npm - @protontech/openpgp - Versions diffs - 6.0.0-beta.3.patch.1 → 6.0.1 - Mend

@protontech/openpgp 6.0.0-beta.3.patch.1 → 6.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/README.md +34 -37
package/dist/lightweight/argon2id.min.mjs +1 -1
package/dist/lightweight/argon2id.min.mjs.map +1 -1
package/dist/lightweight/argon2id.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs.map +1 -1
package/dist/lightweight/legacy_ciphers.mjs +1 -1
package/dist/lightweight/noble_curves.min.mjs +11 -11
package/dist/lightweight/noble_curves.min.mjs.map +1 -1
package/dist/lightweight/noble_curves.mjs +260 -158
package/dist/lightweight/noble_hashes.min.mjs +2 -2
package/dist/lightweight/noble_hashes.min.mjs.map +1 -1
package/dist/lightweight/noble_hashes.mjs +3 -2
package/dist/lightweight/noble_post_quantum.min.mjs +5 -0
package/dist/lightweight/noble_post_quantum.min.mjs.map +1 -0
package/dist/lightweight/noble_post_quantum.mjs +1002 -0
package/dist/lightweight/openpgp.min.mjs +4 -4
package/dist/lightweight/openpgp.min.mjs.map +1 -1
package/dist/lightweight/openpgp.mjs +863 -1056
package/dist/lightweight/seek-bzip.min.mjs +3 -0
package/dist/lightweight/seek-bzip.min.mjs.map +1 -0
package/dist/lightweight/seek-bzip.mjs +866 -0
package/dist/lightweight/sha3.min.mjs +3 -3
package/dist/lightweight/sha3.min.mjs.map +1 -1
package/dist/lightweight/sha3.mjs +27 -456
package/dist/lightweight/sha512.min.mjs +3 -0
package/dist/lightweight/sha512.min.mjs.map +1 -0
package/dist/lightweight/sha512.mjs +436 -0
package/dist/node/openpgp.cjs +14499 -12719
package/dist/node/openpgp.min.cjs +16 -14
package/dist/node/openpgp.min.cjs.map +1 -1
package/dist/node/openpgp.min.mjs +16 -14
package/dist/node/openpgp.min.mjs.map +1 -1
package/dist/node/openpgp.mjs +11878 -10098
package/dist/openpgp.js +11909 -10129
package/dist/openpgp.min.js +16 -14
package/dist/openpgp.min.js.map +1 -1
package/dist/openpgp.min.mjs +16 -14
package/dist/openpgp.min.mjs.map +1 -1
package/dist/openpgp.mjs +11909 -10129
package/openpgp.d.ts +3 -9
package/package.json +27 -26

package/dist/lightweight/openpgp.min.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
-/*! OpenPGP.js v6.0.0-beta.3.patch.1 - 2024-09-11 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function f(e){if(c(e))return e;const t=new a;return(async()=>{const r=B(t);await r.write(e),await r.close()})(),t}function d(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=B(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=C(e=f(e)),o=B(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=B(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?d([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?d([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=f(e);const r=new a;return t(e,r),r}function A(e,t){let r;const i=v(e,((e,n)=>{const a=C(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function E(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function K(e){return s(e)?E(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=C(e),n=B(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(d(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?d([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=d(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=d){return s(e)?e.readToEnd(t):c(e)?C(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=B(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function C(e){return new p(e)}function B(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?d(t):void 0;const n=i.indexOf("\n")+1;n&&(e=d(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?d(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=d(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=d){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const I=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[I]||(e[I]=[],Object.entries(e).forEach((([t,r])=>{e[I][r]=t}))),void 0!==e[I][t])return e[I][t];throw Error("Invalid enum value.")}},R={preferredHashAlgorithm:T.hash.sha256,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.0-beta.3.patch.1",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const M=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),L={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!R.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=L.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return L.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return L.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=L.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return L.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+L.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!L.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:d,concatUint8Array:h,equalsUint8Array:function(e,t){if(!L.isUint8Array(e)||!L.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return L.writeNumber(t,2)},printDebug:function(e){M&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){M&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!L.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=L.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?L.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},F=L.getNodeBuffer();let _,O;function N(e){let t=new Uint8Array;return k(e,(e=>{t=L.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=_(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?_(t)+"\n":""))}function z(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=O(t.substr(0,n));return t=t.substr(n),a}),(()=>O(t)))}function H(e){return z(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=N(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function G(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function q(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}F?(_=e=>F.from(e).toString("base64"),O=e=>{const t=F.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(_=e=>btoa(L.uint8ArrayToString(e)),O=e=>L.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Z(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||L.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||L.printDebugError(Error("Unknown header: "+e[t]))}function X(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function Q(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=z(v(e,(async(e,y)=>{const p=C(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=L.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Z(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Z(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=G(e))}}catch(e){return void r(e)}const g=B(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=L.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=X(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=R){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&K(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(q(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return L.concat(h)}async function J(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function ee(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function te(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function re(e){return{keySize:te(e),blockSize:ee(e)}}var ie=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:re,getLegacyCipher:J});function ne(e,t){let r=e[0],i=e[1],n=e[2],a=e[3];r=se(r,i,n,a,t[0],7,-680876936),a=se(a,r,i,n,t[1],12,-389564586),n=se(n,a,r,i,t[2],17,606105819),i=se(i,n,a,r,t[3],22,-1044525330),r=se(r,i,n,a,t[4],7,-176418897),a=se(a,r,i,n,t[5],12,1200080426),n=se(n,a,r,i,t[6],17,-1473231341),i=se(i,n,a,r,t[7],22,-45705983),r=se(r,i,n,a,t[8],7,1770035416),a=se(a,r,i,n,t[9],12,-1958414417),n=se(n,a,r,i,t[10],17,-42063),i=se(i,n,a,r,t[11],22,-1990404162),r=se(r,i,n,a,t[12],7,1804603682),a=se(a,r,i,n,t[13],12,-40341101),n=se(n,a,r,i,t[14],17,-1502002290),i=se(i,n,a,r,t[15],22,1236535329),r=oe(r,i,n,a,t[1],5,-165796510),a=oe(a,r,i,n,t[6],9,-1069501632),n=oe(n,a,r,i,t[11],14,643717713),i=oe(i,n,a,r,t[0],20,-373897302),r=oe(r,i,n,a,t[5],5,-701558691),a=oe(a,r,i,n,t[10],9,38016083),n=oe(n,a,r,i,t[15],14,-660478335),i=oe(i,n,a,r,t[4],20,-405537848),r=oe(r,i,n,a,t[9],5,568446438),a=oe(a,r,i,n,t[14],9,-1019803690),n=oe(n,a,r,i,t[3],14,-187363961),i=oe(i,n,a,r,t[8],20,1163531501),r=oe(r,i,n,a,t[13],5,-1444681467),a=oe(a,r,i,n,t[2],9,-51403784),n=oe(n,a,r,i,t[7],14,1735328473),i=oe(i,n,a,r,t[12],20,-1926607734),r=ce(r,i,n,a,t[5],4,-378558),a=ce(a,r,i,n,t[8],11,-2022574463),n=ce(n,a,r,i,t[11],16,1839030562),i=ce(i,n,a,r,t[14],23,-35309556),r=ce(r,i,n,a,t[1],4,-1530992060),a=ce(a,r,i,n,t[4],11,1272893353),n=ce(n,a,r,i,t[7],16,-155497632),i=ce(i,n,a,r,t[10],23,-1094730640),r=ce(r,i,n,a,t[13],4,681279174),a=ce(a,r,i,n,t[0],11,-358537222),n=ce(n,a,r,i,t[3],16,-722521979),i=ce(i,n,a,r,t[6],23,76029189),r=ce(r,i,n,a,t[9],4,-640364487),a=ce(a,r,i,n,t[12],11,-421815835),n=ce(n,a,r,i,t[15],16,530742520),i=ce(i,n,a,r,t[2],23,-995338651),r=ue(r,i,n,a,t[0],6,-198630844),a=ue(a,r,i,n,t[7],10,1126891415),n=ue(n,a,r,i,t[14],15,-1416354905),i=ue(i,n,a,r,t[5],21,-57434055),r=ue(r,i,n,a,t[12],6,1700485571),a=ue(a,r,i,n,t[3],10,-1894986606),n=ue(n,a,r,i,t[10],15,-1051523),i=ue(i,n,a,r,t[1],21,-2054922799),r=ue(r,i,n,a,t[8],6,1873313359),a=ue(a,r,i,n,t[15],10,-30611744),n=ue(n,a,r,i,t[6],15,-1560198380),i=ue(i,n,a,r,t[13],21,1309151649),r=ue(r,i,n,a,t[4],6,-145523070),a=ue(a,r,i,n,t[11],10,-1120210379),n=ue(n,a,r,i,t[2],15,718787259),i=ue(i,n,a,r,t[9],21,-343485551),e[0]=pe(r,e[0]),e[1]=pe(i,e[1]),e[2]=pe(n,e[2]),e[3]=pe(a,e[3])}function ae(e,t,r,i,n,a){return t=pe(pe(t,e),pe(i,a)),pe(t<<n|t>>>32-n,r)}function se(e,t,r,i,n,a,s){return ae(t&r|~t&i,e,t,n,a,s)}function oe(e,t,r,i,n,a,s){return ae(t&i|r&~i,e,t,n,a,s)}function ce(e,t,r,i,n,a,s){return ae(t^r^i,e,t,n,a,s)}function ue(e,t,r,i,n,a,s){return ae(r^(t|~i),e,t,n,a,s)}function he(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const le="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=le[e>>8*r+4&15]+le[e>>8*r&15];return t}function pe(e,t){return e+t&4294967295}const ge=L.getWebCrypto(),fe=L.getNodeCrypto(),de=fe&&fe.getHashes();function me(e){if(fe&&de.includes(e))return async function(t){const r=fe.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function we(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),L.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ge&&t)return new Uint8Array(await ge.digest(t,e));return(await r())(e)}}var be={md5:me("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ne(r,he(e.substring(i-64,i)));e=e.substring(i-64);const n=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)n[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(n[i>>2]|=128<<(i%4<<3),i>55)for(ne(r,n),i=0;i<16;i++)n[i]=0;return n[14]=8*t,ne(r,n),r}(L.uint8ArrayToString(e));return L.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:me("sha1")||we("sha1","SHA-1"),sha224:me("sha224")||we("sha224"),sha256:me("sha256")||we("sha256","SHA-256"),sha384:me("sha384")||we("sha384","SHA-384"),sha512:me("sha512")||we("sha512","SHA-512"),ripemd:me("ripemd160")||we("ripemd160"),sha3_256:me("sha3-256")||we("sha3_256"),sha3_512:me("sha3-512")||we("sha3_512"),digest:function(e,t){switch(e){case T.hash.md5:return this.md5(t);case T.hash.sha1:return this.sha1(t);case T.hash.ripemd:return this.ripemd(t);case T.hash.sha256:return this.sha256(t);case T.hash.sha384:return this.sha384(t);case T.hash.sha512:return this.sha512(t);case T.hash.sha224:return this.sha224(t);case T.hash.sha3_256:return this.sha3_256(t);case T.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case T.hash.md5:case T.hash.sha1:case T.hash.ripemd:case T.hash.sha224:case T.hash.sha256:return 64;case T.hash.sha384:case T.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}};function ke(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function ve(e,...t){if(!ke(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Ae(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ee(e,t){ve(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
-/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const Ke=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),Se=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),Pe=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function Ue(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!ke(e))throw Error("Uint8Array expected, got "+typeof e);e=Ie(e)}return e}function De(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const xe=(e,t)=>(Object.assign(t,e),t);function Ce(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function Be(e){return e.byteOffset%4==0}function Ie(e){return Uint8Array.from(e)}function Te(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const Re=16,Me=/* @__PURE__ */new Uint8Array(16),Le=Se(Me),Fe=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class _e{constructor(e,t){this.blockLen=Re,this.outputLen=Re,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,ve(e=Ue(e),16);const r=Pe(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:Fe(i),s1:Fe(n),s2:Fe(a),s3:Fe(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,f=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}f.push({s0:r,s1:i,s2:n,s3:a})}this.t=f}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:f}=a[y*s+r];o^=i,c^=p,u^=g,h^=f,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=Ue(e),Ae(this);const t=Se(e),r=Math.floor(e.length/Re),i=e.length%Re;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(Me.set(e.subarray(r*Re)),this._updateBlock(Le[0],Le[1],Le[2],Le[3]),Te(Le)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Ae(this),Ee(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(Re);return this.digestInto(e),this.destroy(),e}}class Oe extends _e{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(Ie(e=Ue(e)));super(r,t),Te(r)}update(e){e=Ue(e),Ae(this);const t=Se(e),r=e.length%Re,i=Math.floor(e.length/Re);for(let e=0;e<i;e++)this._updateBlock(Fe(t[4*e+3]),Fe(t[4*e+2]),Fe(t[4*e+1]),Fe(t[4*e+0]));return r&&(Me.set(e.subarray(i*Re)),this._updateBlock(Fe(Le[3]),Fe(Le[2]),Fe(Le[1]),Fe(Le[0])),Te(Le)),this}digestInto(e){Ae(this),Ee(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function Ne(e){const t=(t,r)=>e(r,t.length).update(Ue(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const ze=Ne(((e,t)=>new _e(e,t)));Ne(((e,t)=>new Oe(e,t)));const He=16,je=new Uint8Array(He),Ge=283;function qe(e){return e<<1^Ge&-(e>>7)}function Ve(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=qe(e);return r}const We=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=qe(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return Te(e),t})(),$e=/* @__PURE__ */We.map(((e,t)=>We.indexOf(t))),Ze=e=>e<<24|e>>>8,Xe=e=>e<<8|e>>>24,Qe=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Ye(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Xe),n=i.map(Xe),a=n.map(Xe),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const Je=/* @__PURE__ */Ye(We,(e=>Ve(e,3)<<24|e<<16|e<<8|Ve(e,2))),et=/* @__PURE__ */Ye($e,(e=>Ve(e,11)<<24|Ve(e,13)<<16|Ve(e,9)<<8|Ve(e,14))),tt=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=qe(r))e[t]=r;return e})();function rt(e){ve(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=Je,i=[];Be(e)||i.push(e=Ie(e));const n=Se(e),a=n.length,s=e=>at(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Ze(t))^tt[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return Te(...i),o}function it(e){const t=rt(e),r=t.slice(),i=t.length,{sbox2:n}=Je,{T0:a,T1:s,T2:o,T3:c}=et;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];Te(t);for(let e=4;e<i-4;e++){const t=r[e],i=at(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function nt(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function at(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function st(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Je;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,r,i,n),u=e[c++]^nt(s,o,r,i,n,t),h=e[c++]^nt(s,o,i,n,t,r),l=e[c++]^nt(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,r,i,n),s1:e[c++]^at(a,r,i,n,t),s2:e[c++]^at(a,i,n,t,r),s3:e[c++]^at(a,n,t,r,i)}}function ot(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=et;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,n,i,r),u=e[c++]^nt(s,o,r,t,n,i),h=e[c++]^nt(s,o,i,r,t,n),l=e[c++]^nt(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,n,i,r),s1:e[c++]^at(a,r,t,n,i),s2:e[c++]^at(a,i,r,t,n),s3:e[c++]^at(a,n,i,r,t)}}function ct(e,t){if(void 0===t)return new Uint8Array(e);if(ve(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!Be(t))throw Error("unaligned dst");return t}function ut(e,t,r,i){ve(t,He),ve(r);const n=r.length;i=ct(n,i);const a=t,s=Se(a);let{s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]);const l=Se(r),y=Se(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]))}const p=He*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=Ke(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];Te(e)}return i}function ht(e,t,r,i,n){ve(r,He),ve(i),n=ct(i.length,n);const a=r,s=Se(a),o=Pe(a),c=Se(i),u=Se(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:f,s3:d}=st(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^f,u[r+3]=c[r+3]^d,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:f,s3:d}=st(e,s[0],s[1],s[2],s[3]));const m=He*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,f,d]),t=Ke(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];Te(e)}return n}const lt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(ve(r),void 0!==i&&(ve(i),!Be(i)))throw Error("unaligned destination");const n=rt(e),a=Ie(t),s=[n,a];Be(r)||s.push(r=Ie(r));const o=ut(n,a,r,i);return Te(...s),o}return ve(e),ve(t,He),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const yt=xe({blockSize:16,nonceLength:16},(function(e,t,r={}){ve(e),ve(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=rt(e),{b:s,o,out:c}=function(e,t,r){ve(e);let i=e.length;const n=i%He;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Be(e)||(e=Ie(e));const a=Se(e);if(t){let e=He-n;e||(e=He),i+=e}const s=ct(i,r);return{b:a,o:Se(s),out:s}}(r,i,n);let u=t;const h=[a];Be(u)||h.push(u=Ie(u));const l=Se(u);let y=l[0],p=l[1],g=l[2],f=l[3],d=0;for(;d+4<=s.length;)y^=s[d+0],p^=s[d+1],g^=s[d+2],f^=s[d+3],({s0:y,s1:p,s2:g,s3:f}=st(a,y,p,g,f)),o[d++]=y,o[d++]=p,o[d++]=g,o[d++]=f;if(i){const e=function(e){const t=new Uint8Array(16),r=Se(t);t.set(e);const i=He-e.length;for(let e=He-i;e<He;e++)t[e]=i;return r}(r.subarray(4*d));y^=e[0],p^=e[1],g^=e[2],f^=e[3],({s0:y,s1:p,s2:g,s3:f}=st(a,y,p,g,f)),o[d++]=y,o[d++]=p,o[d++]=g,o[d++]=f}return Te(...h),c},decrypt(r,n){!function(e){if(ve(e),e.length%He!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=it(e);let s=t;const o=[a];Be(s)||o.push(s=Ie(s));const c=Se(s),u=ct(r.length,n);Be(r)||o.push(r=Ie(r));const h=Se(r),l=Se(u);let y=c[0],p=c[1],g=c[2],f=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=f;y=h[e+0],p=h[e+1],g=h[e+2],f=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=ot(a,y,p,g,f);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return Te(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding byte: "+i);const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),pt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){ve(r);const a=r.length;n=ct(a,n);const s=rt(e);let o=t;const c=[s];Be(o)||c.push(o=Ie(o)),Be(r)||c.push(r=Ie(r));const u=Se(r),h=Se(n),l=i?h:u,y=Se(o);let p=y[0],g=y[1],f=y[2],d=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=st(s,p,g,f,d);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],f=l[e++],d=l[e++]}const m=He*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:f,s3:d}=st(s,p,g,f,d));const e=Ke(new Uint32Array([p,g,f,d]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];Te(e)}return Te(...c),n}return ve(e),ve(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const gt=xe({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(ve(e),ve(t),void 0!==r&&ve(r),0===t.length)throw Error("aes/gcm: empty nonce");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=Pe(o);n&&Ce(c,0,BigInt(8*a),t),Ce(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return Te(o),u}(ze,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=rt(e),i=je.slice(),n=je.slice();if(ht(r,!1,n,n,i),12===t.length)n.set(t);else{const e=je.slice();Ce(Pe(e),8,BigInt(8*t.length),!1);const r=ze.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:ht(r,!1,n,je)}}return{encrypt(e){ve(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];Be(e)||u.push(e=Ie(e)),ht(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),Te(...u),c},decrypt(e){if(ve(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];Be(e)||c.push(e=Ie(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!De(l,h))throw Error("aes/gcm: invalid ghash tag");const y=ht(t,!1,s,u);return Te(...c),y}}}));function ft(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function dt(e,t){if(ve(t,16),!ft(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=st(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function mt(e,t){if(ve(t,16),!ft(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=ot(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const wt={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=rt(e);if(16===t.length)dt(r,t);else{const e=Se(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=st(r,i,n,e[t],e[t+1]);i=s,n=o^Qe(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=it(e),i=t.length/8-1;if(1===i)mt(r,t);else{const e=Se(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Qe(s);const{s0:i,s1:o,s2:c,s3:u}=ot(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},bt=new Uint8Array(8).fill(166),kt=xe({blockSize:8},(e=>({encrypt(t){if(ve(t),!t.length||t.length%8!=0)throw Error("plaintext length must be non-empty and a multiple of 8 bytes");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];ve(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(bt,t);return wt.encrypt(e,r),r},decrypt(t){if(ve(t),t.length%8!=0||t.length<24)throw Error("ciphertext must be at least 24 bytes and a multiple of 8 bytes");const r=Ie(t);if(wt.decrypt(e,r),!De(r.subarray(0,8),bt))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),vt={expandKeyLE:rt,expandKeyDecLE:it,encrypt:st,decrypt:ot,encryptBlock:dt,decryptBlock:mt,ctrCounter:ut,ctr32:ht},At=L.getWebCrypto(),Et=L.getNodeCrypto(),Kt=Et?Et.getCiphers():[],St={idea:Kt.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Kt.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Kt.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Kt.includes("bf-cfb")?"bf-cfb":void 0,aes128:Kt.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Kt.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Kt.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Pt{constructor(e,t,r){const{blockSize:i}=re(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=re(e);return At.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await At.importKey("raw",this.key,r,!1,["encrypt"]);const i=await At.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=L.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return Dt(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Dt(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Dt(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(L.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Dt(t,e),this.clearSensitiveData(),t}}class Ut{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=re(t);this.key=vt.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=xt(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=xt(e),r=new Uint8Array(e.length),i=xt(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=vt.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function Dt(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const xt=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));var Ct=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const n=T.read(T.symmetric,e);if(Et&&St[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Et.createDecipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(L.isStream(r)){const n=new Ut(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).decrypt(r)}(e,t,r,i);const a=new(await J(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=L.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)},encrypt:async function(e,t,r,i,n){const a=T.read(T.symmetric,e);if(L.getNodeCrypto()&&St[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Et.createCipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(At&&await Pt.isSupported(e)){const n=new Pt(e,t,i);return L.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(L.isStream(r)){const n=new Ut(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).encrypt(r)}(e,t,r,i);const s=new(await J(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=L.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}});const Bt=L.getWebCrypto(),It=L.getNodeCrypto(),Tt=16;function Rt(e,t){const r=e.length-Tt;for(let i=0;i<Tt;i++)e[i+r]^=t[i];return e}const Mt=new Uint8Array(Tt);async function Lt(e){const t=await Ft(e),r=L.double(await t(Mt)),i=L.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Tt==0)return Rt(e,t);const i=new Uint8Array(e.length+(Tt-e.length%Tt));return i.set(e),i[e.length]=128,Rt(i,r)}(e,r,i))).subarray(-Tt)}}async function Ft(e){if(L.getNodeCrypto())return async function(t){const r=new It.createCipheriv("aes-"+8*e.length+"-cbc",e,Mt).update(t);return new Uint8Array(r)};if(L.getWebCrypto())try{return e=await Bt.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Bt.encrypt({name:"AES-CBC",iv:Mt,length:8*Tt},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Tt)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return yt(e,Mt,{disablePadding:!0}).encrypt(t)}}const _t=L.getWebCrypto(),Ot=L.getNodeCrypto(),Nt=L.getNodeBuffer(),zt=16,Ht=zt,jt=zt,Gt=new Uint8Array(zt),qt=new Uint8Array(zt);qt[zt-1]=1;const Vt=new Uint8Array(zt);async function Wt(e){const t=await Lt(e);return function(e,r){return t(L.concatUint8Array([e,r]))}}async function $t(e){if(L.getNodeCrypto())return async function(t,r){const i=new Ot.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Nt.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(L.getWebCrypto())try{const t=await _t.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await _t.encrypt({name:"AES-CTR",counter:r,length:8*zt},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return lt(e,r).encrypt(t)}}async function Zt(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Wt(t),$t(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(Gt,t),r(qt,n)]),o=await i(e,a),c=await r(Vt,o);for(let e=0;e<jt;e++)c[e]^=s[e]^a[e];return L.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<jt)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-jt),s=e.subarray(-jt),[o,c,u]=await Promise.all([r(Gt,t),r(qt,n),r(Vt,a)]),h=u;for(let e=0;e<jt;e++)h[e]^=c[e]^o[e];if(!L.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Vt[zt-1]=2,Zt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Zt.blockLength=zt,Zt.ivLength=Ht,Zt.tagLength=jt;const Xt=16,Qt=16;function Yt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Jt(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function er(e,t){return Jt(e.slice(),t)}const tr=new Uint8Array(Xt),rr=new Uint8Array([1]);async function ir(e,t){const{keySize:r}=re(e);if(!L.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=yt(t,tr,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/Xt|0;!function(e,t){const r=L.nbits(Math.max(e.length,t.length)/Xt|0)-1;for(let e=i+1;e<=r;e++)o[e]=L.double(o[e-1]);i=r}(t,n);const c=L.concatUint8Array([tr.subarray(0,15-r.length),rr,r]),u=63&c[15];c[15]&=192;const h=a(c),l=L.concatUint8Array([h,er(h.subarray(0,8),h.subarray(1,9))]),y=L.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(Xt),g=new Uint8Array(t.length+Qt);let f,d=0;for(f=0;f<s;f++)Jt(y,o[Yt(f+1)]),g.set(Jt(e(er(y,t)),y),d),Jt(p,e===a?t:g.subarray(d)),t=t.subarray(Xt),d+=Xt;if(t.length){Jt(y,o.x);const r=a(y);g.set(er(t,r),d);const i=new Uint8Array(Xt);i.set(e===a?t:g.subarray(d,-16),0),i[t.length]=128,Jt(p,i),d+=t.length}const m=Jt(a(Jt(Jt(p,y),o.$)),function(e){if(!e.length)return tr;const t=e.length/Xt|0,r=new Uint8Array(Xt),i=new Uint8Array(Xt);for(let n=0;n<t;n++)Jt(r,o[Yt(n+1)]),Jt(i,a(er(r,e))),e=e.subarray(Xt);if(e.length){Jt(r,o.x);const t=new Uint8Array(Xt);t.set(e,0),t[e.length]=128,Jt(t,r),Jt(i,a(t))}return i}(n));return g.set(m,d),g}return function(){const e=a(tr),t=L.double(e);o=[],o[0]=L.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<Qt)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const n=c(s,e,t,r);if(L.equalsUint8Array(i,n.subarray(-16)))return n.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ir.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ir.blockLength=Xt,ir.ivLength=15,ir.tagLength=Qt;const nr=L.getWebCrypto(),ar=L.getNodeCrypto(),sr=L.getNodeBuffer(),or=16,cr="AES-GCM";async function ur(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(L.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ar.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=sr.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ar.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-or,e.length));const a=sr.concat([n.update(e.slice(0,e.length-or)),n.final()]);return new Uint8Array(a)}};if(L.getWebCrypto())try{const e=await nr.importKey("raw",t,{name:cr},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return gt(t,n,a).encrypt(i);const s=await nr.encrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===or)return gt(t,n,a).decrypt(i);try{const t=await nr.decrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return gt(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return gt(t,r,i).decrypt(e)}}}ur.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},ur.blockLength=16,ur.ivLength=12,ur.tagLength=or;var hr={cfb:Ct,gcm:ur,experimentalGCM:ur,eax:Zt,ocb:ir};const lr=BigInt(0),yr=BigInt(1);function pr(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function gr(e,t){const r=e%t;return r<lr?r+t:r}function fr(e,t,r){if(r===lr)throw Error("Modulo cannot be zero");if(r===yr)return BigInt(0);if(t<lr)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>lr;){const e=i&yr;i>>=yr;a=e?a*n%r:a,n=n*n%r}return a}function dr(e){return e>=lr?e:-e}function mr(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=dr(e),o=dr(t);const c=e<lr,u=t<lr;for(;o!==lr;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==yr)throw Error("Inverse does not exist");return gr(i+t,t)}function wr(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function br(e,t){return(e>>BigInt(t)&yr)===lr?0:1}function kr(e){const t=e<lr?BigInt(-1):lr;let r=1,i=e;for(;(i>>=yr)!==t;)r++;return r}function vr(e){const t=e<lr?BigInt(-1):lr,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function Ar(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const Er=L.getNodeCrypto();function Kr(e){const t=new Uint8Array(e);if(Er){const e=Er.randomBytes(t.length);t.set(e)}else{if("undefined"==typeof crypto||!crypto.getRandomValues)throw Error("No secure random number generator available.");crypto.getRandomValues(t)}return t}function Sr(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return gr(pr(Kr(vr(r)+8)),r)+e}var Pr=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:Sr,getRandomBytes:Kr});const Ur=BigInt(1);function Dr(e,t,r){const i=BigInt(30),n=Ur<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=Sr(n,n<<Ur),o=wr(gr(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,kr(s)>e&&(s=gr(s,n<<Ur),s+=n,o=wr(gr(s,i)))}while(!xr(s,t,r));return s}function xr(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==lr;){const e=i;i=r%i,r=e}return r}(e-Ur,t)===Ur)&&(!!function(e){const t=BigInt(0);return Cr.every((r=>gr(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return fr(t,e-Ur,e)===Ur}(e)&&!!function(e,t){const r=kr(e);t||(t=Math.max(1,r/48|0));const i=e-Ur;let n=0;for(;!br(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=fr(Sr(BigInt(2),i),a,e);if(r!==Ur&&r!==i){for(t=1;t<n;t++){if(r=gr(r*r,e),r===Ur)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const Cr=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Br=[];function Ir(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Kr(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Tr(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return L.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function Rr(e,t,r){let i;if(t.length!==be.getHashByteLength(e))throw Error("Invalid hash length");const n=new Uint8Array(Br[e].length);for(i=0;i<Br[e].length;i++)n[i]=Br[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Br[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Br[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Br[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Br[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Br[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Br[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Br[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Mr=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Tr,emeEncode:Ir,emsaEncode:Rr});const Lr=L.getWebCrypto(),Fr=L.getNodeCrypto(),_r=BigInt(1);async function Or(e,t,r,i,n,a){const s=pr(i),o=pr(n),c=pr(r);let u=gr(c,o-_r),h=gr(c,s-_r);return h=Ar(h),u=Ar(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Nr(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function zr(e,t){return{n:H(e.n),e:Ar(t),d:H(e.d),p:H(e.q),q:H(e.p),u:H(e.qi)}}var Hr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){if(L.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await Or(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Fr.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){L.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),n=pr(n),a=pr(a),s=pr(s),e>=t)throw Error("Data too large.");const c=gr(i,a-_r),u=gr(i,n-_r),h=Sr(BigInt(2),t),l=fr(mr(h,t),r,t);e=gr(e*l,t);const y=fr(e,u,n),p=fr(e,c,a),g=gr(s*(p-y),a);let f=g*n+y;return f=gr(f*h,t),Tr(Ar(f,"be",vr(t)),o)}(e,t,r,i,n,a,s,o)},encrypt:async function(e,t,r){return L.getNodeCrypto()?async function(e,t,r){const i=Nr(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Fr.constants.RSA_PKCS1_PADDING};return new Uint8Array(Fr.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=pr(t),e=pr(Ir(e,vr(t))),r=pr(r),e>=t)throw Error("Message size cannot exceed modulus size");return Ar(fr(e,r,t),"be",vr(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),L.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Ar(t),hash:{name:"SHA-1"}},i=await Lr.generateKey(r,!0,["sign","verify"]);return zr(await Lr.exportKey("jwk",i.privateKey),t)}if(L.getNodeCrypto()){const r={modulusLength:e,publicExponent:wr(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Fr.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return zr(i,t)}let r,i,n;do{i=Dr(e-(e>>1),t,40),r=Dr(e>>1,t,40),n=r*i}while(kr(n)!==e);const a=(r-_r)*(i-_r);return i<r&&([r,i]=[i,r]),{n:Ar(n),e:Ar(t),d:Ar(mr(t,a)),p:Ar(r),q:Ar(i),u:Ar(mr(r,i))}},sign:async function(e,t,r,i,n,a,s,o,c){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await Or(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Lr.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Lr.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Fr.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await Or(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=pr(t);const n=pr(Rr(e,i,vr(t)));if(r=pr(r),n>=t)throw Error("Message size cannot exceed modulus size");return Ar(fr(n,r,t),"be",vr(t))}(e,r,n,c)},validateParams:async function(e,t,r,i,n,a){if(e=pr(e),(i=pr(i))*(n=pr(n))!==e)return!1;const s=BigInt(2);if(gr(i*(a=pr(a)),n)!==BigInt(1))return!1;t=pr(t),r=pr(r);const o=Sr(s,s<<BigInt(Math.floor(kr(e)/3))),c=o*r*t;return!