt);for(let n=0;n<t;n++)Jt(r,o[Yt(n+1)]),Jt(i,a(er(r,e))),e=e.subarray(Xt);if(e.length){Jt(r,o.x);const t=new Uint8Array(Xt);t.set(e,0),t[e.length]=128,Jt(t,r),Jt(i,a(t))}return i}(n));return g.set(m,d),g}return function(){const e=a(tr),t=L.double(e);o=[],o[0]=L.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<Qt)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const n=c(s,e,t,r);if(L.equalsUint8Array(i,n.subarray(-16)))return n.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ir.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ir.blockLength=Xt,ir.ivLength=15,ir.tagLength=Qt;const nr=L.getWebCrypto(),ar=L.getNodeCrypto(),sr=L.getNodeBuffer(),or=16,cr="AES-GCM";async function ur(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(L.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ar.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=sr.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ar.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-or,e.length));const a=sr.concat([n.update(e.slice(0,e.length-or)),n.final()]);return new Uint8Array(a)}};if(L.getWebCrypto())try{const e=await nr.importKey("raw",t,{name:cr},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return gt(t,n,a).encrypt(i);const s=await nr.encrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===or)return gt(t,n,a).decrypt(i);try{const t=await nr.decrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return gt(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return gt(t,r,i).decrypt(e)}}}ur.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},ur.blockLength=16,ur.ivLength=12,ur.tagLength=or;var hr={cfb:Ct,gcm:ur,experimentalGCM:ur,eax:Zt,ocb:ir};const lr=BigInt(0),yr=BigInt(1);function pr(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function gr(e,t){const r=e%t;return r<lr?r+t:r}function fr(e,t,r){if(r===lr)throw Error("Modulo cannot be zero");if(r===yr)return BigInt(0);if(t<lr)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>lr;){const e=i&yr;i>>=yr;a=e?a*n%r:a,n=n*n%r}return a}function dr(e){return e>=lr?e:-e}function mr(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=dr(e),o=dr(t);const c=e<lr,u=t<lr;for(;o!==lr;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==yr)throw Error("Inverse does not exist");return gr(i+t,t)}function wr(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function br(e,t){return(e>>BigInt(t)&yr)===lr?0:1}function kr(e){const t=e<lr?BigInt(-1):lr;let r=1,i=e;for(;(i>>=yr)!==t;)r++;return r}function vr(e){const t=e<lr?BigInt(-1):lr,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function Ar(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const Er=L.getNodeCrypto();function Kr(e){const t=new Uint8Array(e);if(Er){const e=Er.randomBytes(t.length);t.set(e)}else{if("undefined"==typeof crypto||!crypto.getRandomValues)throw Error("No secure random number generator available.");crypto.getRandomValues(t)}return t}function Sr(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return gr(pr(Kr(vr(r)+8)),r)+e}var Pr=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:Sr,getRandomBytes:Kr});const Ur=BigInt(1);function Dr(e,t,r){const i=BigInt(30),n=Ur<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=Sr(n,n<<Ur),o=wr(gr(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,kr(s)>e&&(s=gr(s,n<<Ur),s+=n,o=wr(gr(s,i)))}while(!xr(s,t,r));return s}function xr(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==lr;){const e=i;i=r%i,r=e}return r}(e-Ur,t)===Ur)&&(!!function(e){const t=BigInt(0);return Cr.every((r=>gr(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return fr(t,e-Ur,e)===Ur}(e)&&!!function(e,t){const r=kr(e);t||(t=Math.max(1,r/48|0));const i=e-Ur;let n=0;for(;!br(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=fr(Sr(BigInt(2),i),a,e);if(r!==Ur&&r!==i){for(t=1;t<n;t++){if(r=gr(r*r,e),r===Ur)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const Cr=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Br=[];function Ir(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Kr(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Tr(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return L.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function Rr(e,t,r){let i;if(t.length!==be.getHashByteLength(e))throw Error("Invalid hash length");const n=new Uint8Array(Br[e].length);for(i=0;i<Br[e].length;i++)n[i]=Br[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Br[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Br[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Br[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Br[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Br[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Br[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Br[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Mr=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Tr,emeEncode:Ir,emsaEncode:Rr});const Lr=L.getWebCrypto(),Fr=L.getNodeCrypto(),_r=BigInt(1);async function Or(e,t,r,i,n,a){const s=pr(i),o=pr(n),c=pr(r);let u=gr(c,o-_r),h=gr(c,s-_r);return h=Ar(h),u=Ar(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Nr(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function zr(e,t){return{n:H(e.n),e:Ar(t),d:H(e.d),p:H(e.q),q:H(e.p),u:H(e.qi)}}var Hr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){if(L.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await Or(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Fr.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){L.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),n=pr(n),a=pr(a),s=pr(s),e>=t)throw Error("Data too large.");const c=gr(i,a-_r),u=gr(i,n-_r),h=Sr(BigInt(2),t),l=fr(mr(h,t),r,t);e=gr(e*l,t);const y=fr(e,u,n),p=fr(e,c,a),g=gr(s*(p-y),a);let f=g*n+y;return f=gr(f*h,t),Tr(Ar(f,"be",vr(t)),o)}(e,t,r,i,n,a,s,o)},encrypt:async function(e,t,r){return L.getNodeCrypto()?async function(e,t,r){const i=Nr(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};return new Uint8Array(Fr.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=pr(t),e=pr(Ir(e,vr(t))),r=pr(r),e>=t)throw Error("Message size cannot exceed modulus size");return Ar(fr(e,r,t),"be",vr(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),L.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Ar(t),hash:{name:"SHA-1"}},i=await Lr.generateKey(r,!0,["sign","verify"]);return zr(await Lr.exportKey("jwk",i.privateKey),t)}if(L.getNodeCrypto()){const r={modulusLength:e,publicExponent:wr(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Fr.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return zr(i,t)}let r,i,n;do{i=Dr(e-(e>>1),t,40),r=Dr(e>>1,t,40),n=r*i}while(kr(n)!==e);const a=(r-_r)*(i-_r);return i<r&&([r,i]=[i,r]),{n:Ar(n),e:Ar(t),d:Ar(mr(t,a)),p:Ar(r),q:Ar(i),u:Ar(mr(r,i))}},sign:async function(e,t,r,i,n,a,s,o,c){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await Or(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Lr.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Lr.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Fr.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await Or(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=pr(t);const n=pr(Rr(e,i,vr(t)));if(r=pr(r),n>=t)throw Error("Message size cannot exceed modulus size");return Ar(fr(n,r,t),"be",vr(t))}(e,r,n,c)},validateParams:async function(e,t,r,i,n,a){if(e=pr(e),(i=pr(i))*(n=pr(n))!==e)return!1;const s=BigInt(2);if(gr(i*(a=pr(a)),n)!==BigInt(1))return!1;t=pr(t),r=pr(r);const o=Sr(s,s<<BigInt(Math.floor(kr(e)/3))),c=o*r*t;return!(gr(c,i-_r)!==o||gr(c,n-_r)!==o)},verify:async function(e,t,r,i,n,a){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Nr(i,n),s=await Lr.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Lr.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n){const a=Nr(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Fr.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=pr(r),t=pr(t),i=pr(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=Ar(fr(t,i,r),"be",vr(r)),s=Rr(e,n,vr(r));return L.equalsUint8Array(a,s)}(e,r,i,n,a)}});const jr=BigInt(1);var Gr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){return e=pr(e),t=pr(t),r=pr(r),Tr(Ar(gr(mr(fr(e,i=pr(i),r),r)*t,r),"be",vr(r)),n)},encrypt:async function(e,t,r,i){t=pr(t),r=pr(r),i=pr(i);const n=pr(Ir(e,vr(t))),a=Sr(jr,t-jr);return{c1:Ar(fr(r,a,t)),c2:Ar(gr(fr(i,a,t)*n,t))}},validateParams:async function(e,t,r,i){if(e=pr(e),t=pr(t),r=pr(r),t<=jr||t>=e)return!1;const n=BigInt(kr(e));if(n<BigInt(1023))return!1;if(fr(t,e-jr,e)!==jr)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=gr(a*t,e),a===jr)return!1;s++}i=pr(i);const u=Sr(o<<n-jr,o<<n);return r===fr(t,(e-jr)*u+i,e)}});const qr="object"==typeof e&&"crypto"in e?e.crypto:void 0,Vr={};var Wr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},$r=function(){throw Error("no PRNG")},Zr=new Uint8Array(32);Zr[0]=9;var Xr=Wr(),Qr=Wr([1]),Yr=Wr([56129,1]),Jr=Wr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ei=Wr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),ti=Wr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ri=Wr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ii=Wr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ni(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ai(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function si(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function oi(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function ci(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function ui(e,t){var r,i,n,a=Wr(),s=Wr();for(r=0;r<16;r++)s[r]=t[r];for(oi(s),oi(s),oi(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,ci(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function hi(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ui(r,e),ui(i,t),ai(r,0,i,0)}function li(e){var t=new Uint8Array(32);return ui(t,e),1&t[0]}function yi(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function pi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function gi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function fi(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,f=0,d=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0,K=0,S=0,P=0,U=0,D=0,x=0,C=0,B=0,I=0,T=0,R=0,M=0,L=r[0],F=r[1],_=r[2],O=r[3],N=r[4],z=r[5],H=r[6],j=r[7],G=r[8],q=r[9],V=r[10],W=r[11],$=r[12],Z=r[13],X=r[14],Q=r[15];a+=(i=t[0])*L,s+=i*F,o+=i*_,c+=i*O,u+=i*N,h+=i*z,l+=i*H,y+=i*j,p+=i*G,g+=i*q,f+=i*V,d+=i*W,m+=i*$,w+=i*Z,b+=i*X,k+=i*Q,s+=(i=t[1])*L,o+=i*F,c+=i*_,u+=i*O,h+=i*N,l+=i*z,y+=i*H,p+=i*j,g+=i*G,f+=i*q,d+=i*V,m+=i*W,w+=i*$,b+=i*Z,k+=i*X,v+=i*Q,o+=(i=t[2])*L,c+=i*F,u+=i*_,h+=i*O,l+=i*N,y+=i*z,p+=i*H,g+=i*j,f+=i*G,d+=i*q,m+=i*V,w+=i*W,b+=i*$,k+=i*Z,v+=i*X,A+=i*Q,c+=(i=t[3])*L,u+=i*F,h+=i*_,l+=i*O,y+=i*N,p+=i*z,g+=i*H,f+=i*j,d+=i*G,m+=i*q,w+=i*V,b+=i*W,k+=i*$,v+=i*Z,A+=i*X,E+=i*Q,u+=(i=t[4])*L,h+=i*F,l+=i*_,y+=i*O,p+=i*N,g+=i*z,f+=i*H,d+=i*j,m+=i*G,w+=i*q,b+=i*V,k+=i*W,v+=i*$,A+=i*Z,E+=i*X,K+=i*Q,h+=(i=t[5])*L,l+=i*F,y+=i*_,p+=i*O,g+=i*N,f+=i*z,d+=i*H,m+=i*j,w+=i*G,b+=i*q,k+=i*V,v+=i*W,A+=i*$,E+=i*Z,K+=i*X,S+=i*Q,l+=(i=t[6])*L,y+=i*F,p+=i*_,g+=i*O,f+=i*N,d+=i*z,m+=i*H,w+=i*j,b+=i*G,k+=i*q,v+=i*V,A+=i*W,E+=i*$,K+=i*Z,S+=i*X,P+=i*Q,y+=(i=t[7])*L,p+=i*F,g+=i*_,f+=i*O,d+=i*N,m+=i*z,w+=i*H,b+=i*j,k+=i*G,v+=i*q,A+=i*V,E+=i*W,K+=i*$,S+=i*Z,P+=i*X,U+=i*Q,p+=(i=t[8])*L,g+=i*F,f+=i*_,d+=i*O,m+=i*N,w+=i*z,b+=i*H,k+=i*j,v+=i*G,A+=i*q,E+=i*V,K+=i*W,S+=i*$,P+=i*Z,U+=i*X,D+=i*Q,g+=(i=t[9])*L,f+=i*F,d+=i*_,m+=i*O,w+=i*N,b+=i*z,k+=i*H,v+=i*j,A+=i*G,E+=i*q,K+=i*V,S+=i*W,P+=i*$,U+=i*Z,D+=i*X,x+=i*Q,f+=(i=t[10])*L,d+=i*F,m+=i*_,w+=i*O,b+=i*N,k+=i*z,v+=i*H,A+=i*j,E+=i*G,K+=i*q,S+=i*V,P+=i*W,U+=i*$,D+=i*Z,x+=i*X,C+=i*Q,d+=(i=t[11])*L,m+=i*F,w+=i*_,b+=i*O,k+=i*N,v+=i*z,A+=i*H,E+=i*j,K+=i*G,S+=i*q,P+=i*V,U+=i*W,D+=i*$,x+=i*Z,C+=i*X,B+=i*Q,m+=(i=t[12])*L,w+=i*F,b+=i*_,k+=i*O,v+=i*N,A+=i*z,E+=i*H,K+=i*j,S+=i*G,P+=i*q,U+=i*V,D+=i*W,x+=i*$,C+=i*Z,B+=i*X,I+=i*Q,w+=(i=t[13])*L,b+=i*F,k+=i*_,v+=i*O,A+=i*N,E+=i*z,K+=i*H,S+=i*j,P+=i*G,U+=i*q,D+=i*V,x+=i*W,C+=i*$,B+=i*Z,I+=i*X,T+=i*Q,b+=(i=t[14])*L,k+=i*F,v+=i*_,A+=i*O,E+=i*N,K+=i*z,S+=i*H,P+=i*j,U+=i*G,D+=i*q,x+=i*V,C+=i*W,B+=i*$,I+=i*Z,T+=i*X,R+=i*Q,k+=(i=t[15])*L,s+=38*(A+=i*_),o+=38*(E+=i*O),c+=38*(K+=i*N),u+=38*(S+=i*z),h+=38*(P+=i*H),l+=38*(U+=i*j),y+=38*(D+=i*G),p+=38*(x+=i*q),g+=38*(C+=i*V),f+=38*(B+=i*W),d+=38*(I+=i*$),m+=38*(T+=i*Z),w+=38*(R+=i*X),b+=38*(M+=i*Q),a=(i=(a+=38*(v+=i*F))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=f,e[11]=d,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function di(e,t){fi(e,t,t)}function mi(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)di(i,i),2!==r&&4!==r&&fi(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function wi(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Wr(),c=Wr(),u=Wr(),h=Wr(),l=Wr(),y=Wr();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,yi(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)ci(o,c,i=a[n>>>3]>>>(7&n)&1),ci(u,h,i),pi(l,o,u),gi(o,o,u),pi(u,c,h),gi(c,c,h),di(h,l),di(y,o),fi(o,u,o),fi(u,c,l),pi(l,o,u),gi(o,o,u),di(c,o),gi(u,h,y),fi(o,u,Yr),pi(o,o,h),fi(u,u,o),fi(o,h,y),fi(h,c,s),di(c,l),ci(o,c,i),ci(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return mi(p,p),fi(g,g,p),ui(e,g),0}function bi(e,t){return wi(e,t,Zr)}var ki=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function vi(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,f,d,m,w,b,k,v,A,E,K,S,P,U,D,x,C=new Int32Array(16),B=new Int32Array(16),I=e[0],T=e[1],R=e[2],M=e[3],L=e[4],F=e[5],_=e[6],O=e[7],N=t[0],z=t[1],H=t[2],j=t[3],G=t[4],q=t[5],V=t[6],W=t[7],$=0;i>=128;){for(A=0;A<16;A++)E=8*A+$,C[A]=r[E+0]<<24|r[E+1]<<16|r[E+2]<<8|r[E+3],B[A]=r[E+4]<<24|r[E+5]<<16|r[E+6]<<8|r[E+7];for(A=0;A<80;A++)if(n=I,a=T,s=R,o=M,c=L,u=F,h=_,O,y=N,p=z,g=H,f=j,d=G,m=q,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(K=O),x=K>>>16,P+=65535&(S=(G>>>14|L<<18)^(G>>>18|L<<14)^(L>>>9|G<<23)),U+=S>>>16,D+=65535&(K=(L>>>14|G<<18)^(L>>>18|G<<14)^(G>>>9|L<<23)),x+=K>>>16,P+=65535&(S=G&q^~G&V),U+=S>>>16,D+=65535&(K=L&F^~L&_),x+=K>>>16,K=ki[2*A],P+=65535&(S=ki[2*A+1]),U+=S>>>16,D+=65535&K,x+=K>>>16,K=C[A%16],U+=(S=B[A%16])>>>16,D+=65535&K,x+=K>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(K=k=65535&D|(x+=D>>>16)<<16),x=K>>>16,P+=65535&(S=(N>>>28|I<<4)^(I>>>2|N<<30)^(I>>>7|N<<25)),U+=S>>>16,D+=65535&(K=(I>>>28|N<<4)^(N>>>2|I<<30)^(N>>>7|I<<25)),x+=K>>>16,U+=(S=N&z^N&H^z&H)>>>16,D+=65535&(K=I&T^I&R^T&R),x+=K>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=f),U=S>>>16,D=65535&(K=o),x=K>>>16,U+=(S=v)>>>16,D+=65535&(K=k),x+=K>>>16,T=n,R=a,M=s,L=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,F=c,_=u,O=h,I=l,z=y,H=p,j=g,G=f=65535&P|U<<16,q=d,V=m,W=w,N=b,A%16==15)for(E=0;E<16;E++)K=C[E],P=65535&(S=B[E]),U=S>>>16,D=65535&K,x=K>>>16,K=C[(E+9)%16],P+=65535&(S=B[(E+9)%16]),U+=S>>>16,D+=65535&K,x+=K>>>16,k=C[(E+1)%16],P+=65535&(S=((v=B[(E+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(K=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=K>>>16,k=C[(E+14)%16],U+=(S=((v=B[(E+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(K=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,C[E]=65535&D|x<<16,B[E]=65535&P|U<<16;P=65535&(S=N),U=S>>>16,D=65535&(K=I),x=K>>>16,K=e[0],U+=(S=t[0])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=I=65535&D|x<<16,t[0]=N=65535&P|U<<16,P=65535&(S=z),U=S>>>16,D=65535&(K=T),x=K>>>16,K=e[1],U+=(S=t[1])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=z=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(K=R),x=K>>>16,K=e[2],U+=(S=t[2])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=R=65535&D|x<<16,t[2]=H=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(K=M),x=K>>>16,K=e[3],U+=(S=t[3])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=M=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(K=L),x=K>>>16,K=e[4],U+=(S=t[4])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=L=65535&D|x<<16,t[4]=G=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(K=F),x=K>>>16,K=e[5],U+=(S=t[5])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=F=65535&D|x<<16,t[5]=q=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(K=_),x=K>>>16,K=e[6],U+=(S=t[6])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=_=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(K=O),x=K>>>16,K=e[7],U+=(S=t[7])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=O=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Ai(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,vi(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ni(s,r-8,o/536870912|0,o<<3),vi(n,a,s,r),i=0;i<8;i++)ni(e,8*i,n[i],a[i]);return 0}function Ei(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr(),u=Wr(),h=Wr();gi(r,e[1],e[0]),gi(h,t[1],t[0]),fi(r,r,h),pi(i,e[0],e[1]),pi(h,t[0],t[1]),fi(i,i,h),fi(n,e[3],t[3]),fi(n,n,ei),fi(a,e[2],t[2]),pi(a,a,a),gi(s,i,r),gi(o,a,n),pi(c,a,n),pi(u,i,r),fi(e[0],s,o),fi(e[1],u,c),fi(e[2],c,o),fi(e[3],s,u)}function Ki(e,t,r){var i;for(i=0;i<4;i++)ci(e[i],t[i],r)}function Si(e,t){var r=Wr(),i=Wr(),n=Wr();mi(n,t[2]),fi(r,t[0],n),fi(i,t[1],n),ui(e,i),e[31]^=li(r)<<7}function Pi(e,t,r){var i,n;for(si(e[0],Xr),si(e[1],Qr),si(e[2],Qr),si(e[3],Xr),n=255;n>=0;--n)Ki(e,t,i=r[n/8|0]>>(7&n)&1),Ei(t,e),Ei(e,e),Ki(e,t,i)}function Ui(e,t){var r=[Wr(),Wr(),Wr(),Wr()];si(r[0],ti),si(r[1],ri),si(r[2],Qr),fi(r[3],ti,ri),Pi(e,r,t)}function Di(e,t,r){var i,n=new Uint8Array(64),a=[Wr(),Wr(),Wr(),Wr()];for(r||$r(t,32),Ai(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ui(a,n),Si(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var xi=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Ci(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*xi[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*xi[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*xi[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Bi(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Ci(e,r)}function Ii(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr();return si(e[2],Qr),yi(e[1],t),di(n,e[1]),fi(a,n,Jr),gi(n,n,e[2]),pi(a,e[2],a),di(s,a),di(o,s),fi(c,o,s),fi(r,c,n),fi(r,r,a),function(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)di(i,i),1!==r&&fi(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),fi(r,r,n),fi(r,r,a),fi(r,r,a),fi(e[0],r,a),di(i,e[0]),fi(i,i,a),hi(i,n)&&fi(e[0],e[0],ii),di(i,e[0]),fi(i,i,a),hi(i,n)?-1:(li(e[0])===t[31]>>7&&gi(e[0],Xr,e[0]),fi(e[3],e[0],e[1]),0)}var Ti=64;function Ri(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Vr.scalarMult=function(e,t){if(Ri(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return wi(r,e,t),r},Vr.box={},Vr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){$r(t,32),bi(e,t)}(e,t),{publicKey:e,secretKey:t}},Vr.box.keyPair.fromSecretKey=function(e){if(Ri(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return bi(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign=function(e,t){if(Ri(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ti+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Wr(),Wr(),Wr(),Wr()];Ai(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Ai(c,e.subarray(32),r+32),Bi(c),Ui(h,c),Si(e,h),n=32;n<64;n++)e[n]=i[n];for(Ai(o,e,r+64),Bi(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Ci(e.subarray(32),u)}(r,e,e.length,t),r},Vr.sign.detached=function(e,t){for(var r=Vr.sign(e,t),i=new Uint8Array(Ti),n=0;n<i.length;n++)i[n]=r[n];return i},Vr.sign.detached.verify=function(e,t,r){if(Ri(e,t,r),t.length!==Ti)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Ti+e.length),a=new Uint8Array(Ti+e.length);for(i=0;i<Ti;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Ti]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Wr(),Wr(),Wr(),Wr()],c=[Wr(),Wr(),Wr(),Wr()];if(r<64)return-1;if(Ii(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Ai(s,e,r),Bi(s),Pi(o,c,s),Ui(c,t.subarray(32)),Ei(o,c),Si(a,o),r-=64,ai(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Vr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Di(e,t),{publicKey:e,secretKey:t}},Vr.sign.keyPair.fromSecretKey=function(e){if(Ri(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign.keyPair.fromSeed=function(e){if(Ri(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Di(t,r,!0),{publicKey:t,secretKey:r}},Vr.setPRNG=function(e){$r=e},function(){if(qr&&qr.getRandomValues){Vr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)qr.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Mi={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class Li{constructor(e){if(e instanceof Li)this.oid=e.oid;else if(L.isArray(e)||L.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return L.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return L.uint8ArrayToHex(this.oid)}getName(){const e=Mi[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Fi(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=L.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function _i(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):L.concatUint8Array([new Uint8Array([255]),L.writeNumber(e,4)])}function Oi(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Ni(e){return new Uint8Array([192|e])}function zi(e,t){return L.concatUint8Array([Ni(e),_i(t)])}function Hi(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function ji(e,t){const r=C(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=Hi(h);let p,g=null;if(y){if("array"===L.isStream(e)){const e=new a;i=B(e),g=e}else{const e=new TransformStream;i=B(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const f=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=L.concatUint8Array(g),await t({tag:h,packet:g})),!f||!f.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class Gi extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnsupportedError"}}class qi extends Gi{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnknownPacketError"}}class Vi{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
-/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Wi=BigInt(0),$i=BigInt(1),Zi=BigInt(2),Xi=BigInt(8),Qi=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Yi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Qi,n:Qi,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ji=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),en=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const tn=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),rn=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),nn=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),an=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class sn{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof pn))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(pn.ZERO)?sn.ZERO:new sn(e.x,e.y,$i,Sn(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Yi.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Wi?e:(r[n]=e,Sn(e*i,t))),$i),n=Pn(i,t);return e.reduceRight(((e,i,n)=>i===Wi?e:(r[n]=Sn(e*r[n],t),Sn(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){cn(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Sn(t*s),c=Sn(n*i),u=Sn(r*s),h=Sn(a*i);return o===c&&u===h}negate(){return new sn(Sn(-this.x),this.y,this.z,Sn(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Yi,n=Sn(e*e),a=Sn(t*t),s=Sn(Zi*Sn(r*r)),o=Sn(i*n),c=e+t,u=Sn(Sn(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Sn(u*l),g=Sn(h*y),f=Sn(u*y),d=Sn(l*h);return new sn(p,g,d,f)}add(e){cn(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Sn((r-t)*(s+a)),h=Sn((r+t)*(s-a)),l=Sn(h-u);if(l===Wi)return this.double();const y=Sn(i*Zi*c),p=Sn(n*Zi*o),g=p+y,f=h+u,d=p-y,m=Sn(g*l),w=Sn(f*d),b=Sn(g*d),k=Sn(l*f);return new sn(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(sn.BASE)&&(t=pn.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&yn.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=sn.normalizeZ(i),yn.set(t,i)));let n=sn.ZERO,a=sn.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=$i);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(on(p,i[l])):n=n.add(on(g,i[y]))}return sn.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(In(e,Yi.l),t)}multiplyUnsafe(e){let t=In(e,Yi.l,!1);const r=sn.BASE,i=sn.ZERO;if(t===Wi)return i;if(this.equals(i)||t===$i)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Wi;)t&$i&&(n=n.add(a)),a=a.double(),t>>=$i;return n}isSmallOrder(){return this.multiplyUnsafe(Yi.h).equals(sn.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Yi.l/Zi).double();return Yi.l%Zi&&(e=e.add(this)),e.equals(sn.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(sn.ZERO);null==e&&(e=n?Xi:Pn(i));const a=Sn(t*e),s=Sn(r*e),o=Sn(i*e);if(n)return pn.ZERO;if(o!==$i)throw Error("invZ was invalid");return new pn(a,s)}fromRistrettoBytes(){hn()}toRistrettoBytes(){hn()}fromRistrettoHash(){hn()}}function on(e,t){const r=t.negate();return e?r:t}function cn(e){if(!(e instanceof sn))throw new TypeError("ExtendedPoint expected")}function un(e){if(!(e instanceof ln))throw new TypeError("RistrettoPoint expected")}function hn(){throw Error("Legacy method: switch to RistrettoPoint")}sn.BASE=new sn(Yi.Gx,Yi.Gy,$i,Sn(Yi.Gx*Yi.Gy)),sn.ZERO=new sn(Wi,$i,$i,Wi);class ln{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Yi,r=Sn(en*e*e),i=Sn((r+$i)*nn);let n=BigInt(-1);const a=Sn((n-t*r)*Sn(r+t));let{isValid:s,value:o}=Dn(i,a),c=Sn(o*e);vn(c)||(c=Sn(-c)),s||(o=c),s||(n=r);const u=Sn(n*(r-$i)*an-a),h=o*o,l=Sn((o+o)*a),y=Sn(u*tn),p=Sn($i-h),g=Sn($i+h);return new sn(Sn(l*g),Sn(p*y),Sn(y*g),Sn(l*p))}static hashToCurve(e){const t=Kn((e=Bn(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=Kn(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new ln(r.add(n))}static fromHex(e){e=Bn(e,32);const{a:t,d:r}=Yi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=Kn(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(kn(n),e)||vn(n))throw Error(i);const a=Sn(n*n),s=Sn($i+t*a),o=Sn($i-t*a),c=Sn(s*s),u=Sn(o*o),h=Sn(t*r*c-u),{isValid:l,value:y}=xn(Sn(h*u)),p=Sn(y*o),g=Sn(y*p*h);let f=Sn((n+n)*p);vn(f)&&(f=Sn(-f));const d=Sn(s*g),m=Sn(f*d);if(!l||vn(m)||d===Wi)throw Error(i);return new ln(new sn(f,d,$i,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Sn(Sn(r+t)*Sn(r-t)),a=Sn(e*t),s=Sn(a*a),{value:o}=xn(Sn(n*s)),c=Sn(o*n),u=Sn(o*a),h=Sn(c*u*i);let l;if(vn(i*h)){let r=Sn(t*en),i=Sn(e*en);e=r,t=i,l=Sn(c*rn)}else l=u;vn(e*h)&&(t=Sn(-t));let y=Sn((r-t)*l);return vn(y)&&(y=Sn(-y)),kn(y)}toHex(){return mn(this.toRawBytes())}toString(){return this.toHex()}equals(e){un(e);const t=this.ep,r=e.ep,i=Sn(t.x*r.y)===Sn(t.y*r.x),n=Sn(t.y*r.y)===Sn(t.x*r.x);return i||n}add(e){return un(e),new ln(this.ep.add(e.ep))}subtract(e){return un(e),new ln(this.ep.subtract(e.ep))}multiply(e){return new ln(this.ep.multiply(e))}multiplyUnsafe(e){return new ln(this.ep.multiplyUnsafe(e))}}ln.BASE=new ln(sn.BASE),ln.ZERO=new ln(sn.ZERO);const yn=new WeakMap;class pn{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,yn.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Yi,n=(e=Bn(e,32)).slice();n[31]=-129&e[31];const a=An(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=Ji)throw Error("Expected 0 < hex < 2**256");const s=Sn(a*a),o=Sn(s-$i),c=Sn(r*s+$i);let{isValid:u,value:h}=Dn(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&$i)===$i;return!!(128&e[31])!==l&&(h=Sn(-h)),new pn(h,a)}static async fromPrivateKey(e){return(await Rn(e)).point}toRawBytes(){const e=kn(this.y);return e[31]|=this.x&$i?128:0,e}toHex(){return mn(this.toRawBytes())}toX25519(){const{y:e}=this;return kn(Sn(($i+e)*Pn($i-e)))}isTorsionFree(){return sn.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new pn(Sn(-this.x),this.y)}add(e){return sn.fromAffine(this).add(sn.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return sn.fromAffine(this).multiply(e,this).toAffine()}}pn.BASE=new pn(Yi.Gx,Yi.Gy),pn.ZERO=new pn(Wi,$i);let gn=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Bn(t,64),i=pn.fromHex(r.slice(0,32),!1),n=An(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof pn))throw Error("Expected Point instance");return In(t,Yi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(kn(this.s),32),e}toHex(){return mn(this.toRawBytes())}};function fn(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const dn=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function mn(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=dn[e[r]];return t}function wn(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function bn(e){return wn(e.toString(16).padStart(64,"0"))}function kn(e){return bn(e).reverse()}function vn(e){return(Sn(e)&$i)===$i}function An(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+mn(Uint8Array.from(e).reverse()))}const En=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function Kn(e){return Sn(An(e)&En)}function Sn(e,t=Yi.P){const r=e%t;return r>=Wi?r:t+r}function Pn(e,t=Yi.P){if(e===Wi||t<=Wi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Sn(e,t),i=t,n=Wi,a=$i;for(;r!==Wi;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==$i)throw Error("invert: does not exist");return Sn(n,t)}function Un(e,t){const{P:r}=Yi;let i=e;for(;t-- >Wi;)i*=i,i%=r;return i}function Dn(e,t){const r=Sn(t*t*t),i=function(e){const{P:t}=Yi,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Un(o,Zi)*o%t,u=Un(c,$i)*e%t,h=Un(u,r)*u%t,l=Un(h,i)*h%t,y=Un(l,n)*l%t,p=Un(y,a)*y%t,g=Un(p,s)*p%t,f=Un(g,s)*p%t,d=Un(f,i)*h%t;return{pow_p_5_8:Un(d,Zi)*e%t,b2:o}}(e*Sn(r*r*t)).pow_p_5_8;let n=Sn(e*r*i);const a=Sn(t*n*n),s=n,o=Sn(n*en),c=a===e,u=a===Sn(-e),h=a===Sn(-e*en);return c&&(n=s),(u||h)&&(n=o),vn(n)&&(n=Sn(-n)),{isValid:c||u,value:n}}function xn(e){return Dn($i,e)}function Cn(e){return Sn(An(e),Yi.l)}function Bn(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):wn(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function In(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Wi<e)return e}else if(Wi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Tn;async function Rn(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=Cn(t),n=pn.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await Fn.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?bn(In(e,Ji)):Bn(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Mn(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Bn(t),r instanceof pn||(r=pn.fromHex(r,!1));const{r:i,s:n}=e instanceof gn?e.assertValidity():gn.fromHex(e);return{r:i,s:n,SB:sn.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await Fn.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=Cn(i),a=sn.fromAffine(e).multiplyUnsafe(n);return sn.fromAffine(t).add(a).subtract(r).multiplyUnsafe(Yi.h).equals(sn.ZERO)}(s,i,n,o)}pn.BASE._setWindowSize(8);const Ln={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},Fn={bytesToHex:mn,hexToBytes:wn,concatBytes:fn,getExtendedPublicKey:Rn,mod:Sn,invert:Pn,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Bn(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Sn(An(e),Yi.l-$i)+$i},randomBytes:(e=32)=>{if(Ln.web)return Ln.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>Fn.randomBytes(32),sha512:async(...e)=>{const t=fn(...e);if(Ln.web){const e=await Ln.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=pn.BASE){const r=t.equals(pn.BASE)?t:new pn(t.x,t.y);return r._setWindowSize(e),r.multiply(Zi),r},sha512Sync:void 0};async function _n(e){switch(e){case T.publicKey.ed25519:try{const e=L.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(H(i.x)),seed:H(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name)throw t;const r=Kr(zn(e)),{publicKey:i}=Vr.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await L.