@protontech/openpgp 6.0.2-patch.1 → 6.1.0

package/dist/lightweight/openpgp.min.mjs

@@ -1,5 +1,5 @@
-/*! OpenPGP.js v6.0.2-patch.1 - 2024-12-13 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function d(e){if(c(e))return e;const t=new a;return(async()=>{const r=C(t);await r.write(e),await r.close()})(),t}function f(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=C(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=I(e=d(e)),o=C(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=C(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?f([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?f([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=d(e);const r=new a;return t(e,r),r}function K(e,t){let r;const i=v(e,((e,n)=>{const a=I(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function A(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function E(e){return s(e)?A(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=I(e),n=C(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(f(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?f([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=f(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=f){return s(e)?e.readToEnd(t):c(e)?I(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=C(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function I(e){return new p(e)}function C(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?f(t):void 0;const n=i.indexOf("\n")+1;n&&(e=f(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?f(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=f(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=f){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const B=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,pqc_mlkem_x25519:105,pqc_mldsa_ed25519:107,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[B]||(e[B]=[],Object.entries(e).forEach((([t,r])=>{e[B][r]=t}))),void 0!==e[B][t])return e[B][t];throw Error("Invalid enum value.")}},_={preferredHashAlgorithm:T.hash.sha512,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.0.2-patch.1",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const M=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),L={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!_.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=L.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return L.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return L.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=L.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return L.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+L.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!L.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:f,concatUint8Array:h,equalsUint8Array:function(e,t){if(!L.isUint8Array(e)||!L.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return L.writeNumber(t,2)},printDebug:function(e){M&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){M&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!L.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=L.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?L.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},R=L.getNodeBuffer();let F,z;function N(e){let t=new Uint8Array;return k(e,(e=>{t=L.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=F(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?F(t)+"\n":""))}function O(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=z(t.substr(0,n));return t=t.substr(n),a}),(()=>z(t)))}function H(e){return O(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=N(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function q(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function G(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return N(t)}R?(F=e=>R.from(e).toString("base64"),z=e=>{const t=R.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(F=e=>btoa(L.uint8ArrayToString(e)),z=e=>L.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Q(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||L.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||L.printDebugError(Error("Unknown header: "+e[t]))}function Z(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function X(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=O(v(e,(async(e,y)=>{const p=I(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=L.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Q(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Q(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=q(e))}}catch(e){return void r(e)}const g=C(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=L.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=Z(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=_){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&E(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(N(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return L.concat(h)}async function J(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported cipher algorithm");return r}default:throw Error("Unsupported cipher algorithm")}}function ee(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function te(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function re(e){return{keySize:te(e),blockSize:ee(e)}}var ie=/*#__PURE__*/Object.freeze({__proto__:null,getCipherParams:re,getLegacyCipher:J});function ne(e,t){let r=e[0],i=e[1],n=e[2],a=e[3];r=se(r,i,n,a,t[0],7,-680876936),a=se(a,r,i,n,t[1],12,-389564586),n=se(n,a,r,i,t[2],17,606105819),i=se(i,n,a,r,t[3],22,-1044525330),r=se(r,i,n,a,t[4],7,-176418897),a=se(a,r,i,n,t[5],12,1200080426),n=se(n,a,r,i,t[6],17,-1473231341),i=se(i,n,a,r,t[7],22,-45705983),r=se(r,i,n,a,t[8],7,1770035416),a=se(a,r,i,n,t[9],12,-1958414417),n=se(n,a,r,i,t[10],17,-42063),i=se(i,n,a,r,t[11],22,-1990404162),r=se(r,i,n,a,t[12],7,1804603682),a=se(a,r,i,n,t[13],12,-40341101),n=se(n,a,r,i,t[14],17,-1502002290),i=se(i,n,a,r,t[15],22,1236535329),r=oe(r,i,n,a,t[1],5,-165796510),a=oe(a,r,i,n,t[6],9,-1069501632),n=oe(n,a,r,i,t[11],14,643717713),i=oe(i,n,a,r,t[0],20,-373897302),r=oe(r,i,n,a,t[5],5,-701558691),a=oe(a,r,i,n,t[10],9,38016083),n=oe(n,a,r,i,t[15],14,-660478335),i=oe(i,n,a,r,t[4],20,-405537848),r=oe(r,i,n,a,t[9],5,568446438),a=oe(a,r,i,n,t[14],9,-1019803690),n=oe(n,a,r,i,t[3],14,-187363961),i=oe(i,n,a,r,t[8],20,1163531501),r=oe(r,i,n,a,t[13],5,-1444681467),a=oe(a,r,i,n,t[2],9,-51403784),n=oe(n,a,r,i,t[7],14,1735328473),i=oe(i,n,a,r,t[12],20,-1926607734),r=ce(r,i,n,a,t[5],4,-378558),a=ce(a,r,i,n,t[8],11,-2022574463),n=ce(n,a,r,i,t[11],16,1839030562),i=ce(i,n,a,r,t[14],23,-35309556),r=ce(r,i,n,a,t[1],4,-1530992060),a=ce(a,r,i,n,t[4],11,1272893353),n=ce(n,a,r,i,t[7],16,-155497632),i=ce(i,n,a,r,t[10],23,-1094730640),r=ce(r,i,n,a,t[13],4,681279174),a=ce(a,r,i,n,t[0],11,-358537222),n=ce(n,a,r,i,t[3],16,-722521979),i=ce(i,n,a,r,t[6],23,76029189),r=ce(r,i,n,a,t[9],4,-640364487),a=ce(a,r,i,n,t[12],11,-421815835),n=ce(n,a,r,i,t[15],16,530742520),i=ce(i,n,a,r,t[2],23,-995338651),r=ue(r,i,n,a,t[0],6,-198630844),a=ue(a,r,i,n,t[7],10,1126891415),n=ue(n,a,r,i,t[14],15,-1416354905),i=ue(i,n,a,r,t[5],21,-57434055),r=ue(r,i,n,a,t[12],6,1700485571),a=ue(a,r,i,n,t[3],10,-1894986606),n=ue(n,a,r,i,t[10],15,-1051523),i=ue(i,n,a,r,t[1],21,-2054922799),r=ue(r,i,n,a,t[8],6,1873313359),a=ue(a,r,i,n,t[15],10,-30611744),n=ue(n,a,r,i,t[6],15,-1560198380),i=ue(i,n,a,r,t[13],21,1309151649),r=ue(r,i,n,a,t[4],6,-145523070),a=ue(a,r,i,n,t[11],10,-1120210379),n=ue(n,a,r,i,t[2],15,718787259),i=ue(i,n,a,r,t[9],21,-343485551),e[0]=pe(r,e[0]),e[1]=pe(i,e[1]),e[2]=pe(n,e[2]),e[3]=pe(a,e[3])}function ae(e,t,r,i,n,a){return t=pe(pe(t,e),pe(i,a)),pe(t<<n|t>>>32-n,r)}function se(e,t,r,i,n,a,s){return ae(t&r|~t&i,e,t,n,a,s)}function oe(e,t,r,i,n,a,s){return ae(t&i|r&~i,e,t,n,a,s)}function ce(e,t,r,i,n,a,s){return ae(t^r^i,e,t,n,a,s)}function ue(e,t,r,i,n,a,s){return ae(r^(t|~i),e,t,n,a,s)}function he(e){const t=[];let r;for(r=0;r<64;r+=4)t[r>>2]=e.charCodeAt(r)+(e.charCodeAt(r+1)<<8)+(e.charCodeAt(r+2)<<16)+(e.charCodeAt(r+3)<<24);return t}const le="0123456789abcdef".split("");function ye(e){let t="",r=0;for(;r<4;r++)t+=le[e>>8*r+4&15]+le[e>>8*r&15];return t}function pe(e,t){return e+t&4294967295}const ge=L.getWebCrypto(),de=L.getNodeCrypto(),fe=de&&de.getHashes();function me(e){if(de&&fe.includes(e))return async function(t){const r=de.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function we(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),L.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ge&&t)return new Uint8Array(await ge.digest(t,e));return(await r())(e)}}var be={md5:me("md5")||async function(e){const t=function(e){const t=e.length,r=[1732584193,-271733879,-1732584194,271733878];let i;for(i=64;i<=e.length;i+=64)ne(r,he(e.substring(i-64,i)));e=e.substring(i-64);const n=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0];for(i=0;i<e.length;i++)n[i>>2]|=e.charCodeAt(i)<<(i%4<<3);if(n[i>>2]|=128<<(i%4<<3),i>55)for(ne(r,n),i=0;i<16;i++)n[i]=0;return n[14]=8*t,ne(r,n),r}(L.uint8ArrayToString(e));return L.hexToUint8Array(function(e){for(let t=0;t<e.length;t++)e[t]=ye(e[t]);return e.join("")}(t))},sha1:me("sha1")||we("sha1","SHA-1"),sha224:me("sha224")||we("sha224"),sha256:me("sha256")||we("sha256","SHA-256"),sha384:me("sha384")||we("sha384","SHA-384"),sha512:me("sha512")||we("sha512","SHA-512"),ripemd:me("ripemd160")||we("ripemd160"),sha3_256:me("sha3-256")||we("sha3_256"),sha3_512:me("sha3-512")||we("sha3_512"),digest:function(e,t){switch(e){case T.hash.md5:return this.md5(t);case T.hash.sha1:return this.sha1(t);case T.hash.ripemd:return this.ripemd(t);case T.hash.sha256:return this.sha256(t);case T.hash.sha384:return this.sha384(t);case T.hash.sha512:return this.sha512(t);case T.hash.sha224:return this.sha224(t);case T.hash.sha3_256:return this.sha3_256(t);case T.hash.sha3_512:return this.sha3_512(t);default:throw Error("Unsupported hash function")}},getHashByteLength:function(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}},getBlockSize:function(e){switch(e){case T.hash.md5:case T.hash.sha1:case T.hash.ripemd:case T.hash.sha224:case T.hash.sha256:return 64;case T.hash.sha384:case T.hash.sha512:return 128;default:throw Error("Invalid hash algorithm.")}}};function ke(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function ve(e,...t){if(!ke(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Ke(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ae(e,t){ve(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
-/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const Ee=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),Se=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),Pe=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function Ue(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!ke(e))throw Error("Uint8Array expected, got "+typeof e);e=Be(e)}return e}function De(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const xe=(e,t)=>(Object.assign(t,e),t);function Ie(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function Ce(e){return e.byteOffset%4==0}function Be(e){return Uint8Array.from(e)}function Te(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const _e=16,Me=/* @__PURE__ */new Uint8Array(16),Le=Se(Me),Re=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class Fe{constructor(e,t){this.blockLen=_e,this.outputLen=_e,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,ve(e=Ue(e),16);const r=Pe(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:Re(i),s1:Re(n),s2:Re(a),s3:Re(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,d=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}d.push({s0:r,s1:i,s2:n,s3:a})}this.t=d}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:d}=a[y*s+r];o^=i,c^=p,u^=g,h^=d,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=Ue(e),Ke(this);const t=Se(e),r=Math.floor(e.length/_e),i=e.length%_e;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(Me.set(e.subarray(r*_e)),this._updateBlock(Le[0],Le[1],Le[2],Le[3]),Te(Le)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Ke(this),Ae(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(_e);return this.digestInto(e),this.destroy(),e}}class ze extends Fe{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(Be(e=Ue(e)));super(r,t),Te(r)}update(e){e=Ue(e),Ke(this);const t=Se(e),r=e.length%_e,i=Math.floor(e.length/_e);for(let e=0;e<i;e++)this._updateBlock(Re(t[4*e+3]),Re(t[4*e+2]),Re(t[4*e+1]),Re(t[4*e+0]));return r&&(Me.set(e.subarray(i*_e)),this._updateBlock(Re(Le[3]),Re(Le[2]),Re(Le[1]),Re(Le[0])),Te(Le)),this}digestInto(e){Ke(this),Ae(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=Se(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function Ne(e){const t=(t,r)=>e(r,t.length).update(Ue(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const Oe=Ne(((e,t)=>new Fe(e,t)));Ne(((e,t)=>new ze(e,t)));const He=16,je=new Uint8Array(He),qe=283;function Ge(e){return e<<1^qe&-(e>>7)}function Ve(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=Ge(e);return r}const We=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=Ge(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return Te(e),t})(),$e=/* @__PURE__ */We.map(((e,t)=>We.indexOf(t))),Qe=e=>e<<24|e>>>8,Ze=e=>e<<8|e>>>24,Xe=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Ye(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Ze),n=i.map(Ze),a=n.map(Ze),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const Je=/* @__PURE__ */Ye(We,(e=>Ve(e,3)<<24|e<<16|e<<8|Ve(e,2))),et=/* @__PURE__ */Ye($e,(e=>Ve(e,11)<<24|Ve(e,13)<<16|Ve(e,9)<<8|Ve(e,14))),tt=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=Ge(r))e[t]=r;return e})();function rt(e){ve(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=Je,i=[];Ce(e)||i.push(e=Be(e));const n=Se(e),a=n.length,s=e=>at(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Qe(t))^tt[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return Te(...i),o}function it(e){const t=rt(e),r=t.slice(),i=t.length,{sbox2:n}=Je,{T0:a,T1:s,T2:o,T3:c}=et;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];Te(t);for(let e=4;e<i-4;e++){const t=r[e],i=at(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function nt(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function at(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function st(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Je;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,r,i,n),u=e[c++]^nt(s,o,r,i,n,t),h=e[c++]^nt(s,o,i,n,t,r),l=e[c++]^nt(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,r,i,n),s1:e[c++]^at(a,r,i,n,t),s2:e[c++]^at(a,i,n,t,r),s3:e[c++]^at(a,n,t,r,i)}}function ot(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=et;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^nt(s,o,t,n,i,r),u=e[c++]^nt(s,o,r,t,n,i),h=e[c++]^nt(s,o,i,r,t,n),l=e[c++]^nt(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^at(a,t,n,i,r),s1:e[c++]^at(a,r,t,n,i),s2:e[c++]^at(a,i,r,t,n),s3:e[c++]^at(a,n,i,r,t)}}function ct(e,t){if(void 0===t)return new Uint8Array(e);if(ve(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!Ce(t))throw Error("unaligned dst");return t}function ut(e,t,r,i){ve(t,He),ve(r);const n=r.length;i=ct(n,i);const a=t,s=Se(a);let{s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]);const l=Se(r),y=Se(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=st(e,s[0],s[1],s[2],s[3]))}const p=He*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=Ee(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];Te(e)}return i}function ht(e,t,r,i,n){ve(r,He),ve(i),n=ct(i.length,n);const a=r,s=Se(a),o=Pe(a),c=Se(i),u=Se(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^f,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:d,s3:f}=st(e,s[0],s[1],s[2],s[3]));const m=He*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,d,f]),t=Ee(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];Te(e)}return n}const lt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(ve(r),void 0!==i&&(ve(i),!Ce(i)))throw Error("unaligned destination");const n=rt(e),a=Be(t),s=[n,a];Ce(r)||s.push(r=Be(r));const o=ut(n,a,r,i);return Te(...s),o}return ve(e),ve(t,He),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const yt=xe({blockSize:16,nonceLength:16},(function(e,t,r={}){ve(e),ve(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=rt(e),{b:s,o,out:c}=function(e,t,r){ve(e);let i=e.length;const n=i%He;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Ce(e)||(e=Be(e));const a=Se(e);if(t){let e=He-n;e||(e=He),i+=e}const s=ct(i,r);return{b:a,o:Se(s),out:s}}(r,i,n);let u=t;const h=[a];Ce(u)||h.push(u=Be(u));const l=Se(u);let y=l[0],p=l[1],g=l[2],d=l[3],f=0;for(;f+4<=s.length;)y^=s[f+0],p^=s[f+1],g^=s[f+2],d^=s[f+3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d;if(i){const e=function(e){const t=new Uint8Array(16),r=Se(t);t.set(e);const i=He-e.length;for(let e=He-i;e<He;e++)t[e]=i;return r}(r.subarray(4*f));y^=e[0],p^=e[1],g^=e[2],d^=e[3],({s0:y,s1:p,s2:g,s3:d}=st(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d}return Te(...h),c},decrypt(r,n){!function(e){if(ve(e),e.length%He!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=it(e);let s=t;const o=[a];Ce(s)||o.push(s=Be(s));const c=Se(s),u=ct(r.length,n);Ce(r)||o.push(r=Be(r));const h=Se(r),l=Se(u);let y=c[0],p=c[1],g=c[2],d=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=d;y=h[e+0],p=h[e+1],g=h[e+2],d=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=ot(a,y,p,g,d);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return Te(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding");const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),pt=xe({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){ve(r);const a=r.length;n=ct(a,n);const s=rt(e);let o=t;const c=[s];Ce(o)||c.push(o=Be(o)),Ce(r)||c.push(r=Be(r));const u=Se(r),h=Se(n),l=i?h:u,y=Se(o);let p=y[0],g=y[1],d=y[2],f=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=st(s,p,g,d,f);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],d=l[e++],f=l[e++]}const m=He*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:d,s3:f}=st(s,p,g,d,f));const e=Ee(new Uint32Array([p,g,d,f]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];Te(e)}return Te(...c),n}return ve(e),ve(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const gt=xe({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(ve(e),ve(t),void 0!==r&&ve(r),t.length<8)throw Error("aes/gcm: invalid nonce length");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=Pe(o);n&&Ie(c,0,BigInt(8*a),t),Ie(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return Te(o),u}(Oe,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=rt(e),i=je.slice(),n=je.slice();if(ht(r,!1,n,n,i),12===t.length)n.set(t);else{const e=je.slice();Ie(Pe(e),8,BigInt(8*t.length),!1);const r=Oe.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:ht(r,!1,n,je)}}return{encrypt(e){ve(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];Ce(e)||u.push(e=Be(e)),ht(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),Te(...u),c},decrypt(e){if(ve(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];Ce(e)||c.push(e=Be(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!De(l,h))throw Error("aes/gcm: invalid ghash tag");const y=ht(t,!1,s,u);return Te(...c),y}}}));function dt(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function ft(e,t){if(ve(t,16),!dt(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=st(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function mt(e,t){if(ve(t,16),!dt(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Se(t);let{s0:i,s1:n,s2:a,s3:s}=ot(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const wt={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=rt(e);if(16===t.length)ft(r,t);else{const e=Se(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=st(r,i,n,e[t],e[t+1]);i=s,n=o^Xe(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=it(e),i=t.length/8-1;if(1===i)mt(r,t);else{const e=Se(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Xe(s);const{s0:i,s1:o,s2:c,s3:u}=ot(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},bt=new Uint8Array(8).fill(166),kt=xe({blockSize:8},(e=>({encrypt(t){if(ve(t),!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];ve(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(bt,t);return wt.encrypt(e,r),r},decrypt(t){if(ve(t),t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=Be(t);if(wt.decrypt(e,r),!De(r.subarray(0,8),bt))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),vt={expandKeyLE:rt,expandKeyDecLE:it,encrypt:st,decrypt:ot,encryptBlock:ft,decryptBlock:mt,ctrCounter:ut,ctr32:ht},Kt=L.getWebCrypto(),At=L.getNodeCrypto(),Et=At?At.getCiphers():[],St={idea:Et.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Et.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Et.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Et.includes("bf-cfb")?"bf-cfb":void 0,aes128:Et.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Et.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Et.includes("aes-256-cfb")?"aes-256-cfb":void 0};class Pt{constructor(e,t,r){const{blockSize:i}=re(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=re(e);return Kt.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await Kt.importKey("raw",this.key,r,!1,["encrypt"]);const i=await Kt.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=L.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return Dt(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),Dt(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);Dt(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(L.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return Dt(t,e),this.clearSensitiveData(),t}}class Ut{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=re(t);this.key=vt.