(gr(c,i-_r)!==o||gr(c,n-_r)!==o)},verify:async function(e,t,r,i,n,a){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Nr(i,n),s=await Lr.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Lr.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n){const a=Nr(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Fr.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=pr(r),t=pr(t),i=pr(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=Ar(fr(t,i,r),"be",vr(r)),s=Rr(e,n,vr(r));return L.equalsUint8Array(a,s)}(e,r,i,n,a)}});const jr=BigInt(1);var Gr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){return e=pr(e),t=pr(t),r=pr(r),Tr(Ar(gr(mr(fr(e,i=pr(i),r),r)*t,r),"be",vr(r)),n)},encrypt:async function(e,t,r,i){t=pr(t),r=pr(r),i=pr(i);const n=pr(Ir(e,vr(t))),a=Sr(jr,t-jr);return{c1:Ar(fr(r,a,t)),c2:Ar(gr(fr(i,a,t)*n,t))}},validateParams:async function(e,t,r,i){if(e=pr(e),t=pr(t),r=pr(r),t<=jr||t>=e)return!1;const n=BigInt(kr(e));if(n<BigInt(1023))return!1;if(fr(t,e-jr,e)!==jr)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=gr(a*t,e),a===jr)return!1;s++}i=pr(i);const u=Sr(o<<n-jr,o<<n);return r===fr(t,(e-jr)*u+i,e)}});const qr="object"==typeof e&&"crypto"in e?e.crypto:void 0,Vr={};var Wr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},$r=function(){throw Error("no PRNG")},Zr=new Uint8Array(32);Zr[0]=9;var Xr=Wr(),Qr=Wr([1]),Yr=Wr([56129,1]),Jr=Wr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ei=Wr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),ti=Wr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ri=Wr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ii=Wr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ni(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ai(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function si(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function oi(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function ci(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function ui(e,t){var r,i,n,a=Wr(),s=Wr();for(r=0;r<16;r++)s[r]=t[r];for(oi(s),oi(s),oi(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,ci(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function hi(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ui(r,e),ui(i,t),ai(r,0,i,0)}function li(e){var t=new Uint8Array(32);return ui(t,e),1&t[0]}function yi(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function pi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function gi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function fi(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,f=0,d=0,m=0,w=0,b=0,k=0,v=0,A=0,E=0,K=0,S=0,P=0,U=0,D=0,x=0,C=0,B=0,I=0,T=0,R=0,M=0,L=r[0],F=r[1],_=r[2],O=r[3],N=r[4],z=r[5],H=r[6],j=r[7],G=r[8],q=r[9],V=r[10],W=r[11],$=r[12],Z=r[13],X=r[14],Q=r[15];a+=(i=t[0])*L,s+=i*F,o+=i*_,c+=i*O,u+=i*N,h+=i*z,l+=i*H,y+=i*j,p+=i*G,g+=i*q,f+=i*V,d+=i*W,m+=i*$,w+=i*Z,b+=i*X,k+=i*Q,s+=(i=t[1])*L,o+=i*F,c+=i*_,u+=i*O,h+=i*N,l+=i*z,y+=i*H,p+=i*j,g+=i*G,f+=i*q,d+=i*V,m+=i*W,w+=i*$,b+=i*Z,k+=i*X,v+=i*Q,o+=(i=t[2])*L,c+=i*F,u+=i*_,h+=i*O,l+=i*N,y+=i*z,p+=i*H,g+=i*j,f+=i*G,d+=i*q,m+=i*V,w+=i*W,b+=i*$,k+=i*Z,v+=i*X,A+=i*Q,c+=(i=t[3])*L,u+=i*F,h+=i*_,l+=i*O,y+=i*N,p+=i*z,g+=i*H,f+=i*j,d+=i*G,m+=i*q,w+=i*V,b+=i*W,k+=i*$,v+=i*Z,A+=i*X,E+=i*Q,u+=(i=t[4])*L,h+=i*F,l+=i*_,y+=i*O,p+=i*N,g+=i*z,f+=i*H,d+=i*j,m+=i*G,w+=i*q,b+=i*V,k+=i*W,v+=i*$,A+=i*Z,E+=i*X,K+=i*Q,h+=(i=t[5])*L,l+=i*F,y+=i*_,p+=i*O,g+=i*N,f+=i*z,d+=i*H,m+=i*j,w+=i*G,b+=i*q,k+=i*V,v+=i*W,A+=i*$,E+=i*Z,K+=i*X,S+=i*Q,l+=(i=t[6])*L,y+=i*F,p+=i*_,g+=i*O,f+=i*N,d+=i*z,m+=i*H,w+=i*j,b+=i*G,k+=i*q,v+=i*V,A+=i*W,E+=i*$,K+=i*Z,S+=i*X,P+=i*Q,y+=(i=t[7])*L,p+=i*F,g+=i*_,f+=i*O,d+=i*N,m+=i*z,w+=i*H,b+=i*j,k+=i*G,v+=i*q,A+=i*V,E+=i*W,K+=i*$,S+=i*Z,P+=i*X,U+=i*Q,p+=(i=t[8])*L,g+=i*F,f+=i*_,d+=i*O,m+=i*N,w+=i*z,b+=i*H,k+=i*j,v+=i*G,A+=i*q,E+=i*V,K+=i*W,S+=i*$,P+=i*Z,U+=i*X,D+=i*Q,g+=(i=t[9])*L,f+=i*F,d+=i*_,m+=i*O,w+=i*N,b+=i*z,k+=i*H,v+=i*j,A+=i*G,E+=i*q,K+=i*V,S+=i*W,P+=i*$,U+=i*Z,D+=i*X,x+=i*Q,f+=(i=t[10])*L,d+=i*F,m+=i*_,w+=i*O,b+=i*N,k+=i*z,v+=i*H,A+=i*j,E+=i*G,K+=i*q,S+=i*V,P+=i*W,U+=i*$,D+=i*Z,x+=i*X,C+=i*Q,d+=(i=t[11])*L,m+=i*F,w+=i*_,b+=i*O,k+=i*N,v+=i*z,A+=i*H,E+=i*j,K+=i*G,S+=i*q,P+=i*V,U+=i*W,D+=i*$,x+=i*Z,C+=i*X,B+=i*Q,m+=(i=t[12])*L,w+=i*F,b+=i*_,k+=i*O,v+=i*N,A+=i*z,E+=i*H,K+=i*j,S+=i*G,P+=i*q,U+=i*V,D+=i*W,x+=i*$,C+=i*Z,B+=i*X,I+=i*Q,w+=(i=t[13])*L,b+=i*F,k+=i*_,v+=i*O,A+=i*N,E+=i*z,K+=i*H,S+=i*j,P+=i*G,U+=i*q,D+=i*V,x+=i*W,C+=i*$,B+=i*Z,I+=i*X,T+=i*Q,b+=(i=t[14])*L,k+=i*F,v+=i*_,A+=i*O,E+=i*N,K+=i*z,S+=i*H,P+=i*j,U+=i*G,D+=i*q,x+=i*V,C+=i*W,B+=i*$,I+=i*Z,T+=i*X,R+=i*Q,k+=(i=t[15])*L,s+=38*(A+=i*_),o+=38*(E+=i*O),c+=38*(K+=i*N),u+=38*(S+=i*z),h+=38*(P+=i*H),l+=38*(U+=i*j),y+=38*(D+=i*G),p+=38*(x+=i*q),g+=38*(C+=i*V),f+=38*(B+=i*W),d+=38*(I+=i*$),m+=38*(T+=i*Z),w+=38*(R+=i*X),b+=38*(M+=i*Q),a=(i=(a+=38*(v+=i*F))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=f,e[11]=d,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function di(e,t){fi(e,t,t)}function mi(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)di(i,i),2!==r&&4!==r&&fi(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function wi(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Wr(),c=Wr(),u=Wr(),h=Wr(),l=Wr(),y=Wr();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,yi(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)ci(o,c,i=a[n>>>3]>>>(7&n)&1),ci(u,h,i),pi(l,o,u),gi(o,o,u),pi(u,c,h),gi(c,c,h),di(h,l),di(y,o),fi(o,u,o),fi(u,c,l),pi(l,o,u),gi(o,o,u),di(c,o),gi(u,h,y),fi(o,u,Yr),pi(o,o,h),fi(u,u,o),fi(o,h,y),fi(h,c,s),di(c,l),ci(o,c,i),ci(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return mi(p,p),fi(g,g,p),ui(e,g),0}function bi(e,t){return wi(e,t,Zr)}var ki=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function vi(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,f,d,m,w,b,k,v,A,E,K,S,P,U,D,x,C=new Int32Array(16),B=new Int32Array(16),I=e[0],T=e[1],R=e[2],M=e[3],L=e[4],F=e[5],_=e[6],O=e[7],N=t[0],z=t[1],H=t[2],j=t[3],G=t[4],q=t[5],V=t[6],W=t[7],$=0;i>=128;){for(A=0;A<16;A++)E=8*A+$,C[A]=r[E+0]<<24|r[E+1]<<16|r[E+2]<<8|r[E+3],B[A]=r[E+4]<<24|r[E+5]<<16|r[E+6]<<8|r[E+7];for(A=0;A<80;A++)if(n=I,a=T,s=R,o=M,c=L,u=F,h=_,O,y=N,p=z,g=H,f=j,d=G,m=q,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(K=O),x=K>>>16,P+=65535&(S=(G>>>14|L<<18)^(G>>>18|L<<14)^(L>>>9|G<<23)),U+=S>>>16,D+=65535&(K=(L>>>14|G<<18)^(L>>>18|G<<14)^(G>>>9|L<<23)),x+=K>>>16,P+=65535&(S=G&q^~G&V),U+=S>>>16,D+=65535&(K=L&F^~L&_),x+=K>>>16,K=ki[2*A],P+=65535&(S=ki[2*A+1]),U+=S>>>16,D+=65535&K,x+=K>>>16,K=C[A%16],U+=(S=B[A%16])>>>16,D+=65535&K,x+=K>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(K=k=65535&D|(x+=D>>>16)<<16),x=K>>>16,P+=65535&(S=(N>>>28|I<<4)^(I>>>2|N<<30)^(I>>>7|N<<25)),U+=S>>>16,D+=65535&(K=(I>>>28|N<<4)^(N>>>2|I<<30)^(N>>>7|I<<25)),x+=K>>>16,U+=(S=N&z^N&H^z&H)>>>16,D+=65535&(K=I&T^I&R^T&R),x+=K>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=f),U=S>>>16,D=65535&(K=o),x=K>>>16,U+=(S=v)>>>16,D+=65535&(K=k),x+=K>>>16,T=n,R=a,M=s,L=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,F=c,_=u,O=h,I=l,z=y,H=p,j=g,G=f=65535&P|U<<16,q=d,V=m,W=w,N=b,A%16==15)for(E=0;E<16;E++)K=C[E],P=65535&(S=B[E]),U=S>>>16,D=65535&K,x=K>>>16,K=C[(E+9)%16],P+=65535&(S=B[(E+9)%16]),U+=S>>>16,D+=65535&K,x+=K>>>16,k=C[(E+1)%16],P+=65535&(S=((v=B[(E+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(K=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=K>>>16,k=C[(E+14)%16],U+=(S=((v=B[(E+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(K=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,C[E]=65535&D|x<<16,B[E]=65535&P|U<<16;P=65535&(S=N),U=S>>>16,D=65535&(K=I),x=K>>>16,K=e[0],U+=(S=t[0])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=I=65535&D|x<<16,t[0]=N=65535&P|U<<16,P=65535&(S=z),U=S>>>16,D=65535&(K=T),x=K>>>16,K=e[1],U+=(S=t[1])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=z=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(K=R),x=K>>>16,K=e[2],U+=(S=t[2])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=R=65535&D|x<<16,t[2]=H=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(K=M),x=K>>>16,K=e[3],U+=(S=t[3])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=M=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(K=L),x=K>>>16,K=e[4],U+=(S=t[4])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=L=65535&D|x<<16,t[4]=G=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(K=F),x=K>>>16,K=e[5],U+=(S=t[5])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=F=65535&D|x<<16,t[5]=q=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(K=_),x=K>>>16,K=e[6],U+=(S=t[6])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=_=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(K=O),x=K>>>16,K=e[7],U+=(S=t[7])>>>16,D+=65535&K,x+=K>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=O=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Ai(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,vi(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ni(s,r-8,o/536870912|0,o<<3),vi(n,a,s,r),i=0;i<8;i++)ni(e,8*i,n[i],a[i]);return 0}function Ei(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr(),u=Wr(),h=Wr();gi(r,e[1],e[0]),gi(h,t[1],t[0]),fi(r,r,h),pi(i,e[0],e[1]),pi(h,t[0],t[1]),fi(i,i,h),fi(n,e[3],t[3]),fi(n,n,ei),fi(a,e[2],t[2]),pi(a,a,a),gi(s,i,r),gi(o,a,n),pi(c,a,n),pi(u,i,r),fi(e[0],s,o),fi(e[1],u,c),fi(e[2],c,o),fi(e[3],s,u)}function Ki(e,t,r){var i;for(i=0;i<4;i++)ci(e[i],t[i],r)}function Si(e,t){var r=Wr(),i=Wr(),n=Wr();mi(n,t[2]),fi(r,t[0],n),fi(i,t[1],n),ui(e,i),e[31]^=li(r)<<7}function Pi(e,t,r){var i,n;for(si(e[0],Xr),si(e[1],Qr),si(e[2],Qr),si(e[3],Xr),n=255;n>=0;--n)Ki(e,t,i=r[n/8|0]>>(7&n)&1),Ei(t,e),Ei(e,e),Ki(e,t,i)}function Ui(e,t){var r=[Wr(),Wr(),Wr(),Wr()];si(r[0],ti),si(r[1],ri),si(r[2],Qr),fi(r[3],ti,ri),Pi(e,r,t)}function Di(e,t,r){var i,n=new Uint8Array(64),a=[Wr(),Wr(),Wr(),Wr()];for(r||$r(t,32),Ai(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ui(a,n),Si(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var xi=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Ci(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*xi[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*xi[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*xi[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Bi(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Ci(e,r)}function Ii(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr();return si(e[2],Qr),yi(e[1],t),di(n,e[1]),fi(a,n,Jr),gi(n,n,e[2]),pi(a,e[2],a),di(s,a),di(o,s),fi(c,o,s),fi(r,c,n),fi(r,r,a),function(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)di(i,i),1!==r&&fi(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),fi(r,r,n),fi(r,r,a),fi(r,r,a),fi(e[0],r,a),di(i,e[0]),fi(i,i,a),hi(i,n)&&fi(e[0],e[0],ii),di(i,e[0]),fi(i,i,a),hi(i,n)?-1:(li(e[0])===t[31]>>7&&gi(e[0],Xr,e[0]),fi(e[3],e[0],e[1]),0)}var Ti=64;function Ri(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Vr.scalarMult=function(e,t){if(Ri(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return wi(r,e,t),r},Vr.box={},Vr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){$r(t,32),bi(e,t)}(e,t),{publicKey:e,secretKey:t}},Vr.box.keyPair.fromSecretKey=function(e){if(Ri(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return bi(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign=function(e,t){if(Ri(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ti+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Wr(),Wr(),Wr(),Wr()];Ai(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Ai(c,e.subarray(32),r+32),Bi(c),Ui(h,c),Si(e,h),n=32;n<64;n++)e[n]=i[n];for(Ai(o,e,r+64),Bi(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Ci(e.subarray(32),u)}(r,e,e.length,t),r},Vr.sign.detached=function(e,t){for(var r=Vr.sign(e,t),i=new Uint8Array(Ti),n=0;n<i.length;n++)i[n]=r[n];return i},Vr.sign.detached.verify=function(e,t,r){if(Ri(e,t,r),t.length!==Ti)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Ti+e.length),a=new Uint8Array(Ti+e.length);for(i=0;i<Ti;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Ti]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Wr(),Wr(),Wr(),Wr()],c=[Wr(),Wr(),Wr(),Wr()];if(r<64)return-1;if(Ii(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Ai(s,e,r),Bi(s),Pi(o,c,s),Ui(c,t.subarray(32)),Ei(o,c),Si(a,o),r-=64,ai(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Vr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Di(e,t),{publicKey:e,secretKey:t}},Vr.sign.keyPair.fromSecretKey=function(e){if(Ri(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign.keyPair.fromSeed=function(e){if(Ri(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Di(t,r,!0),{publicKey:t,secretKey:r}},Vr.setPRNG=function(e){$r=e},function(){if(qr&&qr.getRandomValues){Vr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)qr.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Mi={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class Li{constructor(e){if(e instanceof Li)this.oid=e.oid;else if(L.isArray(e)||L.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return L.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return L.uint8ArrayToHex(this.oid)}getName(){const e=Mi[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Fi(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=L.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function _i(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):L.concatUint8Array([new Uint8Array([255]),L.writeNumber(e,4)])}function Oi(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Ni(e){return new Uint8Array([192|e])}function zi(e,t){return L.concatUint8Array([Ni(e),_i(t)])}function Hi(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function ji(e,t){const r=C(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=Hi(h);let p,g=null;if(y){if("array"===L.isStream(e)){const e=new a;i=B(e),g=e}else{const e=new TransformStream;i=B(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const f=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=L.concatUint8Array(g),await t({tag:h,packet:g})),!f||!f.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class Gi extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnsupportedError"}}class qi extends Gi{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Gi),this.name="UnknownPacketError"}}class Vi{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
-/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Wi=BigInt(0),$i=BigInt(1),Zi=BigInt(2),Xi=BigInt(8),Qi=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Yi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Qi,n:Qi,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ji=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),en=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const tn=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),rn=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),nn=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),an=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class sn{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof pn))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(pn.ZERO)?sn.ZERO:new sn(e.x,e.y,$i,Sn(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Yi.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Wi?e:(r[n]=e,Sn(e*i,t))),$i),n=Pn(i,t);return e.reduceRight(((e,i,n)=>i===Wi?e:(r[n]=Sn(e*r[n],t),Sn(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){cn(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Sn(t*s),c=Sn(n*i),u=Sn(r*s),h=Sn(a*i);return o===c&&u===h}negate(){return new sn(Sn(-this.x),this.y,this.z,Sn(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Yi,n=Sn(e*e),a=Sn(t*t),s=Sn(Zi*Sn(r*r)),o=Sn(i*n),c=e+t,u=Sn(Sn(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Sn(u*l),g=Sn(h*y),f=Sn(u*y),d=Sn(l*h);return new sn(p,g,d,f)}add(e){cn(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Sn((r-t)*(s+a)),h=Sn((r+t)*(s-a)),l=Sn(h-u);if(l===Wi)return this.double();const y=Sn(i*Zi*c),p=Sn(n*Zi*o),g=p+y,f=h+u,d=p-y,m=Sn(g*l),w=Sn(f*d),b=Sn(g*d),k=Sn(l*f);return new sn(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(sn.BASE)&&(t=pn.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&yn.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=sn.normalizeZ(i),yn.set(t,i)));let n=sn.ZERO,a=sn.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=$i);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(on(p,i[l])):n=n.add(on(g,i[y]))}return sn.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(In(e,Yi.l),t)}multiplyUnsafe(e){let t=In(e,Yi.l,!1);const r=sn.BASE,i=sn.ZERO;if(t===Wi)return i;if(this.equals(i)||t===$i)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Wi;)t&$i&&(n=n.add(a)),a=a.double(),t>>=$i;return n}isSmallOrder(){return this.multiplyUnsafe(Yi.h).equals(sn.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Yi.l/Zi).double();return Yi.l%Zi&&(e=e.add(this)),e.equals(sn.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(sn.ZERO);null==e&&(e=n?Xi:Pn(i));const a=Sn(t*e),s=Sn(r*e),o=Sn(i*e);if(n)return pn.ZERO;if(o!==$i)throw Error("invZ was invalid");return new pn(a,s)}fromRistrettoBytes(){hn()}toRistrettoBytes(){hn()}fromRistrettoHash(){hn()}}function on(e,t){const r=t.negate();return e?r:t}function cn(e){if(!(e instanceof sn))throw new TypeError("ExtendedPoint expected")}function un(e){if(!(e instanceof ln))throw new TypeError("RistrettoPoint expected")}function hn(){throw Error("Legacy method: switch to RistrettoPoint")}sn.BASE=new sn(Yi.Gx,Yi.Gy,$i,Sn(Yi.Gx*Yi.Gy)),sn.ZERO=new sn(Wi,$i,$i,Wi);class ln{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Yi,r=Sn(en*e*e),i=Sn((r+$i)*nn);let n=BigInt(-1);const a=Sn((n-t*r)*Sn(r+t));let{isValid:s,value:o}=Dn(i,a),c=Sn(o*e);vn(c)||(c=Sn(-c)),s||(o=c),s||(n=r);const u=Sn(n*(r-$i)*an-a),h=o*o,l=Sn((o+o)*a),y=Sn(u*tn),p=Sn($i-h),g=Sn($i+h);return new sn(Sn(l*g),Sn(p*y),Sn(y*g),Sn(l*p))}static hashToCurve(e){const t=Kn((e=Bn(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=Kn(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new ln(r.add(n))}static fromHex(e){e=Bn(e,32);const{a:t,d:r}=Yi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=Kn(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(kn(n),e)||vn(n))throw Error(i);const a=Sn(n*n),s=Sn($i+t*a),o=Sn($i-t*a),c=Sn(s*s),u=Sn(o*o),h=Sn(t*r*c-u),{isValid:l,value:y}=xn(Sn(h*u)),p=Sn(y*o),g=Sn(y*p*h);let f=Sn((n+n)*p);vn(f)&&(f=Sn(-f));const d=Sn(s*g),m=Sn(f*d);if(!l||vn(m)||d===Wi)throw Error(i);return new ln(new sn(f,d,$i,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Sn(Sn(r+t)*Sn(r-t)),a=Sn(e*t),s=Sn(a*a),{value:o}=xn(Sn(n*s)),c=Sn(o*n),u=Sn(o*a),h=Sn(c*u*i);let l;if(vn(i*h)){let r=Sn(t*en),i=Sn(e*en);e=r,t=i,l=Sn(c*rn)}else l=u;vn(e*h)&&(t=Sn(-t));let y=Sn((r-t)*l);return vn(y)&&(y=Sn(-y)),kn(y)}toHex(){return mn(this.toRawBytes())}toString(){return this.toHex()}equals(e){un(e);const t=this.ep,r=e.ep,i=Sn(t.x*r.y)===Sn(t.y*r.x),n=Sn(t.y*r.y)===Sn(t.x*r.x);return i||n}add(e){return un(e),new ln(this.ep.add(e.ep))}subtract(e){return un(e),new ln(this.ep.subtract(e.ep))}multiply(e){return new ln(this.ep.multiply(e))}multiplyUnsafe(e){return new ln(this.ep.multiplyUnsafe(e))}}ln.BASE=new ln(sn.BASE),ln.ZERO=new ln(sn.ZERO);const yn=new WeakMap;class pn{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,yn.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Yi,n=(e=Bn(e,32)).slice();n[31]=-129&e[31];const a=An(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=Ji)throw Error("Expected 0 < hex < 2**256");const s=Sn(a*a),o=Sn(s-$i),c=Sn(r*s+$i);let{isValid:u,value:h}=Dn(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&$i)===$i;return!!(128&e[31])!==l&&(h=Sn(-h)),new pn(h,a)}static async fromPrivateKey(e){return(await Rn(e)).point}toRawBytes(){const e=kn(this.y);return e[31]|=this.x&$i?128:0,e}toHex(){return mn(this.toRawBytes())}toX25519(){const{y:e}=this;return kn(Sn(($i+e)*Pn($i-e)))}isTorsionFree(){return sn.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new pn(Sn(-this.x),this.y)}add(e){return sn.fromAffine(this).add(sn.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return sn.fromAffine(this).multiply(e,this).toAffine()}}pn.BASE=new pn(Yi.Gx,Yi.Gy),pn.ZERO=new pn(Wi,$i);let gn=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Bn(t,64),i=pn.fromHex(r.slice(0,32),!1),n=An(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof pn))throw Error("Expected Point instance");return In(t,Yi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(kn(this.s),32),e}toHex(){return mn(this.toRawBytes())}};function fn(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const dn=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function mn(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=dn[e[r]];return t}function wn(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function bn(e){return wn(e.toString(16).padStart(64,"0"))}function kn(e){return bn(e).reverse()}function vn(e){return(Sn(e)&$i)===$i}function An(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+mn(Uint8Array.from(e).reverse()))}const En=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function Kn(e){return Sn(An(e)&En)}function Sn(e,t=Yi.P){const r=e%t;return r>=Wi?r:t+r}function Pn(e,t=Yi.P){if(e===Wi||t<=Wi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Sn(e,t),i=t,n=Wi,a=$i;for(;r!==Wi;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==$i)throw Error("invert: does not exist");return Sn(n,t)}function Un(e,t){const{P:r}=Yi;let i=e;for(;t-- >Wi;)i*=i,i%=r;return i}function Dn(e,t){const r=Sn(t*t*t),i=function(e){const{P:t}=Yi,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Un(o,Zi)*o%t,u=Un(c,$i)*e%t,h=Un(u,r)*u%t,l=Un(h,i)*h%t,y=Un(l,n)*l%t,p=Un(y,a)*y%t,g=Un(p,s)*p%t,f=Un(g,s)*p%t,d=Un(f,i)*h%t;return{pow_p_5_8:Un(d,Zi)*e%t,b2:o}}(e*Sn(r*r*t)).pow_p_5_8;let n=Sn(e*r*i);const a=Sn(t*n*n),s=n,o=Sn(n*en),c=a===e,u=a===Sn(-e),h=a===Sn(-e*en);return c&&(n=s),(u||h)&&(n=o),vn(n)&&(n=Sn(-n)),{isValid:c||u,value:n}}function xn(e){return Dn($i,e)}function Cn(e){return Sn(An(e),Yi.l)}function Bn(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):wn(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function In(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Wi<e)return e}else if(Wi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Tn;async function Rn(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=Cn(t),n=pn.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await Fn.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?bn(In(e,Ji)):Bn(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Mn(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Bn(t),r instanceof pn||(r=pn.fromHex(r,!1));const{r:i,s:n}=e instanceof gn?e.assertValidity():gn.fromHex(e);return{r:i,s:n,SB:sn.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await Fn.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=Cn(i),a=sn.fromAffine(e).multiplyUnsafe(n);return sn.fromAffine(t).add(a).subtract(r).multiplyUnsafe(Yi.h).equals(sn.ZERO)}(s,i,n,o)}pn.BASE._setWindowSize(8);const Ln={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},Fn={bytesToHex:mn,hexToBytes:wn,concatBytes:fn,getExtendedPublicKey:Rn,mod:Sn,invert:Pn,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Bn(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Sn(An(e),Yi.l-$i)+$i},randomBytes:(e=32)=>{if(Ln.web)return Ln.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>Fn.randomBytes(32),sha512:async(...e)=>{const t=fn(...e);if(Ln.web){const e=await Ln.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=pn.BASE){const r=t.equals(pn.BASE)?t:new pn(t.x,t.y);return r._setWindowSize(e),r.multiply(Zi),r},sha512Sync:void 0};async function _n(e){switch(e){case T.publicKey.ed25519:try{const e=L.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(H(i.x)),seed:H(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name)throw t;const r=Kr(zn(e)),{publicKey:i}=Vr.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await L.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function On(e,t,r,i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(Hn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),r=Gn(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name)throw e;const t=L.concatUint8Array([n,i]);return{RS:Vr.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await L.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function Nn(e,t,{RS:r},i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(Hn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),i=jn(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name)throw e;return Mn(r,a,n)}case T.publicKey.ed448:return(await L.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}function zn(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function Hn(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(Fn,{sha512Sync:{configurable:!1,get:()=>Tn,set(e){Tn||(Tn=e)}}});const jn=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},Gn=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=jn(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var qn=/*#__PURE__*/Object.freeze({__proto__:null,generate:_n,getPayloadSize:zn,getPreferredHashAlgo:Hn,sign:On,validateParams:async function(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Vr.sign.keyPair.fromSeed(r);return L.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await L.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}},verify:Nn});const Vn=L.getWebCrypto();async function Wn(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await Vn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await Vn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return kt(t).encrypt(r)}async function $n(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await Vn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return L.printDebugError("Browser did not support operation: "+e.message),kt(t).decrypt(r)}try{const e=await Vn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Vn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}var Zn=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:$n,wrap:Wn});const Xn=L.getWebCrypto();async function Qn(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await Xn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Xn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const Yn={x25519:L.encodeUTF8("OpenPGP X25519"),x448:L.encodeUTF8("OpenPGP X448")};async function Jn(e){switch(e){case T.publicKey.x25519:{const e=Kr(32),{publicKey:t}=Vr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}function ea(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function ta(e,t){switch(e){case T.publicKey.x25519:{const r=Kr(ea(e)),i=Vr.scalarMult(r,t),{publicKey:n}=Vr.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function ra(e,t,r,i){switch(e){case T.publicKey.x25519:return Vr.scalarMult(i,t);case T.publicKey.x448:return(await L.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);default:throw Error("Unsupported ECDH algorithm")}}var ia=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){const a=await ra(e,t,i,n),s=L.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=re(e);return $n(e,await Qn(T.hash.sha256,s,new Uint8Array,Yn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=re(T.symmetric.aes256);return $n(e,await Qn(T.hash.sha512,s,new Uint8Array,Yn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await ta(e,r),a=L.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=re(e),n=await Qn(T.hash.sha256,a,new Uint8Array,Yn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=re(T.symmetric.aes256),n=await Qn(T.hash.sha512,a,new Uint8Array,Yn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await Wn(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:Jn,generateEphemeralEncryptionMaterial:ta,getPayloadSize:ea,recomputeSharedSecret:ra,validateParams:async function(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Vr.box.keyPair.fromSecretKey(r);return L.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}});const na=L.getWebCrypto(),aa=L.getNodeCrypto(),sa={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},oa=aa?aa.getCurves():[],ca=aa?{[T.curve.secp256k1]:oa.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:oa.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:oa.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:oa.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:oa.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:oa.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:oa.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:oa.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:oa.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},ua={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.nistP256],web:sa[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ca[T.curve.nistP384],web:sa[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ca[T.curve.nistP521],web:sa[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:ca[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:ca[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:ca[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class ha{constructor(e){try{this.name=e instanceof Li?e.getName():T.write(T.curve,e)}catch(e){throw new Gi("Unknown curve")}const t=ua[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&L.getWebCrypto()?this.type="web":this.node&&L.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await na.generateKey({name:"ECDSA",namedCurve:sa[e]},!0,["sign","verify"]),i=await na.exportKey("jwk",r.privateKey),n=await na.exportKey("jwk",r.publicKey);return{publicKey:ga(n,t),privateKey:H(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return L.printDebugError("Browser did not support generating ec key "+e.message),pa(this.name)}case"node":return async function(e){const t=aa.createECDH(ca[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await Jn(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await _n(T.publicKey.ed25519);return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return pa(this.name)}}}async function la(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Vr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!L.equalsUint8Array(t,r)}const s=(await L.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!L.equalsUint8Array(s,r)}function ya(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function pa(e){const t=await L.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function ga(e,t){const r=H(e.x),i=H(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function fa(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function da(e,t,r,i){const n=fa(e,t,r);return n.d=j(i),n}const ma=L.getWebCrypto(),wa=L.getNodeCrypto();async function ba(e,t,r,i,n,a){const s=new ha(e);if(ya(s,i),r&&!L.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=da(e.payloadSize,sa[e.name],i.publicKey,i.privateKey),s=await ma.importKey("jwk",a,{name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await ma.sign({name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=L.nodeRequire("eckey-utils"),a=L.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:ca[e.name],privateKey:a.from(i)}),o=wa.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await L.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:Ar(o.r,"be",s.payloadSize),s:Ar(o.s,"be",s.payloadSize)}}async function ka(e,t,r,i,n,a){const s=new ha(e);ya(s,n);const o=async()=>0===a[0]&&va(s,r,a.subarray(1),n);if(i&&!L.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=fa(e.payloadSize,sa[e.name],a),o=await ma.importKey("jwk",s,{name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=L.concatUint8Array([r,i]).buffer;return ma.verify({name:"ECDSA",namedCurve:sa[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=L.nodeRequire("eckey-utils"),o=L.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:ca[e.name],publicKey:o.from(a)}),u=wa.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=L.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await va(s,r,a,n)||o()}async function va(e,t,r,i){return(await L.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(L.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Aa=/*#__PURE__*/Object.freeze({__proto__:null,sign:ba,validateParams:async function(e,t,r){const i=new ha(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Kr(8),n=T.hash.sha256,a=await be.digest(n,i);try{const s=await ba(e,n,i,t,r,a);return await ka(e,n,s,i,t,a)}catch(e){return!1}}default:return la(T.publicKey.ecdsa,e,t,r)}},verify:ka});var Ea=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){if(ya(new ha(e),i),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await On(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Vr.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return L.equalsUint8Array(t,n)},verify:async function(e,t,{r,s:i},n,a,s){if(ya(new ha(e),a),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=L.concatUint8Array([r,i]);return Nn(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}});function Ka(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Sa(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(L.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var Pa=/*#__PURE__*/Object.freeze({__proto__:null,decode:Sa,encode:Ka});const Ua=L.getWebCrypto(),Da=L.getNodeCrypto();function xa(e,t,r,i){return L.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),L.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ca(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await be.digest(e,L.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function Ba(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await ta(T.publicKey.x25519,t.subarray(1));return{publicKey:L.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t){const r=fa(e.payloadSize,e.web,t);let i=Ua.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Ua.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Ua.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Ua.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(ga(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return L.printDebugError(r),Ra(e,t)}break;case"node":return async function(e,t){const r=Da.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),n=new Uint8Array(r.getPublicKey());return{publicKey:n,sharedKey:i}}(e,t);default:return Ra(e,t)}}async function Ia(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await ra(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t,r,i){const n=da(e.payloadSize,e.web,r,i);let a=Ua.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=fa(e.payloadSize,e.web,t);let o=Ua.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Ua.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Ua.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:H(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return L.printDebugError(r),Ta(e,t,i)}break;case"node":return async function(e,t,r){const i=Da.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return Ta(e,t,i)}}async function Ta(e,t,r){return{secretKey:r,sharedKey:(await L.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Ra(e,t){const r=await L.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var Ma=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s){const o=new ha(e);ya(o,n),ya(o,r);const{sharedKey:c}=await Ia(o,r,n,a),u=xa(T.publicKey.ecdh,e,t,s),{keySize:h}=re(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Ca(t.hash,c,h,u,1===e,2===e);return Sa(await $n(t.cipher,r,i))}catch(e){l=e}throw l},encrypt:async function(e,t,r,i,n){const a=Ka(r),s=new ha(e);ya(s,i);const{publicKey:o,sharedKey:c}=await Ba(s,i),u=xa(T.publicKey.ecdh,e,t,n),{keySize:h}=re(t.cipher),l=await Ca(t.hash,c,h,u);return{publicKey:o,wrappedKey:await Wn(t.cipher,l,a)}},validateParams:async function(e,t,r){return la(T.publicKey.ecdh,e,t,r)}}),La=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:ha,ecdh:Ma,ecdhX:ia,ecdsa:Aa,eddsa:qn,eddsaLegacy:Ea,generate:async function(e){const t=new ha(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:L.