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function On(e,t,r,i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(Hn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),r=Gn(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name)throw e;const t=L.concatUint8Array([n,i]);return{RS:Vr.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await L.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function Nn(e,t,{RS:r},i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(Hn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),i=jn(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name)throw e;return Mn(r,a,n)}case T.publicKey.ed448:return(await L.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}function zn(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function Hn(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(Fn,{sha512Sync:{configurable:!1,get:()=>Tn,set(e){Tn||(Tn=e)}}});const jn=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},Gn=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=jn(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var qn=/*#__PURE__*/Object.freeze({__proto__:null,generate:_n,getPayloadSize:zn,getPreferredHashAlgo:Hn,sign:On,validateParams:async function(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Vr.sign.keyPair.fromSeed(r);return L.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await L.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}},verify:Nn});const Vn=L.getWebCrypto();async function Wn(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await Vn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await Vn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return kt(t).encrypt(r)}async function $n(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return L.printDebugError("Browser did not support operation: "+e.message),kt(t).decrypt(r)}try{const e=await Vn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Vn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}var Zn=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:$n,wrap:Wn});const Xn=L.getWebCrypto();async function Qn(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await Xn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Xn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const Yn={x25519:L.encodeUTF8("OpenPGP X25519"),x448:L.encodeUTF8("OpenPGP X448")};async function Jn(e){switch(e){case T.publicKey.x25519:{const e=Kr(32),{publicKey:t}=Vr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}function ea(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function ta(e,t){switch(e){case T.publicKey.x25519:{const r=Kr(ea(e)),i=Vr.scalarMult(r,t),{publicKey:n}=Vr.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function ra(e,t,r,i){switch(e){case T.publicKey.x25519:return Vr.scalarMult(i,t);case T.publicKey.x448:return(await L.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);default:throw Error("Unsupported ECDH algorithm")}}var ia=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){const a=await ra(e,t,i,n),s=L.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=re(e);return $n(e,await Qn(T.hash.sha256,s,new Uint8Array,Yn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=re(T.symmetric.aes256);return $n(e,await Qn(T.hash.sha512,s,new Uint8Array,Yn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await ta(e,r),a=L.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=re(e),n=await Qn(T.hash.sha256,a,new Uint8Array,Yn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=re(T.symmetric.aes256),n=await Qn(T.hash.sha512,a,new Uint8Array,Yn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:Jn,generateEphemeralEncryptionMaterial:ta,getPayloadSize:ea,recomputeSharedSecret:ra,validateParams:async function(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Vr.box.keyPair.fromSecretKey(r);return L.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}});const na=L.getWebCrypto(),aa=L.getNodeCrypto(),sa={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},oa=aa?aa.getCurves():[],ca=aa?{[T.curve.secp256k1]:oa.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:oa.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:oa.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:oa.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:oa.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:oa.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:oa.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:oa.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:oa.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},ua={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.nistP256],web:sa[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ca[T.curve.nistP384],web:sa[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ca[T.curve.nistP521],web:sa[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ca[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ca[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class ha{constructor(e){try{this.name=e instanceof Li?e.getName():T.write(T.curve,e)}catch(e){throw new Gi("Unknown curve")}const t=ua[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&L.getWebCrypto()?this.type="web":this.node&&L.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await na.generateKey({name:"ECDSA",namedCurve:sa[e]},!0,["sign","verify"]),i=await na.exportKey("jwk",r.privateKey),n=await na.exportKey("jwk",r.publicKey);return{publicKey:ga(n,t),privateKey:H(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return L.printDebugError("Browser did not support generating ec key "+e.message),pa(this.name)}case"node":return async function(e){const t=aa.createECDH(ca[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await Jn(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await _n(T.publicKey.ed25519);return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return pa(this.name)}}}async function la(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Vr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!L.equalsUint8Array(t,r)}const s=(await L.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!L.equalsUint8Array(s,r)}function ya(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function pa(e){const t=await L.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function ga(e,t){const r=H(e.x),i=H(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function fa(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function da(e,t,r,i){const n=fa(e,t,r);return n.d=j(i),n}const ma=L.getWebCrypto(),wa=L.getNodeCrypto();async function ba(e,t,r,i,n,a){const s=new ha(e);if(ya(s,i),r&&!L.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=da(e.payloadSize,sa[e.name],i.publicKey,i.privateKey),s=await ma.importKey("jwk",a,{name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await ma.sign({name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=L.nodeRequire("eckey-utils"),a=L.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:ca[e.name],privateKey:a.from(i)}),o=wa.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await L.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:Ar(o.r,"be",s.payloadSize),s:Ar(o.s,"be",s.payloadSize)}}async function ka(e,t,r,i,n,a){const s=new ha(e);ya(s,n);const o=async()=>0===a[0]&&va(s,r,a.subarray(1),n);if(i&&!L.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=fa(e.payloadSize,sa[e.name],a),o=await ma.importKey("jwk",s,{name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=L.concatUint8Array([r,i]).buffer;return ma.verify({name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=L.nodeRequire("eckey-utils"),o=L.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:ca[e.name],publicKey:o.from(a)}),u=wa.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=L.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await va(s,r,a,n)||o()}async function va(e,t,r,i){return(await L.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(L.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Aa=/*#__PURE__*/Object.freeze({__proto__:null,sign:ba,validateParams:async function(e,t,r){const i=new ha(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Kr(8),n=T.hash.sha256,a=await be.digest(n,i);try{const s=await ba(e,n,i,t,r,a);return await ka(e,n,s,i,t,a)}catch(e){return!1}}default:return la(T.publicKey.ecdsa,e,t,r)}},verify:ka});var Ea=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){if(ya(new ha(e),i),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await On(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Vr.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return L.equalsUint8Array(t,n)},verify:async function(e,t,{r,s:i},n,a,s){if(ya(new ha(e),a),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=L.concatUint8Array([r,i]);return Nn(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}});function Ka(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Sa(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(L.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var Pa=/*#__PURE__*/Object.freeze({__proto__:null,decode:Sa,encode:Ka});const Ua=L.getWebCrypto(),Da=L.getNodeCrypto();function xa(e,t,r,i){return L.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),L.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ca(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await be.digest(e,L.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function Ba(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await ta(T.publicKey.x25519,t.subarray(1));return{publicKey:L.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t){const r=fa(e.payloadSize,e.web,t);let i=Ua.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Ua.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Ua.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Ua.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(ga(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return L.printDebugError(r),Ra(e,t)}break;case"node":return async function(e,t){const r=Da.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),n=new Uint8Array(r.getPublicKey());return{publicKey:n,sharedKey:i}}(e,t);default:return Ra(e,t)}}async function Ia(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await ra(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t,r,i){const n=da(e.payloadSize,e.web,r,i);let a=Ua.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=fa(e.payloadSize,e.web,t);let o=Ua.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Ua.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Ua.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:H(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return L.printDebugError(r),Ta(e,t,i)}break;case"node":return async function(e,t,r){const i=Da.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return Ta(e,t,i)}}async function Ta(e,t,r){return{secretKey:r,sharedKey:(await L.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Ra(e,t){const r=await L.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var Ma=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s){const o=new ha(e);ya(o,n),ya(o,r);const{sharedKey:c}=await Ia(o,r,n,a),u=xa(T.publicKey.ecdh,e,t,s),{keySize:h}=re(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Ca(t.hash,c,h,u,1===e,2===e);return Sa(await $n(t.cipher,r,i))}catch(e){l=e}throw l},encrypt:async function(e,t,r,i,n){const a=Ka(r),s=new ha(e);ya(s,i);const{publicKey:o,sharedKey:c}=await Ba(s,i),u=xa(T.publicKey.ecdh,e,t,n),{keySize:h}=re(t.cipher),l=await Ca(t.hash,c,h,u);return{publicKey:o,wrappedKey:await Wn(t.cipher,l,a)}},validateParams:async function(e,t,r){return la(T.publicKey.ecdh,e,t,r)}}),La=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:ha,ecdh:Ma,ecdhX:ia,ecdsa:Aa,eddsa:qn,eddsaLegacy:Ea,generate:async function(e){const t=new ha(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:L.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}},getPreferredHashAlgo:function(e){return ua[e.getName()].hash}});const Fa=BigInt(0),_a=BigInt(1);var Oa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=pr(i),n=pr(n),r=pr(r),a=pr(a),r=gr(r,i),a=gr(a,n);const l=gr(pr(t.subarray(0,vr(n))),n);for(;;){if(o=Sr(_a,n),c=gr(fr(r,o,i),n),c===s)continue;const e=gr(a*c,n);if(h=gr(l+e,n),u=gr(mr(o,n)*h,n),u!==s)break}return{r:Ar(c,"be",vr(i)),s:Ar(u,"be",vr(i))}},validateParams:async function(e,t,r,i,n){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),r<=_a||r>=e)return!1;if(gr(e-_a,t)!==Fa)return!1;if(fr(r,t,e)!==_a)return!1;const a=BigInt(kr(t));if(a<BigInt(150)||!xr(t,null,32))return!1;n=pr(n);const s=BigInt(2);return i===fr(r,t*Sr(s<<a-_a,s<<a)+n,e)},verify:async function(e,t,r,i,n,a,s,o){if(t=pr(t),r=pr(r),a=pr(a),s=pr(s),n=pr(n),o=pr(o),t<=Fa||t>=s||r<=Fa||r>=s)return L.printDebug("invalid DSA Signature"),!1;const c=gr(pr(i.subarray(0,vr(s))),s),u=mr(r,s);if(u===Fa)return L.printDebug("invalid DSA Signature"),!1;n=gr(n,a),o=gr(o,a);const h=gr(c*u,s),l=gr(t*u,s);return gr(gr(fr(n,h,a)*fr(o,l,a),a),s)===t}});const Na=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),za=L.getWebCrypto(),Ha=L.getNodeCrypto();var ja={rsa:Hr,elgamal:Gr,elliptic:La,dsa:Oa,hmac:/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=za||Ha.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)},sign:async function(e,t,r){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=za||Ha.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=za||Ha.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}})};class Ga{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!L.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return L.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var qa=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{let e=L.readMPI(t.subarray(r));r+=e.length+2,e=L.leftPad(e,32);let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,32),{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*ja.elliptic.eddsa.getPayloadSize(e),n=L.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new Ga;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}default:throw new Gi("Unknown signature algorithm.")}},sign:async function(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await ja.rsa.sign(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:n,q:s}=r,{x:o}=i;return ja.dsa.sign(t,a,e,n,s,o)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return ja.elliptic.ecdsa.sign(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return ja.elliptic.eddsaLegacy.sign(e,t,n,s,o,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return ja.elliptic.eddsa.sign(e,t,n,s,o,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await ja.hmac.sign(e.getValue(),t,a);return{mac:new Ga(n)}}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i,o=L.leftPad(r.s,e.length);return ja.rsa.verify(t,a,o,e,n,s)}case T.publicKey.dsa:{const{g:e,p:n,q:a,y:o}=i,{r:c,s:u}=r;return ja.dsa.verify(t,c,u,s,e,n,a,o)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return ja.elliptic.ecdsa.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i;return ja.elliptic.eddsaLegacy.verify(e,t,r,a,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return ja.elliptic.eddsa.verify(e,t,r,a,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return ja.hmac.verify(e.getValue(),t,r.mac.data,s)}default:throw Error("Unknown signature algorithm.")}}});class Va{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return L.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class Wa{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new Gi("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return L.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const $a=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},Za=$a(T.aead),Xa=$a(T.symmetric),Qa=$a(T.hash);class Ya{static fromObject({wrappedKey:e,algorithm:t}){const r=new Ya;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=L.readExactSubarray(e,t,t+r),t+=r}write(){return L.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function Ja(e,t){const r=Kr(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await be.sha256(r)}}}function es(e){const{keySize:t}=re(e);return Kr(t)}function ts(e){const t=T.read(T.aead,e);return hr[t]}function rs(e){try{e.getName()}catch(e){throw new Gi("Unknown curve OID")}}function is(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new ja.elliptic.CurveWithOID(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.getPayloadSize(e);case T.publicKey.x25519:case T.publicKey.x448:return ja.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var ns=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return ja.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.eddsaLegacy:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.ecdh:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t,kdfParams:new Wa({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return ja.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return Ja(await ja.hmac.generate(i),new Qa(i));case T.publicKey.aead:return Ja(es(i),new Xa(i));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:es,getAEADMode:ts,getCipherParams:re,getCurvePayloadSize:is,getPreferredCurveHashAlgo:function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return ja.elliptic.getPreferredHashAlgo(t);case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=re(e),r=await Kr(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return L.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:L.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:L.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=new Va;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=is(e),n=L.readExactSubarray(t,r,r+i);r+=n.length;const a=new Ya;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new Za;r+=e.read(t.subarray(r));const{ivLength:i}=ts(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new Ga;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:function(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(i));i+=e.length+2;const r=L.readMPI(t.subarray(i));i+=r.length+2;const n=L.readMPI(t.subarray(i));i+=n.length+2;const a=L.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=is(e,r.oid);let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=is(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=is(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=is(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=be.getHashByteLength(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=re(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));r+=n.length+2;const a=L.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new Li;r+=e.read(t),rs(e);const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new Li;if(r+=e.read(t),rs(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new Li;r+=e.read(t),rs(e);const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=new Wa;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=L.readExactSubarray(t,r,r+is(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new Xa;r+=e.read(t);const i=be.getHashByteLength(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}default:throw new Gi("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return ja.rsa.decrypt(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i,s=t.p,o=r.x;return ja.elgamal.decrypt(e,n,s,o,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return ja.elliptic.ecdh.decrypt(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!L.isAES(o.algorithm))throw Error("AES session key expected");return ja.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=ts(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await ja.rsa.encrypt(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return ja.elgamal.encrypt(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await ja.elliptic.ecdh.encrypt(e,i,n,t,a);return{V:s,C:new Va(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!L.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await ja.elliptic.ecdhX.encrypt(e,n,i);return{ephemeralPublicKey:a,C:Ya.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=R.preferredAEADAlgorithm,o=ts(R.preferredAEADAlgorithm),{ivLength:c}=o,u=Kr(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new Za(s),iv:u,c:new Ga(l)}}default:return[]}},serializeParams:function(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac]),i=Object.keys(t).map((i=>{const n=t[i];return L.isUint8Array(n)?r.has(e)?n:L.uint8ArrayToMPI(n):n.write()}));return L.concatUint8Array(i)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return ja.rsa.validateParams(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return ja.dsa.validateParams(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return ja.elgamal.validateParams(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=ja.elliptic[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return ja.elliptic.eddsaLegacy.validateParams(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return ja.elliptic.eddsa.validateParams(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return ja.elliptic.ecdhX.validateParams(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return be.getHashByteLength(e.getValue())===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=re(e.getValue());return s===a.length&&L.equalsUint8Array(i,await be.sha256(n))}default:throw Error("Unknown public key algorithm.")}}});const as={cipher:ie,hash:be,mode:hr,publicKey:ja,signature:qa,random:Pr,pkcs1:Mr,pkcs5:Pa,aesKW:Zn};Object.assign(as,ns);class ss extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ss),this.name="Argon2OutOfMemoryError"}}let os,cs,us=2<<19;class hs{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return us}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){us=e}static reloadWasmModule(){os&&(cs=os(),cs.catch((()=>{})))}constructor(e=R){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=as.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return L.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{os=os||(await import("./argon2id.min.mjs")).default,cs=cs||os();const i=await cs,n=i({version:19,type:2,password:L.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>hs.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&hs.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new ss("Could not allocate required memory for Argon2"):e}}}class ls{constructor(e,t=R){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=as.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==L.uint8ArrayToString(e.subarray(t,t+3)))throw new Gi("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new Gi("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new Gi("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...L.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return L.concatUint8Array(e)}async produceKey(e,t){e=L.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=L.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=L.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=L.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await as.hash.digest(this.algorithm,t);r.push(a),i+=a.length,n++}return L.concatUint8Array(r).subarray(0,t)}}const ys=new Set([T.s2k.argon2,T.s2k.iterated]);function ps(e,t=R){switch(e){case T.s2k.argon2:return new hs(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new ls(e,t);default:throw new Gi("Unsupported S2K type")}}function gs(e){const{s2kType:t}=e;if(!ys.has(t))throw Error("The provided `config.s2kType` value is not allowed");return ps(t,e)}var fs=Uint8Array,ds=Uint16Array,ms=Uint32Array,ws=new fs([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),bs=new fs([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),ks=new fs([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),vs=function(e,t){for(var r=new ds(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new ms(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},As=vs(ws,2),Es=As[0],Ks=As[1];Es[28]=258,Ks[258]=28;for(var Ss=vs(bs,0),Ps=Ss[0],Us=Ss[1],Ds=new ds(32768),xs=0;xs<32768;++xs){var Cs=(43690&xs)>>>1|(21845&xs)<<1;Cs=(61680&(Cs=(52428&Cs)>>>2|(13107&Cs)<<2))>>>4|(3855&Cs)<<4,Ds[xs]=((65280&Cs)>>>8|(255&Cs)<<8)>>>1}var Bs=function(e,t,r){for(var i=e.length,n=0,a=new ds(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new ds(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new ds(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[Ds[l]>>>c]=u}else for(s=new ds(i),n=0;n<i;++n)e[n]&&(s[n]=Ds[o[e[n]-1]++]>>>15-e[n]);return s},Is=new fs(288);for(xs=0;xs<144;++xs)Is[xs]=8;for(xs=144;xs<256;++xs)Is[xs]=9;for(xs=256;xs<280;++xs)Is[xs]=7;for(xs=280;xs<288;++xs)Is[xs]=8;var Ts=new fs(32);for(xs=0;xs<32;++xs)Ts[xs]=5;var Rs=/*#__PURE__*/Bs(Is,9,0),Ms=/*#__PURE__*/Bs(Is,9,1),Ls=/*#__PURE__*/Bs(Ts,5,0),Fs=/*#__PURE__*/Bs(Ts,5,1),_s=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Os=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Ns=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},zs=function(e){return(e+7)/8|0},Hs=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?ds:4==e.BYTES_PER_ELEMENT?ms:fs)(r-t);return i.set(e.subarray(t,r)),i},js=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],Gs=function(e,t,r){var i=Error(t||js[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,Gs),!r)throw i;return i},qs=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},Vs=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},Ws=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[eo,0];if(1==n){var s=new fs(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new ds(y+1),g=$s(r[h-1],p,0);if(g>t){i=0;var f=0,d=g-t,m=1<<d;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;f+=m-(1<<g-p[w]),p[w]=t}for(f>>>=d;f>0;){var b=a[i].s;p[b]<t?f-=1<<t-p[b]++-1:++i}for(;i>=0&&f;--i){var k=a[i].s;p[k]==t&&(--p[k],++f)}g=t}return[new fs(p),g]},$s=function(e,t,r){return-1==e.s?Math.max($s(e.l,t,r+1),$s(e.r,t,r+1)):t[e.s]=r},Zs=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new ds(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},Xs=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Qs=function(e,t,r){var i=r.length,n=zs(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},Ys=function(e,t,r,i,n,a,s,o,c,u,h){qs(t,h++,r),++n[256];for(var l=Ws(n,15),y=l[0],p=l[1],g=Ws(a,15),f=g[0],d=g[1],m=Zs(y),w=m[0],b=m[1],k=Zs(f),v=k[0],A=k[1],E=new ds(19),K=0;K<w.length;++K)E[31&w[K]]++;for(K=0;K<v.length;++K)E[31&v[K]]++;for(var S=Ws(E,7),P=S[0],U=S[1],D=19;D>4&&!P[ks[D-1]];--D);var x,C,B,I,T=u+5<<3,R=Xs(n,Is)+Xs(a,Ts)+s,M=Xs(n,y)+Xs(a,f)+s+14+3*D+Xs(E,P)+(2*E[16]+3*E[17]+7*E[18]);if(T<=R&&T<=M)return Qs(t,h,e.subarray(c,c+u));if(qs(t,h,1+(M<R)),h+=2,M<R){x=Bs(y,p,0),C=y,B=Bs(f,d,0),I=f;var L=Bs(P,U,0);qs(t,h,b-257),qs(t,h+5,A-1),qs(t,h+10,D-4),h+=14;for(K=0;K<D;++K)qs(t,h+3*K,P[ks[K]]);h+=3*D;for(var F=[w,v],_=0;_<2;++_){var O=F[_];for(K=0;K<O.length;++K){var N=31&O[K];qs(t,h,L[N]),h+=P[N],N>15&&(qs(t,h,O[K]>>>5&127),h+=O[K]>>>12)}}}else x=Rs,C=Is,B=Ls,I=Ts;for(K=0;K<o;++K)if(i[K]>255){N=i[K]>>>18&31;Vs(t,h,x[N+257]),h+=C[N+257],N>7&&(qs(t,h,i[K]>>>23&31),h+=ws[N]);var z=31&i[K];Vs(t,h,B[z]),h+=I[z],z>3&&(Vs(t,h,i[K]>>>5&8191),h+=bs[z])}else Vs(t,h,x[i[K]]),h+=C[i[K]];return Vs(t,h,x[256]),h+C[256]},Js=/*#__PURE__*/new ms([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),eo=/*#__PURE__*/new fs(0),to=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new fs(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=Qs(c,u+1,e.subarray(h,l))}else{for(var y=Js[t-1],p=y>>>13,g=8191&y,f=(1<<r)-1,d=new ds(32768),m=new ds(f+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&f},v=new ms(25e3),A=new ds(288),E=new ds(32),K=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),C=32767&h,B=m[x];if(d[C]=B,m[x]=C,U<=h){var I=s-h;if((K>7e3||P>24576)&&I>423){u=Ys(e,c,0,v,A,E,S,P,D,h-D,u),P=K=S=0,D=h;for(var T=0;T<286;++T)A[T]=0;for(T=0;T<30;++T)E[T]=0}var R=2,M=0,L=g,F=C-B&32767;if(I>2&&x==k(h-F))for(var _=Math.min(p,I)-1,O=Math.min(32767,h),N=Math.min(258,I);F<=O&&--L&&C!=B;){if(e[h+R]==e[h+R-F]){for(var z=0;z<N&&e[h+z]==e[h+z-F];++z);if(z>R){if(R=z,M=F,z>_)break;var H=Math.min(F,z-2),j=0;for(T=0;T<H;++T){var G=h-F+T+32768&32767,q=G-d[G]+32768&32767;q>j&&(j=q,B=G)}}}F+=(C=B)-(B=d[C])+32768&32767}if(M){v[P++]=268435456|Ks[R]<<18|Us[M];var V=31&Ks[R],W=31&Us[M];S+=ws[V]+bs[W],++A[257+V],++E[W],U=h+R,++K}else v[P++]=e[h],++A[e[h]]}}u=Ys(e,c,a,v,A,E,S,P,D,h-D,u),!a&&7&u&&(u=Qs(c,u+1,eo))}return Hs(o,0,i+zs(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},ro=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(to(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||Gs(5),this.d&&Gs(4),this.d=t,this.p(e,t||!1)},e}(),io=/*#__PURE__*/function(){function e(e){this.s={},this.p=new fs(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||Gs(5),this.d&&Gs(4);var t=this.p.length,r=new fs(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new fs(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new fs(3*i));var s=function(e){var r=t.length;if(e>r){var i=new fs(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=Os(e,c,1);var f=Os(e,c+1,3);if(c+=3,!f){var d=e[(U=zs(c)+4)-4]|e[U-3]<<8,m=U+d;if(m>i){a&&Gs(0);break}n&&s(u+d),t.set(e.subarray(U,m),u),r.b=u+=d,r.p=c=8*m,r.f=o;continue}if(1==f)h=Ms,l=Fs,y=9,p=5;else if(2==f){var w=Os(e,c,31)+257,b=Os(e,c+10,15)+4,k=w+Os(e,c+5,31)+1;c+=14;for(var v=new fs(k),A=new fs(19),E=0;E<b;++E)A[ks[E]]=Os(e,c+3*E,7);c+=3*b;var K=_s(A),S=(1<<K)-1,P=Bs(A,K,1);for(E=0;E<k;){var U,D=P[Os(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[E++]=U;else{var x=0,C=0;for(16==U?(C=3+Os(e,c,3),c+=2,x=v[E-1]):17==U?(C=3+Os(e,c,7),c+=3):18==U&&(C=11+Os(e,c,127),c+=7);C--;)v[E++]=x}}var B=v.subarray(0,w),I=v.subarray(w);y=_s(B),p=_s(I),h=Bs(B,y,1),l=Bs(I,p,1)}else Gs(1);if(c>g){a&&Gs(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,R=(1<<p)-1,M=c;;M=c){var L=(x=h[Ns(e,c)&T])>>>4;if((c+=15&x)>g){a&&Gs(0);break}if(x||Gs(2),L<256)t[u++]=L;else{if(256==L){M=c,h=null;break}var F=L-254;if(L>264){var _=ws[E=L-257];F=Os(e,c,(1<<_)-1)+Es[E],c+=_}var O=l[Ns(e,c)&R],N=O>>>4;if(O||Gs(3),c+=15&O,I=Ps[N],N>3&&(_=bs[N],I+=Ns(e,c)&(1<<_)-1,c+=_),c>g){a&&Gs(0);break}n&&s(u+131072);for(var z=u+F;u<z;u+=4)t[u]=t[u-I],t[u+1]=t[u+1-I],t[u+2]=t[u+2-I],t[u+3]=t[u+3-I];u=z}}r.l=h,r.p=M,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:Hs(t,0,u)}(this.p,this.o,this.s);this.ondata(Hs(r,t,this.s.b),this.d),this.o=Hs(r,this.s.b-32768),this.s.b=this.o.length,this.p=Hs(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),no=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,ro.call(this,e,t)}return e.prototype.push=function(e,t){ro.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=to(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),ao=/*#__PURE__*/function(){function e(e){this.v=1,io.call(this,e)}return e.prototype.push=function(e,t){if(io.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&Gs(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),io.prototype.c.call(this,t)},e}(),so="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{so.decode(eo,{stream:!0}),1}catch(e){}var oo=[0,1,3,7,15,31,63,127,255],co=function(e){this.stream=e,this.bitOffset=0,this.curByte=0,this.hasByte=!1};co.prototype._ensureByte=function(){this.hasByte||(this.curByte=this.stream.readByte(),this.hasByte=!0)},co.prototype.read=function(e){for(var t=0;e>0;){this._ensureByte();var r=8-this.bitOffset;if(e>=r)t<<=r,t|=oo[r]&this.curByte,this.hasByte=!1,this.bitOffset=0,e-=r;else{t<<=e;var i=r-e;t|=(this.curByte&oo[e]<<i)>>i,this.bitOffset+=e,e=0}}return t},co.prototype.seek=function(e){var t=e%8,r=(e-t)/8;this.bitOffset=t,this.stream.seek(r),this.hasByte=!1},co.prototype.pi=function(){var e,t=new Uint8Array(6);for(e=0;e<t.length;e++)t[e]=this.read(8);return function(e){return Array.prototype.map.call(e,(e=>("00"+e.toString(16)).slice(-2))).join("")}(t)};var uo=co,ho=function(){};ho.prototype.readByte=function(){throw Error("abstract method readByte() not implemented")},ho.prototype.read=function(e,t,r){for(var i=0;i<r;){var n=this.readByte();if(n<0)return 0===i?