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=xt(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=xt(e),r=new Uint8Array(e.length),i=xt(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=vt.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=L.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function Dt(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const xt=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));var It=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i){const n=T.read(T.symmetric,e);if(At&&St[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new At.createDecipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(L.isStream(r)){const n=new Ut(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).decrypt(r)}(e,t,r,i);const a=new(await J(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=L.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)},encrypt:async function(e,t,r,i,n){const a=T.read(T.symmetric,e);if(L.getNodeCrypto()&&St[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new At.createCipheriv(St[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(L.isAES(e))return async function(e,t,r,i){if(Kt&&await Pt.isSupported(e)){const n=new Pt(e,t,i);return L.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(L.isStream(r)){const n=new Ut(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return pt(t,i).encrypt(r)}(e,t,r,i);const s=new(await J(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=L.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}});const Ct=L.getWebCrypto(),Bt=L.getNodeCrypto(),Tt=16;function _t(e,t){const r=e.length-Tt;for(let i=0;i<Tt;i++)e[i+r]^=t[i];return e}const Mt=new Uint8Array(Tt);async function Lt(e){const t=await Rt(e),r=L.double(await t(Mt)),i=L.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Tt==0)return _t(e,t);const i=new Uint8Array(e.length+(Tt-e.length%Tt));return i.set(e),i[e.length]=128,_t(i,r)}(e,r,i))).subarray(-Tt)}}async function Rt(e){if(L.getNodeCrypto())return async function(t){const r=new Bt.createCipheriv("aes-"+8*e.length+"-cbc",e,Mt).update(t);return new Uint8Array(r)};if(L.getWebCrypto())try{return e=await Ct.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Ct.encrypt({name:"AES-CBC",iv:Mt,length:8*Tt},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Tt)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return yt(e,Mt,{disablePadding:!0}).encrypt(t)}}const Ft=L.getWebCrypto(),zt=L.getNodeCrypto(),Nt=L.getNodeBuffer(),Ot=16,Ht=Ot,jt=Ot,qt=new Uint8Array(Ot),Gt=new Uint8Array(Ot);Gt[Ot-1]=1;const Vt=new Uint8Array(Ot);async function Wt(e){const t=await Lt(e);return function(e,r){return t(L.concatUint8Array([e,r]))}}async function $t(e){if(L.getNodeCrypto())return async function(t,r){const i=new zt.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Nt.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(L.getWebCrypto())try{const t=await Ft.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await Ft.encrypt({name:"AES-CTR",counter:r,length:8*Ot},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;L.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return lt(e,r).encrypt(t)}}async function Qt(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Wt(t),$t(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(qt,t),r(Gt,n)]),o=await i(e,a),c=await r(Vt,o);for(let e=0;e<jt;e++)c[e]^=s[e]^a[e];return L.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<jt)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-jt),s=e.subarray(-jt),[o,c,u]=await Promise.all([r(qt,t),r(Gt,n),r(Vt,a)]),h=u;for(let e=0;e<jt;e++)h[e]^=c[e]^o[e];if(!L.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Vt[Ot-1]=2,Qt.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Qt.blockLength=Ot,Qt.ivLength=Ht,Qt.tagLength=jt;const Zt=16,Xt=16;function Yt(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Jt(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function er(e,t){return Jt(e.slice(),t)}const tr=new Uint8Array(Zt),rr=new Uint8Array([1]);async function ir(e,t){const{keySize:r}=re(e);if(!L.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=yt(t,tr,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/Zt|0;!function(e,t){const r=L.nbits(Math.max(e.length,t.length)/Zt|0)-1;for(let e=i+1;e<=r;e++)o[e]=L.double(o[e-1]);i=r}(t,n);const c=L.concatUint8Array([tr.subarray(0,15-r.length),rr,r]),u=63&c[15];c[15]&=192;const h=a(c),l=L.concatUint8Array([h,er(h.subarray(0,8),h.subarray(1,9))]),y=L.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(Zt),g=new Uint8Array(t.length+Xt);let d,f=0;for(d=0;d<s;d++)Jt(y,o[Yt(d+1)]),g.set(Jt(e(er(y,t)),y),f),Jt(p,e===a?t:g.subarray(f)),t=t.subarray(Zt),f+=Zt;if(t.length){Jt(y,o.x);const r=a(y);g.set(er(t,r),f);const i=new Uint8Array(Zt);i.set(e===a?t:g.subarray(f,-16),0),i[t.length]=128,Jt(p,i),f+=t.length}const m=Jt(a(Jt(Jt(p,y),o.$)),function(e){if(!e.length)return tr;const t=e.length/Zt|0,r=new Uint8Array(Zt),i=new Uint8Array(Zt);for(let n=0;n<t;n++)Jt(r,o[Yt(n+1)]),Jt(i,a(er(r,e))),e=e.subarray(Zt);if(e.length){Jt(r,o.x);const t=new Uint8Array(Zt);t.set(e,0),t[e.length]=128,Jt(t,r),Jt(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(tr),t=L.double(e);o=[],o[0]=L.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<Xt)throw Error("Invalid OCB ciphertext");const i=e.subarray(-16);e=e.subarray(0,-16);const n=c(s,e,t,r);if(L.equalsUint8Array(i,n.subarray(-16)))return n.subarray(0,-16);throw Error("Authentication tag mismatch")}}}ir.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},ir.blockLength=Zt,ir.ivLength=15,ir.tagLength=Xt;const nr=L.getWebCrypto(),ar=L.getNodeCrypto(),sr=L.getNodeBuffer(),or=16,cr="AES-GCM";async function ur(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(L.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ar.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=sr.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ar.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-or,e.length));const a=sr.concat([n.update(e.slice(0,e.length-or)),n.final()]);return new Uint8Array(a)}};if(L.getWebCrypto())try{const e=await nr.importKey("raw",t,{name:cr},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return gt(t,n,a).encrypt(i);const s=await nr.encrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===or)return gt(t,n,a).decrypt(i);try{const t=await nr.decrypt({name:cr,iv:n,additionalData:a,tagLength:128},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return gt(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return gt(t,r,i).decrypt(e)}}}ur.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},ur.blockLength=16,ur.ivLength=12,ur.tagLength=or;var hr={cfb:It,gcm:ur,experimentalGCM:ur,eax:Qt,ocb:ir};const lr=BigInt(0),yr=BigInt(1);function pr(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function gr(e,t){const r=e%t;return r<lr?r+t:r}function dr(e,t,r){if(r===lr)throw Error("Modulo cannot be zero");if(r===yr)return BigInt(0);if(t<lr)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>lr;){const e=i&yr;i>>=yr;a=e?a*n%r:a,n=n*n%r}return a}function fr(e){return e>=lr?e:-e}function mr(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=fr(e),o=fr(t);const c=e<lr,u=t<lr;for(;o!==lr;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==yr)throw Error("Inverse does not exist");return gr(i+t,t)}function wr(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function br(e,t){return(e>>BigInt(t)&yr)===lr?0:1}function kr(e){const t=e<lr?BigInt(-1):lr;let r=1,i=e;for(;(i>>=yr)!==t;)r++;return r}function vr(e){const t=e<lr?BigInt(-1):lr,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function Kr(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const Ar=L.getNodeCrypto();function Er(e){const t="undefined"!=typeof crypto?crypto:Ar?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function Sr(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return gr(pr(Er(vr(r)+8)),r)+e}var Pr=/*#__PURE__*/Object.freeze({__proto__:null,getRandomBigInteger:Sr,getRandomBytes:Er});const Ur=BigInt(1);function Dr(e,t,r){const i=BigInt(30),n=Ur<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=Sr(n,n<<Ur),o=wr(gr(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,kr(s)>e&&(s=gr(s,n<<Ur),s+=n,o=wr(gr(s,i)))}while(!xr(s,t,r));return s}function xr(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==lr;){const e=i;i=r%i,r=e}return r}(e-Ur,t)===Ur)&&(!!function(e){const t=BigInt(0);return Ir.every((r=>gr(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return dr(t,e-Ur,e)===Ur}(e)&&!!function(e,t){const r=kr(e);t||(t=Math.max(1,r/48|0));const i=e-Ur;let n=0;for(;!br(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=dr(Sr(BigInt(2),i),a,e);if(r!==Ur&&r!==i){for(t=1;t<n;t++){if(r=gr(r*r,e),r===Ur)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const Ir=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const Cr=[];function Br(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=Er(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Tr(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return L.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function _r(e,t,r){let i;if(t.length!==be.getHashByteLength(e))throw Error("Invalid hash length");const n=new Uint8Array(Cr[e].length);for(i=0;i<Cr[e].length;i++)n[i]=Cr[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Cr[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Cr[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Cr[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Cr[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Cr[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Cr[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Cr[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];var Mr=/*#__PURE__*/Object.freeze({__proto__:null,emeDecode:Tr,emeEncode:Br,emsaEncode:_r});const Lr=L.getWebCrypto(),Rr=L.getNodeCrypto(),Fr=BigInt(1);async function zr(e,t,r,i,n,a){const s=pr(i),o=pr(n),c=pr(r);let u=gr(c,o-Fr),h=gr(c,s-Fr);return h=Kr(h),u=Kr(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Nr(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function Or(e,t){return{n:H(e.n),e:Kr(t),d:H(e.d),p:H(e.q),q:H(e.p),u:H(e.qi)}}var Hr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){if(L.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await zr(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Rr.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Rr.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){L.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),n=pr(n),a=pr(a),s=pr(s),e>=t)throw Error("Data too large.");const c=gr(i,a-Fr),u=gr(i,n-Fr),h=Sr(BigInt(2),t),l=dr(mr(h,t),r,t);e=gr(e*l,t);const y=dr(e,u,n),p=dr(e,c,a),g=gr(s*(p-y),a);let d=g*n+y;return d=gr(d*h,t),Tr(Kr(d,"be",vr(t)),o)}(e,t,r,i,n,a,s,o)},encrypt:async function(e,t,r){return L.getNodeCrypto()?async function(e,t,r){const i=Nr(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Rr.constants.RSA_PKCS1_PADDING};return new Uint8Array(Rr.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=pr(t),e=pr(Br(e,vr(t))),r=pr(r),e>=t)throw Error("Message size cannot exceed modulus size");return Kr(dr(e,r,t),"be",vr(t))}(e,t,r)},generate:async function(e,t){if(t=BigInt(t),L.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:Kr(t),hash:{name:"SHA-1"}},i=await Lr.generateKey(r,!0,["sign","verify"]);return Or(await Lr.exportKey("jwk",i.privateKey),t)}if(L.getNodeCrypto()){const r={modulusLength:e,publicExponent:wr(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Rr.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return Or(i,t)}let r,i,n;do{i=Dr(e-(e>>1),t,40),r=Dr(e>>1,t,40),n=r*i}while(kr(n)!==e);const a=(r-Fr)*(i-Fr);return i<r&&([r,i]=[i,r]),{n:Kr(n),e:Kr(t),d:Kr(mr(t,a)),p:Kr(r),q:Kr(i),u:Kr(mr(r,i))}},sign:async function(e,t,r,i,n,a,s,o,c){if(be.getHashByteLength(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await zr(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Lr.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Lr.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Rr.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await zr(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=pr(t);const n=pr(_r(e,i,vr(t)));return r=pr(r),Kr(dr(n,r,t),"be",vr(t))}(e,r,n,c)},validateParams:async function(e,t,r,i,n,a){if(e=pr(e),(i=pr(i))*(n=pr(n))!==e)return!1;const s=BigInt(2);if(gr(i*(a=pr(a)),n)!==BigInt(1))return!1;t=pr(t),r=pr(r);const o=Sr(s,s<<BigInt(Math.floor(kr(e)/3))),c=o*r*t;return!(gr(c,i-Fr)!==o||gr(c,n-Fr)!==o)},verify:async function(e,t,r,i,n,a){if(t&&!L.isStream(t))if(L.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Nr(i,n),s=await Lr.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Lr.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){L.printDebugError(e)}else if(L.getNodeCrypto())return async function(e,t,r,i,n){const a=Nr(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Rr.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=pr(r),t=pr(t),i=pr(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=Kr(dr(t,i,r),"be",vr(r)),s=_r(e,n,vr(r));return L.equalsUint8Array(a,s)}(e,r,i,n,a)}});const jr=BigInt(1);var qr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){return e=pr(e),t=pr(t),r=pr(r),Tr(Kr(gr(mr(dr(e,i=pr(i),r),r)*t,r),"be",vr(r)),n)},encrypt:async function(e,t,r,i){t=pr(t),r=pr(r),i=pr(i);const n=pr(Br(e,vr(t))),a=Sr(jr,t-jr);return{c1:Kr(dr(r,a,t)),c2:Kr(gr(dr(i,a,t)*n,t))}},validateParams:async function(e,t,r,i){if(e=pr(e),t=pr(t),r=pr(r),t<=jr||t>=e)return!1;const n=BigInt(kr(e));if(n<BigInt(1023))return!1;if(dr(t,e-jr,e)!==jr)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=gr(a*t,e),a===jr)return!1;s++}i=pr(i);const u=Sr(o<<n-jr,o<<n);return r===dr(t,(e-jr)*u+i,e)}});const Gr="object"==typeof e&&"crypto"in e?e.crypto:void 0,Vr={};var Wr=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},$r=function(){throw Error("no PRNG")},Qr=new Uint8Array(32);Qr[0]=9;var Zr=Wr(),Xr=Wr([1]),Yr=Wr([56129,1]),Jr=Wr([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),ei=Wr([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),ti=Wr([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),ri=Wr([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ii=Wr([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ni(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ai(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function si(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function oi(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function ci(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function ui(e,t){var r,i,n,a=Wr(),s=Wr();for(r=0;r<16;r++)s[r]=t[r];for(oi(s),oi(s),oi(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,ci(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function hi(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return ui(r,e),ui(i,t),ai(r,0,i,0)}function li(e){var t=new Uint8Array(32);return ui(t,e),1&t[0]}function yi(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function pi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function gi(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function di(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,K=0,A=0,E=0,S=0,P=0,U=0,D=0,x=0,I=0,C=0,B=0,T=0,_=0,M=0,L=r[0],R=r[1],F=r[2],z=r[3],N=r[4],O=r[5],H=r[6],j=r[7],q=r[8],G=r[9],V=r[10],W=r[11],$=r[12],Q=r[13],Z=r[14],X=r[15];a+=(i=t[0])*L,s+=i*R,o+=i*F,c+=i*z,u+=i*N,h+=i*O,l+=i*H,y+=i*j,p+=i*q,g+=i*G,d+=i*V,f+=i*W,m+=i*$,w+=i*Q,b+=i*Z,k+=i*X,s+=(i=t[1])*L,o+=i*R,c+=i*F,u+=i*z,h+=i*N,l+=i*O,y+=i*H,p+=i*j,g+=i*q,d+=i*G,f+=i*V,m+=i*W,w+=i*$,b+=i*Q,k+=i*Z,v+=i*X,o+=(i=t[2])*L,c+=i*R,u+=i*F,h+=i*z,l+=i*N,y+=i*O,p+=i*H,g+=i*j,d+=i*q,f+=i*G,m+=i*V,w+=i*W,b+=i*$,k+=i*Q,v+=i*Z,K+=i*X,c+=(i=t[3])*L,u+=i*R,h+=i*F,l+=i*z,y+=i*N,p+=i*O,g+=i*H,d+=i*j,f+=i*q,m+=i*G,w+=i*V,b+=i*W,k+=i*$,v+=i*Q,K+=i*Z,A+=i*X,u+=(i=t[4])*L,h+=i*R,l+=i*F,y+=i*z,p+=i*N,g+=i*O,d+=i*H,f+=i*j,m+=i*q,w+=i*G,b+=i*V,k+=i*W,v+=i*$,K+=i*Q,A+=i*Z,E+=i*X,h+=(i=t[5])*L,l+=i*R,y+=i*F,p+=i*z,g+=i*N,d+=i*O,f+=i*H,m+=i*j,w+=i*q,b+=i*G,k+=i*V,v+=i*W,K+=i*$,A+=i*Q,E+=i*Z,S+=i*X,l+=(i=t[6])*L,y+=i*R,p+=i*F,g+=i*z,d+=i*N,f+=i*O,m+=i*H,w+=i*j,b+=i*q,k+=i*G,v+=i*V,K+=i*W,A+=i*$,E+=i*Q,S+=i*Z,P+=i*X,y+=(i=t[7])*L,p+=i*R,g+=i*F,d+=i*z,f+=i*N,m+=i*O,w+=i*H,b+=i*j,k+=i*q,v+=i*G,K+=i*V,A+=i*W,E+=i*$,S+=i*Q,P+=i*Z,U+=i*X,p+=(i=t[8])*L,g+=i*R,d+=i*F,f+=i*z,m+=i*N,w+=i*O,b+=i*H,k+=i*j,v+=i*q,K+=i*G,A+=i*V,E+=i*W,S+=i*$,P+=i*Q,U+=i*Z,D+=i*X,g+=(i=t[9])*L,d+=i*R,f+=i*F,m+=i*z,w+=i*N,b+=i*O,k+=i*H,v+=i*j,K+=i*q,A+=i*G,E+=i*V,S+=i*W,P+=i*$,U+=i*Q,D+=i*Z,x+=i*X,d+=(i=t[10])*L,f+=i*R,m+=i*F,w+=i*z,b+=i*N,k+=i*O,v+=i*H,K+=i*j,A+=i*q,E+=i*G,S+=i*V,P+=i*W,U+=i*$,D+=i*Q,x+=i*Z,I+=i*X,f+=(i=t[11])*L,m+=i*R,w+=i*F,b+=i*z,k+=i*N,v+=i*O,K+=i*H,A+=i*j,E+=i*q,S+=i*G,P+=i*V,U+=i*W,D+=i*$,x+=i*Q,I+=i*Z,C+=i*X,m+=(i=t[12])*L,w+=i*R,b+=i*F,k+=i*z,v+=i*N,K+=i*O,A+=i*H,E+=i*j,S+=i*q,P+=i*G,U+=i*V,D+=i*W,x+=i*$,I+=i*Q,C+=i*Z,B+=i*X,w+=(i=t[13])*L,b+=i*R,k+=i*F,v+=i*z,K+=i*N,A+=i*O,E+=i*H,S+=i*j,P+=i*q,U+=i*G,D+=i*V,x+=i*W,I+=i*$,C+=i*Q,B+=i*Z,T+=i*X,b+=(i=t[14])*L,k+=i*R,v+=i*F,K+=i*z,A+=i*N,E+=i*O,S+=i*H,P+=i*j,U+=i*q,D+=i*G,x+=i*V,I+=i*W,C+=i*$,B+=i*Q,T+=i*Z,_+=i*X,k+=(i=t[15])*L,s+=38*(K+=i*F),o+=38*(A+=i*z),c+=38*(E+=i*N),u+=38*(S+=i*O),h+=38*(P+=i*H),l+=38*(U+=i*j),y+=38*(D+=i*q),p+=38*(x+=i*G),g+=38*(I+=i*V),d+=38*(C+=i*W),f+=38*(B+=i*$),m+=38*(T+=i*Q),w+=38*(_+=i*Z),b+=38*(M+=i*X),a=(i=(a+=38*(v+=i*R))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function fi(e,t){di(e,t,t)}function mi(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)fi(i,i),2!==r&&4!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function wi(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Wr(),c=Wr(),u=Wr(),h=Wr(),l=Wr(),y=Wr();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,yi(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)ci(o,c,i=a[n>>>3]>>>(7&n)&1),ci(u,h,i),pi(l,o,u),gi(o,o,u),pi(u,c,h),gi(c,c,h),fi(h,l),fi(y,o),di(o,u,o),di(u,c,l),pi(l,o,u),gi(o,o,u),fi(c,o),gi(u,h,y),di(o,u,Yr),pi(o,o,h),di(u,u,o),di(o,h,y),di(h,c,s),fi(c,l),ci(o,c,i),ci(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return mi(p,p),di(g,g,p),ui(e,g),0}function bi(e,t){return wi(e,t,Qr)}var ki=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function vi(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,d,f,m,w,b,k,v,K,A,E,S,P,U,D,x,I=new Int32Array(16),C=new Int32Array(16),B=e[0],T=e[1],_=e[2],M=e[3],L=e[4],R=e[5],F=e[6],z=e[7],N=t[0],O=t[1],H=t[2],j=t[3],q=t[4],G=t[5],V=t[6],W=t[7],$=0;i>=128;){for(K=0;K<16;K++)A=8*K+$,I[K]=r[A+0]<<24|r[A+1]<<16|r[A+2]<<8|r[A+3],C[K]=r[A+4]<<24|r[A+5]<<16|r[A+6]<<8|r[A+7];for(K=0;K<80;K++)if(n=B,a=T,s=_,o=M,c=L,u=R,h=F,z,y=N,p=O,g=H,d=j,f=q,m=G,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(E=z),x=E>>>16,P+=65535&(S=(q>>>14|L<<18)^(q>>>18|L<<14)^(L>>>9|q<<23)),U+=S>>>16,D+=65535&(E=(L>>>14|q<<18)^(L>>>18|q<<14)^(q>>>9|L<<23)),x+=E>>>16,P+=65535&(S=q&G^~q&V),U+=S>>>16,D+=65535&(E=L&R^~L&F),x+=E>>>16,E=ki[2*K],P+=65535&(S=ki[2*K+1]),U+=S>>>16,D+=65535&E,x+=E>>>16,E=I[K%16],U+=(S=C[K%16])>>>16,D+=65535&E,x+=E>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(E=k=65535&D|(x+=D>>>16)<<16),x=E>>>16,P+=65535&(S=(N>>>28|B<<4)^(B>>>2|N<<30)^(B>>>7|N<<25)),U+=S>>>16,D+=65535&(E=(B>>>28|N<<4)^(N>>>2|B<<30)^(N>>>7|B<<25)),x+=E>>>16,U+=(S=N&O^N&H^O&H)>>>16,D+=65535&(E=B&T^B&_^T&_),x+=E>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(E=o),x=E>>>16,U+=(S=v)>>>16,D+=65535&(E=k),x+=E>>>16,T=n,_=a,M=s,L=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,R=c,F=u,z=h,B=l,O=y,H=p,j=g,q=d=65535&P|U<<16,G=f,V=m,W=w,N=b,K%16==15)for(A=0;A<16;A++)E=I[A],P=65535&(S=C[A]),U=S>>>16,D=65535&E,x=E>>>16,E=I[(A+9)%16],P+=65535&(S=C[(A+9)%16]),U+=S>>>16,D+=65535&E,x+=E>>>16,k=I[(A+1)%16],P+=65535&(S=((v=C[(A+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(E=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=E>>>16,k=I[(A+14)%16],U+=(S=((v=C[(A+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(E=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,I[A]=65535&D|x<<16,C[A]=65535&P|U<<16;P=65535&(S=N),U=S>>>16,D=65535&(E=B),x=E>>>16,E=e[0],U+=(S=t[0])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=B=65535&D|x<<16,t[0]=N=65535&P|U<<16,P=65535&(S=O),U=S>>>16,D=65535&(E=T),x=E>>>16,E=e[1],U+=(S=t[1])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=O=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(E=_),x=E>>>16,E=e[2],U+=(S=t[2])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=_=65535&D|x<<16,t[2]=H=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(E=M),x=E>>>16,E=e[3],U+=(S=t[3])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=M=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(E=L),x=E>>>16,E=e[4],U+=(S=t[4])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=L=65535&D|x<<16,t[4]=q=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(E=R),x=E>>>16,E=e[5],U+=(S=t[5])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=R=65535&D|x<<16,t[5]=G=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(E=F),x=E>>>16,E=e[6],U+=(S=t[6])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=F=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(E=z),x=E>>>16,E=e[7],U+=(S=t[7])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=z=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Ki(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,vi(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ni(s,r-8,o/536870912|0,o<<3),vi(n,a,s,r),i=0;i<8;i++)ni(e,8*i,n[i],a[i]);return 0}function Ai(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr(),u=Wr(),h=Wr();gi(r,e[1],e[0]),gi(h,t[1],t[0]),di(r,r,h),pi(i,e[0],e[1]),pi(h,t[0],t[1]),di(i,i,h),di(n,e[3],t[3]),di(n,n,ei),di(a,e[2],t[2]),pi(a,a,a),gi(s,i,r),gi(o,a,n),pi(c,a,n),pi(u,i,r),di(e[0],s,o),di(e[1],u,c),di(e[2],c,o),di(e[3],s,u)}function Ei(e,t,r){var i;for(i=0;i<4;i++)ci(e[i],t[i],r)}function Si(e,t){var r=Wr(),i=Wr(),n=Wr();mi(n,t[2]),di(r,t[0],n),di(i,t[1],n),ui(e,i),e[31]^=li(r)<<7}function Pi(e,t,r){var i,n;for(si(e[0],Zr),si(e[1],Xr),si(e[2],Xr),si(e[3],Zr),n=255;n>=0;--n)Ei(e,t,i=r[n/8|0]>>(7&n)&1),Ai(t,e),Ai(e,e),Ei(e,t,i)}function Ui(e,t){var r=[Wr(),Wr(),Wr(),Wr()];si(r[0],ti),si(r[1],ri),si(r[2],Xr),di(r[3],ti,ri),Pi(e,r,t)}function Di(e,t,r){var i,n=new Uint8Array(64),a=[Wr(),Wr(),Wr(),Wr()];for(r||$r(t,32),Ki(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ui(a,n),Si(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var xi=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Ii(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*xi[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*xi[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*xi[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function Ci(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Ii(e,r)}function Bi(e,t){var r=Wr(),i=Wr(),n=Wr(),a=Wr(),s=Wr(),o=Wr(),c=Wr();return si(e[2],Xr),yi(e[1],t),fi(n,e[1]),di(a,n,Jr),gi(n,n,e[2]),pi(a,e[2],a),fi(s,a),fi(o,s),di(c,o,s),di(r,c,n),di(r,r,a),function(e,t){var r,i=Wr();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)fi(i,i),1!