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}},getPreferredHashAlgo:function(e){return ua[e.getName()].hash}});const Fa=BigInt(0),_a=BigInt(1);var Oa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=pr(i),n=pr(n),r=pr(r),a=pr(a),r=gr(r,i),a=gr(a,n);const l=gr(pr(t.subarray(0,vr(n))),n);for(;;){if(o=Sr(_a,n),c=gr(fr(r,o,i),n),c===s)continue;const e=gr(a*c,n);if(h=gr(l+e,n),u=gr(mr(o,n)*h,n),u!==s)break}return{r:Ar(c,"be",vr(i)),s:Ar(u,"be",vr(i))}},validateParams:async function(e,t,r,i,n){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),r<=_a||r>=e)return!1;if(gr(e-_a,t)!==Fa)return!1;if(fr(r,t,e)!==_a)return!1;const a=BigInt(kr(t));if(a<BigInt(150)||!xr(t,null,32))return!1;n=pr(n);const s=BigInt(2);return i===fr(r,t*Sr(s<<a-_a,s<<a)+n,e)},verify:async function(e,t,r,i,n,a,s,o){if(t=pr(t),r=pr(r),a=pr(a),s=pr(s),n=pr(n),o=pr(o),t<=Fa||t>=s||r<=Fa||r>=s)return L.printDebug("invalid DSA Signature"),!1;const c=gr(pr(i.subarray(0,vr(s))),s),u=mr(r,s);if(u===Fa)return L.printDebug("invalid DSA Signature"),!1;n=gr(n,a),o=gr(o,a);const h=gr(c*u,s),l=gr(t*u,s);return gr(gr(fr(n,h,a)*fr(o,l,a),a),s)===t}});const Na=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),za=L.getWebCrypto(),Ha=L.getNodeCrypto();var ja={rsa:Hr,elgamal:Gr,elliptic:La,dsa:Oa,hmac:/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=za||Ha.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)},sign:async function(e,t,r){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=za||Ha.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!Na.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=za||Ha.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}})};class Ga{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!L.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return L.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var qa=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{let e=L.readMPI(t.subarray(r));r+=e.length+2,e=L.leftPad(e,32);let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,32),{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*ja.elliptic.eddsa.getPayloadSize(e),n=L.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new Ga;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}default:throw new Gi("Unknown signature algorithm.")}},sign:async function(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await ja.rsa.sign(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:n,q:s}=r,{x:o}=i;return ja.dsa.sign(t,a,e,n,s,o)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return ja.elliptic.ecdsa.sign(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return ja.elliptic.eddsaLegacy.sign(e,t,n,s,o,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return ja.elliptic.eddsa.sign(e,t,n,s,o,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await ja.hmac.sign(e.getValue(),t,a);return{mac:new Ga(n)}}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i,o=L.leftPad(r.s,e.length);return ja.rsa.verify(t,a,o,e,n,s)}case T.publicKey.dsa:{const{g:e,p:n,q:a,y:o}=i,{r:c,s:u}=r;return ja.dsa.verify(t,c,u,s,e,n,a,o)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return ja.elliptic.ecdsa.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i;return ja.elliptic.eddsaLegacy.verify(e,t,r,a,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return ja.elliptic.eddsa.verify(e,t,r,a,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return ja.hmac.verify(e.getValue(),t,r.mac.data,s)}default:throw Error("Unknown signature algorithm.")}}});class Va{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return L.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class Wa{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new Gi("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return L.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const $a=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},Za=$a(T.aead),Xa=$a(T.symmetric),Qa=$a(T.hash);class Ya{static fromObject({wrappedKey:e,algorithm:t}){const r=new Ya;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=L.readExactSubarray(e,t,t+r),t+=r}write(){return L.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function Ja(e,t){const r=Kr(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await be.sha256(r)}}}function es(e){const{keySize:t}=re(e);return Kr(t)}function ts(e){const t=T.read(T.aead,e);return hr[t]}function rs(e){try{e.getName()}catch(e){throw new Gi("Unknown curve OID")}}function is(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new ja.elliptic.CurveWithOID(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.getPayloadSize(e);case T.publicKey.x25519:case T.publicKey.x448:return ja.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var ns=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return ja.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.eddsaLegacy:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.ecdh:return ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t,kdfParams:new Wa({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return ja.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return Ja(await ja.hmac.generate(i),new Qa(i));case T.publicKey.aead:return Ja(es(i),new Xa(i));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:es,getAEADMode:ts,getCipherParams:re,getCurvePayloadSize:is,getPreferredCurveHashAlgo:function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return ja.elliptic.getPreferredHashAlgo(t);case T.publicKey.ed25519:case T.publicKey.ed448:return ja.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=re(e),r=await Kr(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return L.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:L.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:L.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=new Va;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=is(e),n=L.readExactSubarray(t,r,r+i);r+=n.length;const a=new Ya;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new Za;r+=e.read(t.subarray(r));const{ivLength:i}=ts(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new Ga;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:function(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(i));i+=e.length+2;const r=L.readMPI(t.subarray(i));i+=r.length+2;const n=L.readMPI(t.subarray(i));i+=n.length+2;const a=L.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=is(e,r.oid);let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=is(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=is(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=is(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=be.getHashByteLength(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=re(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}default:throw new Gi("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));r+=n.length+2;const a=L.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new Li;r+=e.read(t),rs(e);const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new Li;if(r+=e.read(t),rs(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new Li;r+=e.read(t),rs(e);const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=new Wa;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=L.readExactSubarray(t,r,r+is(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new Xa;r+=e.read(t);const i=be.getHashByteLength(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}default:throw new Gi("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return ja.rsa.decrypt(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i,s=t.p,o=r.x;return ja.elgamal.decrypt(e,n,s,o,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return ja.elliptic.ecdh.decrypt(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!L.isAES(o.algorithm))throw Error("AES session key expected");return ja.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=ts(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await ja.rsa.encrypt(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return ja.elgamal.encrypt(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await ja.elliptic.ecdh.encrypt(e,i,n,t,a);return{V:s,C:new Va(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!L.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await ja.elliptic.ecdhX.encrypt(e,n,i);return{ephemeralPublicKey:a,C:Ya.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=R.preferredAEADAlgorithm,o=ts(R.preferredAEADAlgorithm),{ivLength:c}=o,u=Kr(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new Za(s),iv:u,c:new Ga(l)}}default:return[]}},serializeParams:function(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac]),i=Object.keys(t).map((i=>{const n=t[i];return L.isUint8Array(n)?r.has(e)?n:L.uint8ArrayToMPI(n):n.write()}));return L.concatUint8Array(i)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return ja.rsa.validateParams(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return ja.dsa.validateParams(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return ja.elgamal.validateParams(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=ja.elliptic[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return ja.elliptic.eddsaLegacy.validateParams(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return ja.elliptic.eddsa.validateParams(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return ja.elliptic.ecdhX.validateParams(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return be.getHashByteLength(e.getValue())===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=re(e.getValue());return s===a.length&&L.equalsUint8Array(i,await be.sha256(n))}default:throw Error("Unknown public key algorithm.")}}});const as={cipher:ie,hash:be,mode:hr,publicKey:ja,signature:qa,random:Pr,pkcs1:Mr,pkcs5:Pa,aesKW:Zn};Object.assign(as,ns);class ss extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ss),this.name="Argon2OutOfMemoryError"}}let os,cs,us=2<<19;class hs{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return us}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){us=e}static reloadWasmModule(){os&&(cs=os(),cs.catch((()=>{})))}constructor(e=R){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=as.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return L.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{os=os||(await import("./argon2id.min.mjs")).default,cs=cs||os();const i=await cs,n=i({version:19,type:2,password:L.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>hs.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&hs.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new ss("Could not allocate required memory for Argon2"):e}}}class ls{constructor(e,t=R){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=as.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==L.uint8ArrayToString(e.subarray(t,t+3)))throw new Gi("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new Gi("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new Gi("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...L.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return L.concatUint8Array(e)}async produceKey(e,t){e=L.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=L.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=L.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=L.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await as.hash.digest(this.algorithm,t);r.push(a),i+=a.length,n++}return L.concatUint8Array(r).subarray(0,t)}}const ys=new Set([T.s2k.argon2,T.s2k.iterated]);function ps(e,t=R){switch(e){case T.s2k.argon2:return new hs(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new ls(e,t);default:throw new Gi("Unsupported S2K type")}}function gs(e){const{s2kType:t}=e;if(!ys.has(t))throw Error("The provided `config.s2kType` value is not allowed");return ps(t,e)}var fs=Uint8Array,ds=Uint16Array,ms=Uint32Array,ws=new fs([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),bs=new fs([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),ks=new fs([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),vs=function(e,t){for(var r=new ds(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new ms(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},As=vs(ws,2),Es=As[0],Ks=As[1];Es[28]=258,Ks[258]=28;for(var Ss=vs(bs,0),Ps=Ss[0],Us=Ss[1],Ds=new ds(32768),xs=0;xs<32768;++xs){var Cs=(43690&xs)>>>1|(21845&xs)<<1;Cs=(61680&(Cs=(52428&Cs)>>>2|(13107&Cs)<<2))>>>4|(3855&Cs)<<4,Ds[xs]=((65280&Cs)>>>8|(255&Cs)<<8)>>>1}var Bs=function(e,t,r){for(var i=e.length,n=0,a=new ds(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new ds(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new ds(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[Ds[l]>>>c]=u}else for(s=new ds(i),n=0;n<i;++n)e[n]&&(s[n]=Ds[o[e[n]-1]++]>>>15-e[n]);return s},Is=new fs(288);for(xs=0;xs<144;++xs)Is[xs]=8;for(xs=144;xs<256;++xs)Is[xs]=9;for(xs=256;xs<280;++xs)Is[xs]=7;for(xs=280;xs<288;++xs)Is[xs]=8;var Ts=new fs(32);for(xs=0;xs<32;++xs)Ts[xs]=5;var Rs=/*#__PURE__*/Bs(Is,9,0),Ms=/*#__PURE__*/Bs(Is,9,1),Ls=/*#__PURE__*/Bs(Ts,5,0),Fs=/*#__PURE__*/Bs(Ts,5,1),_s=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Os=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Ns=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},zs=function(e){return(e+7)/8|0},Hs=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?ds:4==e.BYTES_PER_ELEMENT?ms:fs)(r-t);return i.set(e.subarray(t,r)),i},js=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],Gs=function(e,t,r){var i=Error(t||js[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,Gs),!r)throw i;return i},qs=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},Vs=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},Ws=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[eo,0];if(1==n){var s=new fs(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new ds(y+1),g=$s(r[h-1],p,0);if(g>t){i=0;var f=0,d=g-t,m=1<<d;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;f+=m-(1<<g-p[w]),p[w]=t}for(f>>>=d;f>0;){var b=a[i].s;p[b]<t?f-=1<<t-p[b]++-1:++i}for(;i>=0&&f;--i){var k=a[i].s;p[k]==t&&(--p[k],++f)}g=t}return[new fs(p),g]},$s=function(e,t,r){return-1==e.s?Math.max($s(e.l,t,r+1),$s(e.r,t,r+1)):t[e.s]=r},Zs=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new ds(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},Xs=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Qs=function(e,t,r){var i=r.length,n=zs(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},Ys=function(e,t,r,i,n,a,s,o,c,u,h){qs(t,h++,r),++n[256];for(var l=Ws(n,15),y=l[0],p=l[1],g=Ws(a,15),f=g[0],d=g[1],m=Zs(y),w=m[0],b=m[1],k=Zs(f),v=k[0],A=k[1],E=new ds(19),K=0;K<w.length;++K)E[31&w[K]]++;for(K=0;K<v.length;++K)E[31&v[K]]++;for(var S=Ws(E,7),P=S[0],U=S[1],D=19;D>4&&!P[ks[D-1]];--D);var x,C,B,I,T=u+5<<3,R=Xs(n,Is)+Xs(a,Ts)+s,M=Xs(n,y)+Xs(a,f)+s+14+3*D+Xs(E,P)+(2*E[16]+3*E[17]+7*E[18]);if(T<=R&&T<=M)return Qs(t,h,e.subarray(c,c+u));if(qs(t,h,1+(M<R)),h+=2,M<R){x=Bs(y,p,0),C=y,B=Bs(f,d,0),I=f;var L=Bs(P,U,0);qs(t,h,b-257),qs(t,h+5,A-1),qs(t,h+10,D-4),h+=14;for(K=0;K<D;++K)qs(t,h+3*K,P[ks[K]]);h+=3*D;for(var F=[w,v],_=0;_<2;++_){var O=F[_];for(K=0;K<O.length;++K){var N=31&O[K];qs(t,h,L[N]),h+=P[N],N>15&&(qs(t,h,O[K]>>>5&127),h+=O[K]>>>12)}}}else x=Rs,C=Is,B=Ls,I=Ts;for(K=0;K<o;++K)if(i[K]>255){N=i[K]>>>18&31;Vs(t,h,x[N+257]),h+=C[N+257],N>7&&(qs(t,h,i[K]>>>23&31),h+=ws[N]);var z=31&i[K];Vs(t,h,B[z]),h+=I[z],z>3&&(Vs(t,h,i[K]>>>5&8191),h+=bs[z])}else Vs(t,h,x[i[K]]),h+=C[i[K]];return Vs(t,h,x[256]),h+C[256]},Js=/*#__PURE__*/new ms([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),eo=/*#__PURE__*/new fs(0),to=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new fs(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=Qs(c,u+1,e.subarray(h,l))}else{for(var y=Js[t-1],p=y>>>13,g=8191&y,f=(1<<r)-1,d=new ds(32768),m=new ds(f+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&f},v=new ms(25e3),A=new ds(288),E=new ds(32),K=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),C=32767&h,B=m[x];if(d[C]=B,m[x]=C,U<=h){var I=s-h;if((K>7e3||P>24576)&&I>423){u=Ys(e,c,0,v,A,E,S,P,D,h-D,u),P=K=S=0,D=h;for(var T=0;T<286;++T)A[T]=0;for(T=0;T<30;++T)E[T]=0}var R=2,M=0,L=g,F=C-B&32767;if(I>2&&x==k(h-F))for(var _=Math.min(p,I)-1,O=Math.min(32767,h),N=Math.min(258,I);F<=O&&--L&&C!=B;){if(e[h+R]==e[h+R-F]){for(var z=0;z<N&&e[h+z]==e[h+z-F];++z);if(z>R){if(R=z,M=F,z>_)break;var H=Math.min(F,z-2),j=0;for(T=0;T<H;++T){var G=h-F+T+32768&32767,q=G-d[G]+32768&32767;q>j&&(j=q,B=G)}}}F+=(C=B)-(B=d[C])+32768&32767}if(M){v[P++]=268435456|Ks[R]<<18|Us[M];var V=31&Ks[R],W=31&Us[M];S+=ws[V]+bs[W],++A[257+V],++E[W],U=h+R,++K}else v[P++]=e[h],++A[e[h]]}}u=Ys(e,c,a,v,A,E,S,P,D,h-D,u),!a&&7&u&&(u=Qs(c,u+1,eo))}return Hs(o,0,i+zs(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},ro=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(to(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||Gs(5),this.d&&Gs(4),this.d=t,this.p(e,t||!1)},e}(),io=/*#__PURE__*/function(){function e(e){this.s={},this.p=new fs(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||Gs(5),this.d&&Gs(4);var t=this.p.length,r=new fs(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new fs(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new fs(3*i));var s=function(e){var r=t.length;if(e>r){var i=new fs(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=Os(e,c,1);var f=Os(e,c+1,3);if(c+=3,!f){var d=e[(U=zs(c)+4)-4]|e[U-3]<<8,m=U+d;if(m>i){a&&Gs(0);break}n&&s(u+d),t.set(e.subarray(U,m),u),r.b=u+=d,r.p=c=8*m,r.f=o;continue}if(1==f)h=Ms,l=Fs,y=9,p=5;else if(2==f){var w=Os(e,c,31)+257,b=Os(e,c+10,15)+4,k=w+Os(e,c+5,31)+1;c+=14;for(var v=new fs(k),A=new fs(19),E=0;E<b;++E)A[ks[E]]=Os(e,c+3*E,7);c+=3*b;var K=_s(A),S=(1<<K)-1,P=Bs(A,K,1);for(E=0;E<k;){var U,D=P[Os(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[E++]=U;else{var x=0,C=0;for(16==U?(C=3+Os(e,c,3),c+=2,x=v[E-1]):17==U?(C=3+Os(e,c,7),c+=3):18==U&&(C=11+Os(e,c,127),c+=7);C--;)v[E++]=x}}var B=v.subarray(0,w),I=v.subarray(w);y=_s(B),p=_s(I),h=Bs(B,y,1),l=Bs(I,p,1)}else Gs(1);if(c>g){a&&Gs(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,R=(1<<p)-1,M=c;;M=c){var L=(x=h[Ns(e,c)&T])>>>4;if((c+=15&x)>g){a&&Gs(0);break}if(x||Gs(2),L<256)t[u++]=L;else{if(256==L){M=c,h=null;break}var F=L-254;if(L>264){var _=ws[E=L-257];F=Os(e,c,(1<<_)-1)+Es[E],c+=_}var O=l[Ns(e,c)&R],N=O>>>4;if(O||Gs(3),c+=15&O,I=Ps[N],N>3&&(_=bs[N],I+=Ns(e,c)&(1<<_)-1,c+=_),c>g){a&&Gs(0);break}n&&s(u+131072);for(var z=u+F;u<z;u+=4)t[u]=t[u-I],t[u+1]=t[u+1-I],t[u+2]=t[u+2-I],t[u+3]=t[u+3-I];u=z}}r.l=h,r.p=M,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:Hs(t,0,u)}(this.p,this.o,this.s);this.ondata(Hs(r,t,this.s.b),this.d),this.o=Hs(r,this.s.b-32768),this.s.b=this.o.length,this.p=Hs(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),no=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,ro.call(this,e,t)}return e.prototype.push=function(e,t){ro.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=to(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),ao=/*#__PURE__*/function(){function e(e){this.v=1,io.call(this,e)}return e.prototype.push=function(e,t){if(io.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&Gs(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),io.prototype.c.call(this,t)},e}(),so="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{so.decode(eo,{stream:!0}),1}catch(e){}var oo=[0,1,3,7,15,31,63,127,255],co=function(e){this.stream=e,this.bitOffset=0,this.curByte=0,this.hasByte=!1};co.prototype._ensureByte=function(){this.hasByte||(this.curByte=this.stream.readByte(),this.hasByte=!0)},co.prototype.read=function(e){for(var t=0;e>0;){this._ensureByte();var r=8-this.bitOffset;if(e>=r)t<<=r,t|=oo[r]&this.curByte,this.hasByte=!1,this.bitOffset=0,e-=r;else{t<<=e;var i=r-e;t|=(this.curByte&oo[e]<<i)>>i,this.bitOffset+=e,e=0}}return t},co.prototype.seek=function(e){var t=e%8,r=(e-t)/8;this.bitOffset=t,this.stream.seek(r),this.hasByte=!1},co.prototype.pi=function(){var e,t=new Uint8Array(6);for(e=0;e<t.length;e++)t[e]=this.read(8);return function(e){return Array.prototype.map.call(e,(e=>("00"+e.toString(16)).slice(-2))).join("")}(t)};var uo=co,ho=function(){};ho.prototype.readByte=function(){throw Error("abstract method readByte() not implemented")},ho.prototype.read=function(e,t,r){for(var i=0;i<r;){var n=this.readByte();if(n<0)return 0===i?-1:i;e[t++]=n,i++}return i},ho.prototype.seek=function(e){throw Error("abstract method seek() not implemented")},ho.prototype.writeByte=function(e){throw Error("abstract method readByte() not implemented")},ho.prototype.write=function(e,t,r){var i;for(i=0;i<r;i++)this.writeByte(e[t++]);return r},ho.prototype.flush=function(){};var lo,yo=ho,po=(lo=new Uint32Array([0,79764919,159529838,222504665,319059676,398814059,445009330,507990021,638119352,583659535,797628118,726387553,890018660,835552979,1015980042,944750013,1276238704,1221641927,1167319070,1095957929,1595256236,1540665371,1452775106,1381403509,1780037320,1859660671,1671105958,1733955601,2031960084,2111593891,1889500026,1952343757,2552477408,2632100695,2443283854,2506133561,2334638140,2414271883,2191915858,2254759653,3190512472,3135915759,3081330742,3009969537,2905550212,2850959411,2762807018,2691435357,3560074640,3505614887,3719321342,3648080713,3342211916,3287746299,3467911202,3396681109,4063920168,4143685023,4223187782,4286162673,3779000052,3858754371,3904687514,3967668269,881225847,809987520,1023691545,969234094,662832811,591600412,771767749,717299826,311336399,374308984,453813921,533576470,25881363,88864420,134795389,214552010,2023205639,2086057648,1897238633,1976864222,1804852699,1867694188,1645340341,1724971778,1587496639,1516133128,1461550545,1406951526,1302016099,1230646740,1142491917,1087903418,2896545431,2825181984,2770861561,2716262478,3215044683,3143675388,3055782693,3001194130,2326604591,2389456536,2200899649,2280525302,2578013683,2640855108,2418763421,2498394922,3769900519,3832873040,3912640137,3992402750,4088425275,4151408268,4197601365,4277358050,3334271071,3263032808,3476998961,3422541446,3585640067,3514407732,3694837229,3640369242,1762451694,1842216281,1619975040,1682949687,2047383090,2127137669,1938468188,2001449195,1325665622,1271206113,1183200824,1111960463,1543535498,1489069629,1434599652,1363369299,622672798,568075817,748617968,677256519,907627842,853037301,1067152940,995781531,51762726,131386257,177728840,240578815,269590778,349224269,429104020,491947555,4046411278,4126034873,4172115296,4234965207,3794477266,3874110821,3953728444,4016571915,3609705398,3555108353,3735388376,3664026991,3290680682,3236090077,3449943556,3378572211,3174993278,3120533705,3032266256,2961025959,2923101090,2868635157,2813903052,2742672763,2604032198,2683796849,2461293480,2524268063,2284983834,2364738477,2175806836,2238787779,1569362073,1498123566,1409854455,1355396672,1317987909,1246755826,1192025387,1137557660,2072149281,2135122070,1912620623,1992383480,1753615357,1816598090,1627664531,1707420964,295390185,358241886,404320391,483945776,43990325,106832002,186451547,266083308,932423249,861060070,1041341759,986742920,613929101,542559546,756411363,701822548,3316196985,3244833742,3425377559,3370778784,3601682597,3530312978,3744426955,3689838204,3819031489,3881883254,3928223919,4007849240,4037393693,4100235434,4180117107,4259748804,2310601993,2373574846,2151335527,2231098320,2596047829,2659030626,2470359227,2550115596,2947551409,2876312838,2788305887,2733848168,3165939309,3094707162,3040238851,2985771188]),function(){var e=4294967295;this.getCRC=function(){return~e>>>0},this.updateCRC=function(t){e=e<<8^lo[255&(e>>>24^t)]},this.updateCRCRun=function(t,r){for(;r-- >0;)e=e<<8^lo[255&(e>>>24^t)]}}),go=uo,fo=yo,mo=po,wo=function(e,t){var r,i=e[t];for(r=t;r>0;r--)e[r]=e[r-1];return e[0]=i,i},bo={OK:0,LAST_BLOCK:-1,NOT_BZIP_DATA:-2,UNEXPECTED_INPUT_EOF:-3,UNEXPECTED_OUTPUT_EOF:-4,DATA_ERROR:-5,OUT_OF_MEMORY:-6,OBSOLETE_INPUT:-7,END_OF_BLOCK:-8},ko={};ko[bo.LAST_BLOCK]="Bad file checksum",ko[bo.NOT_BZIP_DATA]="Not bzip data",ko[bo.UNEXPECTED_INPUT_EOF]="Unexpected input EOF",ko[bo.UNEXPECTED_OUTPUT_EOF]="Unexpected output EOF",ko[bo.DATA_ERROR]="Data error",ko[bo.OUT_OF_MEMORY]="Out of memory",ko[bo.OBSOLETE_INPUT]="Obsolete (pre 0.9.5) bzip format not supported.";var vo=function(e,t){var r=ko[e]||"unknown error";t&&(r+=": "+t);var i=new TypeError(r);throw i.errorCode=e,i},Ao=function(e,t){this.writePos=this.writeCurrent=this.writeCount=0,this._start_bunzip(e,t)};Ao.prototype._init_block=function(){return this._get_next_block()?(this.blockCRC=new mo,!0):(this.writeCount=-1,!1)},Ao.prototype._start_bunzip=function(e,t){var r=new Uint8Array(4);4===e.read(r,0,4)&&"BZh"===String.fromCharCode(r[0],r[1],r[2])||vo(bo.NOT_BZIP_DATA,"bad magic");var i=r[3]-48;(i<1||i>9)&&vo(bo.NOT_BZIP_DATA,"level out of range"),this.reader=new go(e),this.dbufSize=1e5*i,this.nextoutput=0,this.outputStream=t,this.streamCRC=0},Ao.prototype._get_next_block=function(){var e,t,r,i=this.reader,n=i.pi();if("177245385090"===n)return!1;"314159265359"!==n&&vo(bo.NOT_BZIP_DATA),this.targetBlockCRC=i.read(32)>>>0,this.streamCRC=(this.targetBlockCRC^(this.streamCRC<<1|this.streamCRC>>>31))>>>0,i.read(1)&&vo(bo.OBSOLETE_INPUT);var a=i.read(24);a>this.dbufSize&&vo(bo.DATA_ERROR,"initial position out of bounds");var s=i.read(16),o=new Uint8Array(256),c=0;for(e=0;e<16;e++)if(s&1<<15-e){var u=16*e;for(r=i.read(16),t=0;t<16;t++)r&1<<15-t&&(o[c++]=u+t)}var h=i.read(3);(h<2||h>6)&&vo(bo.DATA_ERROR);var l=i.read(15);0===l&&vo(bo.DATA_ERROR);var y=new Uint8Array(256);for(e=0;e<h;e++)y[e]=e;var p=new Uint8Array(l);for(e=0;e<l;e++){for(t=0;i.read(1);t++)t>=h&&vo(bo.DATA_ERROR);p[e]=wo(y,t)}var g,f=c+2,d=[];for(t=0;t<h;t++){var m,w,b=new Uint8Array(f),k=new Uint16Array(21);for(s=i.read(5),e=0;e<f;e++){for(;(s<1||s>20)&&vo(bo.DATA_ERROR),i.read(1);)i.read(1)?s--:s++;b[e]=s}for(m=w=b[0],e=1;e<f;e++)b[e]>w?w=b[e]:b[e]<m&&(m=b[e]);g={},d.push(g),g.permute=new Uint16Array(258),g.limit=new Uint32Array(22),g.base=new Uint32Array(21),g.minLen=m,g.maxLen=w;var v=0;for(e=m;e<=w;e++)for(k[e]=g.limit[e]=0,s=0;s<f;s++)b[s]===e&&(g.permute[v++]=s);for(e=0;e<f;e++)k[b[e]]++;for(v=s=0,e=m;e<w;e++)v+=k[e],g.limit[e]=v-1,v<<=1,s+=k[e],g.base[e+1]=v-s;g.limit[w+1]=Number.MAX_VALUE,g.limit[w]=v+k[w]-1,g.base[m]=0}var A=new Uint32Array(256);for(e=0;e<256;e++)y[e]=e;var E,K=0,S=0,P=0,U=this.dbuf=new Uint32Array(this.dbufSize);for(f=0;;){for(f--||(f=49,P>=l&&vo(bo.DATA_ERROR),g=d[p[P++]]),e=g.minLen,t=i.read(e);e>g.maxLen&&vo(bo.DATA_ERROR),!(t<=g.limit[e]);e++)t=t<<1|i.read(1);((t-=g.base[e])<0||t>=258)&&vo(bo.DATA_ERROR);var D=g.permute[t];if(0!==D&&1!==D){if(K)for(K=0,S+s>this.dbufSize&&vo(bo.DATA_ERROR),A[E=o[y[0]]]+=s;s--;)U[S++]=E;if(D>c)break;S>=this.dbufSize&&vo(bo.DATA_ERROR),A[E=o[E=wo(y,e=D-1)]]++,U[S++]=E}else K||(K=1,s=0),s+=0===D?K:2*K,K<<=1}for((a<0||a>=S)&&vo(bo.DATA_ERROR),t=0,e=0;e<256;e++)r=t+A[e],A[e]=t,t=r;for(e=0;e<S;e++)U[A[E=255&U[e]]]|=e<<8,A[E]++;var x=0,C=0,B=0;return S&&(C=255&(x=U[a]),x>>=8,B=-1),this.writePos=x,this.writeCurrent=C,this.writeCount=S,this.writeRun=B,!0},Ao.prototype._read_bunzip=function(e,t){var r,i,n;if(this.writeCount<0)return 0;var a=this.dbuf,s=this.writePos,o=this.writeCurrent,c=this.writeCount;this.outputsize;for(var u=this.writeRun;c;){for(c--,i=o,o=255&(s=a[s]),s>>=8,3==u++?(r=o,n=i,o=-1):(r=1,n=o),this.blockCRC.updateCRCRun(n,r);r--;)this.outputStream.writeByte(n),this.nextoutput++;o!=i&&(u=0)}return this.writeCount=c,this.blockCRC.getCRC()!==this.targetBlockCRC&&vo(bo.DATA_ERROR,"Bad block CRC (got "+this.blockCRC.getCRC().toString(16)+" expected "+this.targetBlockCRC.toString(16)+")"),this.nextoutput};var Eo=function(e){if("readByte"in e)return e;var t=new fo;return t.pos=0,t.readByte=function(){return e[this.pos++]},t.seek=function(e){this.pos=e},t.eof=function(){return this.pos>=e.length},t},Ko=function(e){var t=new fo,r=!0;if(e)if("number"==typeof e)t.buffer=new Uint8Array(e),r=!1;else{if("writeByte"in e)return e;t.buffer=e,r=!1}else t.buffer=new Uint8Array(16384);return t.pos=0,t.writeByte=function(e){if(r&&this.pos>=this.buffer.length){var t=new Uint8Array(2*this.buffer.length);t.set(this.buffer),this.buffer=t}this.buffer[this.pos++]=e},t.getBuffer=function(){if(this.pos!==this.buffer.length){if(!r)throw new TypeError("outputsize does not match decoded input");var e=new Uint8Array(this.pos);e.set(this.buffer.subarray(0,this.pos)),this.buffer=e}return this.buffer},t._coerced=!0,t};var So=function(e,t,r){for(var i=Eo(e),n=Ko(t),a=new Ao(i,n);!("eof"in i)||!i.eof();)if(a._init_block())a._read_bunzip();else{var s=a.reader.read(32)>>>0;if(s!==a.streamCRC&&vo(bo.DATA_ERROR,"Bad stream CRC (got "+a.streamCRC.toString(16)+" expected "+s.toString(16)+")"),!r||!("eof"in i)||i.eof())break;a._start_bunzip(i,n)}if("getBuffer"in n)return n.getBuffer()};class Po{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=L.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||L.isStream(this.text))&&(this.text=L.decodeUTF8(L.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=L.canonicalizeEOL(L.encodeUTF8(this.text))),e?K(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await A(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=L.decodeUTF8(await e.readBytes(r)),this.date=L.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=L.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=L.writeDate(this.date);return L.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return L.concat([e,t])}}class Uo{constructor(){this.bytes=""}read(e){return this.bytes=L.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return L.stringToUint8Array(this.bytes)}toHex(){return L.uint8ArrayToHex(L.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new Uo;return t.read(L.hexToUint8Array(e)),t}static wildcard(){const e=new Uo;return e.read(new Uint8Array(8)),e}}const Do=Symbol("verified"),xo="salt@notations.openpgpjs.org",Co=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class Bo{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new Uo,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[Do]=null}read(e,t=R){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=as.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>as.serializeParams(this.publicKeyAlgorithm,await this.params))):as.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),L.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=L.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=To(this.hashAlgorithm);if(null===this.salt)this.salt=as.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===xo)).length)throw Error("Unexpected existing salt notation");{const e=as.random.getRandomBytes(To(this.hashAlgorithm));this.rawNotations.push({name:xo,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=L.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(E(o),0,2);const c=async()=>as.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));L.isStream(o)?this.params=c():(this.params=await c(),this[Do]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Io(e.signatureCreationTime,!0,L.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Io(e.signatureExpirationTime,!0,L.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Io(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Io(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Io(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Io(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Io(e.keyExpirationTime,!0,L.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Io(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=L.concat([r,this.revocationKeyFingerprint]),t.push(Io(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Io(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=L.encodeUTF8(i);r.push(L.writeNumber(o.length,2)),r.push(L.writeNumber(n.length,2)),r.push(o),r.push(n),r=L.concat(r),t.push(Io(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Io(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Io(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyServerPreferences)),t.push(Io(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Io(e.preferredKeyServer,!1,L.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Io(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Io(e.policyURI,!1,L.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyFlags)),t.push(Io(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Io(e.signersUserID,!1,L.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=L.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Io(e.reasonForRevocation,!0,r))),null!==this.features&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.features)),t.push(Io(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(L.stringToUint8Array(this.signatureTargetHash)),r=L.concat(r),t.push(Io(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Io(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=L.concat(r),t.push(Io(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Io(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Io(e.preferredCipherSuites,!1,r)));const i=L.concat(t),n=L.writeNumber(i.length,6===this.version?4:2);return L.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Io(e,t,r))),t=L.concat(e),r=L.writeNumber(t.length,6===this.version?4:2);return L.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),Co.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=L.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=L.readNumber(e.subarray(r,r+2));r+=2;const a=L.readNumber(e.subarray(r,r+2));r+=2;const s=L.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=L.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=as.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=L.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Bo,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=L.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Fi(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?L.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return L.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return L.concat([this.toSign(r.key,t),new Uint8Array([i]),L.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return L.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(E(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(L.writeNumber(r,4)),L.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return L.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==To(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),as.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=R){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[Do]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[Do]=await as.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[Do])throw Error("Signature verification failed")}const o=L.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=L.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Io(e,t,r){const i=[];return i.push(_i(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),L.concat(i)}function To(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Ro{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Ro;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new Uo,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new Uo,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),L.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>Bo.