-1:i;e[t++]=n,i++}return i},ho.prototype.seek=function(e){throw Error("abstract method seek() not implemented")},ho.prototype.writeByte=function(e){throw Error("abstract method readByte() not implemented")},ho.prototype.write=function(e,t,r){var i;for(i=0;i<r;i++)this.writeByte(e[t++]);return r},ho.prototype.flush=function(){};var lo,yo=ho,po=(lo=new Uint32Array([0,79764919,159529838,222504665,319059676,398814059,445009330,507990021,638119352,583659535,797628118,726387553,890018660,835552979,1015980042,944750013,1276238704,1221641927,1167319070,1095957929,1595256236,1540665371,1452775106,1381403509,1780037320,1859660671,1671105958,1733955601,2031960084,2111593891,1889500026,1952343757,2552477408,2632100695,2443283854,2506133561,2334638140,2414271883,2191915858,2254759653,3190512472,3135915759,3081330742,3009969537,2905550212,2850959411,2762807018,2691435357,3560074640,3505614887,3719321342,3648080713,3342211916,3287746299,3467911202,3396681109,4063920168,4143685023,4223187782,4286162673,3779000052,3858754371,3904687514,3967668269,881225847,809987520,1023691545,969234094,662832811,591600412,771767749,717299826,311336399,374308984,453813921,533576470,25881363,88864420,134795389,214552010,2023205639,2086057648,1897238633,1976864222,1804852699,1867694188,1645340341,1724971778,1587496639,1516133128,1461550545,1406951526,1302016099,1230646740,1142491917,1087903418,2896545431,2825181984,2770861561,2716262478,3215044683,3143675388,3055782693,3001194130,2326604591,2389456536,2200899649,2280525302,2578013683,2640855108,2418763421,2498394922,3769900519,3832873040,3912640137,3992402750,4088425275,4151408268,4197601365,4277358050,3334271071,3263032808,3476998961,3422541446,3585640067,3514407732,3694837229,3640369242,1762451694,1842216281,1619975040,1682949687,2047383090,2127137669,1938468188,2001449195,1325665622,1271206113,1183200824,1111960463,1543535498,1489069629,1434599652,1363369299,622672798,568075817,748617968,677256519,907627842,853037301,1067152940,995781531,51762726,131386257,177728840,240578815,269590778,349224269,429104020,491947555,4046411278,4126034873,4172115296,4234965207,3794477266,3874110821,3953728444,4016571915,3609705398,3555108353,3735388376,3664026991,3290680682,3236090077,3449943556,3378572211,3174993278,3120533705,3032266256,2961025959,2923101090,2868635157,2813903052,2742672763,2604032198,2683796849,2461293480,2524268063,2284983834,2364738477,2175806836,2238787779,1569362073,1498123566,1409854455,1355396672,1317987909,1246755826,1192025387,1137557660,2072149281,2135122070,1912620623,1992383480,1753615357,1816598090,1627664531,1707420964,295390185,358241886,404320391,483945776,43990325,106832002,186451547,266083308,932423249,861060070,1041341759,986742920,613929101,542559546,756411363,701822548,3316196985,3244833742,3425377559,3370778784,3601682597,3530312978,3744426955,3689838204,3819031489,3881883254,3928223919,4007849240,4037393693,4100235434,4180117107,4259748804,2310601993,2373574846,2151335527,2231098320,2596047829,2659030626,2470359227,2550115596,2947551409,2876312838,2788305887,2733848168,3165939309,3094707162,3040238851,2985771188]),function(){var e=4294967295;this.getCRC=function(){return~e>>>0},this.updateCRC=function(t){e=e<<8^lo[255&(e>>>24^t)]},this.updateCRCRun=function(t,r){for(;r-- >0;)e=e<<8^lo[255&(e>>>24^t)]}}),go=uo,fo=yo,mo=po,wo=function(e,t){var r,i=e[t];for(r=t;r>0;r--)e[r]=e[r-1];return e[0]=i,i},bo={OK:0,LAST_BLOCK:-1,NOT_BZIP_DATA:-2,UNEXPECTED_INPUT_EOF:-3,UNEXPECTED_OUTPUT_EOF:-4,DATA_ERROR:-5,OUT_OF_MEMORY:-6,OBSOLETE_INPUT:-7,END_OF_BLOCK:-8},ko={};ko[bo.LAST_BLOCK]="Bad file checksum",ko[bo.NOT_BZIP_DATA]="Not bzip data",ko[bo.UNEXPECTED_INPUT_EOF]="Unexpected input EOF",ko[bo.UNEXPECTED_OUTPUT_EOF]="Unexpected output EOF",ko[bo.DATA_ERROR]="Data error",ko[bo.OUT_OF_MEMORY]="Out of memory",ko[bo.OBSOLETE_INPUT]="Obsolete (pre 0.9.5) bzip format not supported.";var vo=function(e,t){var r=ko[e]||"unknown error";t&&(r+=": "+t);var i=new TypeError(r);throw i.errorCode=e,i},Ao=function(e,t){this.writePos=this.writeCurrent=this.writeCount=0,this._start_bunzip(e,t)};Ao.prototype._init_block=function(){return this._get_next_block()?(this.blockCRC=new mo,!0):(this.writeCount=-1,!1)},Ao.prototype._start_bunzip=function(e,t){var r=new Uint8Array(4);4===e.read(r,0,4)&&"BZh"===String.fromCharCode(r[0],r[1],r[2])||vo(bo.NOT_BZIP_DATA,"bad magic");var i=r[3]-48;(i<1||i>9)&&vo(bo.NOT_BZIP_DATA,"level out of range"),this.reader=new go(e),this.dbufSize=1e5*i,this.nextoutput=0,this.outputStream=t,this.streamCRC=0},Ao.prototype._get_next_block=function(){var e,t,r,i=this.reader,n=i.pi();if("177245385090"===n)return!1;"314159265359"!==n&&vo(bo.NOT_BZIP_DATA),this.targetBlockCRC=i.read(32)>>>0,this.streamCRC=(this.targetBlockCRC^(this.streamCRC<<1|this.streamCRC>>>31))>>>0,i.read(1)&&vo(bo.OBSOLETE_INPUT);var a=i.read(24);a>this.dbufSize&&vo(bo.DATA_ERROR,"initial position out of bounds");var s=i.read(16),o=new Uint8Array(256),c=0;for(e=0;e<16;e++)if(s&1<<15-e){var u=16*e;for(r=i.read(16),t=0;t<16;t++)r&1<<15-t&&(o[c++]=u+t)}var h=i.read(3);(h<2||h>6)&&vo(bo.DATA_ERROR);var l=i.read(15);0===l&&vo(bo.DATA_ERROR);var y=new Uint8Array(256);for(e=0;e<h;e++)y[e]=e;var p=new Uint8Array(l);for(e=0;e<l;e++){for(t=0;i.read(1);t++)t>=h&&vo(bo.DATA_ERROR);p[e]=wo(y,t)}var g,f=c+2,d=[];for(t=0;t<h;t++){var m,w,b=new Uint8Array(f),k=new Uint16Array(21);for(s=i.read(5),e=0;e<f;e++){for(;(s<1||s>20)&&vo(bo.DATA_ERROR),i.read(1);)i.read(1)?s--:s++;b[e]=s}for(m=w=b[0],e=1;e<f;e++)b[e]>w?w=b[e]:b[e]<m&&(m=b[e]);g={},d.push(g),g.permute=new Uint16Array(258),g.limit=new Uint32Array(22),g.base=new Uint32Array(21),g.minLen=m,g.maxLen=w;var v=0;for(e=m;e<=w;e++)for(k[e]=g.limit[e]=0,s=0;s<f;s++)b[s]===e&&(g.permute[v++]=s);for(e=0;e<f;e++)k[b[e]]++;for(v=s=0,e=m;e<w;e++)v+=k[e],g.limit[e]=v-1,v<<=1,s+=k[e],g.base[e+1]=v-s;g.limit[w+1]=Number.MAX_VALUE,g.limit[w]=v+k[w]-1,g.base[m]=0}var A=new Uint32Array(256);for(e=0;e<256;e++)y[e]=e;var E,K=0,S=0,P=0,U=this.dbuf=new Uint32Array(this.dbufSize);for(f=0;;){for(f--||(f=49,P>=l&&vo(bo.DATA_ERROR),g=d[p[P++]]),e=g.minLen,t=i.read(e);e>g.maxLen&&vo(bo.DATA_ERROR),!(t<=g.limit[e]);e++)t=t<<1|i.read(1);((t-=g.base[e])<0||t>=258)&&vo(bo.DATA_ERROR);var D=g.permute[t];if(0!==D&&1!==D){if(K)for(K=0,S+s>this.dbufSize&&vo(bo.DATA_ERROR),A[E=o[y[0]]]+=s;s--;)U[S++]=E;if(D>c)break;S>=this.dbufSize&&vo(bo.DATA_ERROR),A[E=o[E=wo(y,e=D-1)]]++,U[S++]=E}else K||(K=1,s=0),s+=0===D?K:2*K,K<<=1}for((a<0||a>=S)&&vo(bo.DATA_ERROR),t=0,e=0;e<256;e++)r=t+A[e],A[e]=t,t=r;for(e=0;e<S;e++)U[A[E=255&U[e]]]|=e<<8,A[E]++;var x=0,C=0,B=0;return S&&(C=255&(x=U[a]),x>>=8,B=-1),this.writePos=x,this.writeCurrent=C,this.writeCount=S,this.writeRun=B,!0},Ao.prototype._read_bunzip=function(e,t){var r,i,n;if(this.writeCount<0)return 0;var a=this.dbuf,s=this.writePos,o=this.writeCurrent,c=this.writeCount;this.outputsize;for(var u=this.writeRun;c;){for(c--,i=o,o=255&(s=a[s]),s>>=8,3==u++?(r=o,n=i,o=-1):(r=1,n=o),this.blockCRC.updateCRCRun(n,r);r--;)this.outputStream.writeByte(n),this.nextoutput++;o!=i&&(u=0)}return this.writeCount=c,this.blockCRC.getCRC()!==this.targetBlockCRC&&vo(bo.DATA_ERROR,"Bad block CRC (got "+this.blockCRC.getCRC().toString(16)+" expected "+this.targetBlockCRC.toString(16)+")"),this.nextoutput};var Eo=function(e){if("readByte"in e)return e;var t=new fo;return t.pos=0,t.readByte=function(){return e[this.pos++]},t.seek=function(e){this.pos=e},t.eof=function(){return this.pos>=e.length},t},Ko=function(e){var t=new fo,r=!0;if(e)if("number"==typeof e)t.buffer=new Uint8Array(e),r=!1;else{if("writeByte"in e)return e;t.buffer=e,r=!1}else t.buffer=new Uint8Array(16384);return t.pos=0,t.writeByte=function(e){if(r&&this.pos>=this.buffer.length){var t=new Uint8Array(2*this.buffer.length);t.set(this.buffer),this.buffer=t}this.buffer[this.pos++]=e},t.getBuffer=function(){if(this.pos!==this.buffer.length){if(!r)throw new TypeError("outputsize does not match decoded input");var e=new Uint8Array(this.pos);e.set(this.buffer.subarray(0,this.pos)),this.buffer=e}return this.buffer},t._coerced=!0,t};var So=function(e,t,r){for(var i=Eo(e),n=Ko(t),a=new Ao(i,n);!("eof"in i)||!i.eof();)if(a._init_block())a._read_bunzip();else{var s=a.reader.read(32)>>>0;if(s!==a.streamCRC&&vo(bo.DATA_ERROR,"Bad stream CRC (got "+a.streamCRC.toString(16)+" expected "+s.toString(16)+")"),!r||!("eof"in i)||i.eof())break;a._start_bunzip(i,n)}if("getBuffer"in n)return n.getBuffer()};class Po{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=L.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||L.isStream(this.text))&&(this.text=L.decodeUTF8(L.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=L.canonicalizeEOL(L.encodeUTF8(this.text))),e?K(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await A(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=L.decodeUTF8(await e.readBytes(r)),this.date=L.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=L.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=L.writeDate(this.date);return L.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return L.concat([e,t])}}class Uo{constructor(){this.bytes=""}read(e){return this.bytes=L.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return L.stringToUint8Array(this.bytes)}toHex(){return L.uint8ArrayToHex(L.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new Uo;return t.read(L.hexToUint8Array(e)),t}static wildcard(){const e=new Uo;return e.read(new Uint8Array(8)),e}}const Do=Symbol("verified"),xo="salt@notations.openpgpjs.org",Co=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class Bo{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new Uo,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[Do]=null}read(e,t=R){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=as.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>as.serializeParams(this.publicKeyAlgorithm,await this.params))):as.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),L.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=L.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=To(this.hashAlgorithm);if(null===this.salt)this.salt=as.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===xo)).length)throw Error("Unexpected existing salt notation");{const e=as.random.getRandomBytes(To(this.hashAlgorithm));this.rawNotations.push({name:xo,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=L.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(E(o),0,2);const c=async()=>as.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));L.isStream(o)?this.params=c():(this.params=await c(),this[Do]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Io(e.signatureCreationTime,!0,L.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Io(e.signatureExpirationTime,!0,L.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Io(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Io(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Io(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Io(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Io(e.keyExpirationTime,!0,L.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Io(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=L.concat([r,this.revocationKeyFingerprint]),t.push(Io(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Io(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=L.encodeUTF8(i);r.push(L.writeNumber(o.length,2)),r.push(L.writeNumber(n.length,2)),r.push(o),r.push(n),r=L.concat(r),t.push(Io(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Io(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Io(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyServerPreferences)),t.push(Io(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Io(e.preferredKeyServer,!1,L.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Io(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Io(e.policyURI,!1,L.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyFlags)),t.push(Io(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Io(e.signersUserID,!1,L.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=L.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Io(e.reasonForRevocation,!0,r))),null!==this.features&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.features)),t.push(Io(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(L.stringToUint8Array(this.signatureTargetHash)),r=L.concat(r),t.push(Io(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Io(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=L.concat(r),t.push(Io(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Io(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Io(e.preferredCipherSuites,!1,r)));const i=L.concat(t),n=L.writeNumber(i.length,6===this.version?4:2);return L.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Io(e,t,r))),t=L.concat(e),r=L.writeNumber(t.length,6===this.version?4:2);return L.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),Co.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=L.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=L.readNumber(e.subarray(r,r+2));r+=2;const a=L.readNumber(e.subarray(r,r+2));r+=2;const s=L.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=L.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=as.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=L.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Bo,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=L.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Fi(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?L.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return L.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return L.concat([this.toSign(r.key,t),new Uint8Array([i]),L.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return L.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(E(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(L.writeNumber(r,4)),L.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return L.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==To(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),as.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=R){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[Do]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[Do]=await as.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[Do])throw Error("Signature verification failed")}const o=L.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=L.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Io(e,t,r){const i=[];return i.push(_i(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),L.concat(i)}function To(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Ro{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Ro;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new Uo,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new Uo,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),L.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>Bo.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!L.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!L.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Mo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new qi("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Ro.prototype.hash=Bo.prototype.hash,Ro.prototype.toHash=Bo.prototype.toHash,Ro.prototype.toSign=Bo.prototype.toSign;class Lo extends Array{static async fromBinary(e,t,r=R){const i=new Lo;return await i.read(e,t,r),i}async read(e,t,r=R){r.additionalAllowedPackets.length&&(t={...t,...L.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=B(i);try{for(;;){await n.ready;if(await ji(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=Mo(e.tag,t);i.packets=new Lo,i.fromStream=L.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof qi){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof Gi,a=!(r.ignoreMalformedPackets||t instanceof Gi);if(i||a||Hi(e.tag))await n.abort(t);else{const t=new Vi(e.tag,e.packet);await n.write(t)}L.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=C(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Hi(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Vi?this[t].tag:this[t].constructor.tag,i=this[t].write();if(L.isStream(i)&&Hi(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Ni(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=L.concat([Oi(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>L.concat([_i(n)].concat(t)))))}else{if(L.isStream(i)){let t=0;e.push(k(E(i),(e=>{t+=e.length}),(()=>zi(r,t))))}else e.push(zi(r,i.length));e.push(i)}}return L.concat(e)}filterByTag(...e){const t=new Lo,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const Fo=/*#__PURE__*/L.constructAllowedPackets([Po,Ro,Bo]);class _o{static get tag(){return T.packet.compressedData}constructor(e=R){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=R){await A(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),L.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=R){const t=T.read(T.compression,this.algorithm),r=jo[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Lo.fromBinary(r(this.compressed),Fo,e)}compress(){const e=T.read(T.compression,this.algorithm),t=Ho[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Oo(e,t){return r=>{if(!L.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function No(e){return function(t){return x((async()=>e(await U(t))))}}const zo=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),Ho={zip:/*#__PURE__*/Oo(zo("deflate-raw").compressor,ro),zlib:/*#__PURE__*/Oo(zo("deflate").compressor,no)},jo={uncompressed:e=>e,zip:/*#__PURE__*/Oo(zo("deflate-raw").decompressor,io),zlib:/*#__PURE__*/Oo(zo("deflate").decompressor,ao),bzip2:/*#__PURE__*/No(So)},Go=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class qo{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new qo;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new Gi(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):L.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=R){let i=this.packets.write();if(s(i)&&(i=await U(i)),2===this.version)this.cipherAlgorithm=e,this.salt=as.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Vo(this,"encrypt",t,i);else{const{blockSize:n}=as.getCipherParams(e),a=await as.getPrefixRandom(e),s=new Uint8Array([211,20]),o=L.concat([a,i,s]),c=await as.hash.sha1(K(o)),u=L.concat([o,c]);this.encrypted=await as.mode.cfb.encrypt(e,t,u,new Uint8Array(n),r)}return!0}async decrypt(e,t,r=R){let i,n=E(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version)i=await Vo(this,"decrypt",t,n);else{const{blockSize:a}=as.getCipherParams(e),s=await as.mode.cfb.decrypt(e,t,n,new Uint8Array(a)),o=P(K(s),-20),c=P(s,0,-20),u=Promise.all([U(await as.hash.sha1(K(c))),U(o)]).then((([e,t])=>{if(!L.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=d([i,x((()=>u))]),L.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await Lo.fromBinary(i,Go,r),!0}}async function Vo(e,t,r,i){const n=e instanceof qo&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=as.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),f=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let d,w,b=0,k=Promise.resolve(),A=0,E=0;if(n){const{keySize:t}=as.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await Qn(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),d=a.subarray(t),d.fill(0,d.length-8),w=new DataView(d.buffer,d.byteOffset,d.byteLength)}else d=e.iv;const K=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==L.isStream(r)){const t=new TransformStream({},{highWaterMark:L.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=C(r),s=B(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=d;else{m=d.slice();for(let e=0;e<8;e++)m[d.length-8+e]^=f[e]}if(!b||e.length?(a.unshift(r),i=K[t](e,m,y),i.catch((()=>{})),E+=e.length-o+c):(g.setInt32(5+h+4,A),i=K[t](r,m,p),i.catch((()=>{})),E+=c,l=!0),A+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),E-=e.length})).catch((e=>s.abort(e))),(l||E>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(d.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const Wo=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class $o{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{const t=await e.readByte();if(1!==t)throw new Gi(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=as.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=R){this.packets=await Lo.fromBinary(await Vo(this,"decrypt",t,E(this.encrypted)),Wo,r)}async encrypt(e,t,r=R){this.cipherAlgorithm=e;const{ivLength:i}=as.getAEADMode(this.aeadAlgorithm);this.iv=as.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await Vo(this,"encrypt",t,n)}}class Zo{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new Uo,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new Zo;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?Uo.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=Uo.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=as.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),this.publicKeyAlgorithm===T.publicKey.x25519||this.publicKeyAlgorithm===T.publicKey.x448)if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),as.serializeParams(this.publicKeyAlgorithm,this.encrypted)),L.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=Xo(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await as.publicKeyEncrypt(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?Xo(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await as.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=L.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:L.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:L.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);3===this.version&&this.publicKeyAlgorithm!==T.publicKey.x25519&&this.publicKeyAlgorithm!==T.publicKey.x448&&(this.sessionKeyAlgorithm=s),this.sessionKey=a}}function Xo(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return L.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,L.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:return i;default:throw Error("Unsupported public key algorithm")}}class Qo{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=R){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=T.symmetric.aes256,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=ps(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=as.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=L.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=L.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=L.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=L.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=as.getCipherParams(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=as.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|Qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await Qn(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await as.mode.cfb.decrypt(t,n,this.encrypted,new Uint8Array(r));this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length)}else this.sessionKey=n}async encrypt(e,t=R){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=gs(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=as.getCipherParams(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=as.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=as.getAEADMode(this.aeadAlgorithm);this.iv=as.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|Qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Qn(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=L.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await as.mode.cfb.encrypt(r,a,e,new Uint8Array(i),t)}}}class Yo{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=R){this.version=t.v6Keys?6:4,this.created=L.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Yo,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=R){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=L.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=as.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new Gi(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(L.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=as.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(L.writeNumber(t.length,4)),e.push(t),L.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return L.concatUint8Array([new Uint8Array([r]),L.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new Uo,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await as.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await as.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return L.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&L.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=L.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Yo.prototype.readPublicKey=Yo.prototype.read,Yo.prototype.writePublicKey=Yo.prototype.write;const Jo=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class ec{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=R){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=as.getCipherParams(e),n=await U(E(this.encrypted)),a=await as.mode.cfb.decrypt(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await Lo.fromBinary(a,Jo,r)}async encrypt(e,t,r=R){const i=this.packets.write(),{blockSize:n}=as.getCipherParams(e),a=await as.getPrefixRandom(e),s=await as.mode.cfb.encrypt(e,t,a,new Uint8Array(n),r),o=await as.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=L.concat([s,o])}}class tc{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class rc extends Yo{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new rc,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class ic{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Fi(e.subarray(t,e.length));t+=r.offset,this.attributes.push(L.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(_i(this.attributes[t].length)),e.push(L.stringToUint8Array(this.attributes[t]));return L.concatUint8Array(e)}equals(e){return!!(e&&e instanceof ic)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class nc extends Yo{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=R){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=R){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=ps(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+as.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+as.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!L.equalsUint8Array(L.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=as.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof Gi)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return L.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=as.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(L.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(L.writeChecksum(this.keyMaterial))),L.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=R){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=ps(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=R){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=gs(t),this.s2k.generateSalt();const r=as.serializeParams(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=as.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=as.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Ni(this.constructor.tag),s=await ac(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?as.random.getRandomBytes(i):as.random.getRandomBytes(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const n=await ac(this.version,this.s2k,e,this.symmetric);this.iv=as.random.getRandomBytes(i),this.keyMaterial=await as.mode.cfb.encrypt(this.symmetric,n,L.concatUint8Array([r,await as.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Ni(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await ac(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=as.getAEADMode(this.aead),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await as.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await as.hash.sha1(i);if(!L.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=as.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await as.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);const{privateParams:i,publicParams:n}=await as.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function ac(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=as.getCipherParams(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=L.concatUint8Array([a,new Uint8Array([e,i,n])]);return Qn(T.hash.sha256,c,new Uint8Array,u,o)}class sc{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(L.isString(e)||e.name&&!L.isString(e.name)||e.email&&!L.isEmailAddress(e.email)||e.comment&&!L.isString(e.comment))throw Error("Invalid user ID format");const t=new sc;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=R){const r=L.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return L.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class oc extends nc{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=R){super(e,t)}}class cc{static get tag(){return T.packet.trust}read(){throw new Gi("Trust packets are not supported")}write(){throw new Gi("Trust packets are not supported")}}class uc{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await as.random.getRandomBytes(e)}}const hc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class lc{constructor(e){this.packets=e||new Lo}write(){return this.packets.write()}armor(e=R){const t=this.packets.some((e=>e.constructor.tag===Bo.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function yc({armoredSignature:e,binarySignature:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!L.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!L.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await Q(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await Lo.fromBinary(n,hc,r);return new lc(s)}async function pc(e,t){const r=new oc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function gc(e,t){const r=new nc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function fc(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw L.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function dc(e,t,r=new Date){const i=L.normalizeDate(r);if(null!==i){const r=vc(e,t);return!(e.created<=i&&i<r)}return!1}async function mc(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await wc(n,null,e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await wc(n,null,t,a,r.date,void 0,void 0,void 0,i)}async function wc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Bo;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i={},n){let a=n.preferredHashAlgorithm,s=a;if(e){const t=await e.getPrimarySelfSignature(r,i,n);t.preferredHashAlgorithms&&([s]=t.preferredHashAlgorithms,a=as.hash.getHashByteLength(a)<=as.hash.getHashByteLength(s)?s:a)}switch(t.algorithm){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:s=as.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid)}return as.hash.getHashByteLength(a)<=as.hash.getHashByteLength(s)?s:a}(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function bc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return L.