==r&&di(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),di(r,r,n),di(r,r,a),di(r,r,a),di(e[0],r,a),fi(i,e[0]),di(i,i,a),hi(i,n)&&di(e[0],e[0],ii),fi(i,e[0]),di(i,i,a),hi(i,n)?-1:(li(e[0])===t[31]>>7&&gi(e[0],Zr,e[0]),di(e[3],e[0],e[1]),0)}var Ti=64;function _i(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Vr.scalarMult=function(e,t){if(_i(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return wi(r,e,t),r},Vr.box={},Vr.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){$r(t,32),bi(e,t)}(e,t),{publicKey:e,secretKey:t}},Vr.box.keyPair.fromSecretKey=function(e){if(_i(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return bi(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign=function(e,t){if(_i(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Ti+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Wr(),Wr(),Wr(),Wr()];Ki(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Ki(c,e.subarray(32),r+32),Ci(c),Ui(h,c),Si(e,h),n=32;n<64;n++)e[n]=i[n];for(Ki(o,e,r+64),Ci(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Ii(e.subarray(32),u)}(r,e,e.length,t),r},Vr.sign.detached=function(e,t){for(var r=Vr.sign(e,t),i=new Uint8Array(Ti),n=0;n<i.length;n++)i[n]=r[n];return i},Vr.sign.detached.verify=function(e,t,r){if(_i(e,t,r),t.length!==Ti)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Ti+e.length),a=new Uint8Array(Ti+e.length);for(i=0;i<Ti;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Ti]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Wr(),Wr(),Wr(),Wr()],c=[Wr(),Wr(),Wr(),Wr()];if(r<64)return-1;if(Bi(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Ki(s,e,r),Ci(s),Pi(o,c,s),Ui(c,t.subarray(32)),Ai(o,c),Si(a,o),r-=64,ai(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Vr.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Di(e,t),{publicKey:e,secretKey:t}},Vr.sign.keyPair.fromSecretKey=function(e){if(_i(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Vr.sign.keyPair.fromSeed=function(e){if(_i(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Di(t,r,!0),{publicKey:t,secretKey:r}},Vr.setPRNG=function(e){$r=e},function(){if(Gr&&Gr.getRandomValues){Vr.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)Gr.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Mi={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class Li{constructor(e){if(e instanceof Li)this.oid=e.oid;else if(L.isArray(e)||L.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return L.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return L.uint8ArrayToHex(this.oid)}getName(){const e=Mi[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Ri(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=L.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function Fi(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):L.concatUint8Array([new Uint8Array([255]),L.writeNumber(e,4)])}function zi(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Ni(e){return new Uint8Array([192|e])}function Oi(e,t){return L.concatUint8Array([Ni(e),Fi(t)])}function Hi(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function ji(e,t){const r=I(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=Hi(h);let p,g=null;if(y){if("array"===L.isStream(e)){const e=new a;i=C(e),g=e}else{const e=new TransformStream;i=C(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const d=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=L.concatUint8Array(g),await t({tag:h,packet:g})),!d||!d.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class qi extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,qi),this.name="UnsupportedError"}}class Gi extends qi{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,qi),this.name="UnknownPacketError"}}class Vi{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
-/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Wi=BigInt(0),$i=BigInt(1),Qi=BigInt(2),Zi=BigInt(8),Xi=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),Yi=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:Xi,n:Xi,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),Ji=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),en=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const tn=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),rn=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),nn=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),an=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class sn{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof pn))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(pn.ZERO)?sn.ZERO:new sn(e.x,e.y,$i,Sn(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=Yi.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Wi?e:(r[n]=e,Sn(e*i,t))),$i),n=Pn(i,t);return e.reduceRight(((e,i,n)=>i===Wi?e:(r[n]=Sn(e*r[n],t),Sn(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){cn(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Sn(t*s),c=Sn(n*i),u=Sn(r*s),h=Sn(a*i);return o===c&&u===h}negate(){return new sn(Sn(-this.x),this.y,this.z,Sn(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=Yi,n=Sn(e*e),a=Sn(t*t),s=Sn(Qi*Sn(r*r)),o=Sn(i*n),c=e+t,u=Sn(Sn(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Sn(u*l),g=Sn(h*y),d=Sn(u*y),f=Sn(l*h);return new sn(p,g,f,d)}add(e){cn(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Sn((r-t)*(s+a)),h=Sn((r+t)*(s-a)),l=Sn(h-u);if(l===Wi)return this.double();const y=Sn(i*Qi*c),p=Sn(n*Qi*o),g=p+y,d=h+u,f=p-y,m=Sn(g*l),w=Sn(d*f),b=Sn(g*f),k=Sn(l*d);return new sn(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(sn.BASE)&&(t=pn.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&yn.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=sn.normalizeZ(i),yn.set(t,i)));let n=sn.ZERO,a=sn.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=$i);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(on(p,i[l])):n=n.add(on(g,i[y]))}return sn.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(Bn(e,Yi.l),t)}multiplyUnsafe(e){let t=Bn(e,Yi.l,!1);const r=sn.BASE,i=sn.ZERO;if(t===Wi)return i;if(this.equals(i)||t===$i)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Wi;)t&$i&&(n=n.add(a)),a=a.double(),t>>=$i;return n}isSmallOrder(){return this.multiplyUnsafe(Yi.h).equals(sn.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(Yi.l/Qi).double();return Yi.l%Qi&&(e=e.add(this)),e.equals(sn.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(sn.ZERO);null==e&&(e=n?Zi:Pn(i));const a=Sn(t*e),s=Sn(r*e),o=Sn(i*e);if(n)return pn.ZERO;if(o!==$i)throw Error("invZ was invalid");return new pn(a,s)}fromRistrettoBytes(){hn()}toRistrettoBytes(){hn()}fromRistrettoHash(){hn()}}function on(e,t){const r=t.negate();return e?r:t}function cn(e){if(!(e instanceof sn))throw new TypeError("ExtendedPoint expected")}function un(e){if(!(e instanceof ln))throw new TypeError("RistrettoPoint expected")}function hn(){throw Error("Legacy method: switch to RistrettoPoint")}sn.BASE=new sn(Yi.Gx,Yi.Gy,$i,Sn(Yi.Gx*Yi.Gy)),sn.ZERO=new sn(Wi,$i,$i,Wi);class ln{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=Yi,r=Sn(en*e*e),i=Sn((r+$i)*nn);let n=BigInt(-1);const a=Sn((n-t*r)*Sn(r+t));let{isValid:s,value:o}=Dn(i,a),c=Sn(o*e);vn(c)||(c=Sn(-c)),s||(o=c),s||(n=r);const u=Sn(n*(r-$i)*an-a),h=o*o,l=Sn((o+o)*a),y=Sn(u*tn),p=Sn($i-h),g=Sn($i+h);return new sn(Sn(l*g),Sn(p*y),Sn(y*g),Sn(l*p))}static hashToCurve(e){const t=En((e=Cn(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=En(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new ln(r.add(n))}static fromHex(e){e=Cn(e,32);const{a:t,d:r}=Yi,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=En(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(kn(n),e)||vn(n))throw Error(i);const a=Sn(n*n),s=Sn($i+t*a),o=Sn($i-t*a),c=Sn(s*s),u=Sn(o*o),h=Sn(t*r*c-u),{isValid:l,value:y}=xn(Sn(h*u)),p=Sn(y*o),g=Sn(y*p*h);let d=Sn((n+n)*p);vn(d)&&(d=Sn(-d));const f=Sn(s*g),m=Sn(d*f);if(!l||vn(m)||f===Wi)throw Error(i);return new ln(new sn(d,f,$i,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Sn(Sn(r+t)*Sn(r-t)),a=Sn(e*t),s=Sn(a*a),{value:o}=xn(Sn(n*s)),c=Sn(o*n),u=Sn(o*a),h=Sn(c*u*i);let l;if(vn(i*h)){let r=Sn(t*en),i=Sn(e*en);e=r,t=i,l=Sn(c*rn)}else l=u;vn(e*h)&&(t=Sn(-t));let y=Sn((r-t)*l);return vn(y)&&(y=Sn(-y)),kn(y)}toHex(){return mn(this.toRawBytes())}toString(){return this.toHex()}equals(e){un(e);const t=this.ep,r=e.ep,i=Sn(t.x*r.y)===Sn(t.y*r.x),n=Sn(t.y*r.y)===Sn(t.x*r.x);return i||n}add(e){return un(e),new ln(this.ep.add(e.ep))}subtract(e){return un(e),new ln(this.ep.subtract(e.ep))}multiply(e){return new ln(this.ep.multiply(e))}multiplyUnsafe(e){return new ln(this.ep.multiplyUnsafe(e))}}ln.BASE=new ln(sn.BASE),ln.ZERO=new ln(sn.ZERO);const yn=new WeakMap;class pn{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,yn.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=Yi,n=(e=Cn(e,32)).slice();n[31]=-129&e[31];const a=Kn(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=Ji)throw Error("Expected 0 < hex < 2**256");const s=Sn(a*a),o=Sn(s-$i),c=Sn(r*s+$i);let{isValid:u,value:h}=Dn(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&$i)===$i;return!!(128&e[31])!==l&&(h=Sn(-h)),new pn(h,a)}static async fromPrivateKey(e){return(await _n(e)).point}toRawBytes(){const e=kn(this.y);return e[31]|=this.x&$i?128:0,e}toHex(){return mn(this.toRawBytes())}toX25519(){const{y:e}=this;return kn(Sn(($i+e)*Pn($i-e)))}isTorsionFree(){return sn.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new pn(Sn(-this.x),this.y)}add(e){return sn.fromAffine(this).add(sn.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return sn.fromAffine(this).multiply(e,this).toAffine()}}pn.BASE=new pn(Yi.Gx,Yi.Gy),pn.ZERO=new pn(Wi,$i);let gn=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Cn(t,64),i=pn.fromHex(r.slice(0,32),!1),n=Kn(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof pn))throw Error("Expected Point instance");return Bn(t,Yi.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(kn(this.s),32),e}toHex(){return mn(this.toRawBytes())}};function dn(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const fn=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function mn(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=fn[e[r]];return t}function wn(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function bn(e){return wn(e.toString(16).padStart(64,"0"))}function kn(e){return bn(e).reverse()}function vn(e){return(Sn(e)&$i)===$i}function Kn(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+mn(Uint8Array.from(e).reverse()))}const An=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function En(e){return Sn(Kn(e)&An)}function Sn(e,t=Yi.P){const r=e%t;return r>=Wi?r:t+r}function Pn(e,t=Yi.P){if(e===Wi||t<=Wi)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Sn(e,t),i=t,n=Wi,a=$i;for(;r!==Wi;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==$i)throw Error("invert: does not exist");return Sn(n,t)}function Un(e,t){const{P:r}=Yi;let i=e;for(;t-- >Wi;)i*=i,i%=r;return i}function Dn(e,t){const r=Sn(t*t*t),i=function(e){const{P:t}=Yi,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Un(o,Qi)*o%t,u=Un(c,$i)*e%t,h=Un(u,r)*u%t,l=Un(h,i)*h%t,y=Un(l,n)*l%t,p=Un(y,a)*y%t,g=Un(p,s)*p%t,d=Un(g,s)*p%t,f=Un(d,i)*h%t;return{pow_p_5_8:Un(f,Qi)*e%t,b2:o}}(e*Sn(r*r*t)).pow_p_5_8;let n=Sn(e*r*i);const a=Sn(t*n*n),s=n,o=Sn(n*en),c=a===e,u=a===Sn(-e),h=a===Sn(-e*en);return c&&(n=s),(u||h)&&(n=o),vn(n)&&(n=Sn(-n)),{isValid:c||u,value:n}}function xn(e){return Dn($i,e)}function In(e){return Sn(Kn(e),Yi.l)}function Cn(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):wn(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function Bn(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Wi<e)return e}else if(Wi<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Tn;async function _n(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=In(t),n=pn.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await Rn.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?bn(Bn(e,Ji)):Cn(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Mn(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Cn(t),r instanceof pn||(r=pn.fromHex(r,!1));const{r:i,s:n}=e instanceof gn?e.assertValidity():gn.fromHex(e);return{r:i,s:n,SB:sn.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await Rn.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=In(i),a=sn.fromAffine(e).multiplyUnsafe(n);return sn.fromAffine(t).add(a).subtract(r).multiplyUnsafe(Yi.h).equals(sn.ZERO)}(s,i,n,o)}pn.BASE._setWindowSize(8);const Ln={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},Rn={bytesToHex:mn,hexToBytes:wn,concatBytes:dn,getExtendedPublicKey:_n,mod:Sn,invert:Pn,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Cn(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Sn(Kn(e),Yi.l-$i)+$i},randomBytes:(e=32)=>{if(Ln.web)return Ln.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>Rn.randomBytes(32),sha512:async(...e)=>{const t=dn(...e);if(Ln.web){const e=await Ln.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=pn.BASE){const r=t.equals(pn.BASE)?t:new pn(t.x,t.y);return r._setWindowSize(e),r.multiply(Qi),r},sha512Sync:void 0};async function Fn(e){switch(e){case T.publicKey.ed25519:try{const e=L.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(H(i.x)),seed:H(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name&&"SyntaxError"!==t.name)throw t;const r=Er(Hn(e)),{publicKey:i}=Vr.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await L.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function zn(e,t,r,i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(jn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),r=Gn(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name&&"SyntaxError"!==e.name)throw e;const t=L.concatUint8Array([n,i]);return{RS:Vr.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await L.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function Nn(e,t,{RS:r},i,n,a){if(be.getHashByteLength(t)<be.getHashByteLength(jn(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=L.getWebCrypto(),i=qn(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name&&"SyntaxError"!==e.name)throw e;return Mn(r,a,n)}case T.publicKey.ed448:return(await L.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}async function On(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Vr.sign.keyPair.fromSeed(r);return L.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await L.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}function Hn(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function jn(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(Rn,{sha512Sync:{configurable:!1,get:()=>Tn,set(e){Tn||(Tn=e)}}});const qn=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},Gn=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=qn(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var Vn=/*#__PURE__*/Object.freeze({__proto__:null,generate:Fn,getPayloadSize:Hn,getPreferredHashAlgo:jn,sign:zn,validateParams:On,verify:Nn});const Wn=L.getWebCrypto();async function $n(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await Wn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await Wn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await Wn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;L.printDebugError("Browser did not support operation: "+e.message)}return kt(t).encrypt(r)}async function Qn(e,t,r){const{keySize:i}=re(e);if(!L.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await Wn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return L.printDebugError("Browser did not support operation: "+e.message),kt(t).decrypt(r)}try{const e=await Wn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Wn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}var Zn=/*#__PURE__*/Object.freeze({__proto__:null,unwrap:Qn,wrap:$n});const Xn=L.getWebCrypto();async function Yn(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await Xn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await Xn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const Jn={x25519:L.encodeUTF8("OpenPGP X25519"),x448:L.encodeUTF8("OpenPGP X448")};async function ea(e){switch(e){case T.publicKey.x25519:{const e=Er(32),{publicKey:t}=Vr.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}async function ta(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Vr.box.keyPair.fromSecretKey(r);return L.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return L.equalsUint8Array(t,e)}default:return!1}}function ra(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function ia(e,t){switch(e){case T.publicKey.x25519:{const r=Er(ra(e)),i=Vr.scalarMult(r,t);aa(i);const{publicKey:n}=Vr.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await L.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);aa(i);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function na(e,t,r,i){switch(e){case T.publicKey.x25519:{const e=Vr.scalarMult(i,t);return aa(e),e}case T.publicKey.x448:{const e=(await L.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);return aa(e),e}default:throw Error("Unsupported ECDH algorithm")}}function aa(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}var sa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n){const a=await na(e,t,i,n),s=L.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=re(e);return Qn(e,await Yn(T.hash.sha256,s,new Uint8Array,Jn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=re(T.symmetric.aes256);return Qn(e,await Yn(T.hash.sha512,s,new Uint8Array,Jn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}},encrypt:async function(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await ia(e,r),a=L.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=re(e),n=await Yn(T.hash.sha256,a,new Uint8Array,Jn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await $n(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=re(T.symmetric.aes256),n=await Yn(T.hash.sha512,a,new Uint8Array,Jn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await $n(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}},generate:ea,generateEphemeralEncryptionMaterial:ia,getPayloadSize:ra,recomputeSharedSecret:na,validateParams:ta});const oa=L.getWebCrypto(),ca=L.getNodeCrypto(),ua={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},ha=ca?ca.getCurves():[],la=ca?{[T.curve.secp256k1]:ha.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:ha.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:ha.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:ha.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:ha.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:ha.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:ha.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:ha.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:ha.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},ya={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.nistP256],web:ua[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:la[T.curve.nistP384],web:ua[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:la[T.curve.nistP521],web:ua[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:la[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:la[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:la[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class pa{constructor(e){try{this.name=e instanceof Li?e.getName():T.write(T.curve,e)}catch(e){throw new qi("Unknown curve")}const t=ya[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&L.getWebCrypto()?this.type="web":this.node&&L.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await oa.generateKey({name:"ECDSA",namedCurve:ua[e]},!0,["sign","verify"]),i=await oa.exportKey("jwk",r.privateKey),n=await oa.exportKey("jwk",r.publicKey);return{publicKey:ma(n,t),privateKey:H(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return L.printDebugError("Browser did not support generating ec key "+e.message),fa(this.name)}case"node":return async function(e){const t=ca.createECDH(la[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await ea(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await Fn(T.publicKey.ed25519);return{publicKey:L.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return fa(this.name)}}}async function ga(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Vr.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!L.equalsUint8Array(t,r)}const s=(await L.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!L.equalsUint8Array(s,r)}function da(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function fa(e){const t=await L.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function ma(e,t){const r=H(e.x),i=H(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function wa(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function ba(e,t,r,i){const n=wa(e,t,r);return n.d=j(i),n}const ka=L.getWebCrypto(),va=L.getNodeCrypto();async function Ka(e,t,r,i,n,a){const s=new pa(e);if(da(s,i),r&&!L.