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!L.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!L.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Mo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new qi("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Ro.prototype.hash=Bo.prototype.hash,Ro.prototype.toHash=Bo.prototype.toHash,Ro.prototype.toSign=Bo.prototype.toSign;class Lo extends Array{static async fromBinary(e,t,r=R){const i=new Lo;return await i.read(e,t,r),i}async read(e,t,r=R){r.additionalAllowedPackets.length&&(t={...t,...L.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=B(i);try{for(;;){await n.ready;if(await ji(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=Mo(e.tag,t);i.packets=new Lo,i.fromStream=L.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof qi){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof Gi,a=!(r.ignoreMalformedPackets||t instanceof Gi);if(i||a||Hi(e.tag))await n.abort(t);else{const t=new Vi(e.tag,e.packet);await n.write(t)}L.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=C(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Hi(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Vi?this[t].tag:this[t].constructor.tag,i=this[t].write();if(L.isStream(i)&&Hi(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Ni(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=L.concat([Oi(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>L.concat([_i(n)].concat(t)))))}else{if(L.isStream(i)){let t=0;e.push(k(E(i),(e=>{t+=e.length}),(()=>zi(r,t))))}else e.push(zi(r,i.length));e.push(i)}}return L.concat(e)}filterByTag(...e){const t=new Lo,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const Fo=/*#__PURE__*/L.constructAllowedPackets([Po,Ro,Bo]);class _o{static get tag(){return T.packet.compressedData}constructor(e=R){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=R){await A(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),L.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=R){const t=T.read(T.compression,this.algorithm),r=jo[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Lo.fromBinary(r(this.compressed),Fo,e)}compress(){const e=T.read(T.compression,this.algorithm),t=Ho[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Oo(e,t){return r=>{if(!L.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function No(e){return function(t){return x((async()=>e(await U(t))))}}const zo=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),Ho={zip:/*#__PURE__*/Oo(zo("deflate-raw").compressor,ro),zlib:/*#__PURE__*/Oo(zo("deflate").compressor,no)},jo={uncompressed:e=>e,zip:/*#__PURE__*/Oo(zo("deflate-raw").decompressor,io),zlib:/*#__PURE__*/Oo(zo("deflate").decompressor,ao),bzip2:/*#__PURE__*/No(So)},Go=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class qo{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new qo;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new Gi(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):L.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=R){let i=this.packets.write();if(s(i)&&(i=await U(i)),2===this.version)this.cipherAlgorithm=e,this.salt=as.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Vo(this,"encrypt",t,i);else{const{blockSize:n}=as.getCipherParams(e),a=await as.getPrefixRandom(e),s=new Uint8Array([211,20]),o=L.concat([a,i,s]),c=await as.hash.sha1(K(o)),u=L.concat([o,c]);this.encrypted=await as.mode.cfb.encrypt(e,t,u,new Uint8Array(n),r)}return!0}async decrypt(e,t,r=R){let i,n=E(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version)i=await Vo(this,"decrypt",t,n);else{const{blockSize:a}=as.getCipherParams(e),s=await as.mode.cfb.decrypt(e,t,n,new Uint8Array(a)),o=P(K(s),-20),c=P(s,0,-20),u=Promise.all([U(await as.hash.sha1(K(c))),U(o)]).then((([e,t])=>{if(!L.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=d([i,x((()=>u))]),L.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await Lo.fromBinary(i,Go,r),!0}}async function Vo(e,t,r,i){const n=e instanceof qo&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=as.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),f=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let d,w,b=0,k=Promise.resolve(),A=0,E=0;if(n){const{keySize:t}=as.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await Qn(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),d=a.subarray(t),d.fill(0,d.length-8),w=new DataView(d.buffer,d.byteOffset,d.byteLength)}else d=e.iv;const K=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==L.isStream(r)){const t=new TransformStream({},{highWaterMark:L.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=C(r),s=B(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=d;else{m=d.slice();for(let e=0;e<8;e++)m[d.length-8+e]^=f[e]}if(!b||e.length?(a.unshift(r),i=K[t](e,m,y),i.catch((()=>{})),E+=e.length-o+c):(g.setInt32(5+h+4,A),i=K[t](r,m,p),i.catch((()=>{})),E+=c,l=!0),A+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),E-=e.length})).catch((e=>s.abort(e))),(l||E>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(d.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const Wo=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class $o{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await A(e,(async e=>{const t=await e.readByte();if(1!==t)throw new Gi(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=as.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=R){this.packets=await Lo.fromBinary(await Vo(this,"decrypt",t,E(this.encrypted)),Wo,r)}async encrypt(e,t,r=R){this.cipherAlgorithm=e;const{ivLength:i}=as.getAEADMode(this.aeadAlgorithm);this.iv=as.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await Vo(this,"encrypt",t,n)}}class Zo{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new Uo,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new Zo;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?Uo.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=Uo.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=as.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),this.publicKeyAlgorithm===T.publicKey.x25519||this.publicKeyAlgorithm===T.publicKey.x448)if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),as.serializeParams(this.publicKeyAlgorithm,this.encrypted)),L.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=Xo(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await as.publicKeyEncrypt(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?Xo(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await as.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=L.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:L.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:L.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);3===this.version&&this.publicKeyAlgorithm!==T.publicKey.x25519&&this.publicKeyAlgorithm!==T.publicKey.x448&&(this.sessionKeyAlgorithm=s),this.sessionKey=a}}function Xo(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return L.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,L.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:return i;default:throw Error("Unsupported public key algorithm")}}class Qo{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=R){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=T.symmetric.aes256,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new Gi(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=ps(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=as.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=L.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=L.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=L.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=L.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=as.getCipherParams(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=as.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|Qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await Qn(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await as.mode.cfb.decrypt(t,n,this.encrypted,new Uint8Array(r));this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length)}else this.sessionKey=n}async encrypt(e,t=R){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=gs(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=as.getCipherParams(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=as.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=as.getAEADMode(this.aeadAlgorithm);this.iv=as.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|Qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Qn(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=L.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await as.mode.cfb.encrypt(r,a,e,new Uint8Array(i),t)}}}class Yo{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=R){this.version=t.v6Keys?6:4,this.created=L.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Yo,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=R){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new Gi("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=L.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=as.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new Gi(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(L.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=as.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(L.writeNumber(t.length,4)),e.push(t),L.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return L.concatUint8Array([new Uint8Array([r]),L.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new Uo,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await as.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await as.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return L.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&L.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=L.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Yo.prototype.readPublicKey=Yo.prototype.read,Yo.prototype.writePublicKey=Yo.prototype.write;const Jo=/*#__PURE__*/L.constructAllowedPackets([Po,_o,Ro,Bo]);class ec{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=R){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=as.getCipherParams(e),n=await U(E(this.encrypted)),a=await as.mode.cfb.decrypt(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await Lo.fromBinary(a,Jo,r)}async encrypt(e,t,r=R){const i=this.packets.write(),{blockSize:n}=as.getCipherParams(e),a=await as.getPrefixRandom(e),s=await as.mode.cfb.encrypt(e,t,a,new Uint8Array(n),r),o=await as.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=L.concat([s,o])}}class tc{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class rc extends Yo{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new rc,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class ic{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Fi(e.subarray(t,e.length));t+=r.offset,this.attributes.push(L.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(_i(this.attributes[t].length)),e.push(L.stringToUint8Array(this.attributes[t]));return L.concatUint8Array(e)}equals(e){return!!(e&&e instanceof ic)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class nc extends Yo{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=R){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=R){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=ps(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+as.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+as.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!L.equalsUint8Array(L.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=as.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof Gi)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return L.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=as.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(L.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(L.writeChecksum(this.keyMaterial))),L.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=R){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=ps(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=R){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=gs(t),this.s2k.generateSalt();const r=as.serializeParams(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=as.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=as.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Ni(this.constructor.tag),s=await ac(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?as.random.getRandomBytes(i):as.random.getRandomBytes(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const n=await ac(this.version,this.s2k,e,this.symmetric);this.iv=as.random.getRandomBytes(i),this.keyMaterial=await as.mode.cfb.encrypt(this.symmetric,n,L.concatUint8Array([r,await as.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Ni(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await ac(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=as.getAEADMode(this.aead),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await as.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await as.hash.sha1(i);if(!L.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=as.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await as.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);const{privateParams:i,publicParams:n}=await as.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function ac(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=as.getCipherParams(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=L.concatUint8Array([a,new Uint8Array([e,i,n])]);return Qn(T.hash.sha256,c,new Uint8Array,u,o)}class sc{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(L.isString(e)||e.name&&!L.isString(e.name)||e.email&&!L.isEmailAddress(e.email)||e.comment&&!L.isString(e.comment))throw Error("Invalid user ID format");const t=new sc;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=R){const r=L.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return L.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class oc extends nc{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=R){super(e,t)}}class cc{static get tag(){return T.packet.trust}read(){throw new Gi("Trust packets are not supported")}write(){throw new Gi("Trust packets are not supported")}}class uc{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await as.random.getRandomBytes(e)}}const hc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class lc{constructor(e){this.packets=e||new Lo}write(){return this.packets.write()}armor(e=R){const t=this.packets.some((e=>e.constructor.tag===Bo.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function yc({armoredSignature:e,binarySignature:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!L.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!L.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await Q(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await Lo.fromBinary(n,hc,r);return new lc(s)}async function pc(e,t){const r=new oc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function gc(e,t){const r=new nc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function fc(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw L.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function dc(e,t,r=new Date){const i=L.normalizeDate(r);if(null!==i){const r=vc(e,t);return!(e.created<=i&&i<r)}return!1}async function mc(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await wc(n,null,e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await wc(n,null,t,a,r.date,void 0,void 0,void 0,i)}async function wc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Bo;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i={},n){let a=n.preferredHashAlgorithm,s=a;if(e){const t=await e.getPrimarySelfSignature(r,i,n);t.preferredHashAlgorithms&&([s]=t.preferredHashAlgorithms,a=as.hash.getHashByteLength(a)<=as.hash.getHashByteLength(s)?s:a)}switch(t.algorithm){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:s=as.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid)}return as.hash.getHashByteLength(a)<=as.hash.getHashByteLength(s)?s:a}(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function bc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return L.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function kc(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function vc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function Ac(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function Ec(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function Kc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function Sc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function Pc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class Uc{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Lo;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new Uc(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new Uc(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return wc(n,e,a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=R){const n=this.mainKey.keyPacket;return kc(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw L.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw L.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await bc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await bc(e,this,"otherCertifications",t),await bc(e,this,"revocationSignatures",t,(function(e){return kc(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=R){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new Uc(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await wc(a,null,e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class Dc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Lo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new Dc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=R){const n=this.mainKey.keyPacket;return kc(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=R){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await fc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(dc(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=R){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await fc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=vc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=R){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await bc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await bc(e,this,"revocationSignatures",t,(function(e){return kc(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=R){const a={key:e,bind:this.keyPacket},s=new Dc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await wc(a,null,e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{Dc.prototype[e]=function(){return this.keyPacket[e]()}}));const xc=/*#__PURE__*/L.constructAllowedPackets([Bo]),Cc=new Set([T.packet.publicKey,T.packet.privateKey]),Bc=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class Ic{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Vi){Bc.has(s.tag)&&!a&&(a=Cc.has(s.tag)?Cc:Bc);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new Uc(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new Dc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){L.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){L.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){L.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new Lo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=R){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Pc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await fc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!Ec(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await fc([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),Pc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Ec(n,a,i))return Pc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=R){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Pc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await fc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(Kc(r.keyPacket,a,i))return Pc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Kc(n,a,i))return Pc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=R){return kc(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=R){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(dc(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await fc(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&dc(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=R){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=vc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await fc(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=vc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return L.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=R){const i=this.keyPacket;if(6===i.version)return fc(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=R){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await fc(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=R){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await bc(e,i,"revocationSignatures",t,(n=>kc(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await bc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=R){const r={key:this.keyPacket},i=await fc(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new Lo;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=R){const i=await Q(e),n=(await Lo.fromBinary(i.data,xc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw L.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=R){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=R){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=R){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=R){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{Ic.prototype[e]=Dc.prototype[e]}));class Tc extends Ic{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=R){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Rc extends Tc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Lo,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Yo.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=rc.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Tc(e)}armor(e=R){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=R){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await fc(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);Sc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!Sc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=R){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=R){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await wc(n,null,this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={...R,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=Ac(e,i);const n=await pc(e,{...t,v6Keys:6===this.keyPacket.version});Pc(n,t);const a=await mc(n,r,e,t),s=this.toPacketList();return s.push(n,a),new Rc(s)}}const Mc=/*#__PURE__*/L.constructAllowedPackets([Yo,rc,nc,oc,sc,ic,Bo]);function Lc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new Rc(e);case T.packet.publicKey:return new Tc(e)}throw Error("No key packet found")}async function Fc(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new Lo;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha256,T.hash.sha512,...6===e.version?[T.hash.sha3_256,T.hash.sha3_512]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await wc(t,null,e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=sc.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await wc(o,null,e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await mc(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await wc(o,null,e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Rc(n)}async function _c({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...R,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await Lo.fromBinary(a,Mc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return Lc(s.slice(o[0],o[1]))}async function Oc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...R,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await Lo.fromBinary(a,Mc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new Rc(t)}throw Error("No secret key packet found")}async function Nc({armoredKeys:e,binaryKeys:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await Lo.fromBinary(n,Mc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=Lc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function zc({armoredKeys:e,binaryKeys:t,config:r}){r={...R,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await Q(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await Lo.fromBinary(i,Mc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new Rc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Hc=/*#__PURE__*/L.constructAllowedPackets([Po,_o,$o,qo,ec,Zo,Qo,Ro,Bo]),jc=/*#__PURE__*/L.constructAllowedPackets([Qo]),Gc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class qc{constructor(e){this.packets=e||new Lo}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=R){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!L.isUint8Array(t)||!s.cipherAlgorithm&&!L.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){L.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new qc(s.packets);return s.packets=new Lo,l}async decryptSessionKeys(e,t,r,i=new Date,n=R){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Lo.fromBinary(e.write(),jc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){L.printDebugError(e),e instanceof ss&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Zo;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:as.generateSessionKey(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){L.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){L.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+L.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=R){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=R){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!L.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:as.generateSessionKey(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=R){if(r){if(!L.isUint8Array(r.data)||!L.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await qc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await qc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await qc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=qo.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new Lo,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=R){const h=new Lo,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=Zo.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new Qo(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new qc(h)}async sign(e=[],t=null,r=[],i=new Date,n=[],a=[],s=R){const o=new Lo,c=this.packets.findPacket(T.packet.literalData);if(!c)throw Error("No literal data packet to sign.");const u=await Vc(c,e,t,r,i,n,a,!1,s),h=u.map(((e,t)=>Ro.fromSignaturePacket(e,0===t))).reverse();return o.push(...h),o.push(c),o.push(...u),new qc(o)}compress(e,t=R){if(e===T.compression.uncompressed)return this;const r=new _o(t);r.algorithm=e,r.packets=this.packets;const i=new Lo;return i.push(r),new qc(i)}async signDetached(e=[],t=null,r=[],i=new Date,n=[],a=[],s=R){const o=this.packets.findPacket(T.packet.literalData);if(!o)throw Error("No literal data packet to sign.");return new lc(await Vc(o,e,t,r,i,n,a,!0,s))}async verify(e,t=new Date,r=R){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&L.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=C(e),i=B(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Wc(a,n,e,t,!1,r)):Wc(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=R){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return Wc(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new qc(e[0].packets):this}async appendSignature(e,t=R){await this.packets.read(L.isUint8Array(e)?e:(await Q(e)).data,Gc,t)}write(){return this.packets.write()}armor(e=R){const t=this.packets[this.packets.length-1],r=t.constructor.tag===qo.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Bo.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function Vc(e,t,r=null,i=[],n=new Date,a=[],s=[],o=!1,c=R){const u=new Lo,h=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,r)=>{const u=a[r];if(!t.isPrivate())throw Error("Need private key for signing");const l=await t.getSigningKey(i[r],n,u,c);return wc(e,t,l.keyPacket,{signatureType:h},n,u,s,o,c)}))).then((e=>{u.push(...e)})),r){const e=r.packets.filterByTag(T.packet.signature);u.push(...e)}return u}async function Wc(e,t,r,i=new Date,n=!1,a=R){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=R){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Ro?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new Lo;return e&&t.push(e),new lc(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function $c({armoredMessage:e,binaryMessage:t,config:r,...i}){r={...R,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=L.isStream(n);if(e){const{type:e,data:t}=await Q(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await Lo.fromBinary(n,Hc,r),c=new qc(o);return c.fromStream=s,c}async function Zc({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=L.isStream(s),u=new Po(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new Lo;h.push(u);const l=new qc(h);return l.fromStream=c,l}const Xc=/*#__PURE__*/L.constructAllowedPackets([Bo]);class Qc{constructor(e,t){if(this.text=L.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof lc))throw Error("Invalid signature input");this.signature=t||new lc(new Lo)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=null,r=[],i=new Date,n=[],a=[],s=R){const o=new Po;o.setText(this.text);const c=new lc(await Vc(o,e,t,r,i,n,a,!0,s));return new Qc(this.text,c)}verify(e,t=new Date,r=R){const i=this.signature.packets.filterByTag(T.packet.signature),n=new Po;return n.setText(this.text),Wc(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=R){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function Yc({cleartextMessage:e,config:t,...r}){if(t={...R,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!L.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await Q(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await Lo.fromBinary(n.data,Xc,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new lc(a);return new Qc(n.text,s)}async function Jc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!L.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new Qc(e)}async function eu({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){du(l={...R,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=mu(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=Ac(e)).subkeys=e.subkeys.map(((t,r)=>Ac(e.subkeys[r],e)));let r=[gc(e,t)];r=r.concat(e.subkeys.map((e=>pc(e,t))));const i=await Promise.all(r),n=await Fc(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>Pc(e,l))),{privateKey:ku(e,h,l),publicKey:"symmetric"!==r?ku(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw L.wrapError("Error generating keypair",e)}}async function tu({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){du(s={...R,...s}),t=mu(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await fc(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await Fc(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:ku(e,a,s),publicKey:ku(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw L.wrapError("Error reformatting keypair",e)}}async function ru({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){du(a={...R,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:ku(s,n,a),publicKey:ku(s.toPublic(),n,a)}:{privateKey:null,publicKey:ku(s,n,a)}}catch(e){throw L.wrapError("Error revoking key",e)}}async function iu({privateKey:e,passphrase:t,config:r,...i}){du(r={...R,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=L.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>L.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error decrypting private key",e)}}async function nu({privateKey:e,passphrase:t,config:r,...i}){du(r={...R,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=L.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error encrypting private key",e)}}async function au({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...f}){if(du(g={...R,...g}),yu(e),gu(a),t=mu(t),r=mu(r),i=mu(i),c=mu(c),u=mu(u),l=mu(l),y=mu(y),p=mu(p),f.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(f.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(f.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==f.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const d=Object.keys(f);if(d.length>0)throw Error("Unknown option: "+d.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,s,c,h,l,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=R){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const f="armored"===a?e.armor(g):e.write();return await wu(f)}catch(e){throw L.wrapError("Error encrypting message",e)}}async function su({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(du(u={...R,...u}),yu(e),n=mu(n),t=mu(t),r=mu(r),i=mu(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),bu(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=d([l.data,x((async()=>{await L.anyPromise(l.signatures.map((e=>e.verified)))}))])}return l.data=await wu(l.data),l}catch(e){throw L.wrapError("Error decrypting message",e)}}async function ou({message:e,signingKeys:t,format:r="armored",detached:i=!1,signingKeyIDs:n=[],date:a=new Date,signingUserIDs:s=[],signatureNotations:o=[],config:c,...u}){if(du(c={...R,...c}),pu(e),gu(r),t=mu(t),n=mu(n),s=mu(s),o=mu(o),u.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==u.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const h=Object.keys(u);if(h.length>0)throw Error("Unknown option: "+h.join(", "));if(e instanceof Qc&&"binary"===r)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof Qc&&i)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let u;if(u=i?await e.signDetached(t,void 0,n,a,s,o,c):await e.sign(t,void 0,n,a,s,o,c),"object"===r)return u;return u="armored"===r?u.armor(c):u.write(),i&&(u=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(u,t),U(e).catch((()=>{}))])}))),await wu(u)}catch(e){throw L.wrapError("Error signing message",e)}}async function cu({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(du(s={...R,...s}),pu(e),t=mu(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof Qc&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof Qc&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&bu(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=d([o.data,x((async()=>{await L.anyPromise(o.signatures.map((e=>e.verified)))}))])}return o.data=await wu(o.data),o}catch(e){throw L.wrapError("Error verifying signed message",e)}}async function uu({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(du(i={...R,...i}),e=mu(e),r=mu(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await qc.generateSessionKey(e,t,r,i)}catch(e){throw L.wrapError("Error generating session key",e)}}async function hu({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(du(h={...R,...h}),function(e){if(!L.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!L.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),gu(a),i=mu(i),n=mu(n),o=mu(o),u=mu(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return ku(await qc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw L.wrapError("Error encrypting session key",e)}}async function lu({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(du(n={...R,...n}),yu(e),t=mu(t),r=mu(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw L.wrapError("Error decrypting session keys",e)}}function yu(e){if(!(e instanceof qc))throw Error("Parameter [message] needs to be of type Message")}function pu(e){if(!(e instanceof Qc||e instanceof qc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function gu(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const fu=Object.keys(R).length;function du(e){const t=Object.keys(e);if(t.length!==fu)for(const e of t)if(void 0===R[e])throw Error("Unknown config property: "+e)}function mu(e){return e&&!L.isArray(e)&&(e=[e]),e}async function wu(e){return"array"===L.isStream(e)?U(e):e}function bu(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=B(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function ku(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{$o as AEADEncryptedDataPacket,ss as Argon2OutOfMemoryError,hs as Argon2S2K,Qc as CleartextMessage,_o as CompressedDataPacket,Wa as KDFParams,Po as LiteralDataPacket,tc as MarkerPacket,qc as Message,Ro as OnePassSignaturePacket,Lo as PacketList,uc as PaddingPacket,Rc as PrivateKey,Tc as PublicKey,Zo as PublicKeyEncryptedSessionKeyPacket,Yo as PublicKeyPacket,rc as PublicSubkeyPacket,nc as SecretKeyPacket,oc as SecretSubkeyPacket,lc as Signature,Bo as SignaturePacket,Dc as Subkey,qo as SymEncryptedIntegrityProtectedDataPacket,Qo as SymEncryptedSessionKeyPacket,ec as SymmetricallyEncryptedDataPacket,cc as TrustPacket,Vi as UnparseablePacket,ic as UserAttributePacket,sc as UserIDPacket,Y as armor,R as config,Jc as createCleartextMessage,Zc as createMessage,su as decrypt,iu as decryptKey,lu as decryptSessionKeys,au as encrypt,nu as encryptKey,hu as encryptSessionKey,T as enums,eu as generateKey,uu as generateSessionKey,Yc as readCleartextMessage,_c as readKey,Nc as readKeys,$c as readMessage,Oc as readPrivateKey,zc as readPrivateKeys,yc as readSignature,tu as reformatKey,ru as revokeKey,ou as sign,Q as unarmor,cu as verify};