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function kc(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function vc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function Ac(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function Ec(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function Kc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function Sc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function Pc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class Uc{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Lo;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new Uc(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new Uc(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return wc(n,e,a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=R){const n=this.mainKey.keyPacket;return kc(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw L.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw L.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await bc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await bc(e,this,"otherCertifications",t),await bc(e,this,"revocationSignatures",t,(function(e){return kc(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=R){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new Uc(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await wc(a,null,e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class Dc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Lo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new Dc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=R){const n=this.mainKey.keyPacket;return kc(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=R){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await fc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(dc(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=R){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await fc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=vc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=R){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await bc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await bc(e,this,"revocationSignatures",t,(function(e){return kc(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=R){const a={key:e,bind:this.keyPacket},s=new Dc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await wc(a,null,e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{Dc.prototype[e]=function(){return this.keyPacket[e]()}}));const xc=/*#__PURE__*/L.constructAllowedPackets([Bo]),Cc=new Set([T.packet.publicKey,T.packet.privateKey]),Bc=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class Ic{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Vi){Bc.has(s.tag)&&!a&&(a=Cc.has(s.tag)?Cc:Bc);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new Uc(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new Dc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){L.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){L.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){L.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new Lo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=R){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Pc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await fc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!Ec(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await fc([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),Pc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Ec(n,a,i))return Pc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=R){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Pc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await fc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(Kc(r.keyPacket,a,i))return Pc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Kc(n,a,i))return Pc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=R){return kc(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=R){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(dc(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await fc(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&dc(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=R){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=vc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await fc(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=vc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return L.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=R){const i=this.keyPacket;if(6===i.version)return fc(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=R){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await fc(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=R){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await bc(e,i,"revocationSignatures",t,(n=>kc(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await bc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=R){const r={key:this.keyPacket},i=await fc(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new Lo;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=R){const i=await Q(e),n=(await Lo.fromBinary(i.data,xc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw L.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=R){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=R){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=R){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=R){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{Ic.prototype[e]=Dc.prototype[e]}));class Tc extends Ic{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=R){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Rc extends Tc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Lo,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Yo.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=rc.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Tc(e)}armor(e=R){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=R){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await fc(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);Sc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!Sc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=R){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=R){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await wc(n,null,this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={...R,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=Ac(e,i);const n=await pc(e,{...t,v6Keys:6===this.keyPacket.version});Pc(n,t);const a=await mc(n,r,e,t),s=this.toPacketList();return s.push(n,a),new Rc(s)}}const Mc=/*#__PURE__*/L.constructAllowedPackets([Yo,rc,nc,oc,sc,ic,Bo]);function Lc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new Rc(e);case T.packet.publicKey:return new Tc(e)}throw Error("No key packet found")}async function Fc(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new Lo;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha256,T.hash.sha512,...6===e.version?[T.hash.sha3_256,T.hash.sha3_512]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await wc(t,null,e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=sc.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await wc(o,null,e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await mc(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await wc(o,null,e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Rc(n)}async function _c({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...R,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await Lo.fromBinary(a,Mc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return Lc(s.slice(o[0],o[1]))}async function Oc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...R,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await Lo.fromBinary(a,Mc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new Rc(t)}throw Error("No secret key packet found")}async function Nc({armoredKeys:e,binaryKeys:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await Lo.fromBinary(n,Mc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=Lc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function zc({armoredKeys:e,binaryKeys:t,config:r}){r={...R,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await Lo.fromBinary(i,Mc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new Rc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Hc=/*#__PURE__*/L.constructAllowedPackets([Po,_o,$o,qo,ec,Zo,Qo,Ro,Bo]),jc=/*#__PURE__*/L.constructAllowedPackets([Qo]),Gc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class qc{constructor(e){this.packets=e||new Lo}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=R){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!L.isUint8Array(t)||!s.cipherAlgorithm&&!L.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){L.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new qc(s.packets);return s.packets=new Lo,l}async decryptSessionKeys(e,t,r,i=new Date,n=R){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Lo.fromBinary(e.write(),jc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){L.printDebugError(e),e instanceof ss&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Zo;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:as.generateSessionKey(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){L.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){L.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+L.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=R){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=R){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!L.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:as.generateSessionKey(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=R){if(r){if(!L.isUint8Array(r.data)||!L.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await qc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await qc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await qc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=qo.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new Lo,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=R){const h=new Lo,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=Zo.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new Qo(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new qc(h)}async sign(e=[],t=null,r=[],i=new Date,n=[],a=[],s=R){const o=new Lo,c=this.packets.findPacket(T.packet.literalData);if(!c)throw Error("No literal data packet to sign.");const u=await Vc(c,e,t,r,i,n,a,!1,s),h=u.map(((e,t)=>Ro.fromSignaturePacket(e,0===t))).reverse();return o.push(...h),o.push(c),o.push(...u),new qc(o)}compress(e,t=R){if(e===T.compression.uncompressed)return this;const r=new _o(t);r.algorithm=e,r.packets=this.packets;const i=new Lo;return i.push(r),new qc(i)}async signDetached(e=[],t=null,r=[],i=new Date,n=[],a=[],s=R){const o=this.packets.findPacket(T.packet.literalData);if(!o)throw Error("No literal data packet to sign.");return new lc(await Vc(o,e,t,r,i,n,a,!0,s))}async verify(e,t=new Date,r=R){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&L.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=C(e),i=B(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Wc(a,n,e,t,!1,r)):Wc(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=R){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return Wc(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new qc(e[0].packets):this}async appendSignature(e,t=R){await this.packets.read(L.isUint8Array(e)?e:(await Q(e)).data,Gc,t)}write(){return this.packets.write()}armor(e=R){const t=this.packets[this.packets.length-1],r=t.constructor.tag===qo.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Bo.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function Vc(e,t,r=null,i=[],n=new Date,a=[],s=[],o=!1,c=R){const u=new Lo,h=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,r)=>{const u=a[r];if(!t.isPrivate())throw Error("Need private key for signing");const l=await t.getSigningKey(i[r],n,u,c);return wc(e,t,l.keyPacket,{signatureType:h},n,u,s,o,c)}))).then((e=>{u.push(...e)})),r){const e=r.packets.filterByTag(T.packet.signature);u.push(...e)}return u}async function Wc(e,t,r,i=new Date,n=!1,a=R){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=R){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Ro?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new Lo;return e&&t.push(e),new lc(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function $c({armoredMessage:e,binaryMessage:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=L.isStream(n);if(e){const{type:e,data:t}=await Q(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await Lo.fromBinary(n,Hc,r),c=new qc(o);return c.fromStream=s,c}async function Zc({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=L.isStream(s),u=new Po(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new Lo;h.push(u);const l=new qc(h);return l.fromStream=c,l}const Xc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class Qc{constructor(e,t){if(this.text=L.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof lc))throw Error("Invalid signature input");this.signature=t||new lc(new Lo)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=null,r=[],i=new Date,n=[],a=[],s=R){const o=new Po;o.setText(this.text);const c=new lc(await Vc(o,e,t,r,i,n,a,!0,s));return new Qc(this.text,c)}verify(e,t=new Date,r=R){const i=this.signature.packets.filterByTag(T.packet.signature),n=new Po;return n.setText(this.text),Wc(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=R){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function Yc({cleartextMessage:e,config:t,...r}){if(t={...R,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!L.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await Q(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await Lo.fromBinary(n.data,Xc,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new lc(a);return new Qc(n.text,s)}async function Jc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!L.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new Qc(e)}async function eu({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){du(l={...R,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=mu(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=Ac(e)).subkeys=e.subkeys.map(((t,r)=>Ac(e.subkeys[r],e)));let r=[gc(e,t)];r=r.concat(e.subkeys.map((e=>pc(e,t))));const i=await Promise.all(r),n=await Fc(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>Pc(e,l))),{privateKey:ku(e,h,l),publicKey:"symmetric"!==r?ku(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw L.wrapError("Error generating keypair",e)}}async function tu({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){du(s={...R,...s}),t=mu(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await fc(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await Fc(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:ku(e,a,s),publicKey:ku(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw L.wrapError("Error reformatting keypair",e)}}async function ru({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){du(a={...R,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:ku(s,n,a),publicKey:ku(s.toPublic(),n,a)}:{privateKey:null,publicKey:ku(s,n,a)}}catch(e){throw L.wrapError("Error revoking key",e)}}async function iu({privateKey:e,passphrase:t,config:r,...i}){du(r={...R,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=L.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>L.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error decrypting private key",e)}}async function nu({privateKey:e,passphrase:t,config:r,...i}){du(r={...R,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=L.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error encrypting private key",e)}}async function au({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...f}){if(du(g={...R,...g}),yu(e),gu(a),t=mu(t),r=mu(r),i=mu(i),c=mu(c),u=mu(u),l=mu(l),y=mu(y),p=mu(p),f.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(f.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(f.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==f.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const d=Object.keys(f);if(d.length>0)throw Error("Unknown option: "+d.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,s,c,h,l,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=R){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const f="armored"===a?e.armor(g):e.write();return await wu(f)}catch(e){throw L.wrapError("Error encrypting message",e)}}async function su({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(du(u={...R,...u}),yu(e),n=mu(n),t=mu(t),r=mu(r),i=mu(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),bu(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=d([l.data,x((async()=>{await L.anyPromise(l.signatures.map((e=>e.verified)))}))])}return l.data=await wu(l.data),l}catch(e){throw L.wrapError("Error decrypting message",e)}}async function ou({message:e,signingKeys:t,format:r="armored",detached:i=!1,signingKeyIDs:n=[],date:a=new Date,signingUserIDs:s=[],signatureNotations:o=[],config:c,...u}){if(du(c={...R,...c}),pu(e),gu(r),t=mu(t),n=mu(n),s=mu(s),o=mu(o),u.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==u.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const h=Object.keys(u);if(h.length>0)throw Error("Unknown option: "+h.join(", "));if(e instanceof Qc&&"binary"===r)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof Qc&&i)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let u;if(u=i?await e.signDetached(t,void 0,n,a,s,o,c):await e.sign(t,void 0,n,a,s,o,c),"object"===r)return u;return u="armored"===r?u.armor(c):u.write(),i&&(u=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(u,t),U(e).catch((()=>{}))])}))),await wu(u)}catch(e){throw L.wrapError("Error signing message",e)}}async function cu({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(du(s={...R,...s}),pu(e),t=mu(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof Qc&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof Qc&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&bu(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=d([o.data,x((async()=>{await L.anyPromise(o.signatures.map((e=>e.verified)))}))])}return o.data=await wu(o.data),o}catch(e){throw L.wrapError("Error verifying signed message",e)}}async function uu({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(du(i={...R,...i}),e=mu(e),r=mu(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await qc.generateSessionKey(e,t,r,i)}catch(e){throw L.wrapError("Error generating session key",e)}}async function hu({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(du(h={...R,...h}),function(e){if(!L.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!L.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),gu(a),i=mu(i),n=mu(n),o=mu(o),u=mu(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return ku(await qc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw L.wrapError("Error encrypting session key",e)}}async function lu({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(du(n={...R,...n}),yu(e),t=mu(t),r=mu(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw L.wrapError("Error decrypting session keys",e)}}function yu(e){if(!(e instanceof qc))throw Error("Parameter [message] needs to be of type Message")}function pu(e){if(!(e instanceof Qc||e instanceof qc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function gu(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const fu=Object.keys(R).length;function du(e){const t=Object.keys(e);if(t.length!==fu)for(const e of t)if(void 0===R[e])throw Error("Unknown config property: "+e)}function mu(e){return e&&!L.isArray(e)&&(e=[e]),e}async function wu(e){return"array"===L.isStream(e)?U(e):e}function bu(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=B(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function ku(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{$o as AEADEncryptedDataPacket,ss as Argon2OutOfMemoryError,hs as Argon2S2K,Qc as CleartextMessage,_o as CompressedDataPacket,Wa as KDFParams,Po as LiteralDataPacket,tc as MarkerPacket,qc as Message,Ro as OnePassSignaturePacket,Lo as PacketList,uc as PaddingPacket,Rc as PrivateKey,Tc as PublicKey,Zo as PublicKeyEncryptedSessionKeyPacket,Yo as PublicKeyPacket,rc as PublicSubkeyPacket,nc as SecretKeyPacket,oc as SecretSubkeyPacket,lc as Signature,Bo as SignaturePacket,Dc as Subkey,qo as SymEncryptedIntegrityProtectedDataPacket,Qo as SymEncryptedSessionKeyPacket,ec as SymmetricallyEncryptedDataPacket,cc as TrustPacket,Vi as UnparseablePacket,ic as UserAttributePacket,sc as UserIDPacket,Y as armor,R as config,Jc as createCleartextMessage,Zc as createMessage,su as decrypt,iu as decryptKey,lu as decryptSessionKeys,au as encrypt,nu as encryptKey,hu as encryptSessionKey,T as enums,eu as generateKey,uu as generateSessionKey,Yc as readCleartextMessage,_c as readKey,Nc as readKeys,$c as readMessage,Oc as readPrivateKey,zc as readPrivateKeys,yc as readSignature,tu as reformatKey,ru as revokeKey,ou as sign,Q as unarmor,cu as verify};
+/*! OpenPGP.js v6.0.0 - 2024-11-06 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function d(e){if(c(e))return e;const t=new a;return(async()=>{const r=B(t);await r.write(e),await r.close()})(),t}function f(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=B(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=I(e=d(e)),o=B(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=B(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?f([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?f([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=d(e);const r=new a;return t(e,r),r}function A(e,t){let r;const i=v(e,((e,n)=>{const a=I(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function K(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function E(e){return s(e)?K(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=I(e),n=B(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(f(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?f([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=f(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=f){return s(e)?e.readToEnd(t):c(e)?I(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=B(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function I(e){return new p(e)}function B(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?f(t):void 0;const n=i.indexOf("\n")+1;n&&(e=f(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?f(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=f(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=f){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const C=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[C]||(e[C]=[],Object.entries(e).forEach((([t,r])=>{e[C][r]=t}))),void 0!==e[C][t])return e[C][t];throw Error("Invalid enum value.")}},M={preferredHashAlgorithm:T.hash.sha512,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.0",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const L=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),R={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!M.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=R.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return R.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return R.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=R.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return R.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+R.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!R.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:f,concatUint8Array:h,equalsUint8Array:function(e,t){if(!R.isUint8Array(e)||!R.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return R.writeNumber(t,2)},printDebug:function(e){L&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){L&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!R.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=R.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?R.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},F=R.getNodeBuffer();let z,N;function H(e){let t=new Uint8Array;return k(e,(e=>{t=R.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=z(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?z(t)+"\n":""))}function O(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=N(t.substr(0,n));return t=t.substr(n),a}),(()=>N(t)))}function _(e){return O(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=H(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function G(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function q(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return H(t)}F?(z=e=>F.from(e).toString("base64"),N=e=>{const t=F.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(z=e=>btoa(R.uint8ArrayToString(e)),N=e=>R.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Z(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||R.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||R.printDebugError(Error("Unknown header: "+e[t]))}function Q(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function X(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=O(v(e,(async(e,y)=>{const p=I(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=R.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Z(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Z(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=G(e))}}catch(e){return void r(e)}const g=B(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=R.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=Q(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=M){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&E(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(H(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return R.concat(h)}async function J(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function ee(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function te(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function re(e){return{keySize:te(e),blockSize:ee(e)}}var ie=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:re,getLegacyCipher:J});function ne(e,t){let r=e[0],i=e[1],n=e[2],a=e[3];r=se(r,i,n,a,t[0],7,-680876936),a=se(a,r,i,n,t[1],12,-389564586),n=se(n,a,r,i,t[2],17,606105819),i=se(i,n,a,r,t[3],22,-1044525330),r=se(r,i,n,a,t[4],7,-176418897),a=se(a,r,i,n,t[5],12,1200080426),n=se(n,a,r,i,t[6],17,-1473231341),i=se(i,n,a,r,t[7],22,-45705983),r=se(r,i,n,a,t[8],7,1770035416),a=se(a,r,i,n,t[9],12,-1958414417),n=se(n,a,r,i,t[10],17,-42063),i=se(i,n,a,r,t[11],22,-1990404162),r=se(r,i,n,a,t[12],7,1804603682),a=se(a,r,i,n,t[13],12,-40341101),n=se(n,a,r,i,t[14],17,-1502002290),i=se(i,n,a,r,t[15],22,1236535329),r=oe(r,i,n,a,t[1],5,-165796510),a=oe(a,r,i,n,t[6],9,-1069501632),n=oe(n,a,r,i,t[11],14,643717713),i=oe(i,n,a,r,t[0],20,-373897302),r=oe(r,i,n,a,t[5],5,-701558691),a=oe(a,r,i,n,t[10],9,38016083),n=oe(n,a,r,i,t[15],14,-660478335),i=oe(i,n,a,r,t[4],20,-405537848),r=oe(r,i,n,a,t[9],5,568446438),a=oe(a,r,i,n,t[14],9,-1019803690),n=oe(n,a,r,i,t[3],14,-187363961),i=oe(i,n,a,r,t[8],20,1163531501),r=oe(r,i,n,a,t[13],5,-1444681467),a=oe(a,r,i,n,t[2],9,-51403784),n=oe(n,a,r,i,t[7],14,1735328473),i=oe(i,n,a,r,t[12],20,-1926607734),r=ce(r,i,n,a,t[5],4,-378558),a=ce(a,r,i,n,t[8],11,-2022574463),n=ce(n,a,r,i,t[11],16,1839030562),i=ce(i,n,a,r,t[14],23,-35309556),r=ce(r,i,n,a,t[1],4,-1530992060),a=ce(a,r,i,n,t[4],11,1272893353),n=ce(n,a,r,i,t[7],16,-155497632),i=ce(i,n,a,r,t[10],23,-1094730640),r=ce(r,i,n,a,t[13],4,681279174),a=ce(a,r,i,n,t[0],11,-358537222),n=ce(n,a,r,i,t[3],16,-722521979),i=ce(i,n,a,r,t[6],23,76029189),r=ce(r,i,n,a,t[9],4,-640364487),a=ce(a,r,i,n,t[12],11,-421815835),n=ce(n,a,r,i,t[15],16,530742520),i=ce(i,n,a,r,t[2],23,-995338651),r=ue(r,i,n,a,t[0],6,-198630844),a=ue(a,r,i,n,t[7],10,1126891415),n=ue(n,a,r,i,t[14],15,-1416354905),i=ue(i,n,a,r,t[5],21,-57434055),r=ue(r,i,n,a,t[12],6,1700485571),a=ue(a,r,i,n,t[3],10,-1894986606),n=ue(n,a,r,i,t[10],15,-1051523),i=ue(i,n,a,r,t[1],21,-2054922799),r=ue(r,i,n,a,t[8],6,1873313359),a=ue(a,r,i,n,t[15],10,-30611744),n=ue(n,a,r,i,t[6],15,-1560198380),i=ue(i,n,a,r,t[13],21,1309151649),r=ue(r,i,n,a,t[4],6,-145523070),a=ue(a,r,i,n,t[11],10,-1120210379),n=ue(n,a,r,i,t[2],15,718787259),i=ue(i,n,a,r,t[9],21,-343485551),e[0]=pe(r,e[0]),e[1]=pe(i,e[1]),e[2]=pe(n,e[2]),e[3]=pe(a,e[3])}function ae(e,t,r,i,n,a){return t=pe(pe(t,e),pe(i,a)),pe(t<<n|t>>>32-n,r)}function se(e,t,r,i,n,a,s){return ae(t&r|~t&i,e,t,n,a,s)}function oe(e,t,r,i,n,a,s){return ae(t&i|r&~i,e,t,n,a,s)}function ce(e,t,r,i,n,a,s){return ae(t^r^i,e,t,n,a,s)}function ue(e,t,r,i,n,a,s){return ae(r^(t|~i),e,t,n,a,s)}function he(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const le="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=le[e>>8*r+4&15]+le[e>>8*r&15];return t}function pe(e,t){return e+t&4294967295}const ge=R.getWebCrypto(),de=R.getNodeCrypto(),fe=de&&de.getHashes();function me(e){if(de&&fe.includes(e))return async function(t){const r=de.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function we(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),R.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ge&&t)return new Uint8Array(await ge.digest(t,e));return(await r())(e)}}var be={md5:me("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ne(r,he(e.substring(i-64,i)));e=e.substring(i-64);const n=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)n[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(n[i>>2]|=128<<(i%4<<3),i>55)for(ne(r,n),i=0;i<16;i++)n[i]=0;return n[14]=8*t,ne(r,n),r}(R.uint8ArrayToString(e));return R.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:me("sha1")||we("sha1","SHA-1"),sha224:me("sha224")||we("sha224"),sha256:me("sha256")||we("sha256","SHA-256"),sha384:me("sha384")||we("sha384","SHA-384"),sha512:me("sha512")||we("sha512","SHA-512"),ripemd:me("ripemd160")||we("ripemd160"),sha3_256:me("sha3-256")||we("sha3_256"),sha3_512:me("sha3-512")||we("sha3_512"),digest:function(e,t){switch(e){case T.hash.md5:return this.md5(t);case T.hash.sha1:return this.sha1(t);case T.hash.ripemd:return this.ripemd(t);case T.hash.sha256:return this.sha256(t);case T.hash.sha384:return this.sha384(t);case T.hash.sha512:return this.sha512(t);case T.hash.sha224:return this.sha224(t);case T.hash.sha3_256:return this.sha3_256(t);case T.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case T.hash.md5:case T.hash.sha1:case T.hash.ripemd:case T.hash.sha224:case T.hash.sha256:return 64;case T.hash.sha384:case T.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}};function ke(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function ve(e,...t){if(!ke(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Ae(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ke(e,t){ve(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