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=ba(e.payloadSize,ua[e.name],i.publicKey,i.privateKey),s=await ka.importKey("jwk",a,{name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await ka.sign({name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=L.nodeRequire("eckey-utils"),a=L.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:la[e.name],privateKey:a.from(i)}),o=va.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await L.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:Kr(o.r,"be",s.payloadSize),s:Kr(o.s,"be",s.payloadSize)}}async function Aa(e,t,r,i,n,a){const s=new pa(e);da(s,n);const o=async()=>0===a[0]&&Ea(s,r,a.subarray(1),n);if(i&&!L.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=wa(e.payloadSize,ua[e.name],a),o=await ka.importKey("jwk",s,{name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=L.concatUint8Array([r,i]).buffer;return ka.verify({name:"ECDSA",namedCurve:ua[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;L.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=L.nodeRequire("eckey-utils"),o=L.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:la[e.name],publicKey:o.from(a)}),u=va.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=L.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await Ea(s,r,a,n)||o()}async function Ea(e,t,r,i){return(await L.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(L.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Sa=/*#__PURE__*/Object.freeze({__proto__:null,sign:Ka,validateParams:async function(e,t,r){const i=new pa(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=Er(8),n=T.hash.sha256,a=await be.digest(n,i);try{const s=await Ka(e,n,i,t,r,a);return await Aa(e,n,s,i,t,a)}catch(e){return!1}}default:return ga(T.publicKey.ecdsa,e,t,r)}},verify:Aa});var Pa=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){if(da(new pa(e),i),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await zn(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}},validateParams:async function(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Vr.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return L.equalsUint8Array(t,n)},verify:async function(e,t,{r,s:i},n,a,s){if(da(new pa(e),a),be.getHashByteLength(t)<be.getHashByteLength(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=L.concatUint8Array([r,i]);return Nn(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}});function Ua(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}function Da(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(L.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}var xa=/*#__PURE__*/Object.freeze({__proto__:null,decode:Da,encode:Ua});const Ia=L.getWebCrypto(),Ca=L.getNodeCrypto();function Ba(e,t,r,i){return L.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),L.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Ta(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await be.digest(e,L.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function _a(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await ia(T.publicKey.x25519,t.subarray(1));return{publicKey:L.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t){const r=wa(e.payloadSize,e.web,t);let i=Ia.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Ia.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Ia.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Ia.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(ma(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return L.printDebugError(r),Ra(e,t)}break;case"node":return async function(e,t){const r=Ca.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t)),n=new Uint8Array(r.getPublicKey());return{publicKey:n,sharedKey:i}}(e,t);default:return Ra(e,t)}}async function Ma(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await na(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&L.getWebCrypto())try{return await async function(e,t,r,i){const n=ba(e.payloadSize,e.web,r,i);let a=Ia.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=wa(e.payloadSize,e.web,t);let o=Ia.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Ia.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Ia.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:H(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return L.printDebugError(r),La(e,t,i)}break;case"node":return async function(e,t,r){const i=Ca.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return La(e,t,i)}}async function La(e,t,r){return{secretKey:r,sharedKey:(await L.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Ra(e,t){const r=await L.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var Fa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s){const o=new pa(e);da(o,n),da(o,r);const{sharedKey:c}=await Ma(o,r,n,a),u=Ba(T.publicKey.ecdh,e,t,s),{keySize:h}=re(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Ta(t.hash,c,h,u,1===e,2===e);return Da(await Qn(t.cipher,r,i))}catch(e){l=e}throw l},encrypt:async function(e,t,r,i,n){const a=Ua(r),s=new pa(e);da(s,i);const{publicKey:o,sharedKey:c}=await _a(s,i),u=Ba(T.publicKey.ecdh,e,t,n),{keySize:h}=re(t.cipher),l=await Ta(t.hash,c,h,u);return{publicKey:o,wrappedKey:await $n(t.cipher,l,a)}},validateParams:async function(e,t,r){return ga(T.publicKey.ecdh,e,t,r)}}),za=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:pa,ecdh:Fa,ecdhX:sa,ecdsa:Sa,eddsa:Vn,eddsaLegacy:Pa,generate:async function(e){const t=new pa(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:L.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}},getPreferredHashAlgo:function(e){return ya[e.getName()].hash}});const Na=BigInt(0),Oa=BigInt(1);var Ha=/*#__PURE__*/Object.freeze({__proto__:null,sign:async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=pr(i),n=pr(n),r=pr(r),a=pr(a),r=gr(r,i),a=gr(a,n);const l=gr(pr(t.subarray(0,vr(n))),n);for(;;){if(o=Sr(Oa,n),c=gr(dr(r,o,i),n),c===s)continue;const e=gr(a*c,n);if(h=gr(l+e,n),u=gr(mr(o,n)*h,n),u!==s)break}return{r:Kr(c,"be",vr(i)),s:Kr(u,"be",vr(i))}},validateParams:async function(e,t,r,i,n){if(e=pr(e),t=pr(t),r=pr(r),i=pr(i),r<=Oa||r>=e)return!1;if(gr(e-Oa,t)!==Na)return!1;if(dr(r,t,e)!==Oa)return!1;const a=BigInt(kr(t));if(a<BigInt(150)||!xr(t,null,32))return!1;n=pr(n);const s=BigInt(2);return i===dr(r,t*Sr(s<<a-Oa,s<<a)+n,e)},verify:async function(e,t,r,i,n,a,s,o){if(t=pr(t),r=pr(r),a=pr(a),s=pr(s),n=pr(n),o=pr(o),t<=Na||t>=s||r<=Na||r>=s)return L.printDebug("invalid DSA Signature"),!1;const c=gr(pr(i.subarray(0,vr(s))),s),u=mr(r,s);if(u===Na)return L.printDebug("invalid DSA Signature"),!1;n=gr(n,a),o=gr(o,a);const h=gr(c*u,s),l=gr(t*u,s);return gr(gr(dr(n,h,a)*dr(o,l,a),a),s)===t}});const ja=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),qa=L.getWebCrypto(),Ga=L.getNodeCrypto();var Va=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=qa||Ga.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)},sign:async function(e,t,r){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=qa||Ga.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)},verify:async function(e,t,r,i){if(!ja.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=qa||Ga.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}});async function Wa(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{publicKey:r,secretKey:i}=e.keygen(t);return{mlkemPublicKey:r,mlkemSecretKey:i}}throw Error("Unsupported KEM algorithm")}async function $a(e,t,r,i,n,a,s){const o=L.concatUint8Array([n,t,r,i,a,s,new Uint8Array([e]),L.encodeUTF8("OpenPGPCompositeKDFv1")]);return await be.digest(T.hash.sha3_256,o)}var Qa=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:async function(e,t,r,i,n,a,s,o){const c=await async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519)return await na(T.publicKey.x25519,t,0,r);throw Error("Unsupported KEM algorithm")}(e,t,i),u=await async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs");return e.decapsulate(t,r)}throw Error("Unsupported KEM algorithm")}(e,r,a),h=await $a(e,c,t,n,u,r,s);return await Qn(T.symmetric.aes256,h,o)},encrypt:async function(e,t,r,i){const{eccKeyShare:n,eccCipherText:a}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ephemeralPublicKey:e,sharedSecret:r}=await ia(T.publicKey.x25519,t);return{eccCipherText:e,eccKeyShare:r}}throw Error("Unsupported KEM algorithm")}(e,t),{mlkemKeyShare:s,mlkemCipherText:o}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{cipherText:r,sharedSecret:i}=e.encapsulate(t);return{mlkemCipherText:r,mlkemKeyShare:i}}throw Error("Unsupported KEM algorithm")}(e,r),c=await $a(e,n,a,t,s,o,r);return{eccCipherText:a,mlkemCipherText:o,wrappedKey:await $n(T.symmetric.aes256,c,i)}},generate:async function(e){const{eccPublicKey:t,eccSecretKey:r}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const{A:e,k:t}=await ea(T.publicKey.x25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported KEM algorithm")}(e),{mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const t=Er(64),{mlkemSecretKey:r,mlkemPublicKey:i}=await Wa(e,t);return{mlkemSeed:t,mlkemSecretKey:r,mlkemPublicKey:i}}throw Error("Unsupported KEM algorithm")}(e);return{eccPublicKey:t,eccSecretKey:r,mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}},mlkemExpandSecretSeed:Wa,validateParams:async function(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519)return ta(T.publicKey.x25519,t,r);throw Error("Unsupported KEM algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{mlkemPublicKey:i}=await Wa(e,r);return L.equalsUint8Array(t,i)}throw Error("Unsupported KEM algorithm")}(e,i,n);return await a&&await s}});async function Za(e,t){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs"),{secretKey:r,publicKey:i}=e.keygen(t);return{mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}function Xa(e){if(e===T.publicKey.pqc_mldsa_ed25519)return T.hash.sha3_256;throw Error("Unsupported signature algorithm")}var Ya=/*#__PURE__*/Object.freeze({__proto__:null,generate:async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSecretKey:t,eccPublicKey:r}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{A:e,seed:t}=await Fn(T.publicKey.ed25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported signature algorithm")}(e),{mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const t=Er(32),{mldsaSecretKey:r,mldsaPublicKey:i}=await Za(e,t);return{mldsaSeed:t,mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}(e);return{eccSecretKey:t,eccPublicKey:r,mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}}throw Error("Unsupported signature algorithm")},getRequiredHashAlgo:Xa,mldsaExpandSecretSeed:Za,sign:async function(e,t,r,i,n,a){if(t!==Xa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSignature:s}=await async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519){const{RS:e}=await zn(T.publicKey.ed25519,t,0,i,r,n);return{eccSignature:e}}throw Error("Unsupported signature algorithm")}(e,t,r,i,a),{mldsaSignature:o}=await async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return{mldsaSignature:e.sign(t,r)}}throw Error("Unsupported signature algorithm")}(e,n,a);return{eccSignature:s,mldsaSignature:o}}throw Error("Unsupported signature algorithm")},validateParams:async function(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519)return On(T.publicKey.ed25519,t,r);throw Error("Unsupported signature algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{mldsaPublicKey:i}=await Za(e,r);return L.equalsUint8Array(t,i)}throw Error("Unsupported signature algorithm")}(e,i,n);return await a&&await s},verify:async function(e,t,r,i,n,{eccSignature:a,mldsaSignature:s}){if(t!==Xa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const o=async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519)return Nn(T.publicKey.ed25519,t,{RS:n},0,r,i);throw Error("Unsupported signature algorithm")}(e,t,r,n,a),c=async function(e,t,r,i){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return e.verify(t,r,i)}throw Error("Unsupported signature algorithm")}(e,i,n,s);return await o&&await c}throw Error("Unsupported signature algorithm")}}),Ja={rsa:Hr,elgamal:qr,elliptic:za,dsa:Ha,hmac:Va,postQuantum:/*#__PURE__*/Object.freeze({__proto__:null,kem:Qa,signature:Ya})};class es{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!L.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return L.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}var ts=/*#__PURE__*/Object.freeze({__proto__:null,parseSignatureParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*Ja.elliptic.eddsa.getPayloadSize(e),n=L.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new es;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}case T.publicKey.pqc_mldsa_ed25519:{const e=2*Ja.elliptic.eddsa.getPayloadSize(T.publicKey.ed25519),i=L.readExactSubarray(t,r,r+e);r+=i.length;const n=L.readExactSubarray(t,r,r+3309);return r+=n.length,{read:r,signatureParams:{eccSignature:i,mldsaSignature:n}}}default:throw new qi("Unknown signature algorithm.")}},sign:async function(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Ja.rsa.sign(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:n,q:s}=r,{x:o}=i;return Ja.dsa.sign(t,a,e,n,s,o)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return Ja.elliptic.ecdsa.sign(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:s}=r,{seed:o}=i;return Ja.elliptic.eddsaLegacy.sign(e,t,n,s,o,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:s}=r,{seed:o}=i;return Ja.elliptic.eddsa.sign(e,t,n,s,o,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await Ja.hmac.sign(e.getValue(),t,a);return{mac:new es(n)}}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n}=r,{eccSecretKey:s,mldsaSecretKey:o}=i;return Ja.postQuantum.signature.sign(e,t,s,n,o,a)}default:throw Error("Unknown signature algorithm.")}},verify:async function(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i,o=L.leftPad(r.s,e.length);return Ja.rsa.verify(t,a,o,e,n,s)}case T.publicKey.dsa:{const{g:e,p:n,q:a,y:o}=i,{r:c,s:u}=r;return Ja.dsa.verify(t,c,u,s,e,n,a,o)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new Ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return Ja.elliptic.ecdsa.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i,o=new Ja.elliptic.CurveWithOID(e).payloadSize,c=L.leftPad(r.r,o),u=L.leftPad(r.s,o);return Ja.elliptic.eddsaLegacy.verify(e,t,{r:c,s:u},a,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return Ja.elliptic.eddsa.verify(e,t,r,a,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return Ja.hmac.verify(e.getValue(),t,r.mac.data,s)}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n,mldsaPublicKey:a}=i;return Ja.postQuantum.signature.verify(e,t,n,a,s,r)}default:throw Error("Unknown signature algorithm.")}}});class rs{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return L.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class is{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new qi("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return L.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const ns=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},as=ns(T.aead),ss=ns(T.symmetric),os=ns(T.hash);class cs{static fromObject({wrappedKey:e,algorithm:t}){const r=new cs;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=L.readExactSubarray(e,t,t+r),t+=r}write(){return L.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}async function us(e,t){const r=Er(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await be.sha256(r)}}}function hs(e){const{keySize:t}=re(e);return Er(t)}function ls(e){const t=T.read(T.aead,e);return hr[t]}function ys(e){try{e.getName()}catch(e){throw new qi("Unknown curve OID")}}function ps(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new Ja.elliptic.CurveWithOID(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.getPayloadSize(e);case T.publicKey.x25519:case T.publicKey.x448:return Ja.elliptic.ecdhX.getPayloadSize(e);default:throw Error("Unknown elliptic algo")}}var gs=/*#__PURE__*/Object.freeze({__proto__:null,generateParams:async function(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return Ja.rsa.generate(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.eddsaLegacy:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new Li(e),Q:t}})));case T.publicKey.ecdh:return Ja.elliptic.generate(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new Li(e),Q:t,kdfParams:new is({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.generate(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return Ja.elliptic.ecdhX.generate(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return us(await Ja.hmac.generate(i),new os(i));case T.publicKey.aead:return us(hs(i),new ss(i));case T.publicKey.pqc_mlkem_x25519:return Ja.postQuantum.kem.generate(e).then((({eccSecretKey:e,eccPublicKey:t,mlkemSeed:r,mlkemSecretKey:i,mlkemPublicKey:n})=>({privateParams:{eccSecretKey:e,mlkemSeed:r,mlkemSecretKey:i},publicParams:{eccPublicKey:t,mlkemPublicKey:n}})));case T.publicKey.pqc_mldsa_ed25519:return Ja.postQuantum.signature.generate(e).then((({eccSecretKey:e,eccPublicKey:t,mldsaSeed:r,mldsaSecretKey:i,mldsaPublicKey:n})=>({privateParams:{eccSecretKey:e,mldsaSeed:r,mldsaSecretKey:i},publicParams:{eccPublicKey:t,mldsaPublicKey:n}})));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}},generateSessionKey:hs,getAEADMode:ls,getCipherParams:re,getCurvePayloadSize:ps,getPreferredCurveHashAlgo:function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return Ja.elliptic.getPreferredHashAlgo(t);case T.publicKey.ed25519:case T.publicKey.ed448:return Ja.elliptic.eddsa.getPreferredHashAlgo(e);default:throw Error("Unknown elliptic signing algo")}},getPrefixRandom:async function(e){const{blockSize:t}=re(e),r=await Er(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return L.concat([r,i])},parseEncSessionKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:L.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;return{c1:e,c2:L.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=new rs;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=ps(e),n=L.readExactSubarray(t,r,r+i);r+=n.length;const a=new cs;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new as;r+=e.read(t.subarray(r));const{ivLength:i}=ls(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new es;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}case T.publicKey.pqc_mlkem_x25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.x25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1088);r+=i.length;const n=new cs;return n.read(t.subarray(r)),{eccCipherText:e,mlkemCipherText:i,C:n}}default:throw new qi("Unknown public key encryption algorithm.")}},parsePrivateKeyParams:async function(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(i));i+=e.length+2;const r=L.readMPI(t.subarray(i));i+=r.length+2;const n=L.readMPI(t.subarray(i));i+=n.length+2;const a=L.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=ps(e,r.oid);let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=ps(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=L.readMPI(t.subarray(i));return i+=a.length+2,a=L.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=ps(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=ps(e),n=L.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=be.getHashByteLength(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=re(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}case T.publicKey.pqc_mlkem_x25519:{const r=L.readExactSubarray(t,i,i+ps(T.publicKey.x25519));i+=r.length;const n=L.readExactSubarray(t,i,i+64);i+=n.length;const{mlkemSecretKey:a}=await Ja.postQuantum.kem.mlkemExpandSecretSeed(e,n);return{read:i,privateParams:{eccSecretKey:r,mlkemSecretKey:a,mlkemSeed:n}}}case T.publicKey.pqc_mldsa_ed25519:{const r=L.readExactSubarray(t,i,i+ps(T.publicKey.ed25519));i+=r.length;const n=L.readExactSubarray(t,i,i+32);i+=n.length;const{mldsaSecretKey:a}=await Ja.postQuantum.signature.mldsaExpandSecretSeed(e,n);return{read:i,privateParams:{eccSecretKey:r,mldsaSecretKey:a,mldsaSeed:n}}}default:throw new qi("Unknown public key encryption algorithm.")}},parsePublicKeyParams:function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));r+=n.length+2;const a=L.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=L.readMPI(t.subarray(r));r+=e.length+2;const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=L.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new Li;r+=e.read(t),ys(e);const i=L.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new Li;if(r+=e.read(t),ys(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=L.readMPI(t.subarray(r));return r+=i.length+2,i=L.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new Li;r+=e.read(t),ys(e);const i=L.readMPI(t.subarray(r));r+=i.length+2;const n=new is;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=L.readExactSubarray(t,r,r+ps(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new ss;r+=e.read(t);const i=be.getHashByteLength(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}case T.publicKey.pqc_mlkem_x25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.x25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1184);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mlkemPublicKey:i}}}case T.publicKey.pqc_mldsa_ed25519:{const e=L.readExactSubarray(t,r,r+ps(T.publicKey.ed25519));r+=e.length;const i=L.readExactSubarray(t,r,r+1952);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mldsaPublicKey:i}}}default:throw new qi("Unknown public key encryption algorithm.")