+/*! OpenPGP.js v6.0.1 - 2024-11-25 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function d(e){if(c(e))return e;const t=new a;return(async()=>{const r=C(t);await r.write(e),await r.close()})(),t}function f(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=C(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=I(e=d(e)),o=C(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=C(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?f([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?f([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=d(e);const r=new a;return t(e,r),r}function K(e,t){let r;const i=v(e,((e,n)=>{const a=I(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function A(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function E(e){return s(e)?A(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=I(e),n=C(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(f(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?f([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=f(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=f){return s(e)?e.readToEnd(t):c(e)?I(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=C(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function I(e){return new p(e)}function C(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?f(t):void 0;const n=i.indexOf("\n")+1;n&&(e=f(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?f(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=f(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=f){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const B=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,pqc_mlkem_x25519:105,pqc_mldsa_ed25519:107,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[B]||(e[B]=[],Object.entries(e).forEach((([t,r])=>{e[B][r]=t}))),void 0!==e[B][t])return e[B][t];throw Error("Invalid enum value.")}},_={preferredHashAlgorithm:T.hash.sha512,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.1",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const M=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),L={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!_.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=L.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return L.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return L.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=L.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return L.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+L.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!L.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:f,concatUint8Array:h,equalsUint8Array:function(e,t){if(!L.isUint8Array(e)||!L.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return L.writeNumber(t,2)},printDebug:function(e){M&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){M&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!L.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=L.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?L.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},R=L.getNodeBuffer();let F,z;function N(e){let t=new Uint8Array;return k(e,(e=>{t=L.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=F(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?F(t)+"\n":""))}function H(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=z(t.substr(0,n));return t=t.substr(n),a}),(()=>z(t)))}function O(e){return H(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=N(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function q(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function G(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}R?(F=e=>R.from(e).toString("base64"),z=e=>{const t=R.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(F=e=>btoa(L.uint8ArrayToString(e)),z=e=>L.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Q(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||L.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||L.printDebugError(Error("Unknown header: "+e[t]))}function Z(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function X(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=H(v(e,(async(e,y)=>{const p=I(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=L.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Q(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Q(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=q(e))}}catch(e){return void r(e)}const g=C(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=L.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=Z(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=_){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&E(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return L.concat(h)}async function J(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function ee(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function te(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function re(e){return{keySize:te(e),blockSize:ee(e)}}var ie=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:re,getLegacyCipher:J});function ne(e,t){let r=e[0],i=e[1],n=e[2],a=e[3];r=se(r,i,n,a,t[0],7,-680876936),a=se(a,r,i,n,t[1],12,-389564586),n=se(n,a,r,i,t[2],17,606105819),i=se(i,n,a,r,t[3],22,-1044525330),r=se(r,i,n,a,t[4],7,-176418897),a=se(a,r,i,n,t[5],12,1200080426),n=se(n,a,r,i,t[6],17,-1473231341),i=se(i,n,a,r,t[7],22,-45705983),r=se(r,i,n,a,t[8],7,1770035416),a=se(a,r,i,n,t[9],12,-1958414417),n=se(n,a,r,i,t[10],17,-42063),i=se(i,n,a,r,t[11],22,-1990404162),r=se(r,i,n,a,t[12],7,1804603682),a=se(a,r,i,n,t[13],12,-40341101),n=se(n,a,r,i,t[14],17,-1502002290),i=se(i,n,a,r,t[15],22,1236535329),r=oe(r,i,n,a,t[1],5,-165796510),a=oe(a,r,i,n,t[6],9,-1069501632),n=oe(n,a,r,i,t[11],14,643717713),i=oe(i,n,a,r,t[0],20,-373897302),r=oe(r,i,n,a,t[5],5,-701558691),a=oe(a,r,i,n,t[10],9,38016083),n=oe(n,a,r,i,t[15],14,-660478335),i=oe(i,n,a,r,t[4],20,-405537848),r=oe(r,i,n,a,t[9],5,568446438),a=oe(a,r,i,n,t[14],9,-1019803690),n=oe(n,a,r,i,t[3],14,-187363961),i=oe(i,n,a,r,t[8],20,1163531501),r=oe(r,i,n,a,t[13],5,-1444681467),a=oe(a,r,i,n,t[2],9,-51403784),n=oe(n,a,r,i,t[7],14,1735328473),i=oe(i,n,a,r,t[12],20,-1926607734),r=ce(r,i,n,a,t[5],4,-378558),a=ce(a,r,i,n,t[8],11,-2022574463),n=ce(n,a,r,i,t[11],16,1839030562),i=ce(i,n,a,r,t[14],23,-35309556),r=ce(r,i,n,a,t[1],4,-1530992060),a=ce(a,r,i,n,t[4],11,1272893353),n=ce(n,a,r,i,t[7],16,-155497632),i=ce(i,n,a,r,t[10],23,-1094730640),r=ce(r,i,n,a,t[13],4,681279174),a=ce(a,r,i,n,t[0],11,-358537222),n=ce(n,a,r,i,t[3],16,-722521979),i=ce(i,n,a,r,t[6],23,76029189),r=ce(r,i,n,a,t[9],4,-640364487),a=ce(a,r,i,n,t[12],11,-421815835),n=ce(n,a,r,i,t[15],16,530742520),i=ce(i,n,a,r,t[2],23,-995338651),r=ue(r,i,n,a,t[0],6,-198630844),a=ue(a,r,i,n,t[7],10,1126891415),n=ue(n,a,r,i,t[14],15,-1416354905),i=ue(i,n,a,r,t[5],21,-57434055),r=ue(r,i,n,a,t[12],6,1700485571),a=ue(a,r,i,n,t[3],10,-1894986606),n=ue(n,a,r,i,t[10],15,-1051523),i=ue(i,n,a,r,t[1],21,-2054922799),r=ue(r,i,n,a,t[8],6,1873313359),a=ue(a,r,i,n,t[15],10,-30611744),n=ue(n,a,r,i,t[6],15,-1560198380),i=ue(i,n,a,r,t[13],21,1309151649),r=ue(r,i,n,a,t[4],6,-145523070),a=ue(a,r,i,n,t[11],10,-1120210379),n=ue(n,a,r,i,t[2],15,718787259),i=ue(i,n,a,r,t[9],21,-343485551),e[0]=pe(r,e[0]),e[1]=pe(i,e[1]),e[2]=pe(n,e[2]),e[3]=pe(a,e[3])}function ae(e,t,r,i,n,a){return t=pe(pe(t,e),pe(i,a)),pe(t<<n|t>>>32-n,r)}function se(e,t,r,i,n,a,s){return ae(t&r|~t&i,e,t,n,a,s)}function oe(e,t,r,i,n,a,s){return ae(t&i|r&~i,e,t,n,a,s)}function ce(e,t,r,i,n,a,s){return ae(t^r^i,e,t,n,a,s)}function ue(e,t,r,i,n,a,s){return ae(r^(t|~i),e,t,n,a,s)}function he(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const le="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=le[e>>8*r+4&15]+le[e>>8*r&15];return t}function pe(e,t){return e+t&4294967295}const ge=L.getWebCrypto(),de=L.getNodeCrypto(),fe=de&&de.getHashes();function me(e){if(de&&fe.includes(e))return async function(t){const r=de.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function we(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),L.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ge&&t)return new Uint8Array(await ge.digest(t,e));return(await r())(e)}}var be={md5:me("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ne(r,he(e.substring(i-64,i)));e=e.substring(i-64);const n=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)n[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(n[i>>2]|=128<<(i%4<<3),i>55)for(ne(r,n),i=0;i<16;i++)n[i]=0;return n[14]=8*t,ne(r,n),r}(L.uint8ArrayToString(e));return L.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:me("sha1")||we("sha1","SHA-1"),sha224:me("sha224")||we("sha224"),sha256:me("sha256")||we("sha256","SHA-256"),sha384:me("sha384")||we("sha384","SHA-384"),sha512:me("sha512")||we("sha512","SHA-512"),ripemd:me("ripemd160")||we("ripemd160"),sha3_256:me("sha3-256")||we("sha3_256"),sha3_512:me("sha3-512")||we("sha3_512"),digest:function(e,t){switch(e){case T.hash.md5:return this.md5(t);case T.hash.sha1:return this.sha1(t);case T.hash.ripemd:return this.ripemd(t);case T.hash.sha256:return this.sha256(t);case T.hash.sha384:return this.sha384(t);case T.hash.sha512:return this.sha512(t);case T.hash.sha224:return this.sha224(t);case T.hash.sha3_256:return this.sha3_256(t);case T.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case T.hash.md5:case T.hash.sha1:case T.hash.ripemd:case T.hash.sha224:case T.hash.sha256:return 64;case T.hash.sha384:case T.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}};function ke(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function ve(e,...t){if(!ke(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Ke(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ae(e,t){ve(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
+/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const Ee=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),Se=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),Pe=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function Ue(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!ke(e))throw Error("Uint8Array expected, got "+typeof e);e=Be(e)}return e}function De(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const xe=(e,t)=>(Object.assign(t,e),t);function Ie(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function Ce(e){return e.byteOffset%4==0}function Be(e){return Uint8Array.from(e)}function Te(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const _e=16,Me=/* @__PURE__ */new Uint8Array(16),Le=Se(Me),Re=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class Fe{constructor(e,t){this.blockLen=_e,this.outputLen=_e,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,ve(e=Ue(e),16);const r=Pe(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:Re(i),s1:Re(n),s2:Re(a),s3:Re(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,d=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}d.push({s0:r,s1:i,s2:n,s3:a})}this.t=d}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:d}=a[y*s+r];o^=i,c^=p,u^=g,h^=d,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=Ue(e),Ke(this);const t=Se(e),r=Math.floor(e.length/_e),i=e.length%_e;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(Me.set(e.subarray(r*_e)),this._updateBlock(Le[0],Le[1],Le[2],Le[3]),Te(Le)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Ke(this),Ae(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(_e);return this.digestInto(e),this.destroy(),e}}class ze extends Fe{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(Be(e=Ue(e)));super(r,t),Te(r)}update(e){e=Ue(e),Ke(this);const t=Se(e),r=e.length%_e,i=Math.floor(e.length/_e);for(let e=0;e<i;e++)this._updateBlock(Re(t[4*e+3]),Re(t[4*e+2]),Re(t[4*e+1]),Re(t[4*e+0]));return r&&(Me.set(e.subarray(i*_e)),this._updateBlock(Re(Le[3]),Re(Le[2]),Re(Le[1]),Re(Le[0])),Te(Le)),this}digestInto(e){Ke(this),Ae(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function Ne(e){const t=(t,r)=>e(r,t.length).update(Ue(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const He=Ne(((e,t)=>new Fe(e,t)));Ne(((e,t)=>new ze(e,t)));const Oe=16,je=new Uint8Array(Oe),qe=283;function Ge(e){return e<<1^qe&-(e>>7)}function Ve(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=Ge(e);return r}const We=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=Ge(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return Te(e),t})(),$e=/* @__PURE__ */We.map(((e,t)=>We.indexOf(t))),Qe=e=>e<<24|e>>>8,Ze=e=>e<<8|e>>>24,Xe=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Ye(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Ze),n=i.map(Ze),a=n.map(Ze),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const Je=/* @__PURE__ */Ye(We,(e=>Ve(e,3)<<24|e<<16|e<<8|Ve(e,2))),et=/* @__PURE__ */Ye($e,(e=>Ve(e,11)<<24|Ve(e,13)<<16|Ve(e,9)<<8|Ve(e,14))),tt=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=Ge(r))e[t]=r;return e})();function rt(e){ve(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=Je,i=[];Ce(e)||i.push(e=Be(e));const n=Se(e),a=n.length,s=e=>at(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Qe(t))^tt[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return Te(...i),o}function it(e){const t=rt(e),r=t.slice(),i=t.length,{sbox2:n}=Je,{T0:a,T1:s,T2:o,T3:c}=et;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];Te(t);for(let e=4;e<i-4;e++){const t=r[e],i=at(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function nt(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function at(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function st(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Je;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,r,i,n),u=e[c++]^nt(s,o,r,i,n,t),h=e[c++]^nt(s,o,i,n,t,r),l=e[c++]^nt(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,r,i,n),s1:e[c++]^at(a,r,i,n,t),s2:e[c++]^at(a,i,n,t,r),s3:e[c++]^at(a,n,t,r,i)}}function ot(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=et;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,n,i,r),u=e[c++]^nt(s,o,r,t,n,i),h=e[c++]^nt(s,o,i,r,t,n),l=e[c++]^nt(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,n,i,r),s1:e[c++]^at(a,r,t,n,i),s2:e[c++]^at(a,i,r,t,n),s3:e[c++]^at(a,n,i,r,t)}}function ct(e,t){if(void 0===t)return new Uint8Array(e);if(ve(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!Ce(t))throw Error("unaligned dst");return t}function ut(e,t,r,i){ve(t,Oe),ve(r);const n=r.length;i=ct(n,i);const a=t,s=Se(a);let{s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]);const l=Se(r),y=Se(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]))}const p=Oe*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=Ee(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];Te(e)}return i}function ht(e,t,r,i,n){ve(r,Oe),ve(i),n=ct(i.length,n);const a=r,s=Se(a),o=Pe(a),c=Se(i),u=Se(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^f,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]));const m=Oe*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,d,f]),t=Ee(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];Te(e)}return n}const lt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(ve(r),void 0!==i&&(ve(i),!Ce(i)))throw Error("unaligned destination");const n=rt(e),a=Be(t),s=[n,a];Ce(r)||s.push(r=Be(r));const o=ut(n,a,r,i);return Te(...s),o}return ve(e),ve(t,Oe),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const yt=xe({blockSize:16,nonceLength:16},(function(e,t,r={}){ve(e),ve(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=rt(e),{b:s,o,out:c}=function(e,t,r){ve(e);let i=e.length;const n=i%Oe;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Ce(e)||(e=Be(e));const a=Se(e);if(t){let e=Oe-n;e||(e=Oe),i+=e}const s=ct(i,r);return{b:a,o:Se(s),out:s}}(r,i,n);let u=t;const h=[a];Ce(u)||h.push(u=Be(u));const l=Se(u);let y=l[0],p=l[1],g=l[2],d=l[3],f=0;for(;f+4<=s.length;)y^=s[f+0],p^=s[f+1],g^=s[f+2],d^=s[f+3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d;if(i){const e=function(e){const t=new Uint8Array(16),r=Se(t);t.set(e);const i=Oe-e.length;for(let e=Oe-i;e<Oe;e++)t[e]=i;return r}(r.subarray(4*f));y^=e[0],p^=e[1],g^=e[2],d^=e[3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d}return Te(...h),c},decrypt(r,n){!function(e){if(ve(e),e.length%Oe!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=it(e);let s=t;const o=[a];Ce(s)||o.push(s=Be(s));const c=Se(s),u=ct(r.length,n);Ce(r)||o.push(r=Be(r));const h=Se(r),l=Se(u);let y=c[0],p=c[1],g=c[2],d=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=d;y=h[e+0],p=h[e+1],g=h[e+2],d=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=ot(a,y,p,g,d);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return Te(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding");const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),pt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){ve(r);const a=r.length;n=ct(a,n);const s=rt(e);let o=t;const c=[s];Ce(o)||c.push(o=Be(o)),Ce(r)||c.push(r=Be(r));const u=Se(r),h=Se(n),l=i?h:u,y=Se(o);let p=y[0],g=y[1],d=y[2],f=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=st(s,p,g,d,f);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],d=l[e++],f=l[e++]}const m=Oe*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:d,s3:f}=st(s,p,g,d,f));const e=Ee(new Uint32Array([p,g,d,f]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];Te(e)}return Te(...c),n}return ve(e),ve(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const gt=xe({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(ve(e),ve(t),void 0!==r&&ve(r),t.length<8)throw Error("aes/gcm: invalid nonce length");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=Pe(o);n&&Ie(c,0,BigInt(8*a),t),Ie(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return Te(o),u}(He,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=rt(e),i=je.slice(),n=je.slice();if(ht(r,!1,n,n,i),12===t.length)n.set(t);else{const e=je.slice();Ie(Pe(e),8,BigInt(8*t.length),!1);const r=He.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:ht(r,!1,n,je)}}return{encrypt(e){ve(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];Ce(e)||u.push(e=Be(e)),ht(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),Te(...u),c},decrypt(e){if(ve(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];Ce(e)||c.push(e=Be(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!De(l,h))throw Error("aes/gcm: invalid ghash tag");const y=ht(t,!1,s,u);return Te(...c),y}}}));function dt(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function ft(e,t){if(ve(t,16),!dt(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=st(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function mt(e,t){if(ve(t,16),!dt(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=ot(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const wt={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=rt(e);if(16===t.length)ft(r,t);else{const e=Se(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=st(r,i,n,e[t],e[t+1]);i=s,n=o^Xe(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=it(e),i=t.length/8-1;if(1===i)mt(r,t);else{const e=Se(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Xe(s);const{s0:i,s1:o,s2:c,s3:u}=ot(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},bt=new Uint8Array(8).fill(166),kt=xe({blockSize:8},(e=>({encrypt(t){if(ve(t),!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];ve(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(bt,t);return wt.encrypt(e,r),r},decrypt(t){if(ve(t),t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=Be(t);if(wt.decrypt(e,r),!De(r.subarray(0,8),bt))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),vt={expandKeyLE:rt,expandKeyDecLE:it,encrypt:st,decrypt:ot,encryptBlock:ft,decryptBlock:mt,ctrCounter:ut,ctr32:ht},Kt=L.getWebCrypto(),At=L.getNodeCrypto(),Et=At?At.getCiphers():[],St={idea:Et.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Et.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Et.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Et.includes("bf-cfb")?"bf-cfb":void 0,aes128:Et.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Et.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Et.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Pt{constructor(e,t,r){const{blockSize:i}=re(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=re(e);return Kt.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await Kt.importKey("raw",this.key,r,!1,["encrypt"]);const i=await Kt.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=L.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return Dt(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Dt(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Dt(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(L.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Dt(t,e),this.clearSensitiveData(),t}}class Ut{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=re(t);this.key=vt.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=xt(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=xt(e),r=new Uint8Array(e.length),i=xt(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=vt.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function Dt(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const xt=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));var It=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const n=T.read(T.symmetric,e);if(At&&St[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new At.createDecipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(L.isStream(r)){const n=new Ut(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).decrypt(r)}(e,t,r,i);const a=new(await J(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=L.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)},encrypt:async function(e,t,r,i,n){const a=T.read(T.symmetric,e);if(L.getNodeCrypto()&&St[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new At.createCipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(Kt&&await Pt.isSupported(e)){const n=new Pt(e,t,i);return L.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(L.isStream(r)){const n=new Ut(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).encrypt(r)}(e,t,r,i);const s=new(await J(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=L.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}});const Ct=L.getWebCrypto(),Bt=L.getNodeCrypto(),Tt=16;function _t(e,t){const r=e.length-Tt;for(let i=0;i<Tt;i++)e[i+r]^=t[i];return e}const Mt=new Uint8Array(Tt);async function Lt(e){const t=await Rt(e),r=L.double(await t(Mt)),i=L.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Tt==0)return _t(e,t);const i=new Uint8Array(e.length+(Tt-e.length%Tt));return i.set(e),i[e.length]=128,_t(i,r)}(e,r,i))).subarray(-Tt)}}async function Rt(e){if(L.getNodeCrypto())return async function(t){const r=new Bt.createCipheriv("aes-"+8*e.length+"-cbc",e,Mt).update(t);return new Uint8Array(r)};if(L.getWebCrypto())try{return e=await Ct.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Ct.encrypt({name:"AES-CBC",iv:Mt,length:8*Tt},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Tt)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return yt(e,Mt,{disablePadding:!0}).encrypt(t)}}const Ft=L.getWebCrypto(),zt=L.getNodeCrypto(),Nt=L.getNodeBuffer(),Ht=16,Ot=Ht,jt=Ht,qt=new Uint8Array(Ht),Gt=new Uint8Array(Ht);Gt[Ht-1]=1;const Vt=new Uint8Array(Ht);async function Wt(e){const t=await Lt(e);return function(e,r){return t(L.concatUint8Array([e,r]))}}async function $t(e){if(L.getNodeCrypto())return async function(t,r){const i=new zt.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Nt.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(L.getWebCrypto())try{const t=await Ft.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await Ft.encrypt({name:"AES-CTR",counter:r,length:8*Ht},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return lt(e,r).encrypt(t)}}async function Qt(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Wt(t),$t(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(qt,t),r(Gt,n)]),o=await i(e,a),c=await r(Vt,o);for(let e=0;e<jt;e++)c[e]^=s[e]^a[e];return L.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<jt)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-jt),s=e.subarray(-jt),[o,c,u]=await Promise.all([r(qt,t),r(Gt,n),r(Vt,a)]),h=u;for(let e=0;e<jt;e++)h[e]^=c[e]^o[e];if(!L.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Vt[Ht-1]=2,Qt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Qt.blockLength=Ht,Qt.ivLength=Ot,Qt.tagLength=jt;const Zt=16,Xt=16;function Yt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Jt(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function er(e,t){return Jt(e.slice(),t)}const tr=new Uint8Array(Zt),rr=new Uint8Array([1]);async function ir(e,t){const{keySize:r}=re(e);if(!L.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=yt(t,tr,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/Zt|0;!function(e,t){const r=L.nbits(Math.max(e.length,t.length)/Zt|0)-1;for(let e=i+1;e<=r;e++)o[e]=L.double(o[e-1]);i=r}(t,n);const c=L.concatUint8Array([tr.subarray(0,15-r.length),rr,r]),u=63&c[15];c[15]&=192;const h=a(c),l=L.concatUint8Array([h,er(h.subarray(0,8),h.subarray(1,9))]),y=L.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(Zt),g=new Uint8Array(t.length+Xt);let d,f=0;for(d=0;d<s;d++)Jt(y,o[Yt(d+1)]),g.set(Jt(e(er(y,t)),y),f),Jt(p,e===a?t:g.subarray(f)),t=t.subarray(Zt),f+=Zt;if(t.length){Jt(y,o.x);const r=a(y);g.set(er(t,r),f);const i=new Uint8Array(Zt);i.set(e===a?t:g.subarray(f,-16),0),i[t.length]=128,Jt(p,i),f+=t.length}const m=Jt(a(Jt(Jt(p,y),o.$)),function(e){if(!e.length)return tr;const t=e.length/Zt|0,r=new Uint8Array(Zt),i=new Uint8Array(Zt);for(let n=0;n<t;n++)Jt(r,o[Yt(n+1)]),Jt(i,a(er(r,e))),e=e.subarray(Zt);if(e.length){Jt(r,o.x);const t=new Uint8Array(Zt);t.set(e,0),t[e.length]=128,Jt(t,r),Jt(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(tr),t=L.double(e);o=[],o[0]=L.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<Xt)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const n=c(s,e,t,r);if(L.equalsUint8Array(i,n.subarray(-16)))return n.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ir.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ir.blockLength=Zt,ir.ivLength=15,ir.tagLength=Xt;const nr=L.getWebCrypto(),ar=L.getNodeCrypto(),sr=L.getNodeBuffer(),or=16,cr="AES-GCM";async function ur(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(L.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ar.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=sr.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ar.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-or,e.length));const a=sr.concat([n.update(e.slice(0,e.length-or)),n.final()]);return new Uint8Array(a)}};if(L.getWebCrypto())try{const e=await nr.importKey("raw",t,{name:cr},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return gt(t,n,a).encrypt(i);const s=await nr.encrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===or)return gt(t,n,a).decrypt(i);try{const t=await nr.decrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return gt(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return gt(t,r,i).decrypt(e)}}}ur.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},ur.blockLength=16,ur.ivLength=12,ur.tagLength=or;var hr={cfb:It,gcm:ur,experimentalGCM:ur,eax:Qt,ocb:ir};const lr=BigInt(0),yr=BigInt(1);function pr(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function gr(e,t){const r=e%t;return r<lr?r+t:r}function dr(e,t,r){if(r===lr)throw Error("Modulo cannot be zero");if(r===yr)return BigInt(0);if(t<lr)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>lr;){const e=i&yr;i>>=yr;a=e?a*n%r:a,n=n*n%r}return a}function fr(e){return e>=lr?e:-e}function mr(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=fr(e),o=fr(t);const c=e<lr,u=t<lr;for(;o!==lr;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==yr)throw Error("Inverse does not exist");return gr(i+t,t)}function wr(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function br(e,t){return(e>>BigInt(t)&yr)===lr?0:1}function kr(e){const t=e<lr?BigInt(-1):lr;let r=1,i=e;for(;(i>>=yr)!==t;)r++;return r}function vr(e){const t=e<lr?BigInt(-1):lr,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function Kr(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const Ar=L.getNodeCrypto();function Er(e){const t="undefined"!=typeof crypto?crypto:Ar?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function Sr(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return gr(pr(Er(vr(r)+8)),r)+e}var Pr=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:Sr,getRandomBytes:Er});const Ur=BigInt(1);function Dr(e,t,r){const i=BigInt(30),n=Ur<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=Sr(n,n<<Ur),o=wr(gr(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,kr(s)>e&&(s=gr(s,n<<Ur),s+=n,o=wr(gr(s,i)))}while(!xr(s,t,r));return s}function xr(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==lr;){const e=i;i=r%i,r=e}return r}(e-Ur,t)===Ur)&&(!!function(e){const t=BigInt(0);return Ir.every((r=>gr(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return dr(t,e-Ur,e)===Ur}(e)&&!!function(e,t){const r=kr(e);t||(t=Math.max(1,r/48|0));const i=e-Ur;let n=0;for(;!br(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=dr(Sr(BigInt(2),i),a,e);if(r!==Ur&&r!==i){for(t=1;t<n;t++){if(r=gr(r*r,e),r===Ur)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const Ir=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Cr=[];function Br(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Er(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Tr(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return L.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function _r(e,t,r){let i;if(t.length!==be.getHashByteLength(e))throw Error("Invalid hash length");const n=new Uint8Array(Cr[e].length);for(i=0;i<Cr[e].length;i++)n[i]=Cr[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Cr[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Cr[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Cr[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Cr[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Cr[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Cr[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Cr[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Mr=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Tr,emeEncode:Br,emsaEncode:_r});const Lr=L.getWebCrypto(),Rr=L.getNodeCrypto(),Fr=BigInt(1);async function zr(e,t,r,i,n,a){const s=pr(i),o=pr(n),c=pr(r);let u=gr(c,o-Fr),h=gr(c,s-Fr);return h=Kr(h),u=Kr(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Nr(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function Hr(e,t){return{n:O(e.n),e:Kr(t),d:O(e.d),p:O(e.q),q:O(e.p),u:O(e.qi)}}var Or=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){if(L.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await zr(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Rr.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Rr.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){L.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),n=pr(n),a=pr(a),s=pr(s),e>=t)throw Error("Data too large.");const c=gr(i,a-Fr),u=gr(i,n-Fr),h=Sr(BigInt(2),t),l=dr(mr(h,t),r,t);e=gr(e*l,t);const y=dr(e,u,n),p=dr(e,c,a),g=gr(s*(p-y),a);let d=g*n+y;return d=gr(d*h,t),Tr(Kr(d,"be",vr(t)),o)}(e,t,r,i,n,a,s,o)},encrypt:async function(e,t,r){return L.getNodeCrypto()?async function(e,t,r){const i=Nr(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Rr.constants.RSA_PKCS1_PADDING};return new Uint8Array(Rr.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=pr(t),e=pr(Br(e,vr(t))),r=pr(r),e>=t)throw Error("Message size cannot exceed modulus size");return Kr(dr(e,r,t),"be",vr(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),L.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Kr(t),hash:{name:"SHA-1"}},i=await Lr.generateKey(r,!0,["sign","verify"]);return Hr(await Lr.exportKey("jwk",i.privateKey),t)}if(L.getNodeCrypto()){const r={modulusLength:e,publicExponent:wr(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Rr.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return Hr(i,t)}let r,i,n;do{i=Dr(e-(e>>1),t,40),r=Dr(e>>1,t,40),n=r*i}while(kr(n)!==e);const a=(r-Fr)*(i-Fr);return i<r&&([r,i]=[i,r]),{n:Kr(n),e:Kr(t),d:Kr(mr(t,a)),p:Kr(r),q:Kr(i),u:Kr(mr(r,i))}},sign:async function(e,t,r,i,n,a,s,o,c){if(be.getHashByteLength(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await zr(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Lr.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Lr.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Rr.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await zr(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=pr(t);const n=pr(_r(e,i,vr(t)));return r=pr(r),Kr(dr(n,r,t),"be",vr(t))}(e,r,n,c)},validateParams:async function(e,t,r,i,n,a){if(e=pr(e),(i=pr(i))*(n=pr(n))!==e)return!1;const s=BigInt(2);if(gr(i*(a=pr(a)),n)!==BigInt(1))return!1;t=pr(t),r=pr(r);const o=Sr(s,s<<BigInt(Math.floor(kr(e)/3))),c=o*r*t;return!(gr(c,i-Fr)!==o||gr(c,n-Fr)!==o)},verify:async function(e,t,r,i,n,a){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Nr(i,n),s=await Lr.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Lr.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n){const a=Nr(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Rr.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=pr(r),t=pr(t),i=pr(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=Kr(dr(t,i,r),"be",vr(r)),s=_r(e,n,vr(r));return L.equalsUint8Array(a,s)}(e,r,i,n,a)}});const jr=BigInt(1);var qr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){return e=pr(e),t=pr(t),r=pr(r),Tr(Kr(gr(mr(dr(e,i=pr(i),r),r)*t,r),"be",vr(r)),n)},encrypt:async function(e,t,r,i){t=pr(t),r=pr(r),i=pr(i);const n=pr(Br(e,vr(t))),a=Sr(jr,t-jr);return{c1:Kr(dr(r,a,t)),c2:Kr(gr(dr(i,a,t)*n,t))}},validateParams:async function(e,t,r,i){if(e=pr(e),t=pr(t),r=pr(r),t<=jr||t>=e)return!1;const n=BigInt(kr(e));if(n<BigInt(1023))return!1;if(dr(t,e-jr,e)!