+/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const Ee=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),Se=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),Pe=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function Ue(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!ke(e))throw Error("Uint8Array expected, got "+typeof e);e=Ce(e)}return e}function De(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const xe=(e,t)=>(Object.assign(t,e),t);function Ie(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function Be(e){return e.byteOffset%4==0}function Ce(e){return Uint8Array.from(e)}function Te(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const Me=16,Le=/* @__PURE__ */new Uint8Array(16),Re=Se(Le),Fe=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class ze{constructor(e,t){this.blockLen=Me,this.outputLen=Me,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,ve(e=Ue(e),16);const r=Pe(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:Fe(i),s1:Fe(n),s2:Fe(a),s3:Fe(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,d=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}d.push({s0:r,s1:i,s2:n,s3:a})}this.t=d}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:d}=a[y*s+r];o^=i,c^=p,u^=g,h^=d,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=Ue(e),Ae(this);const t=Se(e),r=Math.floor(e.length/Me),i=e.length%Me;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(Le.set(e.subarray(r*Me)),this._updateBlock(Re[0],Re[1],Re[2],Re[3]),Te(Re)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Ae(this),Ke(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(Me);return this.digestInto(e),this.destroy(),e}}class Ne extends ze{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(Ce(e=Ue(e)));super(r,t),Te(r)}update(e){e=Ue(e),Ae(this);const t=Se(e),r=e.length%Me,i=Math.floor(e.length/Me);for(let e=0;e<i;e++)this._updateBlock(Fe(t[4*e+3]),Fe(t[4*e+2]),Fe(t[4*e+1]),Fe(t[4*e+0]));return r&&(Le.set(e.subarray(i*Me)),this._updateBlock(Fe(Re[3]),Fe(Re[2]),Fe(Re[1]),Fe(Re[0])),Te(Re)),this}digestInto(e){Ae(this),Ke(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function He(e){const t=(t,r)=>e(r,t.length).update(Ue(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const Oe=He(((e,t)=>new ze(e,t)));He(((e,t)=>new Ne(e,t)));const _e=16,je=new Uint8Array(_e),Ge=283;function qe(e){return e<<1^Ge&-(e>>7)}function Ve(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=qe(e);return r}const We=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=qe(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return Te(e),t})(),$e=/* @__PURE__ */We.map(((e,t)=>We.indexOf(t))),Ze=e=>e<<24|e>>>8,Qe=e=>e<<8|e>>>24,Xe=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Ye(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Qe),n=i.map(Qe),a=n.map(Qe),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const Je=/* @__PURE__ */Ye(We,(e=>Ve(e,3)<<24|e<<16|e<<8|Ve(e,2))),et=/* @__PURE__ */Ye($e,(e=>Ve(e,11)<<24|Ve(e,13)<<16|Ve(e,9)<<8|Ve(e,14))),tt=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=qe(r))e[t]=r;return e})();function rt(e){ve(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=Je,i=[];Be(e)||i.push(e=Ce(e));const n=Se(e),a=n.length,s=e=>at(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Ze(t))^tt[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return Te(...i),o}function it(e){const t=rt(e),r=t.slice(),i=t.length,{sbox2:n}=Je,{T0:a,T1:s,T2:o,T3:c}=et;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];Te(t);for(let e=4;e<i-4;e++){const t=r[e],i=at(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function nt(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function at(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function st(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Je;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,r,i,n),u=e[c++]^nt(s,o,r,i,n,t),h=e[c++]^nt(s,o,i,n,t,r),l=e[c++]^nt(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,r,i,n),s1:e[c++]^at(a,r,i,n,t),s2:e[c++]^at(a,i,n,t,r),s3:e[c++]^at(a,n,t,r,i)}}function ot(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=et;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,n,i,r),u=e[c++]^nt(s,o,r,t,n,i),h=e[c++]^nt(s,o,i,r,t,n),l=e[c++]^nt(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,n,i,r),s1:e[c++]^at(a,r,t,n,i),s2:e[c++]^at(a,i,r,t,n),s3:e[c++]^at(a,n,i,r,t)}}function ct(e,t){if(void 0===t)return new Uint8Array(e);if(ve(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!Be(t))throw Error("unaligned dst");return t}function ut(e,t,r,i){ve(t,_e),ve(r);const n=r.length;i=ct(n,i);const a=t,s=Se(a);let{s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]);const l=Se(r),y=Se(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]))}const p=_e*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=Ee(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];Te(e)}return i}function ht(e,t,r,i,n){ve(r,_e),ve(i),n=ct(i.length,n);const a=r,s=Se(a),o=Pe(a),c=Se(i),u=Se(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^f,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]));const m=_e*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,d,f]),t=Ee(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];Te(e)}return n}const lt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(ve(r),void 0!==i&&(ve(i),!Be(i)))throw Error("unaligned destination");const n=rt(e),a=Ce(t),s=[n,a];Be(r)||s.push(r=Ce(r));const o=ut(n,a,r,i);return Te(...s),o}return ve(e),ve(t,_e),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const yt=xe({blockSize:16,nonceLength:16},(function(e,t,r={}){ve(e),ve(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=rt(e),{b:s,o,out:c}=function(e,t,r){ve(e);let i=e.length;const n=i%_e;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Be(e)||(e=Ce(e));const a=Se(e);if(t){let e=_e-n;e||(e=_e),i+=e}const s=ct(i,r);return{b:a,o:Se(s),out:s}}(r,i,n);let u=t;const h=[a];Be(u)||h.push(u=Ce(u));const l=Se(u);let y=l[0],p=l[1],g=l[2],d=l[3],f=0;for(;f+4<=s.length;)y^=s[f+0],p^=s[f+1],g^=s[f+2],d^=s[f+3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d;if(i){const e=function(e){const t=new Uint8Array(16),r=Se(t);t.set(e);const i=_e-e.length;for(let e=_e-i;e<_e;e++)t[e]=i;return r}(r.subarray(4*f));y^=e[0],p^=e[1],g^=e[2],d^=e[3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d}return Te(...h),c},decrypt(r,n){!function(e){if(ve(e),e.length%_e!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=it(e);let s=t;const o=[a];Be(s)||o.push(s=Ce(s));const c=Se(s),u=ct(r.length,n);Be(r)||o.push(r=Ce(r));const h=Se(r),l=Se(u);let y=c[0],p=c[1],g=c[2],d=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=d;y=h[e+0],p=h[e+1],g=h[e+2],d=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=ot(a,y,p,g,d);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return Te(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding");const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),pt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){ve(r);const a=r.length;n=ct(a,n);const s=rt(e);let o=t;const c=[s];Be(o)||c.push(o=Ce(o)),Be(r)||c.push(r=Ce(r));const u=Se(r),h=Se(n),l=i?h:u,y=Se(o);let p=y[0],g=y[1],d=y[2],f=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=st(s,p,g,d,f);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],d=l[e++],f=l[e++]}const m=_e*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:d,s3:f}=st(s,p,g,d,f));const e=Ee(new Uint32Array([p,g,d,f]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];Te(e)}return Te(...c),n}return ve(e),ve(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const gt=xe({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(ve(e),ve(t),void 0!==r&&ve(r),t.length<8)throw Error("aes/gcm: invalid nonce length");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=Pe(o);n&&Ie(c,0,BigInt(8*a),t),Ie(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return Te(o),u}(Oe,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=rt(e),i=je.slice(),n=je.slice();if(ht(r,!1,n,n,i),12===t.length)n.set(t);else{const e=je.slice();Ie(Pe(e),8,BigInt(8*t.length),!1);const r=Oe.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:ht(r,!1,n,je)}}return{encrypt(e){ve(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];Be(e)||u.push(e=Ce(e)),ht(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),Te(...u),c},decrypt(e){if(ve(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];Be(e)||c.push(e=Ce(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!De(l,h))throw Error("aes/gcm: invalid ghash tag");const y=ht(t,!1,s,u);return Te(...c),y}}}));function dt(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function ft(e,t){if(ve(t,16),!dt(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=st(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function mt(e,t){if(ve(t,16),!dt(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=ot(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const wt={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=rt(e);if(16===t.length)ft(r,t);else{const e=Se(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=st(r,i,n,e[t],e[t+1]);i=s,n=o^Xe(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=it(e),i=t.length/8-1;if(1===i)mt(r,t);else{const e=Se(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Xe(s);const{s0:i,s1:o,s2:c,s3:u}=ot(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},bt=new Uint8Array(8).fill(166),kt=xe({blockSize:8},(e=>({encrypt(t){if(ve(t),!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];ve(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(bt,t);return wt.encrypt(e,r),r},decrypt(t){if(ve(t),t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=Ce(t);if(wt.decrypt(e,r),!De(r.subarray(0,8),bt))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),vt={expandKeyLE:rt,expandKeyDecLE:it,encrypt:st,decrypt:ot,encryptBlock:ft,decryptBlock:mt,ctrCounter:ut,ctr32:ht},At=R.getWebCrypto(),Kt=R.getNodeCrypto(),Et=Kt?Kt.getCiphers():[],St={idea:Et.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Et.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Et.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Et.includes("bf-cfb")?"bf-cfb":void 0,aes128:Et.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Et.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Et.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Pt{constructor(e,t,r){const{blockSize:i}=re(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=re(e);return At.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await At.importKey("raw",this.key,r,!1,["encrypt"]);const i=await At.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=R.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=R.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return Dt(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Dt(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Dt(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(R.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Dt(t,e),this.clearSensitiveData(),t}}class Ut{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=re(t);this.key=vt.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=xt(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=xt(e),r=new Uint8Array(e.length),i=xt(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=vt.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=R.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function Dt(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const xt=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));var It=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const n=T.read(T.symmetric,e);if(Kt&&St[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Kt.createDecipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(R.isAES(e))return async function(e,t,r,i){if(R.isStream(r)){const n=new Ut(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).decrypt(r)}(e,t,r,i);const a=new(await J(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=R.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)},encrypt:async function(e,t,r,i,n){const a=T.read(T.symmetric,e);if(R.getNodeCrypto()&&St[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Kt.createCipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(R.isAES(e))return async function(e,t,r,i){if(At&&await Pt.isSupported(e)){const n=new Pt(e,t,i);return R.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(R.isStream(r)){const n=new Ut(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).encrypt(r)}(e,t,r,i);const s=new(await J(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=R.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}});const Bt=R.getWebCrypto(),Ct=R.getNodeCrypto(),Tt=16;function Mt(e,t){const r=e.length-Tt;for(let i=0;i<Tt;i++)e[i+r]^=t[i];return e}const Lt=new Uint8Array(Tt);async function Rt(e){const t=await Ft(e),r=R.double(await t(Lt)),i=R.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Tt==0)return Mt(e,t);const i=new Uint8Array(e.length+(Tt-e.length%Tt));return i.set(e),i[e.length]=128,Mt(i,r)}(e,r,i))).subarray(-Tt)}}async function Ft(e){if(R.getNodeCrypto())return async function(t){const r=new Ct.createCipheriv("aes-"+8*e.length+"-cbc",e,Lt).update(t);return new Uint8Array(r)};if(R.getWebCrypto())try{return e=await Bt.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Bt.encrypt({name:"AES-CBC",iv:Lt,length:8*Tt},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Tt)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;R.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return yt(e,Lt,{disablePadding:!0}).encrypt(t)}}const zt=R.getWebCrypto(),Nt=R.getNodeCrypto(),Ht=R.getNodeBuffer(),Ot=16,_t=Ot,jt=Ot,Gt=new Uint8Array(Ot),qt=new Uint8Array(Ot);qt[Ot-1]=1;const Vt=new Uint8Array(Ot);async function Wt(e){const t=await Rt(e);return function(e,r){return t(R.concatUint8Array([e,r]))}}async function $t(e){if(R.getNodeCrypto())return async function(t,r){const i=new Nt.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Ht.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(R.getWebCrypto())try{const t=await zt.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await zt.encrypt({name:"AES-CTR",counter:r,length:8*Ot},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;R.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return lt(e,r).encrypt(t)}}async function Zt(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Wt(t),$t(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(Gt,t),r(qt,n)]),o=await i(e,a),c=await r(Vt,o);for(let e=0;e<jt;e++)c[e]^=s[e]^a[e];return R.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<jt)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-jt),s=e.subarray(-jt),[o,c,u]=await Promise.all([r(Gt,t),r(qt,n),r(Vt,a)]),h=u;for(let e=0;e<jt;e++)h[e]^=c[e]^o[e];if(!R.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Vt[Ot-1]=2,Zt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Zt.blockLength=Ot,Zt.ivLength=_t,Zt.tagLength=jt;const Qt=16,Xt=16;function Yt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Jt(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function er(e,t){return Jt(e.slice(),t)}const tr=new Uint8Array(Qt),rr=new Uint8Array([1]);async function ir(e,t){const{keySize:r}=re(e);if(!R.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=yt(t,tr,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/Qt|0;!function(e,t){const r=R.nbits(Math.max(e.length,t.length)/Qt|0)-1;for(let e=i+1;e<=r;e++)o[e]=R.double(o[e-1]);i=r}(t,n);const c=R.concatUint8Array([tr.subarray(0,15-r.length),rr,r]),u=63&c[15];c[15]&=192;const h=a(c),l=R.concatUint8Array([h,er(h.subarray(0,8),h.subarray(1,9))]),y=R.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(Qt),g=new Uint8Array(t.length+Xt);let d,f=0;for(d=0;d<s;d++)Jt(y,o[Yt(d+1)]),g.set(Jt(e(er(y,t)),y),f),Jt(p,e===a?t:g.subarray(f)),t=t.subarray(Qt),f+=Qt;if(t.length){Jt(y,o.x);const r=a(y);g.set(er(t,r),f);const i=new Uint8Array(Qt);i.set(e===a?t:g.subarray(f,-16),0),i[t.length]=128,Jt(p,i),f+=t.length}const m=Jt(a(Jt(Jt(p,y),o.$)),function(e){if(!e.length)return tr;const t=e.length/Qt|0,r=new Uint8Array(Qt),i=new Uint8Array(Qt);for(let n=0;n<t;n++)Jt(r,o[Yt(n+1)]),Jt(i,a(er(r,e))),e=e.subarray(Qt);if(e.length){Jt(r,o.x);const t=new Uint8Array(Qt);t.set(e,0),t[e.length]=128,Jt(t,r),Jt(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(tr),t=R.double(e);o=[],o[0]=R.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<Xt)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const n=c(s,e,t,r);if(R.equalsUint8Array(i,n.subarray(-16)))return n.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ir.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ir.blockLength=Qt,ir.ivLength=15,ir.tagLength=Xt;const nr=R.getWebCrypto(),ar=R.getNodeCrypto(),sr=R.getNodeBuffer(),or=16,cr="AES-GCM";async function ur(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(R.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ar.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=sr.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ar.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-or,e.length));const a=sr.concat([n.update(e.slice(0,e.length-or)),n.final()]);return new Uint8Array(a)}};if(R.getWebCrypto())try{const e=await nr.importKey("raw",t,{name:cr},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return gt(t,n,a).encrypt(i);const s=await nr.encrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===or)return gt(t,n,a).decrypt(i);try{const t=await nr.decrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;R.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return gt(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return gt(t,r,i).decrypt(e)}}}ur.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},ur.blockLength=16,ur.ivLength=12,ur.tagLength=or;var hr={cfb:It,gcm:ur,experimentalGCM:ur,eax:Zt,ocb:ir};const lr=BigInt(0),yr=BigInt(1);function pr(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function gr(e,t){const r=e%t;return r<lr?r+t:r}function dr(e,t,r){if(r===lr)throw Error("Modulo cannot be zero");if(r===yr)return BigInt(0);if(t<lr)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>lr;){const e=i&yr;i>>=yr;a=e?a*n%r:a,n=n*n%r}return a}function fr(e){return e>=lr?e:-e}function mr(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=fr(e),o=fr(t);const c=e<lr,u=t<lr;for(;o!==lr;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==yr)throw Error("Inverse does not exist");return gr(i+t,t)}function wr(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function br(e,t){return(e>>BigInt(t)&yr)===lr?0:1}function kr(e){const t=e<lr?BigInt(-1):lr;let r=1,i=e;for(;(i>>=yr)!==t;)r++;return r}function vr(e){const t=e<lr?BigInt(-1):lr,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function Ar(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const Kr=R.getNodeCrypto();function Er(e){const t="undefined"!=typeof crypto?crypto:Kr?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function Sr(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return gr(pr(Er(vr(r)+8)),r)+e}var Pr=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:Sr,getRandomBytes:Er});const Ur=BigInt(1);function Dr(e,t,r){const i=BigInt(30),n=Ur<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=Sr(n,n<<Ur),o=wr(gr(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,kr(s)>e&&(s=gr(s,n<<Ur),s+=n,o=wr(gr(s,i)))}while(!xr(s,t,r));return s}function xr(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==lr;){const e=i;i=r%i,r=e}return r}(e-Ur,t)===Ur)&&(!!function(e){const t=BigInt(0);return Ir.every((r=>gr(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return dr(t,e-Ur,e)===Ur}(e)&&!!function(e,t){const r=kr(e);t||(t=Math.max(1,r/48|0));const i=e-Ur;let n=0;for(;!br(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=dr(Sr(BigInt(2),i),a,e);if(r!==Ur&&r!==i){for(t=1;t<n;t++){if(r=gr(r*r,e),r===Ur)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const Ir=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Br=[];function Cr(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Er(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Tr(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return R.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function Mr(e,t,r){let i;if(t.length!==be.getHashByteLength(e))throw Error("Invalid hash length");const n=new Uint8Array(Br[e].length);for(i=0;i<Br[e].length;i++)n[i]=Br[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Br[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Br[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Br[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Br[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Br[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Br[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Br[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Lr=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Tr,emeEncode:Cr,emsaEncode:Mr});const Rr=R.getWebCrypto(),Fr=R.getNodeCrypto(),zr=BigInt(1);async function Nr(e,t,r,i,n,a){const s=pr(i),o=pr(n),c=pr(r);let u=gr(c,o-zr),h=gr(c,s-zr);return h=Ar(h),u=Ar(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Hr(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function Or(e,t){return{n:_(e.n),e:Ar(t),d:_(e.d),p:_(e.q),q:_(e.p),u:_(e.qi)}}var _r=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){if(R.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await Nr(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Fr.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){R.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),n=pr(n),a=pr(a),s=pr(s),e>=t)throw Error("Data too large.");const c=gr(i,a-zr),u=gr(i,n-zr),h=Sr(BigInt(2),t),l=dr(mr(h,t),r,t);e=gr(e*l,t);const y=dr(e,u,n),p=dr(e,c,a),g=gr(s*(p-y),a);let d=g*n+y;return d=gr(d*h,t),Tr(Ar(d,"be",vr(t)),o)}(e,t,r,i,n,a,s,o)},encrypt:async function(e,t,r){return R.getNodeCrypto()?async function(e,t,r){const i=Hr(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};return new Uint8Array(Fr.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=pr(t),e=pr(Cr(e,vr(t))),r=pr(r),e>=t)throw Error("Message size cannot exceed modulus size");return Ar(dr(e,r,t),"be",vr(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),R.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Ar(t),hash:{name:"SHA-1"}},i=await Rr.generateKey(r,!0,["sign","verify"]);return Or(await Rr.exportKey("jwk",i.privateKey),t)}if(R.getNodeCrypto()){const r={modulusLength:e,publicExponent:wr(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Fr.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return Or(i,t)}let r,i,n;do{i=Dr(e-(e>>1),t,40),r=Dr(e>>1,t,40),n=r*i}while(kr(n)!==e);const a=(r-zr)*(i-zr);return i<r&&([r,i]=[i,r]),{n:Ar(n),e:Ar(t),d:Ar(mr(t,a)),p:Ar(r),q:Ar(i),u:Ar(mr(r,i))}},sign:async function(e,t,r,i,n,a,s,o,c){if(be.getHashByteLength(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!R.isStream(t))if(R.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await Nr(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Rr.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Rr.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){R.printDebugError(e)}else if(R.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Fr.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await Nr(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=pr(t);const n=pr(Mr(e,i,vr(t)));return r=pr(r),Ar(dr(n,r,t),"be",vr(t))}(e,r,n,c)},validateParams:async function(e,t,r,i,n,a){if(e=pr(e),(i=pr(i))*(n=pr(n))!==e)return!1;const s=BigInt(2);if(gr(i*(a=pr(a)),n)!==BigInt(1))return!1;t=pr(t),r=pr(r);const o=Sr(s,s<<BigInt(Math.floor(kr(e)/3))),c=o*r*t;return!(gr(c,i-zr)!==o||gr(c,n-zr)!==o)},verify:async function(e,t,r,i,n,a){if(t&&!R.isStream(t))if(R.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Hr(i,n),s=await Rr.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Rr.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){R.printDebugError(e)}else if(R.getNodeCrypto())return async function(e,t,r,i,n){const a=Hr(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Fr.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=pr(r),t=pr(t),i=pr(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=Ar(dr(t,i,r),"be",vr(r)),s=Mr(e,n,vr(r));return R.equalsUint8Array(a,s)}(e,r,i,n,a)}});const jr=BigInt(1);var Gr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){return e=pr(e),t=pr(t),r=pr(r),Tr(Ar(gr(mr(dr(e,i=pr(i),r),r)*t,r),"be",vr(r)),n)},encrypt:async function(e,t,r,i){t=pr(t),r=pr(r),i=pr(i);const n=pr(Cr(e,vr(t))),a=Sr(jr,t-jr);return{c1:Ar(dr(r,a,t)),c2:Ar(gr(dr(i,a,t)*n,t))}},validateParams:async function(e,t,r,i){if(e=pr(e),t=pr(t),r=pr(r),t<=jr||t>=e)return!1;const n=BigInt(kr(e));if(n<BigInt(1023))return!1;if(dr(t,e-jr,e)!==jr)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=gr(a*t,e),a===jr)return!1;s++}i=pr(i);const u=Sr(o<<n-jr,o<<n);return r===dr(t,(e-jr)*u+i,e)}});const qr="object"==typeof e&&"crypto"in e?e.crypto:void 0,Vr={};var Wr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},$r=function(){throw Error("no PRNG")},Zr=new Uint8Array(32);Zr[0]=9;var Qr=Wr(),Xr=Wr([1]),Yr=Wr([56129,1]),Jr=Wr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ei=Wr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),ti=Wr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ri=Wr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ii=Wr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ni(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ai(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function si(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function oi(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function ci(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function ui(e,t){var r,i,n,a=Wr(),s=Wr();for(r=0;r<16;r++)s[r]=t[r];for(oi(s),oi(s),oi(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,ci(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function hi(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ui(r,e),ui(i,t),ai(r,0,i,0)}function li(e){var t=new Uint8Array(32);return ui(t,e),1&t[0]}function yi(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function pi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function gi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function di(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,A=0,K=0,E=0,S=0,P=0,U=0,D=0,x=0,I=0,B=0,C=0,T=0,M=0,L=0,R=r[0],F=r[1],z=r[2],N=r[3],H=r[4],O=r[5],_=r[6],j=r[7],G=r[8],q=r[9],V=r[10],W=r[11],$=r[12],Z=r[13],Q=r[14],X=r[15];a+=(i=t[0])*R,s+=i*F,o+=i*z,c+=i*N,u+=i*H,h+=i*O,l+=i*_,y+=i*j,p+=i*G,g+=i*q,d+=i*V,f+=i*W,m+=i*$,w+=i*Z,b+=i*Q,k+=i*X,s+=(i=t[1])*R,o+=i*F,c+=i*z,u+=i*N,h+=i*H,l+=i*O,y+=i*_,p+=i*j,g+=i*G,d+=i*q,f+=i*V,m+=i*W,w+=i*$,b+=i*Z,k+=i*Q,v+=i*X,o+=(i=t[2])*R,c+=i*F,u+=i*z,h+=i*N,l+=i*H,y+=i*O,p+=i*_,g+=i*j,d+=i*G,f+=i*q,m+=i*V,w+=i*W,b+=i*$,k+=i*Z,v+=i*Q,A+=i*X,c+=(i=t[3])*R,u+=i*F,h+=i*z,l+=i*N,y+=i*H,p+=i*O,g+=i*_,d+=i*j,f+=i*G,m+=i*q,w+=i*V,b+=i*W,k+=i*$,v+=i*Z,A+=i*Q,K+=i*X,u+=(i=t[4])*R,h+=i*F,l+=i*z,y+=i*N,p+=i*H,g+=i*O,d+=i*_,f+=i*j,m+=i*G,w+=i*q,b+=i*V,k+=i*W,v+=i*$,A+=i*Z,K+=i*Q,E+=i*X,h+=(i=t[5])*R,l+=i*F,y+=i*z,p+=i*N,g+=i*H,d+=i*O,f+=i*_,m+=i*j,w+=i*G,b+=i*q,k+=i*V,v+=i*W,A+=i*$,K+=i*Z,E+=i*Q,S+=i*X,l+=(i=t[6])*R,y+=i*F,p+=i*z,g+=i*N,d+=i*H,f+=i*O,m+=i*_,w+=i*j,b+=i*G,k+=i*q,v+=i*V,A+=i*W,K+=i*$,E+=i*Z,S+=i*Q,P+=i*X,y+=(i=t[7])*R,p+=i*F,g+=i*z,d+=i*N,f+=i*H,m+=i*O,w+=i*_,b+=i*j,k+=i*G,v+=i*q,A+=i*V,K+=i*W,E+=i*$,S+=i*Z,P+=i*Q,U+=i*X,p+=(i=t[8])*R,g+=i*F,d+=i*z,f+=i*N,m+=i*H,w+=i*O,b+=i*_,k+=i*j,v+=i*G,A+=i*q,K+=i*V,E+=i*W,S+=i*$,P+=i*Z,U+=i*Q,D+=i*X,g+=(i=t[9])*R,d+=i*F,f+=i*z,m+=i*N,w+=i*H,b+=i*O,k+=i*_,v+=i*j,A+=i*G,K+=i*q,E+=i*V,S+=i*W,P+=i*$,U+=i*Z,D+=i*Q,x+=i*X,d+=(i=t[10])*R,f+=i*F,m+=i*z,w+=i*N,b+=i*H,k+=i*O,v+=i*_,A+=i*j,K+=i*G,E+=i*q,S+=i*V,P+=i*W,U+=i*$,D+=i*Z,x+=i*Q,I+=i*X,f+=(i=t[11])*R,m+=i*F,w+=i*z,b+=i*N,k+=i*H,v+=i*O,A+=i*_,K+=i*j,E+=i*G,S+=i*q,P+=i*V,U+=i*W,D+=i*$,x+=i*Z,I+=i*Q,B+=i*X,m+=(i=t[12])*R,w+=i*F,b+=i*z,k+=i*N,v+=i*H,A+=i*O,K+=i*_,E+=i*j,S+=i*G,P+=i*q,U+=i*V,D+=i*W,x+=i*$,I+=i*Z,B+=i*Q,C+=i*X,w+=(i=t[13])*R,b+=i*F,k+=i*z,v+=i*N,A+=i*H,K+=i*O,E+=i*_,S+=i*j,P+=i*G,U+=i*q,D+=i*V,x+=i*W,I+=i*$,B+=i*Z,C+=i*Q,T+=i*X,b+=(i=t[14])*R,k+=i*F,v+=i*z,A+=i*N,K+=i*H,E+=i*O,S+=i*_,P+=i*j,U+=i*G,D+=i*q,x+=i*V,I+=i*W,B+=i*$,C+=i*Z,T+=i*Q,M+=i*X,k+=(i=t[15])*R,s+=38*(A+=i*z),o+=38*(K+=i*N),c+=38*(E+=i*H),u+=38*(S+=i*O),h+=38*(P+=i*_),l+=38*(U+=i*j),y+=38*(D+=i*G),p+=38*(x+=i*q),g+=38*(I+=i*V),d+=38*(B+=i*W),f+=38*(C+=i*$),m+=38*(T+=i*Z),w+=38*(M+=i*Q),b+=38*(L+=i*X),a=(i=(a+=38*(v+=i*F))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function fi(e,t){di(e,t,t)}function mi(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)fi(i,i),2!==r&&4!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function wi(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Wr(),c=Wr(),u=Wr(),h=Wr(),l=Wr(),y=Wr();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,yi(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)ci(o,c,i=a[n>>>3]>>>(7&n)&1),ci(u,h,i),pi(l,o,u),gi(o,o,u),pi(u,c,h),gi(c,c,h),fi(h,l),fi(y,o),di(o,u,o),di(u,c,l),pi(l,o,u),gi(o,o,u),fi(c,o),gi(u,h,y),di(o,u,Yr),pi(o,o,h),di(u,u,o),di(o,h,y),di(h,c,s),fi(c,l),ci(o,c,i),ci(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return mi(p,p),di(g,g,p),ui(e,g),0}function bi(e,t){return wi(e,t,Zr)}var ki=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function vi(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,d,f,m,w,b,k,v,A,K,E,S,P,U,D,x,I=new Int32Array(16),B=new Int32Array(16),C=e[0],T=e[1],M=e[2],L=e[3],R=e[4],F=e[5],z=e[6],N=e[7],H=t[0],O=t[1],_=t[2],j=t[3],G=t[4],q=t[5],V=t[6],W=t[7],$=0;i>=128;){for(A=0;A<16;A++)K=8*A+$,I[A]=r[K+0]<<24|r[K+1]<<16|r[K+2]<<8|r[K+3],B[A]=r[K+4]<<24|r[K+5]<<16|r[K+6]<<8|r[K+7];for(A=0;A<80;A++)if(n=C,a=T,s=M,o=L,c=R,u=F,h=z,N,y=H,p=O,g=_,d=j,f=G,m=q,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(E=N),x=E>>>16,P+=65535&(S=(G>>>14|R<<18)^(G>>>18|R<<14)^(R>>>9|G<<23)),U+=S>>>16,D+=65535&(E=(R>>>14|G<<18)^(R>>>18|G<<14)^(G>>>9|R<<23)),x+=E>>>16,P+=65535&(S=G&q^~G&V),U+=S>>>16,D+=65535&(E=R&F^~R&z),x+=E>>>16,E=ki[2*A],P+=65535&(S=ki[2*A+1]),U+=S>>>16,D+=65535&E,x+=E>>>16,E=I[A%16],U+=(S=B[A%16])>>>16,D+=65535&E,x+=E>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(E=k=65535&D|(x+=D>>>16)<<16),x=E>>>16,P+=65535&(S=(H>>>28|C<<4)^(C>>>2|H<<30)^(C>>>7|H<<25)),U+=S>>>16,D+=65535&(E=(C>>>28|H<<4)^(H>>>2|C<<30)^(H>>>7|C<<25)),x+=E>>>16,U+=(S=H&O^H&_^O&_)>>>16,D+=65535&(E=C&T^C&M^T&M),x+=E>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(E=o),x=E>>>16,U+=(S=v)>>>16,D+=65535&(E=k),x+=E>>>16,T=n,M=a,L=s,R=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,F=c,z=u,N=h,C=l,O=y,_=p,j=g,G=d=65535&P|U<<16,q=f,V=m,W=w,H=b,A%16==15)for(K=0;K<16;K++)E=I[K],P=65535&(S=B[K]),U=S>>>16,D=65535&E,x=E>>>16,E=I[(K+9)%16],P+=65535&(S=B[(K+9)%16]),U+=S>>>16,D+=65535&E,x+=E>>>16,k=I[(K+1)%16],P+=65535&(S=((v=B[(K+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(E=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=E>>>16,k=I[(K+14)%16],U+=(S=((v=B[(K+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(E=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,I[K]=65535&D|x<<16,B[K]=65535&P|U<<16;P=65535&(S=H),U=S>>>16,D=65535&(E=C),x=E>>>16,E=e[0],U+=(S=t[0])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=C=65535&D|x<<16,t[0]=H=65535&P|U<<16,P=65535&(S=O),U=S>>>16,D=65535&(E=T),x=E>>>16,E=e[1],U+=(S=t[1])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=O=65535&P|U<<16,P=65535&(S=_),U=S>>>16,D=65535&(E=M),x=E>>>16,E=e[2],U+=(S=t[2])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=M=65535&D|x<<16,t[2]=_=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(E=L),x=E>>>16,E=e[3],U+=(S=t[3])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=L=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(E=R),x=E>>>16,E=e[4],U+=(S=t[4])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=R=65535&D|x<<16,t[4]=G=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(E=F),x=E>>>16,E=e[5],U+=(S=t[5])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=F=65535&D|x<<16,t[5]=q=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(E=z),x=E>>>16,E=e[6],U+=(S=t[6])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=z=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(E=N),x=E>>>16,E=e[7],U+=(S=t[7])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=N=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Ai(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,vi(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ni(s,r-8,o/536870912|0,o<<3),vi(n,a,s,r),i=0;i<8;i++)ni(e,8*i,n[i],a[i]);return 0}function Ki(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr(),u=Wr(),h=Wr();gi(r,e[1],e[0]),gi(h,t[1],t[0]),di(r,r,h),pi(i,e[0],e[1]),pi(h,t[0],t[1]),di(i,i,h),di(n,e[3],t[3]),di(n,n,ei),di(a,e[2],t[2]),pi(a,a,a),gi(s,i,r),gi(o,a,n),pi(c,a,n),pi(u,i,r),di(e[0],s,o),di(e[1],u,c),di(e[2],c,o),di(e[3],s,u)}function Ei(e,t,r){var i;for(i=0;i<4;i++)ci(e[i],t[i],r)}function Si(e,t){var r=Wr(),i=Wr(),n=Wr();mi(n,t[2]),di(r,t[0],n),di(i,t[1],n),ui(e,i),e[31]^=li(r)<<7}function Pi(e,t,r){var i,n;for(si(e[0],Qr),si(e[1],Xr),si(e[2],Xr),si(e[3],Qr),n=255;n>=0;--n)Ei(e,t,i=r[n/8|0]>>(7&n)&1),Ki(t,e),Ki(e,e),Ei(e,t,i)}function Ui(e,t){var r=[Wr(),Wr(),Wr(),Wr()];si(r[0],ti),si(r[1],ri),si(r[2],Xr),di(r[3],ti,ri),Pi(e,r,t)}function Di(e,t,r){var i,n=new Uint8Array(64),a=[Wr(),Wr(),Wr(),Wr()];for(r||$r(t,32),Ai(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ui(a,n),Si(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var xi=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Ii(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*xi[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*xi[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*xi[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Bi(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Ii(e,r)}function Ci(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr();return si(e[2],Xr),yi(e[1],t),fi(n,e[1]),di(a,n,Jr),gi(n,n,e[2]),pi(a,e[2],a),fi(s,a),fi(o,s),di(c,o,s),di(r,c,n),di(r,r,a),function(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)fi(i,i),1!