}},publicKeyDecrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return Ja.rsa.decrypt(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i,s=t.p,o=r.x;return Ja.elgamal.decrypt(e,n,s,o,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Ja.elliptic.ecdh.decrypt(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!L.isAES(o.algorithm))throw Error("AES session key expected");return Ja.elliptic.ecdhX.decrypt(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=ls(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:n,mlkemSecretKey:a}=r,{eccPublicKey:s,mlkemPublicKey:o}=t,{eccCipherText:c,mlkemCipherText:u,C:h}=i;return Ja.postQuantum.kem.decrypt(e,c,u,n,s,a,o,h.wrappedKey)}default:throw Error("Unknown public key encryption algorithm.")}},publicKeyEncrypt:async function(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ja.rsa.encrypt(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return Ja.elgamal.encrypt(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Ja.elliptic.ecdh.encrypt(e,i,n,t,a);return{V:s,C:new rs(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!L.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await Ja.elliptic.ecdhX.encrypt(e,n,i);return{ephemeralPublicKey:a,C:cs.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=_.preferredAEADAlgorithm,o=ls(_.preferredAEADAlgorithm),{ivLength:c}=o,u=Er(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new as(s),iv:u,c:new es(l)}}case T.publicKey.pqc_mlkem_x25519:{const{eccPublicKey:i,mlkemPublicKey:a}=r,{eccCipherText:s,mlkemCipherText:o,wrappedKey:c}=await Ja.postQuantum.kem.encrypt(e,i,a,n);return{eccCipherText:s,mlkemCipherText:o,C:cs.fromObject({algorithm:t,wrappedKey:c})}}default:return[]}},serializeParams:function(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac,T.publicKey.pqc_mlkem_x25519,T.publicKey.pqc_mldsa_ed25519]),i={[T.publicKey.pqc_mlkem_x25519]:new Set(["mlkemSecretKey"]),[T.publicKey.pqc_mldsa_ed25519]:new Set(["mldsaSecretKey"])},n=Object.keys(t).map((n=>{if(i[e]?.has(n))return new Uint8Array;const a=t[n];return L.isUint8Array(a)?r.has(e)?a:L.uint8ArrayToMPI(a):a.write()}));return L.concatUint8Array(n)},validateParams:async function(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return Ja.rsa.validateParams(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return Ja.dsa.validateParams(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return Ja.elgamal.validateParams(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=Ja.elliptic[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return Ja.elliptic.eddsaLegacy.validateParams(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return Ja.elliptic.eddsa.validateParams(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return Ja.elliptic.ecdhX.validateParams(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return be.getHashByteLength(e.getValue())===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=re(e.getValue());return s===a.length&&L.equalsUint8Array(i,await be.sha256(n))}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:i,mlkemSeed:n}=r,{eccPublicKey:a,mlkemPublicKey:s}=t;return Ja.postQuantum.kem.validateParams(e,a,i,s,n)}case T.publicKey.pqc_mldsa_ed25519:{const{eccSecretKey:i,mldsaSeed:n}=r,{eccPublicKey:a,mldsaPublicKey:s}=t;return Ja.postQuantum.signature.validateParams(e,a,i,s,n)}default:throw Error("Unknown public key algorithm.")}}});const ds={cipher:ie,hash:be,mode:hr,publicKey:Ja,signature:ts,random:Pr,pkcs1:Mr,pkcs5:xa,aesKW:Zn};Object.assign(ds,gs);class fs extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,fs),this.name="Argon2OutOfMemoryError"}}let ms,ws,bs=2<<19;class ks{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return bs}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){bs=e}static reloadWasmModule(){ms&&(ws=ms(),ws.catch((()=>{})))}constructor(e=_){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=ds.random.getRandomBytes(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return L.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{ms=ms||(await import("./argon2id.min.mjs")).default,ws=ws||ms();const i=await ws,n=i({version:19,type:2,password:L.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ks.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ks.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new fs("Could not allocate required memory for Argon2"):e}}}class vs{constructor(e,t=_){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=ds.random.getRandomBytes(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==L.uint8ArrayToString(e.subarray(t,t+3)))throw new qi("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new qi("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new qi("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...L.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return L.concatUint8Array(e)}async produceKey(e,t){e=L.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=L.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=L.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=L.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await ds.hash.digest(this.algorithm,t);r.push(a),i+=a.length,n++}return L.concatUint8Array(r).subarray(0,t)}}const Ks=new Set([T.s2k.argon2,T.s2k.iterated]);function As(e,t=_){switch(e){case T.s2k.argon2:return new ks(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new vs(e,t);default:throw new qi("Unsupported S2K type")}}function Es(e){const{s2kType:t}=e;if(!Ks.has(t))throw Error("The provided `config.s2kType` value is not allowed");return As(t,e)}var Ss=Uint8Array,Ps=Uint16Array,Us=Uint32Array,Ds=new Ss([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),xs=new Ss([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),Is=new Ss([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),Cs=function(e,t){for(var r=new Ps(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new Us(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},Bs=Cs(Ds,2),Ts=Bs[0],_s=Bs[1];Ts[28]=258,_s[258]=28;for(var Ms=Cs(xs,0),Ls=Ms[0],Rs=Ms[1],Fs=new Ps(32768),zs=0;zs<32768;++zs){var Ns=(43690&zs)>>>1|(21845&zs)<<1;Ns=(61680&(Ns=(52428&Ns)>>>2|(13107&Ns)<<2))>>>4|(3855&Ns)<<4,Fs[zs]=((65280&Ns)>>>8|(255&Ns)<<8)>>>1}var Os=function(e,t,r){for(var i=e.length,n=0,a=new Ps(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new Ps(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new Ps(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[Fs[l]>>>c]=u}else for(s=new Ps(i),n=0;n<i;++n)e[n]&&(s[n]=Fs[o[e[n]-1]++]>>>15-e[n]);return s},Hs=new Ss(288);for(zs=0;zs<144;++zs)Hs[zs]=8;for(zs=144;zs<256;++zs)Hs[zs]=9;for(zs=256;zs<280;++zs)Hs[zs]=7;for(zs=280;zs<288;++zs)Hs[zs]=8;var js=new Ss(32);for(zs=0;zs<32;++zs)js[zs]=5;var qs=/*#__PURE__*/Os(Hs,9,0),Gs=/*#__PURE__*/Os(Hs,9,1),Vs=/*#__PURE__*/Os(js,5,0),Ws=/*#__PURE__*/Os(js,5,1),$s=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Qs=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},Zs=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},Xs=function(e){return(e+7)/8|0},Ys=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?Ps:4==e.BYTES_PER_ELEMENT?Us:Ss)(r-t);return i.set(e.subarray(t,r)),i},Js=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],eo=function(e,t,r){var i=Error(t||Js[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,eo),!r)throw i;return i},to=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},ro=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},io=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[ho,0];if(1==n){var s=new Ss(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new Ps(y+1),g=no(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=a[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=a[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new Ss(p),g]},no=function(e,t,r){return-1==e.s?Math.max(no(e.l,t,r+1),no(e.r,t,r+1)):t[e.s]=r},ao=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new Ps(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},so=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},oo=function(e,t,r){var i=r.length,n=Xs(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},co=function(e,t,r,i,n,a,s,o,c,u,h){to(t,h++,r),++n[256];for(var l=io(n,15),y=l[0],p=l[1],g=io(a,15),d=g[0],f=g[1],m=ao(y),w=m[0],b=m[1],k=ao(d),v=k[0],K=k[1],A=new Ps(19),E=0;E<w.length;++E)A[31&w[E]]++;for(E=0;E<v.length;++E)A[31&v[E]]++;for(var S=io(A,7),P=S[0],U=S[1],D=19;D>4&&!P[Is[D-1]];--D);var x,I,C,B,T=u+5<<3,_=so(n,Hs)+so(a,js)+s,M=so(n,y)+so(a,d)+s+14+3*D+so(A,P)+(2*A[16]+3*A[17]+7*A[18]);if(T<=_&&T<=M)return oo(t,h,e.subarray(c,c+u));if(to(t,h,1+(M<_)),h+=2,M<_){x=Os(y,p,0),I=y,C=Os(d,f,0),B=d;var L=Os(P,U,0);to(t,h,b-257),to(t,h+5,K-1),to(t,h+10,D-4),h+=14;for(E=0;E<D;++E)to(t,h+3*E,P[Is[E]]);h+=3*D;for(var R=[w,v],F=0;F<2;++F){var z=R[F];for(E=0;E<z.length;++E){var N=31&z[E];to(t,h,L[N]),h+=P[N],N>15&&(to(t,h,z[E]>>>5&127),h+=z[E]>>>12)}}}else x=qs,I=Hs,C=Vs,B=js;for(E=0;E<o;++E)if(i[E]>255){N=i[E]>>>18&31;ro(t,h,x[N+257]),h+=I[N+257],N>7&&(to(t,h,i[E]>>>23&31),h+=Ds[N]);var O=31&i[E];ro(t,h,C[O]),h+=B[O],O>3&&(ro(t,h,i[E]>>>5&8191),h+=xs[O])}else ro(t,h,x[i[E]]),h+=I[i[E]];return ro(t,h,x[256]),h+I[256]},uo=/*#__PURE__*/new Us([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),ho=/*#__PURE__*/new Ss(0),lo=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new Ss(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=oo(c,u+1,e.subarray(h,l))}else{for(var y=uo[t-1],p=y>>>13,g=8191&y,d=(1<<r)-1,f=new Ps(32768),m=new Ps(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new Us(25e3),K=new Ps(288),A=new Ps(32),E=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),I=32767&h,C=m[x];if(f[I]=C,m[x]=I,U<=h){var B=s-h;if((E>7e3||P>24576)&&B>423){u=co(e,c,0,v,K,A,S,P,D,h-D,u),P=E=S=0,D=h;for(var T=0;T<286;++T)K[T]=0;for(T=0;T<30;++T)A[T]=0}var _=2,M=0,L=g,R=I-C&32767;if(B>2&&x==k(h-R))for(var F=Math.min(p,B)-1,z=Math.min(32767,h),N=Math.min(258,B);R<=z&&--L&&I!=C;){if(e[h+_]==e[h+_-R]){for(var O=0;O<N&&e[h+O]==e[h+O-R];++O);if(O>_){if(_=O,M=R,O>F)break;var H=Math.min(R,O-2),j=0;for(T=0;T<H;++T){var q=h-R+T+32768&32767,G=q-f[q]+32768&32767;G>j&&(j=G,C=q)}}}R+=(I=C)-(C=f[I])+32768&32767}if(M){v[P++]=268435456|_s[_]<<18|Rs[M];var V=31&_s[_],W=31&Rs[M];S+=Ds[V]+xs[W],++K[257+V],++A[W],U=h+_,++E}else v[P++]=e[h],++K[e[h]]}}u=co(e,c,a,v,K,A,S,P,D,h-D,u),!a&&7&u&&(u=oo(c,u+1,ho))}return Ys(o,0,i+Xs(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},yo=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(lo(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||eo(5),this.d&&eo(4),this.d=t,this.p(e,t||!1)},e}(),po=/*#__PURE__*/function(){function e(e){this.s={},this.p=new Ss(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||eo(5),this.d&&eo(4);var t=this.p.length,r=new Ss(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new Ss(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new Ss(3*i));var s=function(e){var r=t.length;if(e>r){var i=new Ss(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=Qs(e,c,1);var d=Qs(e,c+1,3);if(c+=3,!d){var f=e[(U=Xs(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){a&&eo(0);break}n&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=Gs,l=Ws,y=9,p=5;else if(2==d){var w=Qs(e,c,31)+257,b=Qs(e,c+10,15)+4,k=w+Qs(e,c+5,31)+1;c+=14;for(var v=new Ss(k),K=new Ss(19),A=0;A<b;++A)K[Is[A]]=Qs(e,c+3*A,7);c+=3*b;var E=$s(K),S=(1<<E)-1,P=Os(K,E,1);for(A=0;A<k;){var U,D=P[Qs(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[A++]=U;else{var x=0,I=0;for(16==U?(I=3+Qs(e,c,3),c+=2,x=v[A-1]):17==U?(I=3+Qs(e,c,7),c+=3):18==U&&(I=11+Qs(e,c,127),c+=7);I--;)v[A++]=x}}var C=v.subarray(0,w),B=v.subarray(w);y=$s(C),p=$s(B),h=Os(C,y,1),l=Os(B,p,1)}else eo(1);if(c>g){a&&eo(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,_=(1<<p)-1,M=c;;M=c){var L=(x=h[Zs(e,c)&T])>>>4;if((c+=15&x)>g){a&&eo(0);break}if(x||eo(2),L<256)t[u++]=L;else{if(256==L){M=c,h=null;break}var R=L-254;if(L>264){var F=Ds[A=L-257];R=Qs(e,c,(1<<F)-1)+Ts[A],c+=F}var z=l[Zs(e,c)&_],N=z>>>4;if(z||eo(3),c+=15&z,B=Ls[N],N>3&&(F=xs[N],B+=Zs(e,c)&(1<<F)-1,c+=F),c>g){a&&eo(0);break}n&&s(u+131072);for(var O=u+R;u<O;u+=4)t[u]=t[u-B],t[u+1]=t[u+1-B],t[u+2]=t[u+2-B],t[u+3]=t[u+3-B];u=O}}r.l=h,r.p=M,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:Ys(t,0,u)}(this.p,this.o,this.s);this.ondata(Ys(r,t,this.s.b),this.d),this.o=Ys(r,this.s.b-32768),this.s.b=this.o.length,this.p=Ys(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),go=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,yo.call(this,e,t)}return e.prototype.push=function(e,t){yo.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=lo(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),fo=/*#__PURE__*/function(){function e(e){this.v=1,po.call(this,e)}return e.prototype.push=function(e,t){if(po.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&eo(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),po.prototype.c.call(this,t)},e}(),mo="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{mo.decode(ho,{stream:!0}),1}catch(e){}class wo{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=L.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||L.isStream(this.text))&&(this.text=L.decodeUTF8(L.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=L.canonicalizeEOL(L.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await K(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=L.decodeUTF8(await e.readBytes(r)),this.date=L.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=L.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=L.writeDate(this.date);return L.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return L.concat([e,t])}}class bo{constructor(){this.bytes=""}read(e){return this.bytes=L.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return L.stringToUint8Array(this.bytes)}toHex(){return L.uint8ArrayToHex(L.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new bo;return t.read(L.hexToUint8Array(e)),t}static wildcard(){const e=new bo;return e.read(new Uint8Array(8)),e}}const ko=Symbol("verified"),vo="salt@notations.openpgpjs.org",Ko=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class Ao{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new bo,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[ko]=null}read(e,t=_){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new qi("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=ds.signature.parseSignatureParams(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>ds.serializeParams(this.publicKeyAlgorithm,await this.params))):ds.serializeParams(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),L.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=L.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=So(this.hashAlgorithm);if(null===this.salt)this.salt=ds.random.getRandomBytes(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===vo)).length)throw Error("Unexpected existing salt notation");{const e=ds.random.getRandomBytes(So(this.hashAlgorithm));this.rawNotations.push({name:vo,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=L.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(A(o),0,2);const c=async()=>ds.signature.sign(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));L.isStream(o)?this.params=c():(this.params=await c(),this[ko]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Eo(e.signatureCreationTime,!0,L.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Eo(e.signatureExpirationTime,!0,L.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Eo(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Eo(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Eo(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Eo(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Eo(e.keyExpirationTime,!0,L.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Eo(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=L.concat([r,this.revocationKeyFingerprint]),t.push(Eo(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Eo(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=L.encodeUTF8(i);r.push(L.writeNumber(o.length,2)),r.push(L.writeNumber(n.length,2)),r.push(o),r.push(n),r=L.concat(r),t.push(Eo(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Eo(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Eo(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyServerPreferences)),t.push(Eo(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Eo(e.preferredKeyServer,!1,L.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Eo(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Eo(e.policyURI,!1,L.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.keyFlags)),t.push(Eo(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Eo(e.signersUserID,!1,L.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=L.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Eo(e.reasonForRevocation,!0,r))),null!==this.features&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.features)),t.push(Eo(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(L.stringToUint8Array(this.signatureTargetHash)),r=L.concat(r),t.push(Eo(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Eo(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=L.concat(r),t.push(Eo(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=L.stringToUint8Array(L.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Eo(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Eo(e.preferredCipherSuites,!1,r)));const i=L.concat(t),n=L.writeNumber(i.length,6===this.version?4:2);return L.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Eo(e,t,r))),t=L.concat(e),r=L.writeNumber(t.length,6===this.version?4:2);return L.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),Ko.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=L.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=L.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=L.readNumber(e.subarray(r,r+2));r+=2;const a=L.readNumber(e.subarray(r,r+2));r+=2;const s=L.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=L.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=L.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=ds.getHashByteLength(this.signatureTargetHashAlgorithm);this.signatureTargetHash=L.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Ao,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=L.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Ri(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?L.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return L.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return L.concat([this.toSign(r.key,t),new Uint8Array([i]),L.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return L.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(A(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(L.writeNumber(r,4)),L.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return L.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==So(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),ds.hash.digest(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=_){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[ko]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[ko]=await ds.signature.verify(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[ko])throw Error("Signature verification failed")}const o=L.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=L.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Eo(e,t,r){const i=[];return i.push(Fi(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),L.concat(i)}function So(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class Po{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new Po;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new bo,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new bo,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),L.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>Ao.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!L.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!L.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Uo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new Gi("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}Po.prototype.hash=Ao.prototype.hash,Po.prototype.toHash=Ao.prototype.toHash,Po.prototype.toSign=Ao.prototype.toSign;class Do extends Array{static async fromBinary(e,t,r=_){const i=new Do;return await i.read(e,t,r),i}async read(e,t,r=_){r.additionalAllowedPackets.length&&(t={...t,...L.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=C(i);try{for(;;){await n.ready;if(await ji(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=Uo(e.tag,t);i.packets=new Do,i.fromStream=L.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof Gi){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof qi,a=!(r.ignoreMalformedPackets||t instanceof qi);if(i||a||Hi(e.tag))await n.abort(t);else{const t=new Vi(e.tag,e.packet);await n.write(t)}L.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=I(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Hi(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Vi?this[t].tag:this[t].constructor.tag,i=this[t].write();if(L.isStream(i)&&Hi(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Ni(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=L.concat([zi(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>L.concat([Fi(n)].concat(t)))))}else{if(L.isStream(i)){let t=0;e.push(k(A(i),(e=>{t+=e.length}),(()=>Oi(r,t))))}else e.push(Oi(r,i.length));e.push(i)}}return L.concat(e)}filterByTag(...e){const t=new Do,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const xo=/*#__PURE__*/L.constructAllowedPackets([wo,Po,Ao]);class Io{static get tag(){return T.packet.compressedData}constructor(e=_){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=_){await K(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),L.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=_){const t=T.read(T.compression,this.algorithm),r=Mo[t];if(!r)throw Error(t+" decompression not supported");this.packets=await Do.fromBinary(await r(this.compressed),xo,e)}compress(){const e=T.read(T.compression,this.algorithm),t=_o[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Co(e,t){return r=>{if(!L.