==jr)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=gr(a*t,e),a===jr)return!1;s++}i=pr(i);const u=Sr(o<<n-jr,o<<n);return r===dr(t,(e-jr)*u+i,e)}});const Gr="object"==typeof e&&"crypto"in e?e.crypto:void 0,Vr={};var Wr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},$r=function(){throw Error("no PRNG")},Qr=new Uint8Array(32);Qr[0]=9;var Zr=Wr(),Xr=Wr([1]),Yr=Wr([56129,1]),Jr=Wr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ei=Wr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),ti=Wr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ri=Wr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ii=Wr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ni(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ai(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function si(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function oi(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function ci(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function ui(e,t){var r,i,n,a=Wr(),s=Wr();for(r=0;r<16;r++)s[r]=t[r];for(oi(s),oi(s),oi(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,ci(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function hi(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ui(r,e),ui(i,t),ai(r,0,i,0)}function li(e){var t=new Uint8Array(32);return ui(t,e),1&t[0]}function yi(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function pi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function gi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function di(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,K=0,A=0,E=0,S=0,P=0,U=0,D=0,x=0,I=0,C=0,B=0,T=0,_=0,M=0,L=r[0],R=r[1],F=r[2],z=r[3],N=r[4],H=r[5],O=r[6],j=r[7],q=r[8],G=r[9],V=r[10],W=r[11],$=r[12],Q=r[13],Z=r[14],X=r[15];a+=(i=t[0])*L,s+=i*R,o+=i*F,c+=i*z,u+=i*N,h+=i*H,l+=i*O,y+=i*j,p+=i*q,g+=i*G,d+=i*V,f+=i*W,m+=i*$,w+=i*Q,b+=i*Z,k+=i*X,s+=(i=t[1])*L,o+=i*R,c+=i*F,u+=i*z,h+=i*N,l+=i*H,y+=i*O,p+=i*j,g+=i*q,d+=i*G,f+=i*V,m+=i*W,w+=i*$,b+=i*Q,k+=i*Z,v+=i*X,o+=(i=t[2])*L,c+=i*R,u+=i*F,h+=i*z,l+=i*N,y+=i*H,p+=i*O,g+=i*j,d+=i*q,f+=i*G,m+=i*V,w+=i*W,b+=i*$,k+=i*Q,v+=i*Z,K+=i*X,c+=(i=t[3])*L,u+=i*R,h+=i*F,l+=i*z,y+=i*N,p+=i*H,g+=i*O,d+=i*j,f+=i*q,m+=i*G,w+=i*V,b+=i*W,k+=i*$,v+=i*Q,K+=i*Z,A+=i*X,u+=(i=t[4])*L,h+=i*R,l+=i*F,y+=i*z,p+=i*N,g+=i*H,d+=i*O,f+=i*j,m+=i*q,w+=i*G,b+=i*V,k+=i*W,v+=i*$,K+=i*Q,A+=i*Z,E+=i*X,h+=(i=t[5])*L,l+=i*R,y+=i*F,p+=i*z,g+=i*N,d+=i*H,f+=i*O,m+=i*j,w+=i*q,b+=i*G,k+=i*V,v+=i*W,K+=i*$,A+=i*Q,E+=i*Z,S+=i*X,l+=(i=t[6])*L,y+=i*R,p+=i*F,g+=i*z,d+=i*N,f+=i*H,m+=i*O,w+=i*j,b+=i*q,k+=i*G,v+=i*V,K+=i*W,A+=i*$,E+=i*Q,S+=i*Z,P+=i*X,y+=(i=t[7])*L,p+=i*R,g+=i*F,d+=i*z,f+=i*N,m+=i*H,w+=i*O,b+=i*j,k+=i*q,v+=i*G,K+=i*V,A+=i*W,E+=i*$,S+=i*Q,P+=i*Z,U+=i*X,p+=(i=t[8])*L,g+=i*R,d+=i*F,f+=i*z,m+=i*N,w+=i*H,b+=i*O,k+=i*j,v+=i*q,K+=i*G,A+=i*V,E+=i*W,S+=i*$,P+=i*Q,U+=i*Z,D+=i*X,g+=(i=t[9])*L,d+=i*R,f+=i*F,m+=i*z,w+=i*N,b+=i*H,k+=i*O,v+=i*j,K+=i*q,A+=i*G,E+=i*V,S+=i*W,P+=i*$,U+=i*Q,D+=i*Z,x+=i*X,d+=(i=t[10])*L,f+=i*R,m+=i*F,w+=i*z,b+=i*N,k+=i*H,v+=i*O,K+=i*j,A+=i*q,E+=i*G,S+=i*V,P+=i*W,U+=i*$,D+=i*Q,x+=i*Z,I+=i*X,f+=(i=t[11])*L,m+=i*R,w+=i*F,b+=i*z,k+=i*N,v+=i*H,K+=i*O,A+=i*j,E+=i*q,S+=i*G,P+=i*V,U+=i*W,D+=i*$,x+=i*Q,I+=i*Z,C+=i*X,m+=(i=t[12])*L,w+=i*R,b+=i*F,k+=i*z,v+=i*N,K+=i*H,A+=i*O,E+=i*j,S+=i*q,P+=i*G,U+=i*V,D+=i*W,x+=i*$,I+=i*Q,C+=i*Z,B+=i*X,w+=(i=t[13])*L,b+=i*R,k+=i*F,v+=i*z,K+=i*N,A+=i*H,E+=i*O,S+=i*j,P+=i*q,U+=i*G,D+=i*V,x+=i*W,I+=i*$,C+=i*Q,B+=i*Z,T+=i*X,b+=(i=t[14])*L,k+=i*R,v+=i*F,K+=i*z,A+=i*N,E+=i*H,S+=i*O,P+=i*j,U+=i*q,D+=i*G,x+=i*V,I+=i*W,C+=i*$,B+=i*Q,T+=i*Z,_+=i*X,k+=(i=t[15])*L,s+=38*(K+=i*F),o+=38*(A+=i*z),c+=38*(E+=i*N),u+=38*(S+=i*H),h+=38*(P+=i*O),l+=38*(U+=i*j),y+=38*(D+=i*q),p+=38*(x+=i*G),g+=38*(I+=i*V),d+=38*(C+=i*W),f+=38*(B+=i*$),m+=38*(T+=i*Q),w+=38*(_+=i*Z),b+=38*(M+=i*X),a=(i=(a+=38*(v+=i*R))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function fi(e,t){di(e,t,t)}function mi(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)fi(i,i),2!==r&&4!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function wi(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Wr(),c=Wr(),u=Wr(),h=Wr(),l=Wr(),y=Wr();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,yi(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)ci(o,c,i=a[n>>>3]>>>(7&n)&1),ci(u,h,i),pi(l,o,u),gi(o,o,u),pi(u,c,h),gi(c,c,h),fi(h,l),fi(y,o),di(o,u,o),di(u,c,l),pi(l,o,u),gi(o,o,u),fi(c,o),gi(u,h,y),di(o,u,Yr),pi(o,o,h),di(u,u,o),di(o,h,y),di(h,c,s),fi(c,l),ci(o,c,i),ci(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return mi(p,p),di(g,g,p),ui(e,g),0}function bi(e,t){return wi(e,t,Qr)}var ki=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function vi(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,d,f,m,w,b,k,v,K,A,E,S,P,U,D,x,I=new Int32Array(16),C=new Int32Array(16),B=e[0],T=e[1],_=e[2],M=e[3],L=e[4],R=e[5],F=e[6],z=e[7],N=t[0],H=t[1],O=t[2],j=t[3],q=t[4],G=t[5],V=t[6],W=t[7],$=0;i>=128;){for(K=0;K<16;K++)A=8*K+$,I[K]=r[A+0]<<24|r[A+1]<<16|r[A+2]<<8|r[A+3],C[K]=r[A+4]<<24|r[A+5]<<16|r[A+6]<<8|r[A+7];for(K=0;K<80;K++)if(n=B,a=T,s=_,o=M,c=L,u=R,h=F,z,y=N,p=H,g=O,d=j,f=q,m=G,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(E=z),x=E>>>16,P+=65535&(S=(q>>>14|L<<18)^(q>>>18|L<<14)^(L>>>9|q<<23)),U+=S>>>16,D+=65535&(E=(L>>>14|q<<18)^(L>>>18|q<<14)^(q>>>9|L<<23)),x+=E>>>16,P+=65535&(S=q&G^~q&V),U+=S>>>16,D+=65535&(E=L&R^~L&F),x+=E>>>16,E=ki[2*K],P+=65535&(S=ki[2*K+1]),U+=S>>>16,D+=65535&E,x+=E>>>16,E=I[K%16],U+=(S=C[K%16])>>>16,D+=65535&E,x+=E>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(E=k=65535&D|(x+=D>>>16)<<16),x=E>>>16,P+=65535&(S=(N>>>28|B<<4)^(B>>>2|N<<30)^(B>>>7|N<<25)),U+=S>>>16,D+=65535&(E=(B>>>28|N<<4)^(N>>>2|B<<30)^(N>>>7|B<<25)),x+=E>>>16,U+=(S=N&H^N&O^H&O)>>>16,D+=65535&(E=B&T^B&_^T&_),x+=E>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(E=o),x=E>>>16,U+=(S=v)>>>16,D+=65535&(E=k),x+=E>>>16,T=n,_=a,M=s,L=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,R=c,F=u,z=h,B=l,H=y,O=p,j=g,q=d=65535&P|U<<16,G=f,V=m,W=w,N=b,K%16==15)for(A=0;A<16;A++)E=I[A],P=65535&(S=C[A]),U=S>>>16,D=65535&E,x=E>>>16,E=I[(A+9)%16],P+=65535&(S=C[(A+9)%16]),U+=S>>>16,D+=65535&E,x+=E>>>16,k=I[(A+1)%16],P+=65535&(S=((v=C[(A+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(E=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=E>>>16,k=I[(A+14)%16],U+=(S=((v=C[(A+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(E=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,I[A]=65535&D|x<<16,C[A]=65535&P|U<<16;P=65535&(S=N),U=S>>>16,D=65535&(E=B),x=E>>>16,E=e[0],U+=(S=t[0])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=B=65535&D|x<<16,t[0]=N=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(E=T),x=E>>>16,E=e[1],U+=(S=t[1])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=H=65535&P|U<<16,P=65535&(S=O),U=S>>>16,D=65535&(E=_),x=E>>>16,E=e[2],U+=(S=t[2])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=_=65535&D|x<<16,t[2]=O=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(E=M),x=E>>>16,E=e[3],U+=(S=t[3])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=M=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(E=L),x=E>>>16,E=e[4],U+=(S=t[4])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=L=65535&D|x<<16,t[4]=q=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(E=R),x=E>>>16,E=e[5],U+=(S=t[5])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=R=65535&D|x<<16,t[5]=G=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(E=F),x=E>>>16,E=e[6],U+=(S=t[6])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=F=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(E=z),x=E>>>16,E=e[7],U+=(S=t[7])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=z=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Ki(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,vi(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ni(s,r-8,o/536870912|0,o<<3),vi(n,a,s,r),i=0;i<8;i++)ni(e,8*i,n[i],a[i]);return 0}function Ai(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr(),u=Wr(),h=Wr();gi(r,e[1],e[0]),gi(h,t[1],t[0]),di(r,r,h),pi(i,e[0],e[1]),pi(h,t[0],t[1]),di(i,i,h),di(n,e[3],t[3]),di(n,n,ei),di(a,e[2],t[2]),pi(a,a,a),gi(s,i,r),gi(o,a,n),pi(c,a,n),pi(u,i,r),di(e[0],s,o),di(e[1],u,c),di(e[2],c,o),di(e[3],s,u)}function Ei(e,t,r){var i;for(i=0;i<4;i++)ci(e[i],t[i],r)}function Si(e,t){var r=Wr(),i=Wr(),n=Wr();mi(n,t[2]),di(r,t[0],n),di(i,t[1],n),ui(e,i),e[31]^=li(r)<<7}function Pi(e,t,r){var i,n;for(si(e[0],Zr),si(e[1],Xr),si(e[2],Xr),si(e[3],Zr),n=255;n>=0;--n)Ei(e,t,i=r[n/8|0]>>(7&n)&1),Ai(t,e),Ai(e,e),Ei(e,t,i)}function Ui(e,t){var r=[Wr(),Wr(),Wr(),Wr()];si(r[0],ti),si(r[1],ri),si(r[2],Xr),di(r[3],ti,ri),Pi(e,r,t)}function Di(e,t,r){var i,n=new Uint8Array(64),a=[Wr(),Wr(),Wr(),Wr()];for(r||$r(t,32),Ki(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ui(a,n),Si(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var xi=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Ii(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*xi[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*xi[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*xi[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Ci(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Ii(e,r)}function Bi(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr();return si(e[2],Xr),yi(e[1],t),fi(n,e[1]),di(a,n,Jr),gi(n,n,e[2]),pi(a,e[2],a),fi(s,a),fi(o,s),di(c,o,s),di(r,c,n),di(r,r,a),function(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)fi(i,i),1!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),di(r,r,n),di(r,r,a),di(r,r,a),di(e[0],r,a),fi(i,e[0]),di(i,i,a),hi(i,n)&&di(e[0],e[0],ii),fi(i,e[0]),di(i,i,a),hi(i,n)?-1:(li(e[0])===t[31]>>7&&gi(e[0],Zr,e[0]),di(e[3],e[0],e[1]),0)}var Ti=64;function _i(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Vr.scalarMult=function(e,t){if(_i(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return wi(r,e,t),r},Vr.box={},Vr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){$r(t,32),bi(e,t)}(e,t),{publicKey:e,secretKey:t}},Vr.box.keyPair.fromSecretKey=function(e){if(_i(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return bi(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign=function(e,t){if(_i(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ti+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Wr(),Wr(),Wr(),Wr()];Ki(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Ki(c,e.subarray(32),r+32),Ci(c),Ui(h,c),Si(e,h),n=32;n<64;n++)e[n]=i[n];for(Ki(o,e,r+64),Ci(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Ii(e.subarray(32),u)}(r,e,e.length,t),r},Vr.sign.detached=function(e,t){for(var r=Vr.sign(e,t),i=new Uint8Array(Ti),n=0;n<i.length;n++)i[n]=r[n];return i},Vr.sign.detached.verify=function(e,t,r){if(_i(e,t,r),t.length!==Ti)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Ti+e.length),a=new Uint8Array(Ti+e.length);for(i=0;i<Ti;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Ti]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Wr(),Wr(),Wr(),Wr()],c=[Wr(),Wr(),Wr(),Wr()];if(r<64)return-1;if(Bi(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Ki(s,e,r),Ci(s),Pi(o,c,s),Ui(c,t.subarray(32)),Ai(o,c),Si(a,o),r-=64,ai(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Vr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Di(e,t),{publicKey:e,secretKey:t}},Vr.sign.keyPair.fromSecretKey=function(e){if(_i(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign.keyPair.fromSeed=function(e){if(_i(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Di(t,r,!0),{publicKey:t,secretKey:r}},Vr.setPRNG=function(e){$r=e},function(){if(Gr&&Gr.getRandomValues){Vr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)Gr.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Mi={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class Li{constructor(e){if(e instanceof Li)this.oid=e.oid;else if(L.isArray(e)||L.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return L.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return L.uint8ArrayToHex(this.oid)}getName(){const e=Mi[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Ri(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=L.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function Fi(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):L.concatUint8Array([new Uint8Array([255]),L.writeNumber(e,4)])}function zi(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Ni(e){return new Uint8Array([192|e])}function Hi(e,t){return L.concatUint8Array([Ni(e),Fi(t)])}function Oi(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function ji(e,t){const r=I(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=Oi(h);let p,g=null;if(y){if("array"===L.isStream(e)){const e=new a;i=C(e),g=e}else{const e=new TransformStream;i=C(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const d=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=L.concatUint8Array(g),await t({tag:h,packet:g})),!d||!d.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class qi extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,qi),this.name="UnsupportedError"}}class Gi extends qi{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,qi),this.name="UnknownPacketError"}}class Vi{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
+/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Wi=BigInt(0),$i=BigInt(1),Qi=BigInt(2),Zi=BigInt(8),Xi=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Yi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Xi,n:Xi,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ji=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),en=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const tn=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),rn=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),nn=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),an=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class sn{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof pn))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(pn.ZERO)?sn.ZERO:new sn(e.x,e.y,$i,Sn(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Yi.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Wi?e:(r[n]=e,Sn(e*i,t))),$i),n=Pn(i,t);return e.reduceRight(((e,i,n)=>i===Wi?e:(r[n]=Sn(e*r[n],t),Sn(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){cn(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Sn(t*s),c=Sn(n*i),u=Sn(r*s),h=Sn(a*i);return o===c&&u===h}negate(){return new sn(Sn(-this.x),this.y,this.z,Sn(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Yi,n=Sn(e*e),a=Sn(t*t),s=Sn(Qi*Sn(r*r)),o=Sn(i*n),c=e+t,u=Sn(Sn(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Sn(u*l),g=Sn(h*y),d=Sn(u*y),f=Sn(l*h);return new sn(p,g,f,d)}add(e){cn(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Sn((r-t)*(s+a)),h=Sn((r+t)*(s-a)),l=Sn(h-u);if(l===Wi)return this.double();const y=Sn(i*Qi*c),p=Sn(n*Qi*o),g=p+y,d=h+u,f=p-y,m=Sn(g*l),w=Sn(d*f),b=Sn(g*f),k=Sn(l*d);return new sn(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(sn.BASE)&&(t=pn.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&yn.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=sn.normalizeZ(i),yn.set(t,i)));let n=sn.ZERO,a=sn.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=$i);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(on(p,i[l])):n=n.add(on(g,i[y]))}return sn.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(Bn(e,Yi.l),t)}multiplyUnsafe(e){let t=Bn(e,Yi.l,!1);const r=sn.BASE,i=sn.ZERO;if(t===Wi)return i;if(this.equals(i)||t===$i)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Wi;)t&$i&&(n=n.add(a)),a=a.double(),t>>=$i;return n}isSmallOrder(){return this.multiplyUnsafe(Yi.h).equals(sn.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Yi.l/Qi).double();return Yi.l%Qi&&(e=e.add(this)),e.equals(sn.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(sn.ZERO);null==e&&(e=n?Zi:Pn(i));const a=Sn(t*e),s=Sn(r*e),o=Sn(i*e);if(n)return pn.ZERO;if(o!==$i)throw Error("invZ was invalid");return new pn(a,s)}fromRistrettoBytes(){hn()}toRistrettoBytes(){hn()}fromRistrettoHash(){hn()}}function on(e,t){const r=t.negate();return e?r:t}function cn(e){if(!(e instanceof sn))throw new TypeError("ExtendedPoint expected")}function un(e){if(!(e instanceof ln))throw new TypeError("RistrettoPoint expected")}function hn(){throw Error("Legacy method: switch to RistrettoPoint")}sn.BASE=new sn(Yi.Gx,Yi.Gy,$i,Sn(Yi.Gx*Yi.Gy)),sn.ZERO=new sn(Wi,$i,$i,Wi);class ln{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Yi,r=Sn(en*e*e),i=Sn((r+$i)*nn);let n=BigInt(-1);const a=Sn((n-t*r)*Sn(r+t));let{isValid:s,value:o}=Dn(i,a),c=Sn(o*e);vn(c)||(c=Sn(-c)),s||(o=c),s||(n=r);const u=Sn(n*(r-$i)*an-a),h=o*o,l=Sn((o+o)*a),y=Sn(u*tn),p=Sn($i-h),g=Sn($i+h);return new sn(Sn(l*g),Sn(p*y),Sn(y*g),Sn(l*p))}static hashToCurve(e){const t=En((e=Cn(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=En(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new ln(r.add(n))}static fromHex(e){e=Cn(e,32);const{a:t,d:r}=Yi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=En(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(kn(n),e)||vn(n))throw Error(i);const a=Sn(n*n),s=Sn($i+t*a),o=Sn($i-t*a),c=Sn(s*s),u=Sn(o*o),h=Sn(t*r*c-u),{isValid:l,value:y}=xn(Sn(h*u)),p=Sn(y*o),g=Sn(y*p*h);let d=Sn((n+n)*p);vn(d)&&(d=Sn(-d));const f=Sn(s*g),m=Sn(d*f);if(!l||vn(m)||f===Wi)throw Error(i);return new ln(new sn(d,f,$i,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Sn(Sn(r+t)*Sn(r-t)),a=Sn(e*t),s=Sn(a*a),{value:o}=xn(Sn(n*s)),c=Sn(o*n),u=Sn(o*a),h=Sn(c*u*i);let l;if(vn(i*h)){let r=Sn(t*en),i=Sn(e*en);e=r,t=i,l=Sn(c*rn)}else l=u;vn(e*h)&&(t=Sn(-t));let y=Sn((r-t)*l);return vn(y)&&(y=Sn(-y)),kn(y)}toHex(){return mn(this.toRawBytes())}toString(){return this.toHex()}equals(e){un(e);const t=this.ep,r=e.ep,i=Sn(t.x*r.y)===Sn(t.y*r.x),n=Sn(t.y*r.y)===Sn(t.x*r.x);return i||n}add(e){return un(e),new ln(this.ep.add(e.ep))}subtract(e){return un(e),new ln(this.ep.subtract(e.ep))}multiply(e){return new ln(this.ep.multiply(e))}multiplyUnsafe(e){return new ln(this.ep.multiplyUnsafe(e))}}ln.BASE=new ln(sn.BASE),ln.ZERO=new ln(sn.ZERO);const yn=new WeakMap;class pn{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,yn.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Yi,n=(e=Cn(e,32)).slice();n[31]=-129&e[31];const a=Kn(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=Ji)throw Error("Expected 0 < hex < 2**256");const s=Sn(a*a),o=Sn(s-$i),c=Sn(r*s+$i);let{isValid:u,value:h}=Dn(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&$i)===$i;return!!(128&e[31])!==l&&(h=Sn(-h)),new pn(h,a)}static async fromPrivateKey(e){return(await _n(e)).point}toRawBytes(){const e=kn(this.y);return e[31]|=this.x&$i?128:0,e}toHex(){return mn(this.toRawBytes())}toX25519(){const{y:e}=this;return kn(Sn(($i+e)*Pn($i-e)))}isTorsionFree(){return sn.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new pn(Sn(-this.x),this.y)}add(e){return sn.fromAffine(this).add(sn.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return sn.fromAffine(this).multiply(e,this).toAffine()}}pn.BASE=new pn(Yi.Gx,Yi.Gy),pn.ZERO=new pn(Wi,$i);let gn=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Cn(t,64),i=pn.fromHex(r.slice(0,32),!1),n=Kn(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof pn))throw Error("Expected Point instance");return Bn(t,Yi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(kn(this.s),32),e}toHex(){return mn(this.toRawBytes())}};function dn(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const fn=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function mn(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=fn[e[r]];return t}function wn(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function bn(e){return wn(e.toString(16).padStart(64,"0"))}function kn(e){return bn(e).reverse()}function vn(e){return(Sn(e)&$i)===$i}function Kn(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+mn(Uint8Array.from(e).reverse()))}const An=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function En(e){return Sn(Kn(e)&An)}function Sn(e,t=Yi.P){const r=e%t;return r>=Wi?r:t+r}function Pn(e,t=Yi.P){if(e===Wi||t<=Wi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Sn(e,t),i=t,n=Wi,a=$i;for(;r!==Wi;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==$i)throw Error("invert: does not exist");return Sn(n,t)}function Un(e,t){const{P:r}=Yi;let i=e;for(;t-- >Wi;)i*=i,i%=r;return i}function Dn(e,t){const r=Sn(t*t*t),i=function(e){const{P:t}=Yi,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Un(o,Qi)*o%t,u=Un(c,$i)*e%t,h=Un(u,r)*u%t,l=Un(h,i)*h%t,y=Un(l,n)*l%t,p=Un(y,a)*y%t,g=Un(p,s)*p%t,d=Un(g,s)*p%t,f=Un(d,i)*h%t;return{pow_p_5_8:Un(f,Qi)*e%t,b2:o}}(e*Sn(r*r*t)).pow_p_5_8;let n=Sn(e*r*i);const a=Sn(t*n*n),s=n,o=Sn(n*en),c=a===e,u=a===Sn(-e),h=a===Sn(-e*en);return c&&(n=s),(u||h)&&(n=o),vn(n)&&(n=Sn(-n)),{isValid:c||u,value:n}}function xn(e){return Dn($i,e)}function In(e){return Sn(Kn(e),Yi.l)}function Cn(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):wn(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function Bn(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Wi<e)return e}else if(Wi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Tn;async function _n(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=In(t),n=pn.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await Rn.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?bn(Bn(e,Ji)):Cn(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Mn(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Cn(t),r instanceof pn||(r=pn.fromHex(r,!1));const{r:i,s:n}=e instanceof gn?e.assertValidity():gn.fromHex(e);return{r:i,s:n,SB:sn.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await Rn.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=In(i),a=sn.fromAffine(e).multiplyUnsafe(n);return sn.fromAffine(t).add(a).subtract(r).multiplyUnsafe(Yi.h).equals(sn.ZERO)}(s,i,n,o)}pn.BASE._setWindowSize(8);const Ln={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},Rn={bytesToHex:mn,hexToBytes:wn,concatBytes:dn,getExtendedPublicKey:_n,mod:Sn,invert:Pn,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Cn(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Sn(Kn(e),Yi.l-$i)+$i},randomBytes:(e=32)=>{if(Ln.web)return Ln.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>Rn.randomBytes(32),sha512:async(...e)=>{const t=dn(...e);if(Ln.web){const e=await Ln.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=pn.BASE){const r=t.equals(pn.BASE)?t:new pn(t.x,t.y);return r._setWindowSize(e),r.multiply(Qi),r},sha512Sync:void 0};async function Fn(e){switch(e){case T.publicKey.ed25519:try{const e=L.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(O(i.x)),seed:O(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name)throw t;const r=Er(On(e)),{publicKey:i}=Vr.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await L.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function zn(e,t,r,i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(jn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),r=Gn(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name)throw e;const t=L.concatUint8Array([n,i]);return{RS:Vr.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await L.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function Nn(e,t,{RS:r},i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(jn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),i=qn(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name)throw e;return Mn(r,a,n)}case T.publicKey.ed448:return(await L.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}async function Hn(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Vr.sign.keyPair.fromSeed(r);return L.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await L.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}function On(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function jn(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(Rn,{sha512Sync:{configurable:!1,get:()=>Tn,set(e){Tn||(Tn=e)}}});const qn=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},Gn=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=qn(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var Vn=/*#__PURE__*/Object.freeze({__proto__:null,generate:Fn,getPayloadSize:On,getPreferredHashAlgo:jn,sign:zn,validateParams:Hn,verify:Nn});const Wn=L.getWebCrypto();async function $n(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await Wn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await Wn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await Wn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return kt(t).encrypt(r)}async function Qn(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await Wn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return L.printDebugError("Browser did not support operation: "+e.message),kt(t).decrypt(r)}try{const e=await Wn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Wn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}var Zn=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:Qn,wrap:$n});const Xn=L.getWebCrypto();async function Yn(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await Xn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Xn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const Jn={x25519:L.encodeUTF8("OpenPGP X25519"),x448:L.encodeUTF8("OpenPGP X448")};async function ea(e){switch(e){case T.publicKey.x25519:{const e=Er(32),{publicKey:t}=Vr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}async function ta(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Vr.box.keyPair.fromSecretKey(r);return L.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}function ra(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function ia(e,t){switch(e){case T.publicKey.x25519:{const r=Er(ra(e)),i=Vr.scalarMult(r,t);aa(i);const{publicKey:n}=Vr.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);aa(i);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function na(e,t,r,i){switch(e){case T.publicKey.x25519:{const e=Vr.scalarMult(i,t);return aa(e),e}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);return aa(e),e}default:throw Error("Unsupported ECDH algorithm")}}function aa(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}var sa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){const a=await na(e,t,i,n),s=L.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=re(e);return Qn(e,await Yn(T.hash.sha256,s,new Uint8Array,Jn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=re(T.symmetric.aes256);return Qn(e,await Yn(T.hash.sha512,s,new Uint8Array,Jn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await ia(e,r),a=L.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=re(e),n=await Yn(T.hash.sha256,a,new Uint8Array,Jn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await $n(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=re(T.symmetric.aes256),n=await Yn(T.hash.sha512,a,new Uint8Array,Jn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await $n(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:ea,generateEphemeralEncryptionMaterial:ia,getPayloadSize:ra,recomputeSharedSecret:na,validateParams:ta});const oa=L.getWebCrypto(),ca=L.getNodeCrypto(),ua={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},ha=ca?ca.getCurves():[],la=ca?{[T.curve.secp256k1]:ha.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:ha.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:ha.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:ha.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:ha.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:ha.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:ha.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:ha.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:ha.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},ya={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.nistP256],web:ua[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:la[T.curve.nistP384],web:ua[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:la[T.curve.nistP521],web:ua[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:la[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:la[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class pa{constructor(e){try{this.name=e instanceof Li?e.getName():T.write(T.curve,e)}catch(e){throw new qi("Unknown curve")}const t=ya[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&L.getWebCrypto()?this.type="web":this.node&&L.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await oa.generateKey({name:"ECDSA",namedCurve:ua[e]},!0,["sign","verify"]),i=await oa.exportKey("jwk",r.privateKey),n=await oa.exportKey("jwk",r.publicKey);return{publicKey:ma(n,t),privateKey:O(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return L.printDebugError("Browser did not support generating ec key "+e.message),fa(this.name)}case"node":return async function(e){const t=ca.createECDH(la[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await ea(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await Fn(T.publicKey.ed25519);return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return fa(this.name)}}}async function ga(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Vr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!L.equalsUint8Array(t,r)}const s=(await L.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!L.equalsUint8Array(s,r)}function da(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function fa(e){const t=await L.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function ma(e,t){const r=O(e.x),i=O(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function wa(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function ba(e,t,r,i){const n=wa(e,t,r);return n.d=j(i),n}const ka=L.getWebCrypto(),va=L.getNodeCrypto();async function Ka(e,t,r,i,n,a){const s=new pa(e);if(da(s,i),r&&!L.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=ba(e.payloadSize,ua[e.name],i.publicKey,i.privateKey),s=await ka.importKey("jwk",a,{name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await ka.sign({name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=L.nodeRequire("eckey-utils"),a=L.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:la[e.name],privateKey:a.from(i)}),o=va.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await L.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:Kr(o.r,"be",s.payloadSize),s:Kr(o.s,"be",s.payloadSize)}}async function Aa(e,t,r,i,n,a){const s=new pa(e);da(s,n);const o=async()=>0===a[0]&&Ea(s,r,a.subarray(1),n);if(i&&!L.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=wa(e.payloadSize,ua[e.name],a),o=await ka.importKey("jwk",s,{name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=L.concatUint8Array([r,i]).buffer;return ka.verify({name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=L.nodeRequire("eckey-utils"),o=L.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:la[e.name],publicKey:o.from(a)}),u=va.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=L.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await Ea(s,r,a,n)||o()}async function Ea(e,t,r,i){return(await L.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(L.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Sa=/*#__PURE__*/Object.freeze({__proto__:null,sign:Ka,validateParams:async function(e,t,r){const i=new pa(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Er(8),n=T.hash.sha256,a=await be.digest(n,i);try{const s=await Ka(e,n,i,t,r,a);return await Aa(e,n,s,i,t,a)}catch(e){return!1}}default:return ga(T.publicKey.ecdsa,e,t,r)}},verify:Aa});var Pa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){if(da(new pa(e),i),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await zn(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Vr.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return L.equalsUint8Array(t,n)},verify:async function(e,t,{r,s:i},n,a,s){if(da(new pa(e),a),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=L.concatUint8Array([r,i]);return Nn(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}});function Ua(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Da(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(L.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var xa=/*#__PURE__*/Object.freeze({__proto__:null,decode:Da,encode:Ua});const Ia=L.getWebCrypto(),Ca=L.getNodeCrypto();function Ba(e,t,r,i){return L.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),L.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ta(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await be.digest(e,L.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function _a(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await ia(T.publicKey.x25519,t.subarray(1));return{publicKey:L.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t){const r=wa(e.payloadSize,e.web,t);let i=Ia.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Ia.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Ia.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Ia.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(ma(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return L.printDebugError(r),Ra(e,t)}break;case"node":return async function(e,t){const r=Ca.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),n=new Uint8Array(r.getPublicKey());return{publicKey:n,sharedKey:i}}(e,t);default:return Ra(e,t)}}async function Ma(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await na(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t,r,i){const n=ba(e.payloadSize,e.web,r,i);let a=Ia.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=wa(e.payloadSize,e.web,t);let o=Ia.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Ia.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Ia.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:O(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return L.printDebugError(r),La(e,t,i)}break;case"node":return async function(e,t,r){const i=Ca.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return La(e,t,i)}}async function La(e,t,r){return{secretKey:r,sharedKey:(await L.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Ra(e,t){const r=await L.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var Fa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s){const o=new pa(e);da(o,n),da(o,r);const{sharedKey:c}=await Ma(o,r,n,a),u=Ba(T.publicKey.ecdh,e,t,s),{keySize:h}=re(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Ta(t.hash,c,h,u,1===e,2===e);return Da(await Qn(t.cipher,r,i))}catch(e){l=e}throw l},encrypt:async function(e,t,r,i,n){const a=Ua(r),s=new pa(e);da(s,i);const{publicKey:o,sharedKey:c}=await _a(s,i),u=Ba(T.publicKey.ecdh,e,t,n),{keySize:h}=re(t.cipher),l=await Ta(t.hash,c,h,u);return{publicKey:o,wrappedKey:await $n(t.cipher,l,a)}},validateParams:async function(e,t,r){return ga(T.publicKey.ecdh,e,t,r)}}),za=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:pa,ecdh:Fa,ecdhX:sa,ecdsa:Sa,eddsa:Vn,eddsaLegacy:Pa,generate:async function(e){const t=new pa(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:L.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}},getPreferredHashAlgo:function(e){return ya[e.getName()].hash}});const Na=BigInt(0),Ha=BigInt(1);var Oa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=pr(i),n=pr(n),r=pr(r),a=pr(a),r=gr(r,i),a=gr(a,n);const l=gr(pr(t.subarray(0,vr(n))),n);for(;;){if(o=Sr(Ha,n),c=gr(dr(r,o,i),n),c===s)continue;const e=gr(a*c,n);if(h=gr(l+e,n),u=gr(mr(o,n)*h,n),u!