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),di(r,r,n),di(r,r,a),di(r,r,a),di(e[0],r,a),fi(i,e[0]),di(i,i,a),hi(i,n)&&di(e[0],e[0],ii),fi(i,e[0]),di(i,i,a),hi(i,n)?-1:(li(e[0])===t[31]>>7&&gi(e[0],Qr,e[0]),di(e[3],e[0],e[1]),0)}var Ti=64;function Mi(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Vr.scalarMult=function(e,t){if(Mi(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return wi(r,e,t),r},Vr.box={},Vr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){$r(t,32),bi(e,t)}(e,t),{publicKey:e,secretKey:t}},Vr.box.keyPair.fromSecretKey=function(e){if(Mi(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return bi(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign=function(e,t){if(Mi(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ti+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Wr(),Wr(),Wr(),Wr()];Ai(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Ai(c,e.subarray(32),r+32),Bi(c),Ui(h,c),Si(e,h),n=32;n<64;n++)e[n]=i[n];for(Ai(o,e,r+64),Bi(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Ii(e.subarray(32),u)}(r,e,e.length,t),r},Vr.sign.detached=function(e,t){for(var r=Vr.sign(e,t),i=new Uint8Array(Ti),n=0;n<i.length;n++)i[n]=r[n];return i},Vr.sign.detached.verify=function(e,t,r){if(Mi(e,t,r),t.length!==Ti)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Ti+e.length),a=new Uint8Array(Ti+e.length);for(i=0;i<Ti;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Ti]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Wr(),Wr(),Wr(),Wr()],c=[Wr(),Wr(),Wr(),Wr()];if(r<64)return-1;if(Ci(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Ai(s,e,r),Bi(s),Pi(o,c,s),Ui(c,t.subarray(32)),Ki(o,c),Si(a,o),r-=64,ai(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Vr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Di(e,t),{publicKey:e,secretKey:t}},Vr.sign.keyPair.fromSecretKey=function(e){if(Mi(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign.keyPair.fromSeed=function(e){if(Mi(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Di(t,r,!0),{publicKey:t,secretKey:r}},Vr.setPRNG=function(e){$r=e},function(){if(qr&&qr.getRandomValues){Vr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)qr.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Li={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class Ri{constructor(e){if(e instanceof Ri)this.oid=e.oid;else if(R.isArray(e)||R.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return R.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return R.uint8ArrayToHex(this.oid)}getName(){const e=Li[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Fi(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=R.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function zi(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):R.concatUint8Array([new Uint8Array([255]),R.writeNumber(e,4)])}function Ni(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Hi(e){return new Uint8Array([192|e])}function Oi(e,t){return R.concatUint8Array([Hi(e),zi(t)])}function _i(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function ji(e,t){const r=I(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=_i(h);let p,g=null;if(y){if("array"===R.isStream(e)){const e=new a;i=B(e),g=e}else{const e=new TransformStream;i=B(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const d=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=R.concatUint8Array(g),await t({tag:h,packet:g})),!d||!d.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class Gi extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnsupportedError"}}class qi extends Gi{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnknownPacketError"}}class Vi{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
+/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Wi=BigInt(0),$i=BigInt(1),Zi=BigInt(2),Qi=BigInt(8),Xi=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Yi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Xi,n:Xi,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ji=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),en=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const tn=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),rn=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),nn=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),an=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class sn{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof pn))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(pn.ZERO)?sn.ZERO:new sn(e.x,e.y,$i,Sn(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Yi.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Wi?e:(r[n]=e,Sn(e*i,t))),$i),n=Pn(i,t);return e.reduceRight(((e,i,n)=>i===Wi?e:(r[n]=Sn(e*r[n],t),Sn(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){cn(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Sn(t*s),c=Sn(n*i),u=Sn(r*s),h=Sn(a*i);return o===c&&u===h}negate(){return new sn(Sn(-this.x),this.y,this.z,Sn(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Yi,n=Sn(e*e),a=Sn(t*t),s=Sn(Zi*Sn(r*r)),o=Sn(i*n),c=e+t,u=Sn(Sn(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Sn(u*l),g=Sn(h*y),d=Sn(u*y),f=Sn(l*h);return new sn(p,g,f,d)}add(e){cn(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Sn((r-t)*(s+a)),h=Sn((r+t)*(s-a)),l=Sn(h-u);if(l===Wi)return this.double();const y=Sn(i*Zi*c),p=Sn(n*Zi*o),g=p+y,d=h+u,f=p-y,m=Sn(g*l),w=Sn(d*f),b=Sn(g*f),k=Sn(l*d);return new sn(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(sn.BASE)&&(t=pn.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&yn.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=sn.normalizeZ(i),yn.set(t,i)));let n=sn.ZERO,a=sn.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=$i);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(on(p,i[l])):n=n.add(on(g,i[y]))}return sn.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(Cn(e,Yi.l),t)}multiplyUnsafe(e){let t=Cn(e,Yi.l,!1);const r=sn.BASE,i=sn.ZERO;if(t===Wi)return i;if(this.equals(i)||t===$i)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Wi;)t&$i&&(n=n.add(a)),a=a.double(),t>>=$i;return n}isSmallOrder(){return this.multiplyUnsafe(Yi.h).equals(sn.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Yi.l/Zi).double();return Yi.l%Zi&&(e=e.add(this)),e.equals(sn.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(sn.ZERO);null==e&&(e=n?Qi:Pn(i));const a=Sn(t*e),s=Sn(r*e),o=Sn(i*e);if(n)return pn.ZERO;if(o!==$i)throw Error("invZ was invalid");return new pn(a,s)}fromRistrettoBytes(){hn()}toRistrettoBytes(){hn()}fromRistrettoHash(){hn()}}function on(e,t){const r=t.negate();return e?r:t}function cn(e){if(!(e instanceof sn))throw new TypeError("ExtendedPoint expected")}function un(e){if(!(e instanceof ln))throw new TypeError("RistrettoPoint expected")}function hn(){throw Error("Legacy method: switch to RistrettoPoint")}sn.BASE=new sn(Yi.Gx,Yi.Gy,$i,Sn(Yi.Gx*Yi.Gy)),sn.ZERO=new sn(Wi,$i,$i,Wi);class ln{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Yi,r=Sn(en*e*e),i=Sn((r+$i)*nn);let n=BigInt(-1);const a=Sn((n-t*r)*Sn(r+t));let{isValid:s,value:o}=Dn(i,a),c=Sn(o*e);vn(c)||(c=Sn(-c)),s||(o=c),s||(n=r);const u=Sn(n*(r-$i)*an-a),h=o*o,l=Sn((o+o)*a),y=Sn(u*tn),p=Sn($i-h),g=Sn($i+h);return new sn(Sn(l*g),Sn(p*y),Sn(y*g),Sn(l*p))}static hashToCurve(e){const t=En((e=Bn(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=En(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new ln(r.add(n))}static fromHex(e){e=Bn(e,32);const{a:t,d:r}=Yi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=En(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(kn(n),e)||vn(n))throw Error(i);const a=Sn(n*n),s=Sn($i+t*a),o=Sn($i-t*a),c=Sn(s*s),u=Sn(o*o),h=Sn(t*r*c-u),{isValid:l,value:y}=xn(Sn(h*u)),p=Sn(y*o),g=Sn(y*p*h);let d=Sn((n+n)*p);vn(d)&&(d=Sn(-d));const f=Sn(s*g),m=Sn(d*f);if(!l||vn(m)||f===Wi)throw Error(i);return new ln(new sn(d,f,$i,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Sn(Sn(r+t)*Sn(r-t)),a=Sn(e*t),s=Sn(a*a),{value:o}=xn(Sn(n*s)),c=Sn(o*n),u=Sn(o*a),h=Sn(c*u*i);let l;if(vn(i*h)){let r=Sn(t*en),i=Sn(e*en);e=r,t=i,l=Sn(c*rn)}else l=u;vn(e*h)&&(t=Sn(-t));let y=Sn((r-t)*l);return vn(y)&&(y=Sn(-y)),kn(y)}toHex(){return mn(this.toRawBytes())}toString(){return this.toHex()}equals(e){un(e);const t=this.ep,r=e.ep,i=Sn(t.x*r.y)===Sn(t.y*r.x),n=Sn(t.y*r.y)===Sn(t.x*r.x);return i||n}add(e){return un(e),new ln(this.ep.add(e.ep))}subtract(e){return un(e),new ln(this.ep.subtract(e.ep))}multiply(e){return new ln(this.ep.multiply(e))}multiplyUnsafe(e){return new ln(this.ep.multiplyUnsafe(e))}}ln.BASE=new ln(sn.BASE),ln.ZERO=new ln(sn.ZERO);const yn=new WeakMap;class pn{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,yn.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Yi,n=(e=Bn(e,32)).slice();n[31]=-129&e[31];const a=An(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=Ji)throw Error("Expected 0 < hex < 2**256");const s=Sn(a*a),o=Sn(s-$i),c=Sn(r*s+$i);let{isValid:u,value:h}=Dn(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&$i)===$i;return!!(128&e[31])!==l&&(h=Sn(-h)),new pn(h,a)}static async fromPrivateKey(e){return(await Mn(e)).point}toRawBytes(){const e=kn(this.y);return e[31]|=this.x&$i?128:0,e}toHex(){return mn(this.toRawBytes())}toX25519(){const{y:e}=this;return kn(Sn(($i+e)*Pn($i-e)))}isTorsionFree(){return sn.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new pn(Sn(-this.x),this.y)}add(e){return sn.fromAffine(this).add(sn.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return sn.fromAffine(this).multiply(e,this).toAffine()}}pn.BASE=new pn(Yi.Gx,Yi.Gy),pn.ZERO=new pn(Wi,$i);let gn=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Bn(t,64),i=pn.fromHex(r.slice(0,32),!1),n=An(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof pn))throw Error("Expected Point instance");return Cn(t,Yi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(kn(this.s),32),e}toHex(){return mn(this.toRawBytes())}};function dn(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const fn=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function mn(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=fn[e[r]];return t}function wn(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function bn(e){return wn(e.toString(16).padStart(64,"0"))}function kn(e){return bn(e).reverse()}function vn(e){return(Sn(e)&$i)===$i}function An(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+mn(Uint8Array.from(e).reverse()))}const Kn=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function En(e){return Sn(An(e)&Kn)}function Sn(e,t=Yi.P){const r=e%t;return r>=Wi?r:t+r}function Pn(e,t=Yi.P){if(e===Wi||t<=Wi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Sn(e,t),i=t,n=Wi,a=$i;for(;r!==Wi;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==$i)throw Error("invert: does not exist");return Sn(n,t)}function Un(e,t){const{P:r}=Yi;let i=e;for(;t-- >Wi;)i*=i,i%=r;return i}function Dn(e,t){const r=Sn(t*t*t),i=function(e){const{P:t}=Yi,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Un(o,Zi)*o%t,u=Un(c,$i)*e%t,h=Un(u,r)*u%t,l=Un(h,i)*h%t,y=Un(l,n)*l%t,p=Un(y,a)*y%t,g=Un(p,s)*p%t,d=Un(g,s)*p%t,f=Un(d,i)*h%t;return{pow_p_5_8:Un(f,Zi)*e%t,b2:o}}(e*Sn(r*r*t)).pow_p_5_8;let n=Sn(e*r*i);const a=Sn(t*n*n),s=n,o=Sn(n*en),c=a===e,u=a===Sn(-e),h=a===Sn(-e*en);return c&&(n=s),(u||h)&&(n=o),vn(n)&&(n=Sn(-n)),{isValid:c||u,value:n}}function xn(e){return Dn($i,e)}function In(e){return Sn(An(e),Yi.l)}function Bn(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):wn(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function Cn(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Wi<e)return e}else if(Wi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Tn;async function Mn(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=In(t),n=pn.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await Fn.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?bn(Cn(e,Ji)):Bn(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Ln(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Bn(t),r instanceof pn||(r=pn.fromHex(r,!1));const{r:i,s:n}=e instanceof gn?e.assertValidity():gn.fromHex(e);return{r:i,s:n,SB:sn.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await Fn.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=In(i),a=sn.fromAffine(e).multiplyUnsafe(n);return sn.fromAffine(t).add(a).subtract(r).multiplyUnsafe(Yi.h).equals(sn.ZERO)}(s,i,n,o)}pn.BASE._setWindowSize(8);const Rn={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},Fn={bytesToHex:mn,hexToBytes:wn,concatBytes:dn,getExtendedPublicKey:Mn,mod:Sn,invert:Pn,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Bn(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Sn(An(e),Yi.l-$i)+$i},randomBytes:(e=32)=>{if(Rn.web)return Rn.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>Fn.randomBytes(32),sha512:async(...e)=>{const t=dn(...e);if(Rn.web){const e=await Rn.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=pn.BASE){const r=t.equals(pn.BASE)?t:new pn(t.x,t.y);return r._setWindowSize(e),r.multiply(Zi),r},sha512Sync:void 0};async function zn(e){switch(e){case T.publicKey.ed25519:try{const e=R.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(_(i.x)),seed:_(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name)throw t;const r=Er(On(e)),{publicKey:i}=Vr.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await R.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function Nn(e,t,r,i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(_n(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=R.getWebCrypto(),r=Gn(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name)throw e;const t=R.concatUint8Array([n,i]);return{RS:Vr.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await R.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function Hn(e,t,{RS:r},i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(_n(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=R.getWebCrypto(),i=jn(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name)throw e;return Ln(r,a,n)}case T.publicKey.ed448:return(await R.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}function On(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function _n(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(Fn,{sha512Sync:{configurable:!1,get:()=>Tn,set(e){Tn||(Tn=e)}}});const jn=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},Gn=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=jn(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var qn=/*#__PURE__*/Object.freeze({__proto__:null,generate:zn,getPayloadSize:On,getPreferredHashAlgo:_n,sign:Nn,validateParams:async function(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Vr.sign.keyPair.fromSeed(r);return R.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await R.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return R.equalsUint8Array(t,e)}default:return!1}},verify:Hn});const Vn=R.getWebCrypto();async function Wn(e,t,r){const{keySize:i}=re(e);if(!R.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await Vn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await Vn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;R.printDebugError("Browser did not support operation: "+e.message)}return kt(t).encrypt(r)}async function $n(e,t,r){const{keySize:i}=re(e);if(!R.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return R.printDebugError("Browser did not support operation: "+e.message),kt(t).decrypt(r)}try{const e=await Vn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Vn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}var Zn=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:$n,wrap:Wn});const Qn=R.getWebCrypto();async function Xn(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await Qn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Qn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const Yn={x25519:R.encodeUTF8("OpenPGP X25519"),x448:R.encodeUTF8("OpenPGP X448")};async function Jn(e){switch(e){case T.publicKey.x25519:{const e=Er(32),{publicKey:t}=Vr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await R.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}function ea(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function ta(e,t){switch(e){case T.publicKey.x25519:{const r=Er(ea(e)),i=Vr.scalarMult(r,t);ia(i);const{publicKey:n}=Vr.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await R.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);ia(i);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function ra(e,t,r,i){switch(e){case T.publicKey.x25519:{const e=Vr.scalarMult(i,t);return ia(e),e}case T.publicKey.x448:{const e=(await R.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);return ia(e),e}default:throw Error("Unsupported ECDH algorithm")}}function ia(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}var na=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){const a=await ra(e,t,i,n),s=R.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=re(e);return $n(e,await Xn(T.hash.sha256,s,new Uint8Array,Yn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=re(T.symmetric.aes256);return $n(e,await Xn(T.hash.sha512,s,new Uint8Array,Yn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await ta(e,r),a=R.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=re(e),n=await Xn(T.hash.sha256,a,new Uint8Array,Yn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=re(T.symmetric.aes256),n=await Xn(T.hash.sha512,a,new Uint8Array,Yn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:Jn,generateEphemeralEncryptionMaterial:ta,getPayloadSize:ea,recomputeSharedSecret:ra,validateParams:async function(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Vr.box.keyPair.fromSecretKey(r);return R.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await R.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return R.equalsUint8Array(t,e)}default:return!1}}});const aa=R.getWebCrypto(),sa=R.getNodeCrypto(),oa={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},ca=sa?sa.getCurves():[],ua=sa?{[T.curve.secp256k1]:ca.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:ca.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:ca.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:ca.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:ca.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:ca.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:ca.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:ca.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:ca.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},ha={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ua[T.curve.nistP256],web:oa[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ua[T.curve.nistP384],web:oa[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ua[T.curve.nistP521],web:oa[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ua[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ua[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ua[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ua[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class la{constructor(e){try{this.name=e instanceof Ri?e.getName():T.write(T.curve,e)}catch(e){throw new Gi("Unknown curve")}const t=ha[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&R.getWebCrypto()?this.type="web":this.node&&R.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await aa.generateKey({name:"ECDSA",namedCurve:oa[e]},!0,["sign","verify"]),i=await aa.exportKey("jwk",r.privateKey),n=await aa.exportKey("jwk",r.publicKey);return{publicKey:da(n,t),privateKey:_(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return R.printDebugError("Browser did not support generating ec key "+e.message),ga(this.name)}case"node":return async function(e){const t=sa.createECDH(ua[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await Jn(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:R.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await zn(T.publicKey.ed25519);return{publicKey:R.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return ga(this.name)}}}async function ya(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Vr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!R.equalsUint8Array(t,r)}const s=(await R.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!R.equalsUint8Array(s,r)}function pa(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function ga(e){const t=await R.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function da(e,t){const r=_(e.x),i=_(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function fa(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function ma(e,t,r,i){const n=fa(e,t,r);return n.d=j(i),n}const wa=R.getWebCrypto(),ba=R.getNodeCrypto();async function ka(e,t,r,i,n,a){const s=new la(e);if(pa(s,i),r&&!R.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=ma(e.payloadSize,oa[e.name],i.publicKey,i.privateKey),s=await wa.importKey("jwk",a,{name:"ECDSA",namedCurve:oa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await wa.sign({name:"ECDSA",namedCurve:oa[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;R.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=R.nodeRequire("eckey-utils"),a=R.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:ua[e.name],privateKey:a.from(i)}),o=ba.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await R.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:Ar(o.r,"be",s.payloadSize),s:Ar(o.s,"be",s.payloadSize)}}async function va(e,t,r,i,n,a){const s=new la(e);pa(s,n);const o=async()=>0===a[0]&&Aa(s,r,a.subarray(1),n);if(i&&!R.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=fa(e.payloadSize,oa[e.name],a),o=await wa.importKey("jwk",s,{name:"ECDSA",namedCurve:oa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=R.concatUint8Array([r,i]).buffer;return wa.verify({name:"ECDSA",namedCurve:oa[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;R.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=R.nodeRequire("eckey-utils"),o=R.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:ua[e.name],publicKey:o.from(a)}),u=ba.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=R.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await Aa(s,r,a,n)||o()}async function Aa(e,t,r,i){return(await R.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(R.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Ka=/*#__PURE__*/Object.freeze({__proto__:null,sign:ka,validateParams:async function(e,t,r){const i=new la(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Er(8),n=T.hash.sha256,a=await be.digest(n,i);try{const s=await ka(e,n,i,t,r,a);return await va(e,n,s,i,t,a)}catch(e){return!1}}default:return ya(T.publicKey.ecdsa,e,t,r)}},verify:va});var Ea=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){if(pa(new la(e),i),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await Nn(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Vr.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return R.equalsUint8Array(t,n)},verify:async function(e,t,{r,s:i},n,a,s){if(pa(new la(e),a),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=R.concatUint8Array([r,i]);return Hn(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}});function Sa(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Pa(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(R.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var Ua=/*#__PURE__*/Object.freeze({__proto__:null,decode:Pa,encode:Sa});const Da=R.getWebCrypto(),xa=R.getNodeCrypto();function Ia(e,t,r,i){return R.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),R.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ba(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await be.digest(e,R.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function Ca(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await ta(T.publicKey.x25519,t.subarray(1));return{publicKey:R.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&R.getWebCrypto())try{return await async function(e,t){const r=fa(e.payloadSize,e.web,t);let i=Da.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Da.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Da.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Da.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(da(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return R.printDebugError(r),La(e,t)}break;case"node":return async function(e,t){const r=xa.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),n=new Uint8Array(r.getPublicKey());return{publicKey:n,sharedKey:i}}(e,t);default:return La(e,t)}}async function Ta(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await ra(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&R.getWebCrypto())try{return await async function(e,t,r,i){const n=ma(e.payloadSize,e.web,r,i);let a=Da.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=fa(e.payloadSize,e.web,t);let o=Da.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Da.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Da.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:_(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return R.printDebugError(r),Ma(e,t,i)}break;case"node":return async function(e,t,r){const i=xa.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return Ma(e,t,i)}}async function Ma(e,t,r){return{secretKey:r,sharedKey:(await R.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function La(e,t){const r=await R.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var Ra=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s){const o=new la(e);pa(o,n),pa(o,r);const{sharedKey:c}=await Ta(o,r,n,a),u=Ia(T.publicKey.ecdh,e,t,s),{keySize:h}=re(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Ba(t.hash,c,h,u,1===e,2===e);return Pa(await $n(t.cipher,r,i))}catch(e){l=e}throw l},encrypt:async function(e,t,r,i,n){const a=Sa(r),s=new la(e);pa(s,i);const{publicKey:o,sharedKey:c}=await Ca(s,i),u=Ia(T.publicKey.ecdh,e,t,n),{keySize:h}=re(t.cipher),l=await Ba(t.hash,c,h,u);return{publicKey:o,wrappedKey:await Wn(t.cipher,l,a)}},validateParams:async function(e,t,r){return ya(T.publicKey.ecdh,e,t,r)}}),Fa=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:la,ecdh:Ra,ecdhX:na,ecdsa:Ka,eddsa:qn,eddsaLegacy:Ea,generate:async function(e){const t=new la(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:R.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}},getPreferredHashAlgo:function(e){return ha[e.getName()].hash}});const za=BigInt(0),Na=BigInt(1);var Ha=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=pr(i),n=pr(n),r=pr(r),a=pr(a),r=gr(r,i),a=gr(a,n);const l=gr(pr(t.subarray(0,vr(n))),n);for(;;){if(o=Sr(Na,n),c=gr(dr(r,o,i),n),c===s)continue;const e=gr(a*c,n);if(h=gr(l+e,n),u=gr(mr(o,n)*h,n),u!==s)break}return{r:Ar(c,"be",vr(i)),s:Ar(u,"be",vr(i))}},validateParams:async function(e,t,r,i,n){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),r<=Na||r>=e)return!1;if(gr(e-Na,t)!==za)return!1;if(dr(r,t,e)!==Na)return!1;const a=BigInt(kr(t));if(a<BigInt(150)||!xr(t,null,32))return!1;n=pr(n);const s=BigInt(2);return i===dr(r,t*Sr(s<<a-Na,s<<a)+n,e)},verify:async function(e,t,r,i,n,a,s,o){if(t=pr(t),r=pr(r),a=pr(a),s=pr(s),n=pr(n),o=pr(o),t<=za||t>=s||r<=za||r>=s)return R.printDebug("invalid DSA Signature"),!1;const c=gr(pr(i.subarray(0,vr(s))),s),u=mr(r,s);if(u===za)return R.printDebug("invalid DSA Signature"),!1;n=gr(n,a),o=gr(o,a);const h=gr(c*u,s),l=gr(t*u,s);return gr(gr(dr(n,h,a)*dr(o,l,a),a),s)===t}});const Oa=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),_a=R.getWebCrypto(),ja=R.getNodeCrypto();var Ga={rsa:_r,elgamal:Gr,elliptic:Fa,dsa:Ha,hmac:/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!Oa.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=_a||ja.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)},sign:async function(e,t,r){if(!Oa.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=_a||ja.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!Oa.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=_a||ja.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}})};class qa{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!R.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return R.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var Va=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=R.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*Ga.elliptic.eddsa.getPayloadSize(e),n=R.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new qa;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}default:throw new Gi("Unknown signature algorithm.")}},sign:async function(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Ga.rsa.sign(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:n,q:s}=r,{x:o}=i;return Ga.dsa.sign(t,a,e,n,s,o)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return Ga.elliptic.ecdsa.sign(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return Ga.elliptic.eddsaLegacy.sign(e,t,n,s,o,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return Ga.elliptic.eddsa.sign(e,t,n,s,o,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await Ga.hmac.sign(e.getValue(),t,a);return{mac:new qa(n)}}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i,o=R.leftPad(r.s,e.length);return Ga.rsa.verify(t,a,o,e,n,s)}case T.publicKey.dsa:{const{g:e,p:n,q:a,y:o}=i,{r:c,s:u}=r;return Ga.dsa.verify(t,c,u,s,e,n,a,o)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new Ga.elliptic.CurveWithOID(e).payloadSize,c=R.leftPad(r.r,o),u=R.leftPad(r.s,o);return Ga.elliptic.ecdsa.