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function Bo(){return async function(e){const{decode:t}=await import("./seek-bzip.min.mjs").then((function(e){return e.i}));return x((async()=>t(await U(e))))}}const To=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),_o={zip:/*#__PURE__*/Co(To("deflate-raw").compressor,yo),zlib:/*#__PURE__*/Co(To("deflate").compressor,go)},Mo={uncompressed:e=>e,zip:/*#__PURE__*/Co(To("deflate-raw").decompressor,po),zlib:/*#__PURE__*/Co(To("deflate").decompressor,fo),bzip2:/*#__PURE__*/Bo()},Lo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class Ro{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Ro;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new qi(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):L.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=_){const{blockSize:i,keySize:n}=ds.getCipherParams(e);if(t.length!==n)throw Error("Unexpected session key size");let a=this.packets.write();if(s(a)&&(a=await U(a)),2===this.version)this.cipherAlgorithm=e,this.salt=ds.random.getRandomBytes(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Fo(this,"encrypt",t,a);else{const n=await ds.getPrefixRandom(e),s=new Uint8Array([211,20]),o=L.concat([n,a,s]),c=await ds.hash.sha1(E(o)),u=L.concat([o,c]);this.encrypted=await ds.mode.cfb.encrypt(e,t,u,new Uint8Array(i),r)}return!0}async decrypt(e,t,r=_){if(t.length!==ds.getCipherParams(e).keySize)throw Error("Unexpected session key size");let i,n=A(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");i=await Fo(this,"decrypt",t,n)}else{const{blockSize:a}=ds.getCipherParams(e),s=await ds.mode.cfb.decrypt(e,t,n,new Uint8Array(a)),o=P(E(s),-20),c=P(s,0,-20),u=Promise.all([U(await ds.hash.sha1(E(c))),U(o)]).then((([e,t])=>{if(!L.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=f([i,x((()=>u))]),L.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await Do.fromBinary(i,Lo,r),!0}}async function Fo(e,t,r,i){const n=e instanceof Ro&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=ds.getAEADMode(e.aeadAlgorithm),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),d=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let f,w,b=0,k=Promise.resolve(),K=0,A=0;if(n){const{keySize:t}=ds.getCipherParams(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await Yn(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),f=a.subarray(t),f.fill(0,f.length-8),w=new DataView(f.buffer,f.byteOffset,f.byteLength)}else f=e.iv;const E=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==L.isStream(r)){const t=new TransformStream({},{highWaterMark:L.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=I(r),s=C(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=f;else{m=f.slice();for(let e=0;e<8;e++)m[f.length-8+e]^=d[e]}if(!b||e.length?(a.unshift(r),i=E[t](e,m,y),i.catch((()=>{})),A+=e.length-o+c):(g.setInt32(5+h+4,K),i=E[t](r,m,p),i.catch((()=>{})),A+=c,l=!0),K+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),A-=e.length})).catch((e=>s.abort(e))),(l||A>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(f.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const zo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class No{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{const t=await e.readByte();if(1!==t)throw new qi(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=ds.getAEADMode(this.aeadAlgorithm);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return L.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=_){this.packets=await Do.fromBinary(await Fo(this,"decrypt",t,A(this.encrypted)),zo,r)}async encrypt(e,t,r=_){this.cipherAlgorithm=e;const{ivLength:i}=ds.getAEADMode(this.aeadAlgorithm);this.iv=ds.random.getRandomBytes(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await Fo(this,"encrypt",t,n)}}const Oo=new Set([T.publicKey.x25519,T.publicKey.x448,T.publicKey.pqc_mlkem_x25519]);class Ho{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new bo,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new Ho;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?bo.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=bo.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=ds.parseEncSessionKeyParams(this.publicKeyAlgorithm,e.subarray(t)),Oo.has(this.publicKeyAlgorithm))if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),ds.serializeParams(this.publicKeyAlgorithm,this.encrypted)),L.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=jo(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await ds.publicKeyEncrypt(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?jo(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await ds.publicKeyDecrypt(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=L.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:L.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:L.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);if(3===this.version){const e=!Oo.has(this.publicKeyAlgorithm);if(this.sessionKeyAlgorithm=e?s:this.sessionKeyAlgorithm,a.length!==ds.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=a}}function jo(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return L.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,L.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return i;default:throw Error("Unsupported public key algorithm")}}class qo{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=_){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new qi(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=As(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=ds.getAEADMode(this.aeadAlgorithm);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=L.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=L.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=L.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=L.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=ds.getCipherParams(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=ds.getAEADMode(this.aeadAlgorithm),r=new Uint8Array([192|qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await Yn(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await ds.mode.cfb.decrypt(t,n,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==ds.getCipherParams(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=n}async encrypt(e,t=_){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=Es(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=ds.getCipherParams(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=ds.generateSessionKey(this.sessionKeyAlgorithm)),this.version>=5){const e=ds.getAEADMode(this.aeadAlgorithm);this.iv=ds.random.getRandomBytes(e.ivLength);const t=new Uint8Array([192|qo.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await Yn(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=L.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await ds.mode.cfb.encrypt(r,a,e,new Uint8Array(i),t)}}}class Go{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=_){this.version=t.v6Keys?6:4,this.created=L.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Go,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=_){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new qi("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=L.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=ds.parsePublicKeyParams(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error("Unexpected key version: ML-DSA and ML-KEM algorithms can only be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new qi(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(L.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=ds.serializeParams(this.algorithm,this.publicParams);return this.version>=5&&e.push(L.writeNumber(t.length,4)),e.push(t),L.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return L.concatUint8Array([new Uint8Array([r]),L.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new bo,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await ds.hash.sha256(e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await ds.hash.sha1(e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return L.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&L.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=L.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Go.prototype.readPublicKey=Go.prototype.read,Go.prototype.writePublicKey=Go.prototype.write;const Vo=/*#__PURE__*/L.constructAllowedPackets([wo,Io,Po,Ao]);class Wo{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=_){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=ds.getCipherParams(e),n=await U(A(this.encrypted)),a=await ds.mode.cfb.decrypt(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await Do.fromBinary(a,Vo,r)}async encrypt(e,t,r=_){const i=this.packets.write(),{blockSize:n}=ds.getCipherParams(e),a=await ds.getPrefixRandom(e),s=await ds.mode.cfb.encrypt(e,t,a,new Uint8Array(n),r),o=await ds.mode.cfb.encrypt(e,t,i,s.subarray(2),r);this.encrypted=L.concat([s,o])}}class $o{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class Qo extends Go{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new Qo,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class Zo{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Ri(e.subarray(t,e.length));t+=r.offset,this.attributes.push(L.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(Fi(this.attributes[t].length)),e.push(L.stringToUint8Array(this.attributes[t]));return L.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Zo)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Xo extends Go{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=_){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=_){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=As(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+ds.getCipherParams(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+ds.getAEADMode(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!L.equalsUint8Array(L.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=await ds.parsePrivateKeyParams(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof qi)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return L.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=ds.serializeParams(this.algorithm,this.privateParams)),5===this.version&&t.push(L.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(L.writeChecksum(this.keyMaterial))),L.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=_){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=As(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=_){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=Es(t),this.s2k.generateSalt();const r=ds.serializeParams(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=ds.getCipherParams(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=ds.getAEADMode(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Ni(this.constructor.tag),s=await Yo(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?ds.random.getRandomBytes(i):ds.random.getRandomBytes(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const n=await Yo(this.version,this.s2k,e,this.symmetric);this.iv=ds.random.getRandomBytes(i),this.keyMaterial=await ds.mode.cfb.encrypt(this.symmetric,n,L.concatUint8Array([r,await ds.hash.sha1(r,t)]),this.iv,t)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Ni(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await Yo(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=ds.getAEADMode(this.aead),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:L.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await ds.mode.cfb.decrypt(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await ds.hash.sha1(i);if(!L.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=await ds.parsePrivateKeyParams(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await ds.validateParams(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error(`Cannot generate v${this.version} keys of type 'pqc'. Generate a v6 key instead`);const{privateParams:i,publicParams:n}=await ds.generateParams(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function Yo(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=ds.getCipherParams(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=L.concatUint8Array([a,new Uint8Array([e,i,n])]);return Yn(T.hash.sha256,c,new Uint8Array,u,o)}class Jo{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(L.isString(e)||e.name&&!L.isString(e.name)||e.email&&!L.isEmailAddress(e.email)||e.comment&&!L.isString(e.comment))throw Error("Invalid user ID format");const t=new Jo;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=_){const r=L.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return L.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class ec extends Xo{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=_){super(e,t)}}class tc{static get tag(){return T.packet.trust}read(){throw new qi("Trust packets are not supported")}write(){throw new qi("Trust packets are not supported")}}class rc{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await ds.random.getRandomBytes(e)}}const ic=/*#__PURE__*/L.constructAllowedPackets([Ao]);class nc{constructor(e){this.packets=e||new Do}write(){return this.packets.write()}armor(e=_){const t=this.packets.some((e=>e.constructor.tag===Ao.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function ac({armoredSignature:e,binarySignature:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!L.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!L.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await Do.fromBinary(n,ic,r);return new nc(s)}async function sc(e,t){const r=new ec(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function oc(e,t){const r=new Xo(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function cc(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw L.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function uc(e,t,r=new Date){const i=L.normalizeDate(r);if(null!==i){const r=gc(e,t);return!(e.created<=i&&i<r)}return!1}async function hc(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await lc(n,[],e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await lc(n,[],t,a,r.date,void 0,void 0,void 0,i)}async function lc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Ao;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await async function(e,t,r=new Date,i=[],n){if(t.algorithm===T.publicKey.pqc_mldsa_ed25519)return ds.publicKey.postQuantum.signature.getRequiredHashAlgo(t.algorithm);const a=T.hash.sha256,s=n.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,i[t],n)).preferredHashAlgorithms))),c=new Map;for(const e of o)for(const t of e)try{const e=T.write(T.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===a,h=()=>{if(0===c.size)return a;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>ds.hash.getHashByteLength(e)-ds.hash.getHashByteLength(t)))[0];return ds.hash.getHashByteLength(e)>=ds.hash.getHashByteLength(a)?e:a};if(new Set([T.publicKey.ecdsa,T.publicKey.eddsaLegacy,T.publicKey.ed25519,T.publicKey.ed448]).has(t.algorithm)){const e=ds.getPreferredCurveHashAlgo(t.algorithm,t.publicParams.oid),r=u(s),i=ds.hash.getHashByteLength(s)>=ds.hash.getHashByteLength(e);if(r&&i)return s;{const t=h();return ds.hash.getHashByteLength(t)>=ds.hash.getHashByteLength(e)?t:e}}return u(s)?s:h()}(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function yc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return L.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function pc(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function gc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function dc(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"pqc":e.sign?e.algorithm=T.publicKey.pqc_mldsa_ed25519:e.algorithm=T.publicKey.pqc_mlkem_x25519;break;case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function fc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:case T.publicKey.pqc_mldsa_ed25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function mc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:case T.publicKey.pqc_mlkem_x25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function wc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function bc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class kc{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Do;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new kc(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new kc(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return lc(n,[e],a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=_){const n=this.mainKey.keyPacket;return pc(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw L.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw L.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await yc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await yc(e,this,"otherCertifications",t),await yc(e,this,"revocationSignatures",t,(function(e){return pc(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=_){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new kc(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await lc(a,[],e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class vc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new Do;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new vc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=_){const n=this.mainKey.keyPacket;return pc(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await cc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(uc(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=_){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await cc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=gc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=_){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await yc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await yc(e,this,"revocationSignatures",t,(function(e){return pc(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=_){const a={key:e,bind:this.keyPacket},s=new vc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await lc(a,[],e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{vc.prototype[e]=function(){return this.keyPacket[e]()}}));const Kc=/*#__PURE__*/L.constructAllowedPackets([Ao]),Ac=new Set([T.packet.publicKey,T.packet.privateKey]),Ec=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class Sc{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Vi){Ec.has(s.tag)&&!a&&(a=Ac.has(s.tag)?Ac:Ec);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new kc(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new vc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){L.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){L.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){L.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new Do;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{bc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await cc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!fc(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await cc([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),bc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&fc(n,a,i))return bc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=_){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{bc(n,i)}catch(e){throw L.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await cc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(mc(r.keyPacket,a,i))return bc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&mc(n,a,i))return bc(n,i),this}catch(e){s=e}throw L.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=_){return pc(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=_){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(uc(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await cc(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&uc(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=_){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=gc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await cc(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=gc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return L.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=_){const i=this.keyPacket;if(6===i.version)return cc(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=_){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await cc(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=_){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await yc(e,i,"revocationSignatures",t,(n=>pc(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await yc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=_){const r={key:this.keyPacket},i=await cc(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new Do;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=_){const i=await X(e),n=(await Do.fromBinary(i.data,Kc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw L.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=_){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=_){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=_){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=_){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{Sc.prototype[e]=vc.prototype[e]}));class Pc extends Sc{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=_){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class Uc extends Pc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new Do,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Go.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=Qo.