==s)break}return{r:Kr(c,"be",vr(i)),s:Kr(u,"be",vr(i))}},validateParams:async function(e,t,r,i,n){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),r<=Ha||r>=e)return!1;if(gr(e-Ha,t)!==Na)return!1;if(dr(r,t,e)!==Ha)return!1;const a=BigInt(kr(t));if(a<BigInt(150)||!xr(t,null,32))return!1;n=pr(n);const s=BigInt(2);return i===dr(r,t*Sr(s<<a-Ha,s<<a)+n,e)},verify:async function(e,t,r,i,n,a,s,o){if(t=pr(t),r=pr(r),a=pr(a),s=pr(s),n=pr(n),o=pr(o),t<=Na||t>=s||r<=Na||r>=s)return L.printDebug("invalid DSA Signature"),!1;const c=gr(pr(i.subarray(0,vr(s))),s),u=mr(r,s);if(u===Na)return L.printDebug("invalid DSA Signature"),!1;n=gr(n,a),o=gr(o,a);const h=gr(c*u,s),l=gr(t*u,s);return gr(gr(dr(n,h,a)*dr(o,l,a),a),s)===t}});const ja=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),qa=L.getWebCrypto(),Ga=L.getNodeCrypto();var Va=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=qa||Ga.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)},sign:async function(e,t,r){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=qa||Ga.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=qa||Ga.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}});async function Wa(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{publicKey:r,secretKey:i}=e.keygen(t);return{mlkemPublicKey:r,mlkemSecretKey:i}}throw Error("Unsupported KEM algorithm")}async function $a(e,t,r,i,n,a,s){const o=L.concatUint8Array([n,t,r,i,a,s,new Uint8Array([e])]);return await be.digest(T.hash.sha3_256,o)}var Qa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){const c=await async function(e,t,r,i){if(e===T.publicKey.pqc_mlkem_x25519){const e=await na(T.publicKey.x25519,t,0,r);return await be.sha3_256(L.concatUint8Array([e,t,i]))}throw Error("Unsupported KEM algorithm")}(e,t,i,n),u=await async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs");return e.decapsulate(t,r)}throw Error("Unsupported KEM algorithm")}(e,r,a),h=await $a(e,c,t,n,u,r,s);return await Qn(T.symmetric.aes256,h,o)},encrypt:async function(e,t,r,i){const{eccKeyShare:n,eccCipherText:a}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ephemeralPublicKey:e,sharedSecret:r}=await ia(T.publicKey.x25519,t);return{eccCipherText:e,eccKeyShare:await be.sha3_256(L.concatUint8Array([r,e,t]))}}throw Error("Unsupported KEM algorithm")}(e,t),{mlkemKeyShare:s,mlkemCipherText:o}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{cipherText:r,sharedSecret:i}=e.encapsulate(t);return{mlkemCipherText:r,mlkemKeyShare:i}}throw Error("Unsupported KEM algorithm")}(e,r),c=await $a(e,n,a,t,s,o,r);return{eccCipherText:a,mlkemCipherText:o,wrappedKey:await $n(T.symmetric.aes256,c,i)}},generate:async function(e){const{eccPublicKey:t,eccSecretKey:r}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const{A:e,k:t}=await ea(T.publicKey.x25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported KEM algorithm")}(e),{mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const t=Er(64),{mlkemSecretKey:r,mlkemPublicKey:i}=await Wa(e,t);return{mlkemSeed:t,mlkemSecretKey:r,mlkemPublicKey:i}}throw Error("Unsupported KEM algorithm")}(e);return{eccPublicKey:t,eccSecretKey:r,mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}},mlkemExpandSecretSeed:Wa,validateParams:async function(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519)return ta(T.publicKey.x25519,t,r);throw Error("Unsupported KEM algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{mlkemPublicKey:i}=await Wa(e,r);return L.equalsUint8Array(t,i)}throw Error("Unsupported KEM algorithm")}(e,i,n);return await a&&await s}});async function Za(e,t){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs"),{secretKey:r,publicKey:i}=e.keygen(t);return{mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}function Xa(e){if(e===T.publicKey.pqc_mldsa_ed25519)return T.hash.sha3_256;throw Error("Unsupported signature algorithm")}var Ya=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSecretKey:t,eccPublicKey:r}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{A:e,seed:t}=await Fn(T.publicKey.ed25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported signature algorithm")}(e),{mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const t=Er(32),{mldsaSecretKey:r,mldsaPublicKey:i}=await Za(e,t);return{mldsaSeed:t,mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}(e);return{eccSecretKey:t,eccPublicKey:r,mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}}throw Error("Unsupported signature algorithm")},getRequiredHashAlgo:Xa,mldsaExpandSecretSeed:Za,sign:async function(e,t,r,i,n,a){if(t!==Xa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSignature:s}=await async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519){const{RS:e}=await zn(T.publicKey.ed25519,t,0,i,r,n);return{eccSignature:e}}throw Error("Unsupported signature algorithm")}(e,t,r,i,a),{mldsaSignature:o}=await async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return{mldsaSignature:e.sign(t,r)}}throw Error("Unsupported signature algorithm")}(e,n,a);return{eccSignature:s,mldsaSignature:o}}throw Error("Unsupported signature algorithm")},validateParams:async function(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519)return Hn(T.publicKey.ed25519,t,r);throw Error("Unsupported signature algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{mldsaPublicKey:i}=await Za(e,r);return L.equalsUint8Array(t,i)}throw Error("Unsupported signature algorithm")}(e,i,n);return await a&&await s},verify:async function(e,t,r,i,n,{eccSignature:a,mldsaSignature:s}){if(t!==Xa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const o=async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519)return Nn(T.publicKey.ed25519,t,{RS:n},0,r,i);throw Error("Unsupported signature algorithm")}(e,t,r,n,a),c=async function(e,t,r,i){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return e.verify(t,r,i)}throw Error("Unsupported signature algorithm")}(e,i,n,s);return await o&&await c}throw Error("Unsupported signature algorithm")}}),Ja={rsa:Or,elgamal:qr,elliptic:za,dsa:Oa,hmac:Va,postQuantum:/*#__PURE__*/Object.freeze({__proto__:null,kem:Qa,signature:Ya})};class es{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!L.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return L.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var ts=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*Ja.elliptic.eddsa.getPayloadSize(e),n=L.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new es;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}case T.publicKey.pqc_mldsa_ed25519:{const e=2*Ja.elliptic.eddsa.getPayloadSize(T.publicKey.ed25519),i=L.readExactSubarray(t,r,r+e);r+=i.length;const n=L.readExactSubarray(t,r,r+3309);return r+=n.length,{read:r,signatureParams:{eccSignature:i,mldsaSignature:n}}}default:throw new qi("Unknown signature algorithm.")}},sign:async function(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Ja.rsa.sign(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:n,q:s}=r,{x:o}=i;return Ja.dsa.sign(t,a,e,n,s,o)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return Ja.elliptic.ecdsa.sign(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return Ja.elliptic.eddsaLegacy.sign(e,t,n,s,o,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return Ja.elliptic.eddsa.sign(e,t,n,s,o,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await Ja.hmac.sign(e.getValue(),t,a);return{mac:new es(n)}}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n}=r,{eccSecretKey:s,mldsaSecretKey:o}=i;return Ja.postQuantum.signature.sign(e,t,s,n,o,a)}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i,o=L.leftPad(r.s,e.length);return Ja.rsa.verify(t,a,o,e,n,s)}case T.publicKey.dsa:{const{g:e,p:n,q:a,y:o}=i,{r:c,s:u}=r;return Ja.dsa.verify(t,c,u,s,e,n,a,o)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new Ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return Ja.elliptic.ecdsa.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i,o=new Ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return Ja.elliptic.eddsaLegacy.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return Ja.elliptic.eddsa.verify(e,t,r,a,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return Ja.hmac.verify(e.getValue(),t,r.mac.data,s)}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n,mldsaPublicKey:a}=i;return Ja.postQuantum.signature.verify(e,t,n,a,s,r)}default:throw Error("Unknown signature algorithm.")}}});class rs{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return L.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class is{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new qi("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return L.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const ns=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},as=ns(T.aead),ss=ns(T.symmetric),os=ns(T.hash);class cs{static fromObject({wrappedKey:e,algorithm:t}){const r=new cs;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=L.readExactSubarray(e,t,t+r),t+=r}write(){return L.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function us(e,t){const r=Er(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await be.sha256(r)}}}function hs(e){const{keySize:t}=re(e);return Er(t)}function ls(e){const t=T.read(T.aead,e);return hr[t]}function ys(e){try{e.getName()}catch(e){throw new qi("Unknown curve OID")}}function ps(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new Ja.elliptic.CurveWithOID(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.getPayloadSize(e);case T.publicKey.x25519:case T.publicKey.x448:return Ja.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var gs=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return Ja.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.eddsaLegacy:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.ecdh:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t,kdfParams:new is({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return Ja.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return us(await Ja.hmac.generate(i),new os(i));case T.publicKey.aead:return us(hs(i),new ss(i));case T.publicKey.pqc_mlkem_x25519:return Ja.postQuantum.kem.generate(e).then((({eccSecretKey:e,eccPublicKey:t,mlkemSeed:r,mlkemSecretKey:i,mlkemPublicKey:n})=>({privateParams:{eccSecretKey:e,mlkemSeed:r,mlkemSecretKey:i},publicParams:{eccPublicKey:t,mlkemPublicKey:n}})));case T.publicKey.pqc_mldsa_ed25519:return Ja.postQuantum.signature.generate(e).then((({eccSecretKey:e,eccPublicKey:t,mldsaSeed:r,mldsaSecretKey:i,mldsaPublicKey:n})=>({privateParams:{eccSecretKey:e,mldsaSeed:r,mldsaSecretKey:i},publicParams:{eccPublicKey:t,mldsaPublicKey:n}})));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:hs,getAEADMode:ls,getCipherParams:re,getCurvePayloadSize:ps,getPreferredCurveHashAlgo:function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return Ja.elliptic.getPreferredHashAlgo(t);case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=re(e),r=await Er(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return L.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:L.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:L.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=new rs;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=ps(e),n=L.readExactSubarray(t,r,r+i);r+=n.length;const a=new cs;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new as;r+=e.read(t.subarray(r));const{ivLength:i}=ls(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new es;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}case T.publicKey.pqc_mlkem_x25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.x25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1088);r+=i.length;const n=new cs;return n.read(t.subarray(r)),{eccCipherText:e,mlkemCipherText:i,C:n}}default:throw new qi("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:async function(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(i));i+=e.length+2;const r=L.readMPI(t.subarray(i));i+=r.length+2;const n=L.readMPI(t.subarray(i));i+=n.length+2;const a=L.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=ps(e,r.oid);let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=ps(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=ps(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=ps(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=be.getHashByteLength(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=re(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}case T.publicKey.pqc_mlkem_x25519:{const r=L.readExactSubarray(t,i,i+ps(T.publicKey.x25519));i+=r.length;const n=L.readExactSubarray(t,i,i+64);i+=n.length;const{mlkemSecretKey:a}=await Ja.postQuantum.kem.mlkemExpandSecretSeed(e,n);return{read:i,privateParams:{eccSecretKey:r,mlkemSecretKey:a,mlkemSeed:n}}}case T.publicKey.pqc_mldsa_ed25519:{const r=L.readExactSubarray(t,i,i+ps(T.publicKey.ed25519));i+=r.length;const n=L.readExactSubarray(t,i,i+32);i+=n.length;const{mldsaSecretKey:a}=await Ja.postQuantum.signature.mldsaExpandSecretSeed(e,n);return{read:i,privateParams:{eccSecretKey:r,mldsaSecretKey:a,mldsaSeed:n}}}default:throw new qi("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));r+=n.length+2;const a=L.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new Li;r+=e.read(t),ys(e);const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new Li;if(r+=e.read(t),ys(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new Li;r+=e.read(t),ys(e);const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=new is;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=L.readExactSubarray(t,r,r+ps(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new ss;r+=e.read(t);const i=be.getHashByteLength(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}case T.publicKey.pqc_mlkem_x25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.x25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1184);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mlkemPublicKey:i}}}case T.publicKey.pqc_mldsa_ed25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.ed25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1952);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mldsaPublicKey:i}}}default:throw new qi("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return Ja.rsa.decrypt(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i,s=t.p,o=r.x;return Ja.elgamal.decrypt(e,n,s,o,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Ja.elliptic.ecdh.decrypt(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!L.isAES(o.algorithm))throw Error("AES session key expected");return Ja.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=ls(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:n,mlkemSecretKey:a}=r,{eccPublicKey:s,mlkemPublicKey:o}=t,{eccCipherText:c,mlkemCipherText:u,C:h}=i;return Ja.postQuantum.kem.decrypt(e,c,u,n,s,a,o,h.wrappedKey)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ja.rsa.encrypt(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return Ja.elgamal.encrypt(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Ja.elliptic.ecdh.encrypt(e,i,n,t,a);return{V:s,C:new rs(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!L.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await Ja.elliptic.ecdhX.encrypt(e,n,i);return{ephemeralPublicKey:a,C:cs.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=_.preferredAEADAlgorithm,o=ls(_.preferredAEADAlgorithm),{ivLength:c}=o,u=Er(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new as(s),iv:u,c:new es(l)}}case T.publicKey.pqc_mlkem_x25519:{const{eccPublicKey:i,mlkemPublicKey:a}=r,{eccCipherText:s,mlkemCipherText:o,wrappedKey:c}=await Ja.postQuantum.kem.encrypt(e,i,a,n);return{eccCipherText:s,mlkemCipherText:o,C:cs.fromObject({algorithm:t,wrappedKey:c})}}default:return[]}},serializeParams:function(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac,T.publicKey.pqc_mlkem_x25519,T.publicKey.pqc_mldsa_ed25519]),i={[T.publicKey.pqc_mlkem_x25519]:new Set(["mlkemSecretKey"]),[T.publicKey.pqc_mldsa_ed25519]:new Set(["mldsaSecretKey"])},n=Object.keys(t).map((n=>{if(i[e]?.has(n))return new Uint8Array;const a=t[n];return L.isUint8Array(a)?r.has(e)?a:L.uint8ArrayToMPI(a):a.write()}));return L.concatUint8Array(n)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return Ja.rsa.validateParams(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return Ja.dsa.validateParams(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return Ja.elgamal.validateParams(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=Ja.elliptic[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return Ja.elliptic.eddsaLegacy.validateParams(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return Ja.elliptic.eddsa.validateParams(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return Ja.elliptic.ecdhX.validateParams(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return be.getHashByteLength(e.getValue())===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=re(e.getValue());return s===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:i,mlkemSeed:n}=r,{eccPublicKey:a,mlkemPublicKey:s}=t;return Ja.postQuantum.kem.validateParams(e,a,i,s,n)}case T.publicKey.pqc_mldsa_ed25519:{const{eccSecretKey:i,mldsaSeed:n}=r,{eccPublicKey:a,mldsaPublicKey:s}=t;return Ja.postQuantum.signature.validateParams(e,a,i,s,n)}default:throw Error("Unknown public key algorithm.")}}});const ds={cipher:ie,hash:be,mode:hr,publicKey:Ja,signature:ts,random:Pr,pkcs1:Mr,pkcs5:xa,aesKW:Zn};Object.assign(ds,gs);class fs extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,fs),this.name="Argon2OutOfMemoryError"}}let ms,ws,bs=2<<19;class ks{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return bs}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){bs=e}static reloadWasmModule(){ms&&(ws=ms(),ws.catch((()=>{})))}constructor(e=_){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=ds.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return L.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{ms=ms||(await import("./argon2id.min.mjs")).default,ws=ws||ms();const i=await ws,n=i({version:19,type:2,password:L.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ks.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ks.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new fs("Could not allocate required memory for Argon2"):e}}}class vs{constructor(e,t=_){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=ds.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==L.uint8ArrayToString(e.subarray(t,t+3)))throw new qi("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new qi("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new qi("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...L.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return L.concatUint8Array(e)}async produceKey(e,t){e=L.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=L.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=L.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=L.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await ds.hash.digest(this.algorithm,t);r.push(a),i+=a.length,n++}return L.concatUint8Array(r).subarray(0,t)}}const Ks=new Set([T.s2k.argon2,T.s2k.iterated]);function As(e,t=_){switch(e){case T.s2k.argon2:return new ks(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new vs(e,t);default:throw new qi("Unsupported S2K type")}}function Es(e){const{s2kType:t}=e;if(!Ks.has(t))throw Error("The provided `config.s2kType` value is not allowed");return As(t,e)}var Ss=Uint8Array,Ps=Uint16Array,Us=Uint32Array,Ds=new Ss([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),xs=new Ss([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),Is=new Ss([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),Cs=function(e,t){for(var r=new Ps(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new Us(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},Bs=Cs(Ds,2),Ts=Bs[0],_s=Bs[1];Ts[28]=258,_s[258]=28;for(var Ms=Cs(xs,0),Ls=Ms[0],Rs=Ms[1],Fs=new Ps(32768),zs=0;zs<32768;++zs){var Ns=(43690&zs)>>>1|(21845&zs)<<1;Ns=(61680&(Ns=(52428&Ns)>>>2|(13107&Ns)<<2))>>>4|(3855&Ns)<<4,Fs[zs]=((65280&Ns)>>>8|(255&Ns)<<8)>>>1}var Hs=function(e,t,r){for(var i=e.length,n=0,a=new Ps(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new Ps(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new Ps(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[Fs[l]>>>c]=u}else for(s=new Ps(i),n=0;n<i;++n)e[n]&&(s[n]=Fs[o[e[n]-1]++]>>>15-e[n]);return s},Os=new Ss(288);for(zs=0;zs<144;++zs)Os[zs]=8;for(zs=144;zs<256;++zs)Os[zs]=9;for(zs=256;zs<280;++zs)Os[zs]=7;for(zs=280;zs<288;++zs)Os[zs]=8;var js=new Ss(32);for(zs=0;zs<32;++zs)js[zs]=5;var qs=/*#__PURE__*/Hs(Os,9,0),Gs=/*#__PURE__*/Hs(Os,9,1),Vs=/*#__PURE__*/Hs(js,5,0),Ws=/*#__PURE__*/Hs(js,5,1),$s=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Qs=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Zs=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},Xs=function(e){return(e+7)/8|0},Ys=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?Ps:4==e.BYTES_PER_ELEMENT?Us:Ss)(r-t);return i.set(e.subarray(t,r)),i},Js=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],eo=function(e,t,r){var i=Error(t||Js[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,eo),!r)throw i;return i},to=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},ro=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},io=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[ho,0];if(1==n){var s=new Ss(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new Ps(y+1),g=no(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=a[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=a[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new Ss(p),g]},no=function(e,t,r){return-1==e.s?Math.max(no(e.l,t,r+1),no(e.r,t,r+1)):t[e.s]=r},ao=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new Ps(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},so=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},oo=function(e,t,r){var i=r.length,n=Xs(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},co=function(e,t,r,i,n,a,s,o,c,u,h){to(t,h++,r),++n[256];for(var l=io(n,15),y=l[0],p=l[1],g=io(a,15),d=g[0],f=g[1],m=ao(y),w=m[0],b=m[1],k=ao(d),v=k[0],K=k[1],A=new Ps(19),E=0;E<w.length;++E)A[31&w[E]]++;for(E=0;E<v.length;++E)A[31&v[E]]++;for(var S=io(A,7),P=S[0],U=S[1],D=19;D>4&&!P[Is[D-1]];--D);var x,I,C,B,T=u+5<<3,_=so(n,Os)+so(a,js)+s,M=so(n,y)+so(a,d)+s+14+3*D+so(A,P)+(2*A[16]+3*A[17]+7*A[18]);if(T<=_&&T<=M)return oo(t,h,e.subarray(c,c+u));if(to(t,h,1+(M<_)),h+=2,M<_){x=Hs(y,p,0),I=y,C=Hs(d,f,0),B=d;var L=Hs(P,U,0);to(t,h,b-257),to(t,h+5,K-1),to(t,h+10,D-4),h+=14;for(E=0;E<D;++E)to(t,h+3*E,P[Is[E]]);h+=3*D;for(var R=[w,v],F=0;F<2;++F){var z=R[F];for(E=0;E<z.length;++E){var N=31&z[E];to(t,h,L[N]),h+=P[N],N>15&&(to(t,h,z[E]>>>5&127),h+=z[E]>>>12)}}}else x=qs,I=Os,C=Vs,B=js;for(E=0;E<o;++E)if(i[E]>255){N=i[E]>>>18&31;ro(t,h,x[N+257]),h+=I[N+257],N>7&&(to(t,h,i[E]>>>23&31),h+=Ds[N]);var H=31&i[E];ro(t,h,C[H]),h+=B[H],H>3&&(ro(t,h,i[E]>>>5&8191),h+=xs[H])}else ro(t,h,x[i[E]]),h+=I[i[E]];return ro(t,h,x[256]),h+I[256]},uo=/*#__PURE__*/new Us([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),ho=/*#__PURE__*/new Ss(0),lo=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new Ss(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=oo(c,u+1,e.subarray(h,l))}else{for(var y=uo[t-1],p=y>>>13,g=8191&y,d=(1<<r)-1,f=new Ps(32768),m=new Ps(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new Us(25e3),K=new Ps(288),A=new Ps(32),E=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),I=32767&h,C=m[x];if(f[I]=C,m[x]=I,U<=h){var B=s-h;if((E>7e3||P>24576)&&B>423){u=co(e,c,0,v,K,A,S,P,D,h-D,u),P=E=S=0,D=h;for(var T=0;T<286;++T)K[T]=0;for(T=0;T<30;++T)A[T]=0}var _=2,M=0,L=g,R=I-C&32767;if(B>2&&x==k(h-R))for(var F=Math.min(p,B)-1,z=Math.min(32767,h),N=Math.min(258,B);R<=z&&--L&&I!=C;){if(e[h+_]==e[h+_-R]){for(var H=0;H<N&&e[h+H]==e[h+H-R];++H);if(H>_){if(_=H,M=R,H>F)break;var O=Math.min(R,H-2),j=0;for(T=0;T<O;++T){var q=h-R+T+32768&32767,G=q-f[q]+32768&32767;G>j&&(j=G,C=q)}}}R+=(I=C)-(C=f[I])+32768&32767}if(M){v[P++]=268435456|_s[_]<<18|Rs[M];var V=31&_s[_],W=31&Rs[M];S+=Ds[V]+xs[W],++K[257+V],++A[W],U=h+_,++E}else v[P++]=e[h],++K[e[h]]}}u=co(e,c,a,v,K,A,S,P,D,h-D,u),!a&&7&u&&(u=oo(c,u+1,ho))}return Ys(o,0,i+Xs(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},yo=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(lo(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||eo(5),this.d&&eo(4),this.d=t,this.p(e,t||!1)},e}(),po=/*#__PURE__*/function(){function e(e){this.s={},this.p=new Ss(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||eo(5),this.d&&eo(4);var t=this.p.length,r=new Ss(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new Ss(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new Ss(3*i));var s=function(e){var r=t.length;if(e>r){var i=new Ss(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=Qs(e,c,1);var d=Qs(e,c+1,3);if(c+=3,!d){var f=e[(U=Xs(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){a&&eo(0);break}n&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=Gs,l=Ws,y=9,p=5;else if(2==d){var w=Qs(e,c,31)+257,b=Qs(e,c+10,15)+4,k=w+Qs(e,c+5,31)+1;c+=14;for(var v=new Ss(k),K=new Ss(19),A=0;A<b;++A)K[Is[A]]=Qs(e,c+3*A,7);c+=3*b;var E=$s(K),S=(1<<E)-1,P=Hs(K,E,1);for(A=0;A<k;){var U,D=P[Qs(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[A++]=U;else{var x=0,I=0;for(16==U?(I=3+Qs(e,c,3),c+=2,x=v[A-1]):17==U?(I=3+Qs(e,c,7),c+=3):18==U&&(I=11+Qs(e,c,127),c+=7);I--;)v[A++]=x}}var C=v.subarray(0,w),B=v.subarray(w);y=$s(C),p=$s(B),h=Hs(C,y,1),l=Hs(B,p,1)}else eo(1);if(c>g){a&&eo(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,_=(1<<p)-1,M=c;;M=c){var L=(x=h[Zs(e,c)&T])>>>4;if((c+=15&x)>g){a&&eo(0);break}if(x||eo(2),L<256)t[u++]=L;else{if(256==L){M=c,h=null;break}var R=L-254;if(L>264){var F=Ds[A=L-257];R=Qs(e,c,(1<<F)-1)+Ts[A],c+=F}var z=l[Zs(e,c)&_],N=z>>>4;if(z||eo(3),c+=15&z,B=Ls[N],N>3&&(F=xs[N],B+=Zs(e,c)&(1<<F)-1,c+=F),c>g){a&&eo(0);break}n&&s(u+131072);for(var H=u+R;u<H;u+=4)t[u]=t[u-B],t[u+1]=t[u+1-B],t[u+2]=t[u+2-B],t[u+3]=t[u+3-B];u=H}}r.l=h,r.p=M,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:Ys(t,0,u)}(this.p,this.o,this.s);this.ondata(Ys(r,t,this.s.b),this.d),this.o=Ys(r,this.s.b-32768),this.s.b=this.o.length,this.p=Ys(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),go=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,yo.call(this,e,t)}return e.prototype.push=function(e,t){yo.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=lo(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),fo=/*#__PURE__*/function(){function e(e){this.v=1,po.call(this,e)}return e.prototype.push=function(e,t){if(po.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&eo(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),po.prototype.c.call(this,t)},e}(),mo="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{mo.decode(ho,{stream:!0}),1}catch(e){}class wo{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=L.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||L.isStream(this.text))&&(this.text=L.decodeUTF8(L.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=L.canonicalizeEOL(L.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await K(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=L.decodeUTF8(await e.readBytes(r)),this.date=L.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=L.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=L.writeDate(this.date);return L.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return L.concat([e,t])}}class bo{constructor(){this.bytes=""}read(e){return this.bytes=L.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return L.stringToUint8Array(this.bytes)}toHex(){return L.uint8ArrayToHex(L.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new bo;return t.read(L.hexToUint8Array(e)),t}static wildcard(){const e=new bo;return e.read(new Uint8Array(8)),e}}const ko=Symbol("verified"),vo="salt@notations.openpgpjs.org",Ko=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class Ao{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new bo,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[ko]=null}read(e,t=_){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new qi("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=ds.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>ds.serializeParams(this.publicKeyAlgorithm,await this.params))):ds.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),L.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=L.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=So(this.hashAlgorithm);if(null===this.salt)this.salt=ds.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===vo)).length)throw Error("Unexpected existing salt notation");{const e=ds.random.getRandomBytes(So(this.hashAlgorithm));this.rawNotations.push({name:vo,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=L.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(A(o),0,2);const c=async()=>ds.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));L.isStream(o)?this.params=c():(this.params=await c(),this[ko]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Eo(e.signatureCreationTime,!0,L.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Eo(e.signatureExpirationTime,!0,L.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Eo(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Eo(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Eo(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Eo(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Eo(e.keyExpirationTime,!0,L.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Eo(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=L.concat([r,this.revocationKeyFingerprint]),t.push(Eo(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Eo(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=L.encodeUTF8(i);r.push(L.writeNumber(o.length,2)),r.push(L.writeNumber(n.length,2)),r.push(o),r.push(n),r=L.concat(r),t.push(Eo(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Eo(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Eo(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyServerPreferences)),t.push(Eo(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Eo(e.preferredKeyServer,!1,L.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Eo(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Eo(e.policyURI,!1,L.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyFlags)),t.push(Eo(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Eo(e.signersUserID,!1,L.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=L.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Eo(e.reasonForRevocation,!0,r))),null!==this.features&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.features)),t.push(Eo(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(L.stringToUint8Array(this.signatureTargetHash)),r=L.concat(r),t.push(Eo(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Eo(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=L.concat(r),t.push(Eo(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Eo(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Eo(e.preferredCipherSuites,!1,r)));const i=L.concat(t),n=L.writeNumber(i.length,6===this.version?4:2);return L.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Eo(e,t,r))),t=L.concat(e),r=L.writeNumber(t.length,6===this.version?4:2);return L.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),Ko.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=L.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=L.readNumber(e.subarray(r,r+2));r+=2;const a=L.readNumber(e.subarray(r,r+2));r+=2;const s=L.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=L.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=ds.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=L.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Ao,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=L.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Ri(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?L.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return L.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return L.concat([this.toSign(r.key,t),new Uint8Array([i]),L.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return L.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(A(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(L.writeNumber(r,4)),L.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return L.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==So(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),ds.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=_){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[ko]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[ko]=await ds.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[ko])throw Error("Signature verification failed")}const o=L.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=L.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Eo(e,t,r){const i=[];return i.push(Fi(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),L.concat(i)}function So(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Po{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Po;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new bo,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new bo,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),L.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>Ao.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!L.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!L.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Uo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new Gi("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Po.prototype.hash=Ao.prototype.hash,Po.prototype.toHash=Ao.prototype.toHash,Po.prototype.toSign=Ao.prototype.toSign;class Do extends Array{static async fromBinary(e,t,r=_){const i=new Do;return await i.read(e,t,r),i}async read(e,t,r=_){r.additionalAllowedPackets.length&&(t={...t,...L.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=C(i);try{for(;;){await n.ready;if(await ji(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=Uo(e.tag,t);i.packets=new Do,i.fromStream=L.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof Gi){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof qi,a=!(r.ignoreMalformedPackets||t instanceof qi);if(i||a||Oi(e.tag))await n.abort(t);else{const t=new Vi(e.tag,e.packet);await n.write(t)}L.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=I(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Oi(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Vi?this[t].tag:this[t].constructor.tag,i=this[t].write();if(L.isStream(i)&&Oi(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Ni(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=L.concat([zi(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>L.concat([Fi(n)].concat(t)))))}else{if(L.isStream(i)){let t=0;e.push(k(A(i),(e=>{t+=e.length}),(()=>Hi(r,t))))}else e.push(Hi(r,i.length));e.push(i)}}return L.concat(e)}filterByTag(...e){const t=new Do,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const xo=/*#__PURE__*/L.constructAllowedPackets([wo,Po,Ao]);class Io{static get tag(){return T.packet.compressedData}constructor(e=_){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=_){await K(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),L.