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i,o=new Ga.elliptic.CurveWithOID(e).payloadSize,c=R.leftPad(r.r,o),u=R.leftPad(r.s,o);return Ga.elliptic.eddsaLegacy.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return Ga.elliptic.eddsa.verify(e,t,r,a,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return Ga.hmac.verify(e.getValue(),t,r.mac.data,s)}default:throw Error("Unknown signature algorithm.")}}});class Wa{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return R.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class $a{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new Gi("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return R.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const Za=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},Qa=Za(T.aead),Xa=Za(T.symmetric),Ya=Za(T.hash);class Ja{static fromObject({wrappedKey:e,algorithm:t}){const r=new Ja;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=R.readExactSubarray(e,t,t+r),t+=r}write(){return R.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function es(e,t){const r=Er(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await be.sha256(r)}}}function ts(e){const{keySize:t}=re(e);return Er(t)}function rs(e){const t=T.read(T.aead,e);return hr[t]}function is(e){try{e.getName()}catch(e){throw new Gi("Unknown curve OID")}}function ns(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new Ga.elliptic.CurveWithOID(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return Ga.elliptic.eddsa.getPayloadSize(e);case T.publicKey.x25519:case T.publicKey.x448:return Ga.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var as=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return Ga.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new Ri(e),Q:t}})));case T.publicKey.eddsaLegacy:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new Ri(e),Q:t}})));case T.publicKey.ecdh:return Ga.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new Ri(e),Q:t,kdfParams:new $a({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return Ga.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return Ga.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return es(await Ga.hmac.generate(i),new Ya(i));case T.publicKey.aead:return es(ts(i),new Xa(i));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:ts,getAEADMode:rs,getCipherParams:re,getCurvePayloadSize:ns,getPreferredCurveHashAlgo:function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return Ga.elliptic.getPreferredHashAlgo(t);case T.publicKey.ed25519:case T.publicKey.ed448:return Ga.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=re(e),r=await Er(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return R.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:R.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=R.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:R.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=new Wa;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=ns(e),n=R.readExactSubarray(t,r,r+i);r+=n.length;const a=new Ja;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new Qa;r+=e.read(t.subarray(r));const{ivLength:i}=rs(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new qa;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:function(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=R.readMPI(t.subarray(i));i+=e.length+2;const r=R.readMPI(t.subarray(i));i+=r.length+2;const n=R.readMPI(t.subarray(i));i+=n.length+2;const a=R.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=R.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=ns(e,r.oid);let a=R.readMPI(t.subarray(i));return i+=a.length+2,a=R.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=ns(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=R.readMPI(t.subarray(i));return i+=a.length+2,a=R.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=ns(e),n=R.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=ns(e),n=R.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=be.getHashByteLength(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=re(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));r+=i.length+2;const n=R.readMPI(t.subarray(r));r+=n.length+2;const a=R.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=R.readMPI(t.subarray(r));r+=e.length+2;const i=R.readMPI(t.subarray(r));r+=i.length+2;const n=R.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new Ri;r+=e.read(t),is(e);const i=R.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new Ri;if(r+=e.read(t),is(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=R.readMPI(t.subarray(r));return r+=i.length+2,i=R.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new Ri;r+=e.read(t),is(e);const i=R.readMPI(t.subarray(r));r+=i.length+2;const n=new $a;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=R.readExactSubarray(t,r,r+ns(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new Xa;r+=e.read(t);const i=be.getHashByteLength(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}default:throw new Gi("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return Ga.rsa.decrypt(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i,s=t.p,o=r.x;return Ga.elgamal.decrypt(e,n,s,o,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Ga.elliptic.ecdh.decrypt(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!R.isAES(o.algorithm))throw Error("AES session key expected");return Ga.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=rs(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ga.rsa.encrypt(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return Ga.elgamal.encrypt(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Ga.elliptic.ecdh.encrypt(e,i,n,t,a);return{V:s,C:new Wa(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!R.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await Ga.elliptic.ecdhX.encrypt(e,n,i);return{ephemeralPublicKey:a,C:Ja.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=M.preferredAEADAlgorithm,o=rs(M.preferredAEADAlgorithm),{ivLength:c}=o,u=Er(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new Qa(s),iv:u,c:new qa(l)}}default:return[]}},serializeParams:function(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac]),i=Object.keys(t).map((i=>{const n=t[i];return R.isUint8Array(n)?r.has(e)?n:R.uint8ArrayToMPI(n):n.write()}));return R.concatUint8Array(i)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return Ga.rsa.validateParams(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return Ga.dsa.validateParams(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return Ga.elgamal.validateParams(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=Ga.elliptic[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return Ga.elliptic.eddsaLegacy.validateParams(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return Ga.elliptic.eddsa.validateParams(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return Ga.elliptic.ecdhX.validateParams(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return be.getHashByteLength(e.getValue())===a.length&&R.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=re(e.getValue());return s===a.length&&R.equalsUint8Array(i,await be.sha256(n))}default:throw Error("Unknown public key algorithm.")}}});const ss={cipher:ie,hash:be,mode:hr,publicKey:Ga,signature:Va,random:Pr,pkcs1:Lr,pkcs5:Ua,aesKW:Zn};Object.assign(ss,as);class os extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,os),this.name="Argon2OutOfMemoryError"}}let cs,us,hs=2<<19;class ls{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return hs}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){hs=e}static reloadWasmModule(){cs&&(us=cs(),us.catch((()=>{})))}constructor(e=M){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=ss.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return R.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{cs=cs||(await import("./argon2id.min.mjs")).default,us=us||cs();const i=await us,n=i({version:19,type:2,password:R.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ls.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ls.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new os("Could not allocate required memory for Argon2"):e}}}class ys{constructor(e,t=M){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=ss.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==R.uint8ArrayToString(e.subarray(t,t+3)))throw new Gi("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new Gi("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new Gi("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...R.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return R.concatUint8Array(e)}async produceKey(e,t){e=R.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=R.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=R.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=R.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await ss.hash.digest(this.algorithm,t);r.push(a),i+=a.length,n++}return R.concatUint8Array(r).subarray(0,t)}}const ps=new Set([T.s2k.argon2,T.s2k.iterated]);function gs(e,t=M){switch(e){case T.s2k.argon2:return new ls(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new ys(e,t);default:throw new Gi("Unsupported S2K type")}}function ds(e){const{s2kType:t}=e;if(!ps.has(t))throw Error("The provided `config.s2kType` value is not allowed");return gs(t,e)}var fs=Uint8Array,ms=Uint16Array,ws=Uint32Array,bs=new fs([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),ks=new fs([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),vs=new fs([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),As=function(e,t){for(var r=new ms(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new ws(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},Ks=As(bs,2),Es=Ks[0],Ss=Ks[1];Es[28]=258,Ss[258]=28;for(var Ps=As(ks,0),Us=Ps[0],Ds=Ps[1],xs=new ms(32768),Is=0;Is<32768;++Is){var Bs=(43690&Is)>>>1|(21845&Is)<<1;Bs=(61680&(Bs=(52428&Bs)>>>2|(13107&Bs)<<2))>>>4|(3855&Bs)<<4,xs[Is]=((65280&Bs)>>>8|(255&Bs)<<8)>>>1}var Cs=function(e,t,r){for(var i=e.length,n=0,a=new ms(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new ms(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new ms(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[xs[l]>>>c]=u}else for(s=new ms(i),n=0;n<i;++n)e[n]&&(s[n]=xs[o[e[n]-1]++]>>>15-e[n]);return s},Ts=new fs(288);for(Is=0;Is<144;++Is)Ts[Is]=8;for(Is=144;Is<256;++Is)Ts[Is]=9;for(Is=256;Is<280;++Is)Ts[Is]=7;for(Is=280;Is<288;++Is)Ts[Is]=8;var Ms=new fs(32);for(Is=0;Is<32;++Is)Ms[Is]=5;var Ls=/*#__PURE__*/Cs(Ts,9,0),Rs=/*#__PURE__*/Cs(Ts,9,1),Fs=/*#__PURE__*/Cs(Ms,5,0),zs=/*#__PURE__*/Cs(Ms,5,1),Ns=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Hs=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Os=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},_s=function(e){return(e+7)/8|0},js=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?ms:4==e.BYTES_PER_ELEMENT?ws:fs)(r-t);return i.set(e.subarray(t,r)),i},Gs=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],qs=function(e,t,r){var i=Error(t||Gs[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,qs),!r)throw i;return i},Vs=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},Ws=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},$s=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[to,0];if(1==n){var s=new fs(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new ms(y+1),g=Zs(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=a[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=a[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new fs(p),g]},Zs=function(e,t,r){return-1==e.s?Math.max(Zs(e.l,t,r+1),Zs(e.r,t,r+1)):t[e.s]=r},Qs=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new ms(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},Xs=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Ys=function(e,t,r){var i=r.length,n=_s(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},Js=function(e,t,r,i,n,a,s,o,c,u,h){Vs(t,h++,r),++n[256];for(var l=$s(n,15),y=l[0],p=l[1],g=$s(a,15),d=g[0],f=g[1],m=Qs(y),w=m[0],b=m[1],k=Qs(d),v=k[0],A=k[1],K=new ms(19),E=0;E<w.length;++E)K[31&w[E]]++;for(E=0;E<v.length;++E)K[31&v[E]]++;for(var S=$s(K,7),P=S[0],U=S[1],D=19;D>4&&!P[vs[D-1]];--D);var x,I,B,C,T=u+5<<3,M=Xs(n,Ts)+Xs(a,Ms)+s,L=Xs(n,y)+Xs(a,d)+s+14+3*D+Xs(K,P)+(2*K[16]+3*K[17]+7*K[18]);if(T<=M&&T<=L)return Ys(t,h,e.subarray(c,c+u));if(Vs(t,h,1+(L<M)),h+=2,L<M){x=Cs(y,p,0),I=y,B=Cs(d,f,0),C=d;var R=Cs(P,U,0);Vs(t,h,b-257),Vs(t,h+5,A-1),Vs(t,h+10,D-4),h+=14;for(E=0;E<D;++E)Vs(t,h+3*E,P[vs[E]]);h+=3*D;for(var F=[w,v],z=0;z<2;++z){var N=F[z];for(E=0;E<N.length;++E){var H=31&N[E];Vs(t,h,R[H]),h+=P[H],H>15&&(Vs(t,h,N[E]>>>5&127),h+=N[E]>>>12)}}}else x=Ls,I=Ts,B=Fs,C=Ms;for(E=0;E<o;++E)if(i[E]>255){H=i[E]>>>18&31;Ws(t,h,x[H+257]),h+=I[H+257],H>7&&(Vs(t,h,i[E]>>>23&31),h+=bs[H]);var O=31&i[E];Ws(t,h,B[O]),h+=C[O],O>3&&(Ws(t,h,i[E]>>>5&8191),h+=ks[O])}else Ws(t,h,x[i[E]]),h+=I[i[E]];return Ws(t,h,x[256]),h+I[256]},eo=/*#__PURE__*/new ws([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),to=/*#__PURE__*/new fs(0),ro=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new fs(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=Ys(c,u+1,e.subarray(h,l))}else{for(var y=eo[t-1],p=y>>>13,g=8191&y,d=(1<<r)-1,f=new ms(32768),m=new ms(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new ws(25e3),A=new ms(288),K=new ms(32),E=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),I=32767&h,B=m[x];if(f[I]=B,m[x]=I,U<=h){var C=s-h;if((E>7e3||P>24576)&&C>423){u=Js(e,c,0,v,A,K,S,P,D,h-D,u),P=E=S=0,D=h;for(var T=0;T<286;++T)A[T]=0;for(T=0;T<30;++T)K[T]=0}var M=2,L=0,R=g,F=I-B&32767;if(C>2&&x==k(h-F))for(var z=Math.min(p,C)-1,N=Math.min(32767,h),H=Math.min(258,C);F<=N&&--R&&I!=B;){if(e[h+M]==e[h+M-F]){for(var O=0;O<H&&e[h+O]==e[h+O-F];++O);if(O>M){if(M=O,L=F,O>z)break;var _=Math.min(F,O-2),j=0;for(T=0;T<_;++T){var G=h-F+T+32768&32767,q=G-f[G]+32768&32767;q>j&&(j=q,B=G)}}}F+=(I=B)-(B=f[I])+32768&32767}if(L){v[P++]=268435456|Ss[M]<<18|Ds[L];var V=31&Ss[M],W=31&Ds[L];S+=bs[V]+ks[W],++A[257+V],++K[W],U=h+M,++E}else v[P++]=e[h],++A[e[h]]}}u=Js(e,c,a,v,A,K,S,P,D,h-D,u),!a&&7&u&&(u=Ys(c,u+1,to))}return js(o,0,i+_s(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},io=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(ro(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||qs(5),this.d&&qs(4),this.d=t,this.p(e,t||!1)},e}(),no=/*#__PURE__*/function(){function e(e){this.s={},this.p=new fs(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||qs(5),this.d&&qs(4);var t=this.p.length,r=new fs(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new fs(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new fs(3*i));var s=function(e){var r=t.length;if(e>r){var i=new fs(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=Hs(e,c,1);var d=Hs(e,c+1,3);if(c+=3,!d){var f=e[(U=_s(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){a&&qs(0);break}n&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=Rs,l=zs,y=9,p=5;else if(2==d){var w=Hs(e,c,31)+257,b=Hs(e,c+10,15)+4,k=w+Hs(e,c+5,31)+1;c+=14;for(var v=new fs(k),A=new fs(19),K=0;K<b;++K)A[vs[K]]=Hs(e,c+3*K,7);c+=3*b;var E=Ns(A),S=(1<<E)-1,P=Cs(A,E,1);for(K=0;K<k;){var U,D=P[Hs(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[K++]=U;else{var x=0,I=0;for(16==U?(I=3+Hs(e,c,3),c+=2,x=v[K-1]):17==U?(I=3+Hs(e,c,7),c+=3):18==U&&(I=11+Hs(e,c,127),c+=7);I--;)v[K++]=x}}var B=v.subarray(0,w),C=v.subarray(w);y=Ns(B),p=Ns(C),h=Cs(B,y,1),l=Cs(C,p,1)}else qs(1);if(c>g){a&&qs(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,M=(1<<p)-1,L=c;;L=c){var R=(x=h[Os(e,c)&T])>>>4;if((c+=15&x)>g){a&&qs(0);break}if(x||qs(2),R<256)t[u++]=R;else{if(256==R){L=c,h=null;break}var F=R-254;if(R>264){var z=bs[K=R-257];F=Hs(e,c,(1<<z)-1)+Es[K],c+=z}var N=l[Os(e,c)&M],H=N>>>4;if(N||qs(3),c+=15&N,C=Us[H],H>3&&(z=ks[H],C+=Os(e,c)&(1<<z)-1,c+=z),c>g){a&&qs(0);break}n&&s(u+131072);for(var O=u+F;u<O;u+=4)t[u]=t[u-C],t[u+1]=t[u+1-C],t[u+2]=t[u+2-C],t[u+3]=t[u+3-C];u=O}}r.l=h,r.p=L,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:js(t,0,u)}(this.p,this.o,this.s);this.ondata(js(r,t,this.s.b),this.d),this.o=js(r,this.s.b-32768),this.s.b=this.o.length,this.p=js(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),ao=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,io.call(this,e,t)}return e.prototype.push=function(e,t){io.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=ro(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),so=/*#__PURE__*/function(){function e(e){this.v=1,no.call(this,e)}return e.prototype.push=function(e,t){if(no.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&qs(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),no.prototype.c.call(this,t)},e}(),oo="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{oo.decode(to,{stream:!0}),1}catch(e){}class co{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=R.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||R.isStream(this.text))&&(this.text=R.decodeUTF8(R.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=R.canonicalizeEOL(R.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await A(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=R.decodeUTF8(await e.readBytes(r)),this.date=R.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=R.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=R.writeDate(this.date);return R.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return R.concat([e,t])}}class uo{constructor(){this.bytes=""}read(e){return this.bytes=R.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return R.stringToUint8Array(this.bytes)}toHex(){return R.uint8ArrayToHex(R.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new uo;return t.read(R.hexToUint8Array(e)),t}static wildcard(){const e=new uo;return e.read(new Uint8Array(8)),e}}const ho=Symbol("verified"),lo="salt@notations.openpgpjs.org",yo=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class po{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new uo,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[ho]=null}read(e,t=M){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=ss.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>ss.serializeParams(this.publicKeyAlgorithm,await this.params))):ss.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),R.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=R.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=fo(this.hashAlgorithm);if(null===this.salt)this.salt=ss.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===lo)).length)throw Error("Unexpected existing salt notation");{const e=ss.random.getRandomBytes(fo(this.hashAlgorithm));this.rawNotations.push({name:lo,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=R.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(K(o),0,2);const c=async()=>ss.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));R.isStream(o)?this.params=c():(this.params=await c(),this[ho]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(go(e.signatureCreationTime,!0,R.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(go(e.signatureExpirationTime,!0,R.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(go(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(go(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(go(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(go(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(go(e.keyExpirationTime,!0,R.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(go(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=R.concat([r,this.revocationKeyFingerprint]),t.push(go(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(go(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=R.encodeUTF8(i);r.push(R.writeNumber(o.length,2)),r.push(R.writeNumber(n.length,2)),r.push(o),r.push(n),r=R.concat(r),t.push(go(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(go(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(go(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.keyServerPreferences)),t.push(go(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(go(e.preferredKeyServer,!1,R.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(go(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(go(e.policyURI,!1,R.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.keyFlags)),t.push(go(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(go(e.signersUserID,!1,R.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=R.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(go(e.reasonForRevocation,!0,r))),null!==this.features&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.features)),t.push(go(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(R.stringToUint8Array(this.signatureTargetHash)),r=R.concat(r),t.push(go(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(go(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=R.concat(r),t.push(go(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=R.stringToUint8Array(R.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(go(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(go(e.preferredCipherSuites,!1,r)));const i=R.concat(t),n=R.writeNumber(i.length,6===this.version?4:2);return R.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>go(e,t,r))),t=R.concat(e),r=R.writeNumber(t.length,6===this.version?4:2);return R.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),yo.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=R.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=R.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=R.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=R.readNumber(e.subarray(r,r+2));r+=2;const a=R.readNumber(e.subarray(r,r+2));r+=2;const s=R.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=R.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=R.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=R.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=R.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=R.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=ss.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=R.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new po,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=R.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Fi(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?R.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return R.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return R.concat([this.toSign(r.key,t),new Uint8Array([i]),R.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return R.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(K(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(R.writeNumber(r,4)),R.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return R.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==fo(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),ss.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=M){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[ho]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[ho]=await ss.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[ho])throw Error("Signature verification failed")}const o=R.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=R.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function go(e,t,r){const i=[];return i.push(zi(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),R.concat(i)}function fo(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class mo{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new mo;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new uo,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new uo,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),R.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>po.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!R.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!R.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function wo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new qi("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}mo.prototype.hash=po.prototype.hash,mo.prototype.toHash=po.prototype.toHash,mo.prototype.toSign=po.prototype.toSign;class bo extends Array{static async fromBinary(e,t,r=M){const i=new bo;return await i.read(e,t,r),i}async read(e,t,r=M){r.additionalAllowedPackets.length&&(t={...t,...R.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=B(i);try{for(;;){await n.ready;if(await ji(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=wo(e.tag,t);i.packets=new bo,i.fromStream=R.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof qi){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof Gi,a=!(r.ignoreMalformedPackets||t instanceof Gi);if(i||a||_i(e.tag))await n.abort(t);else{const t=new Vi(e.tag,e.packet);await n.write(t)}R.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=I(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||_i(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Vi?this[t].tag:this[t].constructor.tag,i=this[t].write();if(R.isStream(i)&&_i(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Hi(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=R.concat([Ni(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>R.concat([zi(n)].concat(t)))))}else{if(R.isStream(i)){let t=0;e.push(k(K(i),(e=>{t+=e.length}),(()=>Oi(r,t))))}else e.push(Oi(r,i.length));e.push(i)}}return R.concat(e)}filterByTag(...e){const t=new bo,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const ko=/*#__PURE__*/R.constructAllowedPackets([co,mo,po]);class vo{static get tag(){return T.packet.compressedData}constructor(e=M){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=M){await A(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),R.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=M){const t=T.read(T.compression,this.algorithm),r=Po[t];if(!r)throw Error(t+" decompression not supported");this.packets=await bo.fromBinary(await r(this.compressed),ko,e)}compress(){const e=T.read(T.compression,this.algorithm),t=So[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Ao(e,t){return r=>{if(!R.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function Ko(){return async function(e){const{decode:t}=await import("./seek-bzip.min.mjs").then((function(e){return e.i}));return x((async()=>t(await U(e))))}}const Eo=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),So={zip:/*#__PURE__*/Ao(Eo("deflate-raw").compressor,io),zlib:/*#__PURE__*/Ao(Eo("deflate").compressor,ao)},Po={uncompressed:e=>e,zip:/*#__PURE__*/Ao(Eo("deflate-raw").decompressor,no),zlib:/*#__PURE__*/Ao(Eo("deflate").decompressor,so),bzip2:/*#__PURE__*/Ko()},Uo=/*#__PURE__*/R.constructAllowedPackets([co,vo,mo,po]);class Do{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Do;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new Gi(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?R.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):R.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=M){const{blockSize:i,keySize:n}=ss.getCipherParams(e);if(t.length!==n)throw Error("Unexpected session key size");let a=this.packets.write();if(s(a)&&(a=await U(a)),2===this.version)this.cipherAlgorithm=e,this.salt=ss.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await xo(this,"encrypt",t,a);else{const n=await ss.getPrefixRandom(e),s=new Uint8Array([211,20]),o=R.concat([n,a,s]),c=await ss.hash.sha1(E(o)),u=R.concat([o,c]);this.encrypted=await ss.mode.cfb.encrypt(e,t,u,new Uint8Array(i),r)}return!0}async decrypt(e,t,r=M){if(t.length!==ss.getCipherParams(e).keySize)throw Error("Unexpected session key size");let i,n=K(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");i=await xo(this,"decrypt",t,n)}else{const{blockSize:a}=ss.getCipherParams(e),s=await ss.mode.cfb.decrypt(e,t,n,new Uint8Array(a)),o=P(E(s),-20),c=P(s,0,-20),u=Promise.all([U(await ss.hash.sha1(E(c))),U(o)]).then((([e,t])=>{if(!R.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=f([i,x((()=>u))]),R.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await bo.fromBinary(i,Uo,r),!0}}async function xo(e,t,r,i){const n=e instanceof Do&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=ss.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),d=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let f,w,b=0,k=Promise.resolve(),A=0,K=0;if(n){const{keySize:t}=ss.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await Xn(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),f=a.subarray(t),f.fill(0,f.length-8),w=new DataView(f.buffer,f.byteOffset,f.byteLength)}else f=e.iv;const E=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==R.isStream(r)){const t=new TransformStream({},{highWaterMark:R.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=I(r),s=B(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=f;else{m=f.slice();for(let e=0;e<8;e++)m[f.length-8+e]^=d[e]}if(!b||e.length?(a.unshift(r),i=E[t](e,m,y),i.catch((()=>{})),K+=e.length-o+c):(g.setInt32(5+h+4,A),i=E[t](r,m,p),i.catch((()=>{})),K+=c,l=!0),A+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),K-=e.length})).catch((e=>s.abort(e))),(l||K>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(f.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const Io=/*#__PURE__*/R.constructAllowedPackets([co,vo,mo,po]);class Bo{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{const t=await e.readByte();if(1!==t)throw new Gi(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=ss.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return R.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=M){this.packets=await bo.fromBinary(await xo(this,"decrypt",t,K(this.encrypted)),Io,r)}async encrypt(e,t,r=M){this.cipherAlgorithm=e;const{ivLength:i}=ss.getAEADMode(this.aeadAlgorithm);this.iv=ss.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await xo(this,"encrypt",t,n)}}class Co{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new uo,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new Co;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?uo.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=uo.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=ss.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),this.publicKeyAlgorithm===T.publicKey.x25519||this.publicKeyAlgorithm===T.publicKey.x448)if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),ss.serializeParams(this.publicKeyAlgorithm,this.encrypted)),R.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=To(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await ss.publicKeyEncrypt(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?To(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await ss.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=R.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:R.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:R.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);if(3===this.version){const e=this.publicKeyAlgorithm!==T.publicKey.x25519&&this.publicKeyAlgorithm!==T.publicKey.x448;if(this.sessionKeyAlgorithm=e?s:this.sessionKeyAlgorithm,a.length!