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Pc(e)}armor(e=_){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=_){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await cc(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);wc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!wc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=_){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=_){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await lc(n,[],this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={..._,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=dc(e,i);const n=await sc(e,{...t,v6Keys:6===this.keyPacket.version});bc(n,t);const a=await hc(n,r,e,t),s=this.toPacketList();return s.push(n,a),new Uc(s)}}const Dc=/*#__PURE__*/L.constructAllowedPackets([Go,Qo,Xo,ec,Jo,Zo,Ao]);function xc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new Uc(e);case T.packet.publicKey:return new Pc(e)}throw Error("No key packet found")}async function Ic(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new Do;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha512,T.hash.sha256,...6===e.version?[T.hash.sha3_512,T.hash.sha3_256]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await lc(t,[],e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=Jo.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await lc(o,[],e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await hc(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await lc(o,[],e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new Uc(n)}async function Cc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await Do.fromBinary(a,Dc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return xc(s.slice(o[0],o[1]))}async function Bc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={..._,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!L.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await Do.fromBinary(a,Dc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new Uc(t)}throw Error("No secret key packet found")}async function Tc({armoredKeys:e,binaryKeys:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await Do.fromBinary(n,Dc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=xc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function _c({armoredKeys:e,binaryKeys:t,config:r}){r={..._,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!L.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!L.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await Do.fromBinary(i,Dc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new Uc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Mc=/*#__PURE__*/L.constructAllowedPackets([wo,Io,No,Ro,Wo,Ho,qo,Po,Ao]),Lc=/*#__PURE__*/L.constructAllowedPackets([qo]),Rc=/*#__PURE__*/L.constructAllowedPackets([Ao]);class Fc{constructor(e){this.packets=e||new Do}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=_){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!L.isUint8Array(t)||!s.cipherAlgorithm&&!L.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){L.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new Fc(s.packets);return s.packets=new Do,l}async decryptSessionKeys(e,t,r,i=new Date,n=_){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await Do.fromBinary(e.write(),Lc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){L.printDebugError(e),e instanceof fs&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new Ho;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:ds.generateSessionKey(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){L.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){L.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+L.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=_){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=_){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!L.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:ds.generateSessionKey(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=_){if(r){if(!L.isUint8Array(r.data)||!L.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Fc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Fc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Fc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=Ro.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new Do,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=_){const h=new Do,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=Ho.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new qo(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new Fc(h)}async sign(e=[],t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=_){const u=new Do,h=this.packets.findPacket(T.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await zc(h,e,t,r,i,n,a,s,o,!1,c),y=l.map(((e,t)=>Po.fromSignaturePacket(e,0===t))).reverse();return u.push(...y),u.push(h),u.push(...l),new Fc(u)}compress(e,t=_){if(e===T.compression.uncompressed)return this;const r=new Io(t);r.algorithm=e,r.packets=this.packets;const i=new Do;return i.push(r),new Fc(i)}async signDetached(e=[],t=[],r=null,i=[],n=[],a=new Date,s=[],o=[],c=_){const u=this.packets.findPacket(T.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new nc(await zc(u,e,t,r,i,n,a,s,o,!0,c))}async verify(e,t=new Date,r=_){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&L.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=I(e),i=C(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),Nc(a,n,e,t,!1,r)):Nc(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=_){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return Nc(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new Fc(e[0].packets):this}async appendSignature(e,t=_){await this.packets.read(L.isUint8Array(e)?e:(await X(e)).data,Rc,t)}write(){return this.packets.write()}armor(e=_){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Ro.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Ao.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function zc(e,t,r=[],i=null,n=[],a=new Date,s=[],o=[],c=[],u=!1,h=_){const l=new Do,y=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,i)=>{const l=s[i];if(!t.isPrivate())throw Error("Need private key for signing");const p=await t.getSigningKey(n[i],a,l,h);return lc(e,r.length?r:[t],p.keyPacket,{signatureType:y},a,o,c,u,h)}))).then((e=>{l.push(...e)})),i){const e=i.packets.filterByTag(T.packet.signature);l.push(...e)}return l}async function Nc(e,t,r,i=new Date,n=!1,a=_){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=_){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof Po?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new Do;return e&&t.push(e),new nc(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function Oc({armoredMessage:e,binaryMessage:t,config:r,...i}){r={..._,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=L.isStream(n);if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await Do.fromBinary(n,Mc,r),c=new Fc(o);return c.fromStream=s,c}async function Hc({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!L.isString(e)&&!L.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!L.isUint8Array(t)&&!L.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=L.isStream(s),u=new wo(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new Do;h.push(u);const l=new Fc(h);return l.fromStream=c,l}const jc=/*#__PURE__*/L.constructAllowedPackets([Ao]);class qc{constructor(e,t){if(this.text=L.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof nc))throw Error("Invalid signature input");this.signature=t||new nc(new Do)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=_){const u=new wo;u.setText(this.text);const h=new nc(await zc(u,e,t,r,i,n,a,s,o,!0,c));return new qc(this.text,h)}verify(e,t=new Date,r=_){const i=this.signature.packets.filterByTag(T.packet.signature),n=new wo;return n.setText(this.text),Nc(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=_){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function Gc({cleartextMessage:e,config:t,...r}){if(t={..._,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!L.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await X(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await Do.fromBinary(n.data,jc,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new nc(a);return new qc(n.text,s)}async function Vc({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!L.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new qc(e)}async function Wc({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){uu(l={..._,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=hu(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=dc(e)).subkeys=e.subkeys.map(((t,r)=>dc(e.subkeys[r],e)));let r=[oc(e,t)];r=r.concat(e.subkeys.map((e=>sc(e,t))));const i=await Promise.all(r),n=await Ic(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>bc(e,l))),{privateKey:pu(e,h,l),publicKey:"symmetric"!==r?pu(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw L.wrapError("Error generating keypair",e)}}async function $c({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){uu(s={..._,...s}),t=hu(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await cc(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await Ic(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=L.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:pu(e,a,s),publicKey:pu(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw L.wrapError("Error reformatting keypair",e)}}async function Qc({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){uu(a={..._,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:pu(s,n,a),publicKey:pu(s.toPublic(),n,a)}:{privateKey:null,publicKey:pu(s,n,a)}}catch(e){throw L.wrapError("Error revoking key",e)}}async function Zc({privateKey:e,passphrase:t,config:r,...i}){uu(r={..._,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=L.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>L.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error decrypting private key",e)}}async function Xc({privateKey:e,passphrase:t,config:r,...i}){uu(r={..._,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=L.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),L.wrapError("Error encrypting private key",e)}}async function Yc({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...d}){if(uu(g={..._,...g}),au(e),ou(a),t=hu(t),r=hu(r),i=hu(i),c=hu(c),u=hu(u),l=hu(l),y=hu(y),p=hu(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,t,s,c,h,l,u,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=_){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const d="armored"===a?e.armor(g):e.write();return await lu(d)}catch(e){throw L.wrapError("Error encrypting message",e)}}async function Jc({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(uu(u={..._,...u}),au(e),n=hu(n),t=hu(t),r=hu(r),i=hu(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),yu(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=f([l.data,x((async()=>(await L.anyPromise(l.signatures.map((e=>e.verified))),"binary"===s?new Uint8Array:"")))])}return l.data=await lu(l.data),l}catch(e){throw L.wrapError("Error decrypting message",e)}}async function eu({message:e,signingKeys:t,recipientKeys:r=[],format:i="armored",detached:n=!1,signingKeyIDs:a=[],date:s=new Date,signingUserIDs:o=[],recipientUserIDs:c=[],signatureNotations:u=[],config:h,...l}){if(uu(h={..._,...h}),su(e),ou(i),t=hu(t),a=hu(a),o=hu(o),r=hu(r),c=hu(c),u=hu(u),l.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==l.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(e instanceof qc&&"binary"===i)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof qc&&n)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let l;if(l=n?await e.signDetached(t,r,void 0,a,s,o,c,u,h):await e.sign(t,r,void 0,a,s,o,c,u,h),"object"===i)return l;return l="armored"===i?l.armor(h):l.write(),n&&(l=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(l,t),U(e).catch((()=>{}))])}))),await lu(l)}catch(e){throw L.wrapError("Error signing message",e)}}async function tu({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(uu(s={..._,...s}),su(e),t=hu(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof qc&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof qc&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&yu(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=f([o.data,x((async()=>(await L.anyPromise(o.signatures.map((e=>e.verified))),"binary"===i?new Uint8Array:"")))])}return o.data=await lu(o.data),o}catch(e){throw L.wrapError("Error verifying signed message",e)}}async function ru({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(uu(i={..._,...i}),e=hu(e),r=hu(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await Fc.generateSessionKey(e,t,r,i)}catch(e){throw L.wrapError("Error generating session key",e)}}async function iu({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(uu(h={..._,...h}),function(e){if(!L.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!L.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),ou(a),i=hu(i),n=hu(n),o=hu(o),u=hu(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return pu(await Fc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw L.wrapError("Error encrypting session key",e)}}async function nu({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(uu(n={..._,...n}),au(e),t=hu(t),r=hu(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw L.wrapError("Error decrypting session keys",e)}}function au(e){if(!(e instanceof Fc))throw Error("Parameter [message] needs to be of type Message")}function su(e){if(!(e instanceof qc||e instanceof Fc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function ou(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const cu=Object.keys(_).length;function uu(e){const t=Object.keys(e);if(t.length!==cu)for(const e of t)if(void 0===_[e])throw Error("Unknown config property: "+e)}function hu(e){return e&&!L.isArray(e)&&(e=[e]),e}async function lu(e){return"array"===L.isStream(e)?U(e):e}function yu(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=C(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function pu(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{No as AEADEncryptedDataPacket,fs as Argon2OutOfMemoryError,ks as Argon2S2K,qc as CleartextMessage,Io as CompressedDataPacket,is as KDFParams,wo as LiteralDataPacket,$o as MarkerPacket,Fc as Message,Po as OnePassSignaturePacket,Do as PacketList,rc as PaddingPacket,Uc as PrivateKey,Pc as PublicKey,Ho as PublicKeyEncryptedSessionKeyPacket,Go as PublicKeyPacket,Qo as PublicSubkeyPacket,Xo as SecretKeyPacket,ec as SecretSubkeyPacket,nc as Signature,Ao as SignaturePacket,vc as Subkey,Ro as SymEncryptedIntegrityProtectedDataPacket,qo as SymEncryptedSessionKeyPacket,Wo as SymmetricallyEncryptedDataPacket,tc as TrustPacket,Vi as UnparseablePacket,Zo as UserAttributePacket,Jo as UserIDPacket,Y as armor,_ as config,Vc as createCleartextMessage,Hc as createMessage,Jc as decrypt,Zc as decryptKey,nu as decryptSessionKeys,Yc as encrypt,Xc as encryptKey,iu as encryptSessionKey,T as enums,Wc as generateKey,ru as generateSessionKey,Gc as readCleartextMessage,Cc as readKey,Tc as readKeys,Oc as readMessage,Bc as readPrivateKey,_c as readPrivateKeys,ac as readSignature,$c as reformatKey,Qc as revokeKey,eu as sign,X as unarmor,tu as verify};
+/*! OpenPGP.js v6.1.0 - 2025-02-05 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{},t=Symbol("doneWritingPromise"),r=Symbol("doneWritingResolve"),i=Symbol("doneWritingReject"),n=Symbol("readingIndex");class a extends Array{constructor(){super(),Object.setPrototypeOf(this,a.prototype),this[t]=new Promise(((e,t)=>{this[r]=e,this[i]=t})),this[t].catch((()=>{}))}}function s(e){return e&&e.getReader&&Array.isArray(e)}function o(e){if(!s(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function c(t){if(s(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function u(e){return Uint8Array.prototype.isPrototypeOf(e)}function h(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!u(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let i=0;return e.forEach((function(e){r.set(e,i),i+=e.length})),r}a.prototype.getReader=function(){return void 0===this[n]&&(this[n]=0),{read:async()=>(await this[t],this[n]===this.length?{value:void 0,done:!0}:{value:this[this[n]++],done:!1})}},a.prototype.readToEnd=async function(e){await this[t];const r=e(this.slice(this[n]));return this.length=0,r},a.prototype.clone=function(){const e=new a;return e[t]=this[t].then((()=>{e.push(...this)})),e},o.prototype.write=async function(e){this.stream.push(e)},o.prototype.close=async function(){this.stream[r]()},o.prototype.abort=async function(e){return this.stream[i](e),e},o.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const l=new WeakSet,y=Symbol("externalBuffer");function p(e){if(this.stream=e,e[y]&&(this[y]=e[y].slice()),s(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(c(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||l.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{l.add(e)}catch(e){}}}function g(e){return c(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function d(e){if(c(e))return e;const t=new a;return(async()=>{const r=C(t);await r.write(e),await r.close()})(),t}function f(e){return e.some((e=>c(e)&&!s(e)))?function(e){e=e.map(g);const t=b((async function(e){await Promise.all(i.map((t=>D(t,e))))}));let r=Promise.resolve();const i=e.map(((i,n)=>v(i,((i,a)=>(r=r.then((()=>m(i,t.writable,{preventClose:n!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>s(e)))?function(e){const t=new a;let r=Promise.resolve();return e.forEach(((i,n)=>(r=r.then((()=>m(i,t,{preventClose:n!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):h(e)}async function m(e,t,{preventClose:r=!1,preventAbort:i=!1,preventCancel:n=!1}={}){if(c(e)&&!s(e)){e=g(e);try{if(e[y]){const r=C(t);for(let t=0;t<e[y].length;t++)await r.ready,await r.write(e[y][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:i,preventCancel:n})}catch(e){}return}const a=I(e=d(e)),o=C(t);try{for(;;){await o.ready;const{done:e,value:t}=await a.read();if(e){r||await o.close();break}await o.write(t)}}catch(e){i||await o.abort(e)}finally{a.releaseLock(),o.releaseLock()}}function w(e,t){const r=new TransformStream(t);return m(e,r.writable),r.readable}function b(e){let t,r,i,n=!1,a=!1;return{readable:new ReadableStream({start(e){i=e},pull(){t?t():n=!0},async cancel(t){a=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(a)throw Error("Stream is cancelled");i.enqueue(e),n?n=!1:(await new Promise(((e,i)=>{t=e,r=i})),t=null,r=null)},close:i.close.bind(i),abort:i.error.bind(i)})}}function k(e,t=()=>{},r=()=>{}){if(s(e)){const i=new a;return(async()=>{const n=C(i);try{const i=await U(e),a=t(i),s=r();let o;o=void 0!==a&&void 0!==s?f([a,s]):void 0!==a?a:s,await n.write(o),await n.close()}catch(e){await n.abort(e)}})(),i}if(c(e))return w(e,{async transform(e,r){try{const i=await t(e);void 0!==i&&r.enqueue(i)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const i=t(e),n=r();return void 0!==i&&void 0!==n?f([i,n]):void 0!==i?i:n}function v(e,t){if(c(e)&&!s(e)){let r;const i=new TransformStream({start(e){r=e}}),n=m(e,i.writable),a=b((async function(e){r.error(e),await n,await new Promise(setTimeout)}));return t(i.readable,a.writable),a.readable}e=d(e);const r=new a;return t(e,r),r}function K(e,t){let r;const i=v(e,((e,n)=>{const a=I(e);a.remainder=()=>(a.releaseLock(),m(e,n),i),r=t(a)}));return r}function A(e){if(s(e))return e.clone();if(c(e)){const t=function(e){if(s(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(c(e)){const t=g(e).tee();return t[0][y]=t[1][y]=e[y],t}return[P(e),P(e)]}(e);return S(e,t[0]),t[1]}return P(e)}function E(e){return s(e)?A(e):c(e)?new ReadableStream({start(t){const r=v(e,(async(e,r)=>{const i=I(e),n=C(r);try{for(;;){await n.ready;const{done:e,value:r}=await i.read();if(e){try{t.close()}catch(e){}return void await n.close()}try{t.enqueue(r)}catch(e){}await n.write(r)}}catch(e){t.error(e),await n.abort(e)}}));S(e,r)}}):P(e)}function S(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,i])=>{"constructor"!==r&&(i.value?i.value=i.value.bind(t):i.get=i.get.bind(t),Object.defineProperty(e,r,i))}))}function P(e,t=0,r=1/0){if(s(e))throw Error("Not implemented");if(c(e)){if(t>=0&&r>=0){let i=0;return w(e,{transform(e,n){i<r?(i+e.length>=t&&n.enqueue(P(e,Math.max(t-i,0),r-i)),i+=e.length):n.terminate()}})}if(t<0&&(r<0||r===1/0)){let i=[];return k(e,(e=>{e.length>=-t?i=[e]:i.push(e)}),(()=>P(f(i),t,r)))}if(0===t&&r<0){let i;return k(e,(e=>{const n=i?f([i,e]):e;if(n.length>=-r)return i=P(n,r),P(n,t,r);i=n}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),x((async()=>P(await U(e),t,r)))}return e[y]&&(e=f(e[y].concat([e]))),u(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function U(e,t=f){return s(e)?e.readToEnd(t):c(e)?I(e).readToEnd(t):e}async function D(e,t){if(c(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function x(e){const t=new a;return(async()=>{const r=C(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function I(e){return new p(e)}function C(e){return new o(e)}p.prototype.read=async function(){if(this[y]&&this[y].length){return{done:!1,value:this[y].shift()}}return this._read()},p.prototype.releaseLock=function(){this[y]&&(this.stream[y]=this[y]),this._releaseLock()},p.prototype.cancel=function(e){return this._cancel(e)},p.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:i}=await this.read();if(i+="",r)return t.length?f(t):void 0;const n=i.indexOf("\n")+1;n&&(e=f(t.concat(i.substr(0,n))),t=[]),n!==i.length&&t.push(i.substr(n))}return this.unshift(...t),e},p.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(P(t,1)),r},p.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:i,value:n}=await this.read();if(i)return t.length?f(t):void 0;if(t.push(n),r+=n.length,r>=e){const r=f(t);return this.unshift(P(r,e)),P(r,0,e)}}},p.