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=_){const t=T.read(T.compression,this.algorithm),r=Mo[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Do.fromBinary(await r(this.compressed),xo,e)}compress(){const e=T.read(T.compression,this.algorithm),t=_o[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Co(e,t){return r=>{if(!L.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function Bo(){return async function(e){const{decode:t}=await import("./seek-bzip.min.mjs").then((function(e){return e.i}));return x((async()=>t(await U(e))))}}const To=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),_o={zip:/*#__PURE__*/Co(To("deflate-raw").compressor,yo),zlib:/*#__PURE__*/Co(To("deflate").compressor,go)},Mo={uncompressed:e=>e,zip:/*#__PURE__*/Co(To("deflate-raw").decompressor,po),zlib:/*#__PURE__*/Co(To("deflate").decompressor,fo),bzip2:/*#__PURE__*/Bo()},Lo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class Ro{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Ro;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new qi(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):L.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=_){const{blockSize:i,keySize:n}=ds.getCipherParams(e);if(t.length!==n)throw Error("Unexpected session key size");let a=this.packets.write();if(s(a)&&(a=await U(a)),2===this.version)this.cipherAlgorithm=e,this.salt=ds.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Fo(this,"encrypt",t,a);else{const n=await ds.getPrefixRandom(e),s=new Uint8Array([211,20]),o=L.concat([n,a,s]),c=await ds.hash.sha1(E(o)),u=L.concat([o,c]);this.encrypted=await ds.mode.cfb.encrypt(e,t,u,new Uint8Array(i),r)}return!0}async decrypt(e,t,r=_){if(t.length!==ds.getCipherParams(e).keySize)throw Error("Unexpected session key size");let i,n=A(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");i=await Fo(this,"decrypt",t,n)}else{const{blockSize:a}=ds.getCipherParams(e),s=await ds.mode.cfb.decrypt(e,t,n,new Uint8Array(a)),o=P(E(s),-20),c=P(s,0,-20),u=Promise.all([U(await ds.hash.sha1(E(c))),U(o)]).then((([e,t])=>{if(!L.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=f([i,x((()=>u))]),L.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await Do.fromBinary(i,Lo,r),!0}}async function Fo(e,t,r,i){const n=e instanceof Ro&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=ds.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),d=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let f,w,b=0,k=Promise.resolve(),K=0,A=0;if(n){const{keySize:t}=ds.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await Yn(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),f=a.subarray(t),f.fill(0,f.length-8),w=new DataView(f.buffer,f.byteOffset,f.byteLength)}else f=e.iv;const E=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==L.isStream(r)){const t=new TransformStream({},{highWaterMark:L.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=I(r),s=C(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=f;else{m=f.slice();for(let e=0;e<8;e++)m[f.length-8+e]^=d[e]}if(!b||e.length?(a.unshift(r),i=E[t](e,m,y),i.catch((()=>{})),A+=e.length-o+c):(g.setInt32(5+h+4,K),i=E[t](r,m,p),i.catch((()=>{})),A+=c,l=!0),K+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),A-=e.length})).catch((e=>s.abort(e))),(l||A>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(f.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const zo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class No{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{const t=await e.readByte();if(1!==t)throw new qi(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=ds.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=_){this.packets=await Do.fromBinary(await Fo(this,"decrypt",t,A(this.encrypted)),zo,r)}async encrypt(e,t,r=_){this.cipherAlgorithm=e;const{ivLength:i}=ds.getAEADMode(this.aeadAlgorithm);this.iv=ds.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await Fo(this,"encrypt",t,n)}}const Ho=new Set([T.publicKey.x25519,T.publicKey.x448,T.publicKey.pqc_mlkem_x25519]);class Oo{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new bo,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new Oo;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?bo.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=bo.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=ds.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),Ho.has(this.publicKeyAlgorithm))if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),ds.serializeParams(this.publicKeyAlgorithm,this.encrypted)),L.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=jo(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await ds.publicKeyEncrypt(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?jo(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await ds.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=L.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:L.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:L.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);if(3===this.version){const e=!Ho.has(this.publicKeyAlgorithm);if(this.sessionKeyAlgorithm=e?s:this.sessionKeyAlgorithm,a.length!==ds.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=a}}function jo(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return L.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,L.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return i;default:throw Error("Unsupported public key algorithm")}}class qo{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=_){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=As(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=ds.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=L.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=L.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=L.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=L.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=ds.getCipherParams(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=ds.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await Yn(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await ds.mode.cfb.decrypt(t,n,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==ds.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=n}async encrypt(e,t=_){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=Es(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=ds.getCipherParams(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=ds.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=ds.getAEADMode(this.aeadAlgorithm);this.iv=ds.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Yn(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=L.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await ds.mode.cfb.encrypt(r,a,e,new Uint8Array(i),t)}}}class Go{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=_){this.version=t.v6Keys?6:4,this.created=L.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Go,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=_){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new qi("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=L.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=ds.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error("Unexpected key version: ML-DSA and ML-KEM algorithms can only be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new qi(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(L.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=ds.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(L.writeNumber(t.length,4)),e.push(t),L.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return L.concatUint8Array([new Uint8Array([r]),L.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new bo,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await ds.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await ds.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return L.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&L.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=L.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Go.prototype.readPublicKey=Go.prototype.read,Go.prototype.writePublicKey=Go.prototype.write;const Vo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class Wo{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=_){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=ds.getCipherParams(e),n=await U(A(this.encrypted)),a=await ds.mode.cfb.decrypt(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await Do.fromBinary(a,Vo,r)}async encrypt(e,t,r=_){const i=this.packets.write(),{blockSize:n}=ds.getCipherParams(e),a=await ds.getPrefixRandom(e),s=await ds.mode.cfb.encrypt(e,t,a,new Uint8Array(n),r),o=await ds.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=L.concat([s,o])}}class $o{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class Qo extends Go{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new Qo,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class Zo{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Ri(e.subarray(t,e.length));t+=r.offset,this.attributes.push(L.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(Fi(this.attributes[t].length)),e.push(L.stringToUint8Array(this.attributes[t]));return L.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Zo)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Xo extends Go{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=_){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=_){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=As(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+ds.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+ds.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!L.equalsUint8Array(L.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=await ds.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof qi)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return L.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=ds.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(L.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(L.writeChecksum(this.keyMaterial))),L.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=_){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=As(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=_){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=Es(t),this.s2k.generateSalt();const r=ds.serializeParams(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=ds.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=ds.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Ni(this.constructor.tag),s=await Yo(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?ds.random.getRandomBytes(i):ds.random.getRandomBytes(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const n=await Yo(this.version,this.s2k,e,this.symmetric);this.iv=ds.random.getRandomBytes(i),this.keyMaterial=await ds.mode.cfb.encrypt(this.symmetric,n,L.concatUint8Array([r,await ds.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Ni(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await Yo(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=ds.getAEADMode(this.aead),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await ds.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await ds.hash.sha1(i);if(!L.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=await ds.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await ds.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error(`Cannot generate v${this.version} keys of type 'pqc'. Generate a v6 key instead`);const{privateParams:i,publicParams:n}=await ds.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function Yo(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=ds.getCipherParams(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=L.concatUint8Array([a,new Uint8Array([e,i,n])]);return Yn(T.hash.sha256,c,new Uint8Array,u,o)}class Jo{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(L.isString(e)||e.name&&!L.isString(e.name)||e.email&&!L.isEmailAddress(e.email)||e.comment&&!L.isString(e.comment))throw Error("Invalid user ID format");const t=new Jo;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=_){const r=L.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return L.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class ec extends Xo{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=_){super(e,t)}}class tc{static get tag(){return T.packet.trust}read(){throw new qi("Trust packets are not supported")}write(){throw new qi("Trust packets are not supported")}}class rc{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await ds.random.getRandomBytes(e)}}const ic=/*#__PURE__*/L.constructAllowedPackets([Ao]);class nc{constructor(e){this.packets=e||new Do}write(){return this.packets.write()}armor(e=_){const t=this.packets.some((e=>e.constructor.tag===Ao.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function ac({armoredSignature:e,binarySignature:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!L.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!L.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await Do.fromBinary(n,ic,r);return new nc(s)}async function sc(e,t){const r=new ec(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function oc(e,t){const r=new Xo(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function cc(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw L.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function uc(e,t,r=new Date){const i=L.normalizeDate(r);if(null!==i){const r=gc(e,t);return!(e.created<=i&&i<r)}return!1}async function hc(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await lc(n,[],e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await lc(n,[],t,a,r.date,void 0,void 0,void 0,i)}async function lc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Ao;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i=[],n){if(t.algorithm===T.publicKey.pqc_mldsa_ed25519)return ds.publicKey.postQuantum.signature.getRequiredHashAlgo(t.algorithm);const a=T.hash.sha256,s=n.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,i[t],n)).preferredHashAlgorithms))),c=new Map;for(const e of o)for(const t of e)try{const e=T.write(T.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===a,h=()=>{if(0===c.size)return a;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>ds.hash.getHashByteLength(e)-ds.hash.getHashByteLength(t)))[0];return ds.hash.getHashByteLength(e)>=ds.hash.getHashByteLength(a)?e:a};if(new Set([T.publicKey.ecdsa,T.publicKey.eddsaLegacy,T.publicKey.ed25519,T.publicKey.ed448]).has(t.algorithm)){const e=ds.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid),r=u(s),i=ds.hash.getHashByteLength(s)>=ds.hash.getHashByteLength(e);if(r&&i)return s;{const t=h();return ds.hash.getHashByteLength(t)>=ds.hash.getHashByteLength(e)?t:e}}return u(s)?s:h()}(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function yc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return L.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function pc(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function gc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function dc(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"pqc":e.sign?e.algorithm=T.publicKey.pqc_mldsa_ed25519:e.algorithm=T.publicKey.pqc_mlkem_x25519;break;case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function fc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:case T.publicKey.pqc_mldsa_ed25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function mc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:case T.publicKey.pqc_mlkem_x25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function wc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function bc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class kc{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Do;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new kc(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new kc(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return lc(n,[e],a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=_){const n=this.mainKey.keyPacket;return pc(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw L.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw L.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await yc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await yc(e,this,"otherCertifications",t),await yc(e,this,"revocationSignatures",t,(function(e){return pc(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=_){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new kc(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await lc(a,[],e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class vc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Do;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new vc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=_){const n=this.mainKey.keyPacket;return pc(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await cc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(uc(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await cc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=gc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=_){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await yc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await yc(e,this,"revocationSignatures",t,(function(e){return pc(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=_){const a={key:e,bind:this.keyPacket},s=new vc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await lc(a,[],e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{vc.prototype[e]=function(){return this.keyPacket[e]()}}));const Kc=/*#__PURE__*/L.constructAllowedPackets([Ao]),Ac=new Set([T.packet.publicKey,T.packet.privateKey]),Ec=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class Sc{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Vi){Ec.has(s.tag)&&!a&&(a=Ac.has(s.tag)?Ac:Ec);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new kc(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new vc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){L.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){L.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){L.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new Do;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{bc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await cc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!fc(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await cc([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),bc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&fc(n,a,i))return bc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{bc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await cc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(mc(r.keyPacket,a,i))return bc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&mc(n,a,i))return bc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=_){return pc(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=_){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(uc(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await cc(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&uc(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=_){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=gc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await cc(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=gc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return L.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=_){const i=this.keyPacket;if(6===i.version)return cc(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=_){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await cc(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=_){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await yc(e,i,"revocationSignatures",t,(n=>pc(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await yc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=_){const r={key:this.keyPacket},i=await cc(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new Do;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=_){const i=await X(e),n=(await Do.fromBinary(i.data,Kc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw L.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=_){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=_){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=_){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=_){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{Sc.prototype[e]=vc.prototype[e]}));class Pc extends Sc{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=_){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Uc extends Pc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Do,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Go.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=Qo.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Pc(e)}armor(e=_){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=_){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await cc(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);wc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!wc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=_){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=_){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await lc(n,[],this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={..._,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=dc(e,i);const n=await sc(e,{...t,v6Keys:6===this.keyPacket.version});bc(n,t);const a=await hc(n,r,e,t),s=this.toPacketList();return s.push(n,a),new Uc(s)}}const Dc=/*#__PURE__*/L.constructAllowedPackets([Go,Qo,Xo,ec,Jo,Zo,Ao]);function xc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new Uc(e);case T.packet.publicKey:return new Pc(e)}throw Error("No key packet found")}async function Ic(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new Do;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha512,T.hash.sha256,...6===e.version?[T.hash.sha3_512,T.hash.sha3_256]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await lc(t,[],e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=Jo.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await lc(o,[],e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await hc(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await lc(o,[],e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Uc(n)}async function Cc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await Do.fromBinary(a,Dc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return xc(s.slice(o[0],o[1]))}async function Bc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await Do.fromBinary(a,Dc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new Uc(t)}throw Error("No secret key packet found")}async function Tc({armoredKeys:e,binaryKeys:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await Do.fromBinary(n,Dc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=xc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function _c({armoredKeys:e,binaryKeys:t,config:r}){r={..._,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await Do.fromBinary(i,Dc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new Uc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Mc=/*#__PURE__*/L.constructAllowedPackets([wo,Io,No,Ro,Wo,Oo,qo,Po,Ao]),Lc=/*#__PURE__*/L.constructAllowedPackets([qo]),Rc=/*#__PURE__*/L.constructAllowedPackets([Ao]);class Fc{constructor(e){this.packets=e||new Do}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=_){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!L.isUint8Array(t)||!s.cipherAlgorithm&&!L.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){L.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new Fc(s.packets);return s.packets=new Do,l}async decryptSessionKeys(e,t,r,i=new Date,n=_){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Do.fromBinary(e.write(),Lc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){L.printDebugError(e),e instanceof fs&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Oo;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:ds.generateSessionKey(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){L.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){L.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+L.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=_){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=_){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!L.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:ds.generateSessionKey(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=_){if(r){if(!L.isUint8Array(r.data)||!L.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Fc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Fc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Fc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=Ro.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new Do,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=_){const h=new Do,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=Oo.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new qo(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new Fc(h)}async sign(e=[],t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=_){const u=new Do,h=this.packets.findPacket(T.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await zc(h,e,t,r,i,n,a,s,o,!1,c),y=l.map(((e,t)=>Po.fromSignaturePacket(e,0===t))).reverse();return u.push(...y),u.push(h),u.push(...l),new Fc(u)}compress(e,t=_){if(e===T.compression.uncompressed)return this;const r=new Io(t);r.algorithm=e,r.packets=this.packets;const i=new Do;return i.push(r),new Fc(i)}async signDetached(e=[],t=[],r=null,i=[],n=[],a=new Date,s=[],o=[],c=_){const u=this.packets.findPacket(T.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new nc(await zc(u,e,t,r,i,n,a,s,o,!0,c))}async verify(e,t=new Date,r=_){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&L.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=I(e),i=C(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Nc(a,n,e,t,!1,r)):Nc(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=_){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return Nc(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new Fc(e[0].packets):this}async appendSignature(e,t=_){await this.packets.read(L.isUint8Array(e)?e:(await X(e)).data,Rc,t)}write(){return this.packets.write()}armor(e=_){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Ro.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Ao.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function zc(e,t,r=[],i=null,n=[],a=new Date,s=[],o=[],c=[],u=!1,h=_){const l=new Do,y=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,i)=>{const l=s[i];if(!t.isPrivate())throw Error("Need private key for signing");const p=await t.getSigningKey(n[i],a,l,h);return lc(e,r.length?r:[t],p.keyPacket,{signatureType:y},a,o,c,u,h)}))).then((e=>{l.push(...e)})),i){const e=i.packets.filterByTag(T.packet.signature);l.push(...e)}return l}async function Nc(e,t,r,i=new Date,n=!1,a=_){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=_){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Po?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new Do;return e&&t.push(e),new nc(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function Hc({armoredMessage:e,binaryMessage:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=L.isStream(n);if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await Do.fromBinary(n,Mc,r),c=new Fc(o);return c.fromStream=s,c}async function Oc({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=L.isStream(s),u=new wo(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new Do;h.push(u);const l=new Fc(h);return l.fromStream=c,l}const jc=/*#__PURE__*/L.constructAllowedPackets([Ao]);class qc{constructor(e,t){if(this.text=L.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof nc))throw Error("Invalid signature input");this.signature=t||new nc(new Do)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=_){const u=new wo;u.setText(this.text);const h=new nc(await zc(u,e,t,r,i,n,a,s,o,!0,c));return new qc(this.text,h)}verify(e,t=new Date,r=_){const i=this.signature.packets.filterByTag(T.packet.signature),n=new wo;return n.setText(this.text),Nc(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=_){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function Gc({cleartextMessage:e,config:t,...r}){if(t={..._,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!L.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await X(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await Do.fromBinary(n.data,jc,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new nc(a);return new qc(n.text,s)}async function Vc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!L.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new qc(e)}async function Wc({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){uu(l={..._,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=hu(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=dc(e)).subkeys=e.subkeys.map(((t,r)=>dc(e.subkeys[r],e)));let r=[oc(e,t)];r=r.concat(e.subkeys.map((e=>sc(e,t))));const i=await Promise.all(r),n=await Ic(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>bc(e,l))),{privateKey:pu(e,h,l),publicKey:"symmetric"!==r?pu(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw L.wrapError("Error generating keypair",e)}}async function $c({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){uu(s={..._,...s}),t=hu(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await cc(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await Ic(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:pu(e,a,s),publicKey:pu(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw L.wrapError("Error reformatting keypair",e)}}async function Qc({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){uu(a={..._,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:pu(s,n,a),publicKey:pu(s.toPublic(),n,a)}:{privateKey:null,publicKey:pu(s,n,a)}}catch(e){throw L.wrapError("Error revoking key",e)}}async function Zc({privateKey:e,passphrase:t,config:r,...i}){uu(r={..._,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=L.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>L.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error decrypting private key",e)}}async function Xc({privateKey:e,passphrase:t,config:r,...i}){uu(r={..._,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=L.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error encrypting private key",e)}}async function Yc({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...d}){if(uu(g={..._,...g}),au(e),ou(a),t=hu(t),r=hu(r),i=hu(i),c=hu(c),u=hu(u),l=hu(l),y=hu(y),p=hu(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,t,s,c,h,l,u,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=_){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const d="armored"===a?e.armor(g):e.write();return await lu(d)}catch(e){throw L.wrapError("Error encrypting message",e)}}async function Jc({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(uu(u={..._,...u}),au(e),n=hu(n),t=hu(t),r=hu(r),i=hu(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),yu(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=f([l.data,x((async()=>(await L.anyPromise(l.signatures.map((e=>e.verified))),"binary"===s?new Uint8Array:"")))])}return l.data=await lu(l.data),l}catch(e){throw L.wrapError("Error decrypting message",e)}}async function eu({message:e,signingKeys:t,recipientKeys:r=[],format:i="armored",detached:n=!1,signingKeyIDs:a=[],date:s=new Date,signingUserIDs:o=[],recipientUserIDs:c=[],signatureNotations:u=[],config:h,...l}){if(uu(h={..._,...h}),su(e),ou(i),t=hu(t),a=hu(a),o=hu(o),r=hu(r),c=hu(c),u=hu(u),l.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==l.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(e instanceof qc&&"binary"===i)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof qc&&n)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let l;if(l=n?await e.signDetached(t,r,void 0,a,s,o,c,u,h):await e.sign(t,r,void 0,a,s,o,c,u,h),"object"===i)return l;return l="armored"===i?l.armor(h):l.write(),n&&(l=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(l,t),U(e).catch((()=>{}))])}))),await lu(l)}catch(e){throw L.wrapError("Error signing message",e)}}async function tu({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(uu(s={..._,...s}),su(e),t=hu(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof qc&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof qc&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&yu(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=f([o.data,x((async()=>(await L.anyPromise(o.signatures.map((e=>e.verified))),"binary"===i?new Uint8Array:"")))])}return o.data=await lu(o.data),o}catch(e){throw L.wrapError("Error verifying signed message",e)}}async function ru({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(uu(i={..._,...i}),e=hu(e),r=hu(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await Fc.generateSessionKey(e,t,r,i)}catch(e){throw L.wrapError("Error generating session key",e)}}async function iu({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(uu(h={..._,...h}),function(e){if(!L.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!L.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),ou(a),i=hu(i),n=hu(n),o=hu(o),u=hu(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return pu(await Fc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw L.wrapError("Error encrypting session key",e)}}async function nu({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(uu(n={..._,...n}),au(e),t=hu(t),r=hu(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw L.wrapError("Error decrypting session keys",e)}}function au(e){if(!(e instanceof Fc))throw Error("Parameter [message] needs to be of type Message")}function su(e){if(!(e instanceof qc||e instanceof Fc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function ou(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const cu=Object.keys(_).length;function uu(e){const t=Object.keys(e);if(t.length!==cu)for(const e of t)if(void 0===_[e])throw Error("Unknown config property: "+e)}function hu(e){return e&&!L.isArray(e)&&(e=[e]),e}async function lu(e){return"array"===L.isStream(e)?U(e):e}function yu(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=C(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function pu(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{No as AEADEncryptedDataPacket,fs as Argon2OutOfMemoryError,ks as Argon2S2K,qc as CleartextMessage,Io as CompressedDataPacket,is as KDFParams,wo as LiteralDataPacket,$o as MarkerPacket,Fc as Message,Po as OnePassSignaturePacket,Do as PacketList,rc as PaddingPacket,Uc as PrivateKey,Pc as PublicKey,Oo as PublicKeyEncryptedSessionKeyPacket,Go as PublicKeyPacket,Qo as PublicSubkeyPacket,Xo as SecretKeyPacket,ec as SecretSubkeyPacket,nc as Signature,Ao as SignaturePacket,vc as Subkey,Ro as SymEncryptedIntegrityProtectedDataPacket,qo as SymEncryptedSessionKeyPacket,Wo as SymmetricallyEncryptedDataPacket,tc as TrustPacket,Vi as UnparseablePacket,Zo as UserAttributePacket,Jo as UserIDPacket,Y as armor,_ as config,Vc as createCleartextMessage,Oc as createMessage,Jc as decrypt,Zc as decryptKey,nu as decryptSessionKeys,Yc as encrypt,Xc as encryptKey,iu as encryptSessionKey,T as enums,Wc as generateKey,ru as generateSessionKey,Gc as readCleartextMessage,Cc as readKey,Tc as readKeys,Hc as readMessage,Bc as readPrivateKey,_c as readPrivateKeys,ac as readSignature,$c as reformatKey,Qc as revokeKey,eu as sign,X as unarmor,tu as verify};
 //# sourceMappingURL=openpgp.min.mjs.map