==ss.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=a}}function To(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return R.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,R.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:return i;default:throw Error("Unsupported public key algorithm")}}class Mo{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=M){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=gs(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=ss.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=R.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=R.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=R.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=R.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=ss.getCipherParams(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=ss.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|Mo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await Xn(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await ss.mode.cfb.decrypt(t,n,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==ss.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=n}async encrypt(e,t=M){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=ds(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=ss.getCipherParams(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=ss.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=ss.getAEADMode(this.aeadAlgorithm);this.iv=ss.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|Mo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Xn(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=R.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await ss.mode.cfb.encrypt(r,a,e,new Uint8Array(i),t)}}}class Lo{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=M){this.version=t.v6Keys?6:4,this.created=R.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Lo,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=M){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=R.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=ss.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new Gi(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(R.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=ss.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(R.writeNumber(t.length,4)),e.push(t),R.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return R.concatUint8Array([new Uint8Array([r]),R.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new uo,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await ss.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await ss.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return R.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&R.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=R.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Lo.prototype.readPublicKey=Lo.prototype.read,Lo.prototype.writePublicKey=Lo.prototype.write;const Ro=/*#__PURE__*/R.constructAllowedPackets([co,vo,mo,po]);class Fo{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=M){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=ss.getCipherParams(e),n=await U(K(this.encrypted)),a=await ss.mode.cfb.decrypt(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await bo.fromBinary(a,Ro,r)}async encrypt(e,t,r=M){const i=this.packets.write(),{blockSize:n}=ss.getCipherParams(e),a=await ss.getPrefixRandom(e),s=await ss.mode.cfb.encrypt(e,t,a,new Uint8Array(n),r),o=await ss.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=R.concat([s,o])}}class zo{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class No extends Lo{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new No,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class Ho{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Fi(e.subarray(t,e.length));t+=r.offset,this.attributes.push(R.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(zi(this.attributes[t].length)),e.push(R.stringToUint8Array(this.attributes[t]));return R.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Ho)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Oo extends Lo{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=M){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=M){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=gs(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+ss.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+ss.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!R.equalsUint8Array(R.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=ss.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof Gi)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return R.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=ss.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(R.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(R.writeChecksum(this.keyMaterial))),R.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=M){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=gs(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=M){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=ds(t),this.s2k.generateSalt();const r=ss.serializeParams(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=ss.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=ss.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Hi(this.constructor.tag),s=await _o(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?ss.random.getRandomBytes(i):ss.random.getRandomBytes(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:R.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const n=await _o(this.version,this.s2k,e,this.symmetric);this.iv=ss.random.getRandomBytes(i),this.keyMaterial=await ss.mode.cfb.encrypt(this.symmetric,n,R.concatUint8Array([r,await ss.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Hi(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await _o(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=ss.getAEADMode(this.aead),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:R.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await ss.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await ss.hash.sha1(i);if(!R.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=ss.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await ss.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);const{privateParams:i,publicParams:n}=await ss.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function _o(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=ss.getCipherParams(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=R.concatUint8Array([a,new Uint8Array([e,i,n])]);return Xn(T.hash.sha256,c,new Uint8Array,u,o)}class jo{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(R.isString(e)||e.name&&!R.isString(e.name)||e.email&&!R.isEmailAddress(e.email)||e.comment&&!R.isString(e.comment))throw Error("Invalid user ID format");const t=new jo;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=M){const r=R.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return R.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class Go extends Oo{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=M){super(e,t)}}class qo{static get tag(){return T.packet.trust}read(){throw new Gi("Trust packets are not supported")}write(){throw new Gi("Trust packets are not supported")}}class Vo{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await ss.random.getRandomBytes(e)}}const Wo=/*#__PURE__*/R.constructAllowedPackets([po]);class $o{constructor(e){this.packets=e||new bo}write(){return this.packets.write()}armor(e=M){const t=this.packets.some((e=>e.constructor.tag===po.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function Zo({armoredSignature:e,binarySignature:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!R.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!R.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await bo.fromBinary(n,Wo,r);return new $o(s)}async function Qo(e,t){const r=new Go(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Xo(e,t){const r=new Oo(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Yo(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw R.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function Jo(e,t,r=new Date){const i=R.normalizeDate(r);if(null!==i){const r=nc(e,t);return!(e.created<=i&&i<r)}return!1}async function ec(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await tc(n,[],e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await tc(n,[],t,a,r.date,void 0,void 0,void 0,i)}async function tc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new po;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i=[],n){const a=T.hash.sha256,s=n.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,i[t],n)).preferredHashAlgorithms))),c=new Map;for(const e of o)for(const t of e)try{const e=T.write(T.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===a,h=()=>{if(0===c.size)return a;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>ss.hash.getHashByteLength(e)-ss.hash.getHashByteLength(t)))[0];return ss.hash.getHashByteLength(e)>=ss.hash.getHashByteLength(a)?e:a};if(new Set([T.publicKey.ecdsa,T.publicKey.eddsaLegacy,T.publicKey.ed25519,T.publicKey.ed448]).has(t.algorithm)){const e=ss.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid),r=u(s),i=ss.hash.getHashByteLength(s)>=ss.hash.getHashByteLength(e);if(r&&i)return s;{const t=h();return ss.hash.getHashByteLength(t)>=ss.hash.getHashByteLength(e)?t:e}}return u(s)?s:h()}(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function rc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return R.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function ic(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function nc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function ac(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=R.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function sc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function oc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function cc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function uc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class hc{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new bo;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new hc(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new hc(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return tc(n,[e],a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=M){const n=this.mainKey.keyPacket;return ic(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw R.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw R.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await rc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await rc(e,this,"otherCertifications",t),await rc(e,this,"revocationSignatures",t,(function(e){return ic(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=M){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new hc(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await tc(a,[],e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class lc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new bo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new lc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=M){const n=this.mainKey.keyPacket;return ic(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=M){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await Yo(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(Jo(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=M){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await Yo(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=nc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=M){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await rc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await rc(e,this,"revocationSignatures",t,(function(e){return ic(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=M){const a={key:e,bind:this.keyPacket},s=new lc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await tc(a,[],e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{lc.prototype[e]=function(){return this.keyPacket[e]()}}));const yc=/*#__PURE__*/R.constructAllowedPackets([po]),pc=new Set([T.packet.publicKey,T.packet.privateKey]),gc=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class dc{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Vi){gc.has(s.tag)&&!a&&(a=pc.has(s.tag)?pc:gc);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new hc(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new lc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){R.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){R.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){R.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new bo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=M){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{uc(n,i)}catch(e){throw R.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await Yo(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!sc(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await Yo([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),uc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&sc(n,a,i))return uc(n,i),this}catch(e){s=e}throw R.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=M){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{uc(n,i)}catch(e){throw R.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await Yo(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(oc(r.keyPacket,a,i))return uc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&oc(n,a,i))return uc(n,i),this}catch(e){s=e}throw R.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=M){return ic(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=M){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(Jo(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await Yo(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&Jo(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=M){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=nc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await Yo(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=nc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return R.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=M){const i=this.keyPacket;if(6===i.version)return Yo(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=M){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await Yo(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=M){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await rc(e,i,"revocationSignatures",t,(n=>ic(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await rc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=M){const r={key:this.keyPacket},i=await Yo(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new bo;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=M){const i=await X(e),n=(await bo.fromBinary(i.data,yc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw R.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=M){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=M){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=M){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=M){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{dc.prototype[e]=lc.prototype[e]}));class fc extends dc{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=M){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class mc extends fc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new bo,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Lo.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=No.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new fc(e)}armor(e=M){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=M){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await Yo(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);cc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!cc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=M){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=M){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await tc(n,[],this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={...M,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=ac(e,i);const n=await Qo(e,{...t,v6Keys:6===this.keyPacket.version});uc(n,t);const a=await ec(n,r,e,t),s=this.toPacketList();return s.push(n,a),new mc(s)}}const wc=/*#__PURE__*/R.constructAllowedPackets([Lo,No,Oo,Go,jo,Ho,po]);function bc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new mc(e);case T.packet.publicKey:return new fc(e)}throw Error("No key packet found")}async function kc(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new bo;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha256,T.hash.sha512,...6===e.version?[T.hash.sha3_256,T.hash.sha3_512]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await tc(t,[],e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=jo.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await tc(o,[],e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await ec(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await tc(o,[],e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new mc(n)}async function vc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...M,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!R.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!R.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await bo.fromBinary(a,wc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return bc(s.slice(o[0],o[1]))}async function Ac({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...M,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!R.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!R.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await bo.fromBinary(a,wc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new mc(t)}throw Error("No secret key packet found")}async function Kc({armoredKeys:e,binaryKeys:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!R.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!R.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await bo.fromBinary(n,wc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=bc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function Ec({armoredKeys:e,binaryKeys:t,config:r}){r={...M,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!R.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!R.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await bo.fromBinary(i,wc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new mc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Sc=/*#__PURE__*/R.constructAllowedPackets([co,vo,Bo,Do,Fo,Co,Mo,mo,po]),Pc=/*#__PURE__*/R.constructAllowedPackets([Mo]),Uc=/*#__PURE__*/R.constructAllowedPackets([po]);class Dc{constructor(e){this.packets=e||new bo}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=M){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!R.isUint8Array(t)||!s.cipherAlgorithm&&!R.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){R.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new Dc(s.packets);return s.packets=new bo,l}async decryptSessionKeys(e,t,r,i=new Date,n=M){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await bo.fromBinary(e.write(),Pc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){R.printDebugError(e),e instanceof os&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Co;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:ss.generateSessionKey(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){R.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){R.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+R.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=M){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=M){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!R.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:ss.generateSessionKey(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=M){if(r){if(!R.isUint8Array(r.data)||!R.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Dc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Dc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Dc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=Do.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new bo,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=M){const h=new bo,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=Co.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new Mo(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new Dc(h)}async sign(e=[],t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=M){const u=new bo,h=this.packets.findPacket(T.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await xc(h,e,t,r,i,n,a,s,o,!1,c),y=l.map(((e,t)=>mo.fromSignaturePacket(e,0===t))).reverse();return u.push(...y),u.push(h),u.push(...l),new Dc(u)}compress(e,t=M){if(e===T.compression.uncompressed)return this;const r=new vo(t);r.algorithm=e,r.packets=this.packets;const i=new bo;return i.push(r),new Dc(i)}async signDetached(e=[],t=[],r=null,i=[],n=[],a=new Date,s=[],o=[],c=M){const u=this.packets.findPacket(T.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new $o(await xc(u,e,t,r,i,n,a,s,o,!0,c))}async verify(e,t=new Date,r=M){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&R.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=I(e),i=B(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Ic(a,n,e,t,!1,r)):Ic(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=M){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return Ic(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new Dc(e[0].packets):this}async appendSignature(e,t=M){await this.packets.read(R.isUint8Array(e)?e:(await X(e)).data,Uc,t)}write(){return this.packets.write()}armor(e=M){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Do.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===po.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function xc(e,t,r=[],i=null,n=[],a=new Date,s=[],o=[],c=[],u=!1,h=M){const l=new bo,y=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,i)=>{const l=s[i];if(!t.isPrivate())throw Error("Need private key for signing");const p=await t.getSigningKey(n[i],a,l,h);return tc(e,r.length?r:[t],p.keyPacket,{signatureType:y},a,o,c,u,h)}))).then((e=>{l.push(...e)})),i){const e=i.packets.filterByTag(T.packet.signature);l.push(...e)}return l}async function Ic(e,t,r,i=new Date,n=!1,a=M){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=M){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof mo?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new bo;return e&&t.push(e),new $o(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function Bc({armoredMessage:e,binaryMessage:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!R.isString(e)&&!R.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!R.isUint8Array(t)&&!R.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=R.isStream(n);if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await bo.fromBinary(n,Sc,r),c=new Dc(o);return c.fromStream=s,c}async function Cc({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!R.isString(e)&&!R.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!R.isUint8Array(t)&&!R.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=R.isStream(s),u=new co(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new bo;h.push(u);const l=new Dc(h);return l.fromStream=c,l}const Tc=/*#__PURE__*/R.constructAllowedPackets([po]);class Mc{constructor(e,t){if(this.text=R.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof $o))throw Error("Invalid signature input");this.signature=t||new $o(new bo)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=M){const u=new co;u.setText(this.text);const h=new $o(await xc(u,e,t,r,i,n,a,s,o,!0,c));return new Mc(this.text,h)}verify(e,t=new Date,r=M){const i=this.signature.packets.filterByTag(T.packet.signature),n=new co;return n.setText(this.text),Ic(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=M){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function Lc({cleartextMessage:e,config:t,...r}){if(t={...M,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!R.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await X(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await bo.fromBinary(n.data,Tc,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new $o(a);return new Mc(n.text,s)}async function Rc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!R.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new Mc(e)}async function Fc({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){Jc(l={...M,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=eu(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=ac(e)).subkeys=e.subkeys.map(((t,r)=>ac(e.subkeys[r],e)));let r=[Xo(e,t)];r=r.concat(e.subkeys.map((e=>Qo(e,t))));const i=await Promise.all(r),n=await kc(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>uc(e,l))),{privateKey:iu(e,h,l),publicKey:"symmetric"!==r?iu(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw R.wrapError("Error generating keypair",e)}}async function zc({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){Jc(s={...M,...s}),t=eu(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await Yo(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await kc(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=R.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:iu(e,a,s),publicKey:iu(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw R.wrapError("Error reformatting keypair",e)}}async function Nc({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){Jc(a={...M,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:iu(s,n,a),publicKey:iu(s.toPublic(),n,a)}:{privateKey:null,publicKey:iu(s,n,a)}}catch(e){throw R.wrapError("Error revoking key",e)}}async function Hc({privateKey:e,passphrase:t,config:r,...i}){Jc(r={...M,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=R.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>R.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),R.wrapError("Error decrypting private key",e)}}async function Oc({privateKey:e,passphrase:t,config:r,...i}){Jc(r={...M,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=R.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),R.wrapError("Error encrypting private key",e)}}async function _c({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...d}){if(Jc(g={...M,...g}),Zc(e),Xc(a),t=eu(t),r=eu(r),i=eu(i),c=eu(c),u=eu(u),l=eu(l),y=eu(y),p=eu(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,t,s,c,h,l,u,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=M){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const d="armored"===a?e.armor(g):e.write();return await tu(d)}catch(e){throw R.wrapError("Error encrypting message",e)}}async function jc({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(Jc(u={...M,...u}),Zc(e),n=eu(n),t=eu(t),r=eu(r),i=eu(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),ru(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=f([l.data,x((async()=>{await R.anyPromise(l.signatures.map((e=>e.verified)))}))])}return l.data=await tu(l.data),l}catch(e){throw R.wrapError("Error decrypting message",e)}}async function Gc({message:e,signingKeys:t,recipientKeys:r=[],format:i="armored",detached:n=!1,signingKeyIDs:a=[],date:s=new Date,signingUserIDs:o=[],recipientUserIDs:c=[],signatureNotations:u=[],config:h,...l}){if(Jc(h={...M,...h}),Qc(e),Xc(i),t=eu(t),a=eu(a),o=eu(o),r=eu(r),c=eu(c),u=eu(u),l.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==l.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(e instanceof Mc&&"binary"===i)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof Mc&&n)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let l;if(l=n?await e.signDetached(t,r,void 0,a,s,o,c,u,h):await e.sign(t,r,void 0,a,s,o,c,u,h),"object"===i)return l;return l="armored"===i?l.armor(h):l.write(),n&&(l=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(l,t),U(e).catch((()=>{}))])}))),await tu(l)}catch(e){throw R.wrapError("Error signing message",e)}}async function qc({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(Jc(s={...M,...s}),Qc(e),t=eu(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof Mc&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof Mc&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&ru(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=f([o.data,x((async()=>{await R.anyPromise(o.signatures.map((e=>e.verified)))}))])}return o.data=await tu(o.data),o}catch(e){throw R.wrapError("Error verifying signed message",e)}}async function Vc({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(Jc(i={...M,...i}),e=eu(e),r=eu(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await Dc.generateSessionKey(e,t,r,i)}catch(e){throw R.wrapError("Error generating session key",e)}}async function Wc({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(Jc(h={...M,...h}),function(e){if(!R.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!R.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),Xc(a),i=eu(i),n=eu(n),o=eu(o),u=eu(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return iu(await Dc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw R.wrapError("Error encrypting session key",e)}}async function $c({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(Jc(n={...M,...n}),Zc(e),t=eu(t),r=eu(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw R.wrapError("Error decrypting session keys",e)}}function Zc(e){if(!(e instanceof Dc))throw Error("Parameter [message] needs to be of type Message")}function Qc(e){if(!(e instanceof Mc||e instanceof Dc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function Xc(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const Yc=Object.keys(M).length;function Jc(e){const t=Object.keys(e);if(t.length!==Yc)for(const e of t)if(void 0===M[e])throw Error("Unknown config property: "+e)}function eu(e){return e&&!R.isArray(e)&&(e=[e]),e}async function tu(e){return"array"===R.isStream(e)?U(e):e}function ru(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=B(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function iu(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{Bo as AEADEncryptedDataPacket,os as Argon2OutOfMemoryError,ls as Argon2S2K,Mc as CleartextMessage,vo as CompressedDataPacket,$a as KDFParams,co as LiteralDataPacket,zo as MarkerPacket,Dc as Message,mo as OnePassSignaturePacket,bo as PacketList,Vo as PaddingPacket,mc as PrivateKey,fc as PublicKey,Co as PublicKeyEncryptedSessionKeyPacket,Lo as PublicKeyPacket,No as PublicSubkeyPacket,Oo as SecretKeyPacket,Go as SecretSubkeyPacket,$o as Signature,po as SignaturePacket,lc as Subkey,Do as SymEncryptedIntegrityProtectedDataPacket,Mo as SymEncryptedSessionKeyPacket,Fo as SymmetricallyEncryptedDataPacket,qo as TrustPacket,Vi as UnparseablePacket,Ho as UserAttributePacket,jo as UserIDPacket,Y as armor,M as config,Rc as createCleartextMessage,Cc as createMessage,jc as decrypt,Hc as decryptKey,$c as decryptSessionKeys,_c as encrypt,Oc as encryptKey,Wc as encryptSessionKey,T as enums,Fc as generateKey,Vc as generateSessionKey,Lc as readCleartextMessage,vc as readKey,Kc as readKeys,Bc as readMessage,Ac as readPrivateKey,Ec as readPrivateKeys,Zo as readSignature,zc as reformatKey,Nc as revokeKey,Gc as sign,X as unarmor,qc as verify};
 //# sourceMappingURL=openpgp.min.mjs.map