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},p.prototype.unshift=function(...e){this[y]||(this[y]=[]),1===e.length&&u(e[0])&&this[y].length&&e[0].length&&this[y][0].byteOffset>=e[0].length?this[y][0]=new Uint8Array(this[y][0].buffer,this[y][0].byteOffset-e[0].length,this[y][0].byteLength+e[0].length):this[y].unshift(...e.filter((e=>e&&e.length)))},p.prototype.readToEnd=async function(e=f){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const B=Symbol("byValue");var T={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,pqc_mlkem_x25519:105,pqc_mldsa_ed25519:107,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[B]||(e[B]=[],Object.entries(e).forEach((([t,r])=>{e[B][r]=t}))),void 0!==e[B][t])return e[B][t];throw Error("Invalid enum value.")}},M={preferredHashAlgorithm:T.hash.sha512,preferredSymmetricAlgorithm:T.symmetric.aes256,preferredCompressionAlgorithm:T.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:T.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:T.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([T.symmetric.aes128,T.symmetric.aes192,T.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.1.0",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd]),rejectMessageHashAlgorithms:new Set([T.hash.md5,T.hash.ripemd,T.hash.sha1]),rejectPublicKeyAlgorithms:new Set([T.publicKey.elgamal,T.publicKey.dsa]),rejectCurves:new Set([T.curve.secp256k1])};const _=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),F={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:()=>{},isArray:function(e){return e instanceof Array},isUint8Array:u,isStream:c,getNobleCurve:async(e,t)=>{if(!M.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await import("./noble_curves.min.mjs");switch(e){case T.publicKey.ecdh:case T.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case T.publicKey.x448:return r.get("x448");case T.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let i=0;i<t;i++)r[i]=e>>8*(t-i-1)&255;return r},readDate:function(e){const t=F.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return F.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return F.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),i=t-e.length;return r.set(e,i),r},uint8ArrayToMPI:function(e){const t=F.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),i=new Uint8Array([(65280&t)>>8,255&t]);return F.concatUint8Array([i,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+F.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return k(e,(e=>{if(!F.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,i=(e=new Uint8Array(e)).length;for(let n=0;n<i;n+=r)t.push(String.fromCharCode.apply(String,e.subarray(n,n+r<i?n+r:i)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return k(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return k(e,r,(()=>r(new Uint8Array,!0)))},concat:f,concatUint8Array:h,equalsUint8Array:function(e,t){if(!F.isUint8Array(e)||!F.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return F.writeNumber(t,2)},printDebug:function(e){_&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){_&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let i=0;i<r;i++)t[i]=e[i]<<1^e[i+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!F.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return k(e,(e=>{let r;t&&(e=F.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const i=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&i.push(r);if(!i.length)return e;const n=new Uint8Array(e.length+i.length);let a=0;for(let t=0;t<i.length;t++){const r=e.subarray(i[t-1]||0,i[t]);n.set(r,a),a+=r.length,n[a-1]=13,n[a]=10,a++}return n.set(e.subarray(i[i.length-1]||0),a),n}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return k(e,(e=>{let r;13===(e=t&&10!==e[0]?F.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let i=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const n=r-(10===e[r]?1:0);t&&e.copyWithin(i,t,n),i+=n-t}return e.subarray(0,i)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return Error(e);try{t.message=e+": "+t.message}catch(e){}return t},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let i;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){i=e}}))),r(i)}))},selectUint8Array:function(e,t,r){const i=Math.max(t.length,r.length),n=new Uint8Array(i);let a=0;for(let i=0;i<n.length;i++)n[i]=t[i]&256-e|r[i]&255+e,a+=e&i<t.length|1-e&i<r.length;return n.subarray(0,a)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===T.symmetric.aes128||e===T.symmetric.aes192||e===T.symmetric.aes256}},R=F.getNodeBuffer();let L,N;function z(e){let t=new Uint8Array;return k(e,(e=>{t=F.concatUint8Array([t,e]);const r=[],i=Math.floor(t.length/45),n=45*i,a=L(t.subarray(0,n));for(let e=0;e<i;e++)r.push(a.substr(60*e,60)),r.push("\n");return t=t.subarray(n),r.join("")}),(()=>t.length?L(t)+"\n":""))}function O(e){let t="";return k(e,(e=>{t+=e;let r=0;const i=[" ","\t","\r","\n"];for(let e=0;e<i.length;e++){const n=i[e];for(let e=t.indexOf(n);-1!==e;e=t.indexOf(n,e+1))r++}let n=t.length;for(;n>0&&(n-r)%4!=0;n--)i.includes(t[n])&&r--;const a=N(t.substr(0,n));return t=t.substr(n),a}),(()=>N(t)))}function q(e){return O(e.replace(/-/g,"+").replace(/_/g,"/"))}function j(e,t){let r=z(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function H(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?T.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?T.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?T.armor.signed:/MESSAGE/.test(t[1])?T.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?T.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?T.armor.privateKey:/SIGNATURE/.test(t[1])?T.armor.signature:void 0}function G(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function V(e){const t=function(e){let t=13501623;return k(e,(e=>{const r=$?Math.floor(e.length/4):0,i=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=i[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let i=4*r;i<e.length;i++)t=t>>8^W[0][255&t^e[i]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return z(t)}R?(L=e=>R.from(e).toString("base64"),N=e=>{const t=R.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(L=e=>btoa(F.uint8ArrayToString(e)),N=e=>F.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function Z(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||F.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||F.printDebugError(Error("Unknown header: "+e[t]))}function Q(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function X(e){return new Promise((async(t,r)=>{try{const i=/^-----[^-]+-----$/m,n=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let a;const s=[];let o,c,u=s,h=[];const l=O(v(e,(async(e,y)=>{const p=I(e);try{for(;;){let e=await p.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=F.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),a)if(o)c||a!==T.armor.signed||(i.test(e)?(h=h.join("\r\n"),c=!0,Z(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(i.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),n.test(e)){if(Z(u),o=!0,c||a!==T.armor.signed){t({text:h,data:l,headers:s,type:a});break}}else u.push(e);else i.test(e)&&(a=H(e))}}catch(e){return void r(e)}const g=C(y);try{for(;;){await g.ready;const{done:e,value:t}=await p.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await p.readToEnd();e.length||(e=""),e=r+e,e=F.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(i);if(1===t.length)throw Error("Misformed armored text");const n=Q(t[0].slice(0,-1));await g.write(n);break}await g.write(r)}await g.ready,await g.close()}catch(e){await g.abort(e)}})))}catch(e){r(e)}})).then((async e=>(s(e.data)&&(e.data=await U(e.data)),e)))}function Y(e,t,r,i,n,a=!1,s=M){let o,c;e===T.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=a&&E(t),h=[];switch(e){case T.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+i+"-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+i+"-----\n");break;case T.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case T.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n");break;case T.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP MESSAGE-----\n");break;case T.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case T.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case T.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(G(n,s)),h.push(z(t)),u&&h.push("=",V(u)),h.push("-----END PGP SIGNATURE-----\n")}return F.concat(h)}const J=BigInt(0),ee=BigInt(1);function te(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function re(e,t){const r=e%t;return r<J?r+t:r}function ie(e,t,r){if(r===J)throw Error("Modulo cannot be zero");if(r===ee)return BigInt(0);if(t<J)throw Error("Unsopported negative exponent");let i=t,n=e;n%=r;let a=BigInt(1);for(;i>J;){const e=i&ee;i>>=ee;a=e?a*n%r:a,n=n*n%r}return a}function ne(e){return e>=J?e:-e}function ae(e,t){const{gcd:r,x:i}=function(e,t){let r=BigInt(0),i=BigInt(1),n=BigInt(1),a=BigInt(0),s=ne(e),o=ne(t);const c=e<J,u=t<J;for(;o!==J;){const e=s/o;let t=r;r=n-e*r,n=t,t=i,i=a-e*i,a=t,t=o,o=s%o,s=t}return{x:c?-n:n,y:u?-a:a,gcd:s}}(e,t);if(r!==ee)throw Error("Inverse does not exist");return re(i+t,t)}function se(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function oe(e,t){return(e>>BigInt(t)&ee)===J?0:1}function ce(e){const t=e<J?BigInt(-1):J;let r=1,i=e;for(;(i>>=ee)!==t;)r++;return r}function ue(e){const t=e<J?BigInt(-1):J,r=BigInt(8);let i=1,n=e;for(;(n>>=r)!==t;)i++;return i}function he(e,t="be",r){let i=e.toString(16);i.length%2==1&&(i="0"+i);const n=i.length/2,a=new Uint8Array(r||n),s=r?r-n:0;let o=0;for(;o<n;)a[o+s]=parseInt(i.slice(2*o,2*o+2),16),o++;return"be"!==t&&a.reverse(),a}const le=F.getNodeCrypto();function ye(e){const t="undefined"!=typeof crypto?crypto:le?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function pe(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return re(te(ye(ue(r)+8)),r)+e}const ge=BigInt(1);function de(e,t,r){const i=BigInt(30),n=ge<<BigInt(e-1),a=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let s=pe(n,n<<ge),o=se(re(s,i));do{s+=BigInt(a[o]),o=(o+a[o])%a.length,ce(s)>e&&(s=re(s,n<<ge),s+=n,o=se(re(s,i)))}while(!fe(s,t,r));return s}function fe(e,t,r){return(!t||function(e,t){let r=e,i=t;for(;i!==J;){const e=i;i=r%i,r=e}return r}(e-ge,t)===ge)&&(!!function(e){const t=BigInt(0);return me.every((r=>re(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return ie(t,e-ge,e)===ge}(e)&&!!function(e,t){const r=ce(e);t||(t=Math.max(1,r/48|0));const i=e-ge;let n=0;for(;!oe(i,n);)n++;const a=e>>BigInt(n);for(;t>0;t--){let t,r=ie(pe(BigInt(2),i),a,e);if(r!==ge&&r!==i){for(t=1;t<n;t++){if(r=re(r*r,e),r===ge)return!1;if(r===i)break}if(t===n)return!1}}return!0}(e,r)))}const me=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const we=F.getWebCrypto(),be=F.getNodeCrypto(),ke=be&&be.getHashes();function ve(e){if(be&&ke.includes(e))return async function(t){const r=be.createHash(e);return k(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function Ke(e,t){const r=async()=>{const{nobleHashes:t}=await import("./noble_hashes.min.mjs"),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(s(e)&&(e=await U(e)),F.isStream(e)){const t=(await r()).create();return k(e,(e=>{t.update(e)}),(()=>t.digest()))}if(we&&t)return new Uint8Array(await we.digest(t,e));return(await r())(e)}}const Ae=ve("md5")||Ke("md5"),Ee=ve("sha1")||Ke("sha1","SHA-1"),Se=ve("sha224")||Ke("sha224"),Pe=ve("sha256")||Ke("sha256","SHA-256"),Ue=ve("sha384")||Ke("sha384","SHA-384"),De=ve("sha512")||Ke("sha512","SHA-512"),xe=ve("ripemd160")||Ke("ripemd160"),Ie=ve("sha3-256")||Ke("sha3_256"),Ce=ve("sha3-512")||Ke("sha3_512");function Be(e,t){switch(e){case T.hash.md5:return Ae(t);case T.hash.sha1:return Ee(t);case T.hash.ripemd:return xe(t);case T.hash.sha256:return Pe(t);case T.hash.sha384:return Ue(t);case T.hash.sha512:return De(t);case T.hash.sha224:return Se(t);case T.hash.sha3_256:return Ie(t);case T.hash.sha3_512:return Ce(t);default:throw Error("Unsupported hash function")}}function Te(e){switch(e){case T.hash.md5:return 16;case T.hash.sha1:case T.hash.ripemd:return 20;case T.hash.sha256:return 32;case T.hash.sha384:return 48;case T.hash.sha512:return 64;case T.hash.sha224:return 28;case T.hash.sha3_256:return 32;case T.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}}const Me=[];function _e(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const i=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const i=ye(e-r);for(let e=0;e<i.length;e++)0!==i[e]&&(t[r++]=i[e])}return t}(t-r-3),n=new Uint8Array(t);return n[1]=2,n.set(i,2),n.set(e,t-r),n}function Fe(e,t){let r=2,i=1;for(let t=r;t<e.length;t++)i&=0!==e[t],r+=i;const n=r-2,a=e.subarray(r+1),s=0===e[0]&2===e[1]&n>=8&!i;if(t)return F.selectUint8Array(s,a,t);if(s)return a;throw Error("Decryption error")}function Re(e,t,r){let i;if(t.length!==Te(e))throw Error("Invalid hash length");const n=new Uint8Array(Me[e].length);for(i=0;i<Me[e].length;i++)n[i]=Me[e][i];const a=n.length+t.length;if(r<a+11)throw Error("Intended encoded message length too short");const s=new Uint8Array(r-a-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(s,2),o.set(n,r-a),o.set(t,r-t.length),o}Me[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Me[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Me[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Me[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Me[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Me[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Me[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];const Le=F.getWebCrypto(),Ne=F.getNodeCrypto(),ze=BigInt(1);async function Oe(e,t,r,i,n,a,s,o,c){if(Te(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!F.isStream(t))if(F.getWebCrypto())try{return await async function(e,t,r,i,n,a,s,o){const c=await Ge(r,i,n,a,s,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await Le.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await Le.sign("RSASSA-PKCS1-v1_5",h,t))}(T.read(T.webHash,e),t,r,i,n,a,s,o)}catch(e){F.printDebugError(e)}else if(F.getNodeCrypto())return async function(e,t,r,i,n,a,s,o){const c=Ne.createSign(T.read(T.hash,e));c.write(t),c.end();const u=await Ge(r,i,n,a,s,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,i,n,a,s,o);return async function(e,t,r,i){t=te(t);const n=te(Re(e,i,ue(t)));return r=te(r),he(ie(n,r,t),"be",ue(t))}(e,r,n,c)}async function qe(e,t,r,i,n,a){if(t&&!F.isStream(t))if(F.getWebCrypto())try{return await async function(e,t,r,i,n){const a=Ve(i,n),s=await Le.importKey("jwk",a,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return Le.verify("RSASSA-PKCS1-v1_5",s,r,t)}(T.read(T.webHash,e),t,r,i,n)}catch(e){F.printDebugError(e)}else if(F.getNodeCrypto())return async function(e,t,r,i,n){const a=Ve(i,n),s={key:a,format:"jwk",type:"pkcs1"},o=Ne.createVerify(T.read(T.hash,e));o.write(t),o.end();try{return o.verify(s,r)}catch(e){return!1}}(e,t,r,i,n);return async function(e,t,r,i,n){if(r=te(r),t=te(t),i=te(i),t>=r)throw Error("Signature size cannot exceed modulus size");const a=he(ie(t,i,r),"be",ue(r)),s=Re(e,n,ue(r));return F.equalsUint8Array(a,s)}(e,r,i,n,a)}async function je(e,t,r){return F.getNodeCrypto()?async function(e,t,r){const i=Ve(t,r),n={key:i,format:"jwk",type:"pkcs1",padding:Ne.constants.RSA_PKCS1_PADDING};return new Uint8Array(Ne.publicEncrypt(n,e))}(e,t,r):async function(e,t,r){if(t=te(t),e=te(_e(e,ue(t))),r=te(r),e>=t)throw Error("Message size cannot exceed modulus size");return he(ie(e,r,t),"be",ue(t))}(e,t,r)}async function He(e,t,r,i,n,a,s,o){if(F.getNodeCrypto()&&!o)try{return await async function(e,t,r,i,n,a,s){const o=await Ge(t,r,i,n,a,s),c={key:o,format:"jwk",type:"pkcs1",padding:Ne.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Ne.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,i,n,a,s)}catch(e){F.printDebugError(e)}return async function(e,t,r,i,n,a,s,o){if(e=te(e),t=te(t),r=te(r),i=te(i),n=te(n),a=te(a),s=te(s),e>=t)throw Error("Data too large.");const c=re(i,a-ze),u=re(i,n-ze),h=pe(BigInt(2),t),l=ie(ae(h,t),r,t);e=re(e*l,t);const y=ie(e,u,n),p=ie(e,c,a),g=re(s*(p-y),a);let d=g*n+y;return d=re(d*h,t),Fe(he(d,"be",ue(t)),o)}(e,t,r,i,n,a,s,o)}async function Ge(e,t,r,i,n,a){const s=te(i),o=te(n),c=te(r);let u=re(c,o-ze),h=re(c,s-ze);return h=he(h),u=he(u),{kty:"RSA",n:j(e),e:j(t),d:j(r),p:j(n),q:j(i),dp:j(u),dq:j(h),qi:j(a),ext:!0}}function Ve(e,t){return{kty:"RSA",n:j(e),e:j(t),ext:!0}}function We(e,t){return{n:q(e.n),e:he(t),d:q(e.d),p:q(e.q),q:q(e.p),u:q(e.qi)}}const $e=BigInt(1);const Ze="object"==typeof e&&"crypto"in e?e.crypto:void 0,Qe={};var Xe=function(e){var t,r=new Float64Array(16);if(e)for(t=0;t<e.length;t++)r[t]=e[t];return r},Ye=function(){throw Error("no PRNG")},Je=new Uint8Array(32);Je[0]=9;var et=Xe(),tt=Xe([1]),rt=Xe([56129,1]),it=Xe([30883,4953,19914,30187,55467,16705,2637,112,59544,30585,16505,36039,65139,11119,27886,20995]),nt=Xe([61785,9906,39828,60374,45398,33411,5274,224,53552,61171,33010,6542,64743,22239,55772,9222]),at=Xe([54554,36645,11616,51542,42930,38181,51040,26924,56412,64982,57905,49316,21502,52590,14035,8553]),st=Xe([26200,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214,26214]),ot=Xe([41136,18958,6951,50414,58488,44335,6150,12099,55207,15867,153,11085,57099,20417,9344,11139]);function ct(e,t,r,i){e[t]=r>>24&255,e[t+1]=r>>16&255,e[t+2]=r>>8&255,e[t+3]=255&r,e[t+4]=i>>24&255,e[t+5]=i>>16&255,e[t+6]=i>>8&255,e[t+7]=255&i}function ut(e,t,r,i){return function(e,t,r,i,n){var a,s=0;for(a=0;a<n;a++)s|=e[t+a]^r[i+a];return(1&s-1>>>8)-1}(e,t,r,i,32)}function ht(e,t){var r;for(r=0;r<16;r++)e[r]=0|t[r]}function lt(e){var t,r,i=1;for(t=0;t<16;t++)r=e[t]+i+65535,i=Math.floor(r/65536),e[t]=r-65536*i;e[0]+=i-1+37*(i-1)}function yt(e,t,r){for(var i,n=~(r-1),a=0;a<16;a++)i=n&(e[a]^t[a]),e[a]^=i,t[a]^=i}function pt(e,t){var r,i,n,a=Xe(),s=Xe();for(r=0;r<16;r++)s[r]=t[r];for(lt(s),lt(s),lt(s),i=0;i<2;i++){for(a[0]=s[0]-65517,r=1;r<15;r++)a[r]=s[r]-65535-(a[r-1]>>16&1),a[r-1]&=65535;a[15]=s[15]-32767-(a[14]>>16&1),n=a[15]>>16&1,a[14]&=65535,yt(s,a,1-n)}for(r=0;r<16;r++)e[2*r]=255&s[r],e[2*r+1]=s[r]>>8}function gt(e,t){var r=new Uint8Array(32),i=new Uint8Array(32);return pt(r,e),pt(i,t),ut(r,0,i,0)}function dt(e){var t=new Uint8Array(32);return pt(t,e),1&t[0]}function ft(e,t){var r;for(r=0;r<16;r++)e[r]=t[2*r]+(t[2*r+1]<<8);e[15]&=32767}function mt(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]+r[i]}function wt(e,t,r){for(var i=0;i<16;i++)e[i]=t[i]-r[i]}function bt(e,t,r){var i,n,a=0,s=0,o=0,c=0,u=0,h=0,l=0,y=0,p=0,g=0,d=0,f=0,m=0,w=0,b=0,k=0,v=0,K=0,A=0,E=0,S=0,P=0,U=0,D=0,x=0,I=0,C=0,B=0,T=0,M=0,_=0,F=r[0],R=r[1],L=r[2],N=r[3],z=r[4],O=r[5],q=r[6],j=r[7],H=r[8],G=r[9],V=r[10],W=r[11],$=r[12],Z=r[13],Q=r[14],X=r[15];a+=(i=t[0])*F,s+=i*R,o+=i*L,c+=i*N,u+=i*z,h+=i*O,l+=i*q,y+=i*j,p+=i*H,g+=i*G,d+=i*V,f+=i*W,m+=i*$,w+=i*Z,b+=i*Q,k+=i*X,s+=(i=t[1])*F,o+=i*R,c+=i*L,u+=i*N,h+=i*z,l+=i*O,y+=i*q,p+=i*j,g+=i*H,d+=i*G,f+=i*V,m+=i*W,w+=i*$,b+=i*Z,k+=i*Q,v+=i*X,o+=(i=t[2])*F,c+=i*R,u+=i*L,h+=i*N,l+=i*z,y+=i*O,p+=i*q,g+=i*j,d+=i*H,f+=i*G,m+=i*V,w+=i*W,b+=i*$,k+=i*Z,v+=i*Q,K+=i*X,c+=(i=t[3])*F,u+=i*R,h+=i*L,l+=i*N,y+=i*z,p+=i*O,g+=i*q,d+=i*j,f+=i*H,m+=i*G,w+=i*V,b+=i*W,k+=i*$,v+=i*Z,K+=i*Q,A+=i*X,u+=(i=t[4])*F,h+=i*R,l+=i*L,y+=i*N,p+=i*z,g+=i*O,d+=i*q,f+=i*j,m+=i*H,w+=i*G,b+=i*V,k+=i*W,v+=i*$,K+=i*Z,A+=i*Q,E+=i*X,h+=(i=t[5])*F,l+=i*R,y+=i*L,p+=i*N,g+=i*z,d+=i*O,f+=i*q,m+=i*j,w+=i*H,b+=i*G,k+=i*V,v+=i*W,K+=i*$,A+=i*Z,E+=i*Q,S+=i*X,l+=(i=t[6])*F,y+=i*R,p+=i*L,g+=i*N,d+=i*z,f+=i*O,m+=i*q,w+=i*j,b+=i*H,k+=i*G,v+=i*V,K+=i*W,A+=i*$,E+=i*Z,S+=i*Q,P+=i*X,y+=(i=t[7])*F,p+=i*R,g+=i*L,d+=i*N,f+=i*z,m+=i*O,w+=i*q,b+=i*j,k+=i*H,v+=i*G,K+=i*V,A+=i*W,E+=i*$,S+=i*Z,P+=i*Q,U+=i*X,p+=(i=t[8])*F,g+=i*R,d+=i*L,f+=i*N,m+=i*z,w+=i*O,b+=i*q,k+=i*j,v+=i*H,K+=i*G,A+=i*V,E+=i*W,S+=i*$,P+=i*Z,U+=i*Q,D+=i*X,g+=(i=t[9])*F,d+=i*R,f+=i*L,m+=i*N,w+=i*z,b+=i*O,k+=i*q,v+=i*j,K+=i*H,A+=i*G,E+=i*V,S+=i*W,P+=i*$,U+=i*Z,D+=i*Q,x+=i*X,d+=(i=t[10])*F,f+=i*R,m+=i*L,w+=i*N,b+=i*z,k+=i*O,v+=i*q,K+=i*j,A+=i*H,E+=i*G,S+=i*V,P+=i*W,U+=i*$,D+=i*Z,x+=i*Q,I+=i*X,f+=(i=t[11])*F,m+=i*R,w+=i*L,b+=i*N,k+=i*z,v+=i*O,K+=i*q,A+=i*j,E+=i*H,S+=i*G,P+=i*V,U+=i*W,D+=i*$,x+=i*Z,I+=i*Q,C+=i*X,m+=(i=t[12])*F,w+=i*R,b+=i*L,k+=i*N,v+=i*z,K+=i*O,A+=i*q,E+=i*j,S+=i*H,P+=i*G,U+=i*V,D+=i*W,x+=i*$,I+=i*Z,C+=i*Q,B+=i*X,w+=(i=t[13])*F,b+=i*R,k+=i*L,v+=i*N,K+=i*z,A+=i*O,E+=i*q,S+=i*j,P+=i*H,U+=i*G,D+=i*V,x+=i*W,I+=i*$,C+=i*Z,B+=i*Q,T+=i*X,b+=(i=t[14])*F,k+=i*R,v+=i*L,K+=i*N,A+=i*z,E+=i*O,S+=i*q,P+=i*j,U+=i*H,D+=i*G,x+=i*V,I+=i*W,C+=i*$,B+=i*Z,T+=i*Q,M+=i*X,k+=(i=t[15])*F,s+=38*(K+=i*L),o+=38*(A+=i*N),c+=38*(E+=i*z),u+=38*(S+=i*O),h+=38*(P+=i*q),l+=38*(U+=i*j),y+=38*(D+=i*H),p+=38*(x+=i*G),g+=38*(I+=i*V),d+=38*(C+=i*W),f+=38*(B+=i*$),m+=38*(T+=i*Z),w+=38*(M+=i*Q),b+=38*(_+=i*X),a=(i=(a+=38*(v+=i*R))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a=(i=(a+=n-1+37*(n-1))+(n=1)+65535)-65536*(n=Math.floor(i/65536)),s=(i=s+n+65535)-65536*(n=Math.floor(i/65536)),o=(i=o+n+65535)-65536*(n=Math.floor(i/65536)),c=(i=c+n+65535)-65536*(n=Math.floor(i/65536)),u=(i=u+n+65535)-65536*(n=Math.floor(i/65536)),h=(i=h+n+65535)-65536*(n=Math.floor(i/65536)),l=(i=l+n+65535)-65536*(n=Math.floor(i/65536)),y=(i=y+n+65535)-65536*(n=Math.floor(i/65536)),p=(i=p+n+65535)-65536*(n=Math.floor(i/65536)),g=(i=g+n+65535)-65536*(n=Math.floor(i/65536)),d=(i=d+n+65535)-65536*(n=Math.floor(i/65536)),f=(i=f+n+65535)-65536*(n=Math.floor(i/65536)),m=(i=m+n+65535)-65536*(n=Math.floor(i/65536)),w=(i=w+n+65535)-65536*(n=Math.floor(i/65536)),b=(i=b+n+65535)-65536*(n=Math.floor(i/65536)),k=(i=k+n+65535)-65536*(n=Math.floor(i/65536)),a+=n-1+37*(n-1),e[0]=a,e[1]=s,e[2]=o,e[3]=c,e[4]=u,e[5]=h,e[6]=l,e[7]=y,e[8]=p,e[9]=g,e[10]=d,e[11]=f,e[12]=m,e[13]=w,e[14]=b,e[15]=k}function kt(e,t){bt(e,t,t)}function vt(e,t){var r,i=Xe();for(r=0;r<16;r++)i[r]=t[r];for(r=253;r>=0;r--)kt(i,i),2!==r&&4!==r&&bt(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}function Kt(e,t,r){var i,n,a=new Uint8Array(32),s=new Float64Array(80),o=Xe(),c=Xe(),u=Xe(),h=Xe(),l=Xe(),y=Xe();for(n=0;n<31;n++)a[n]=t[n];for(a[31]=127&t[31]|64,a[0]&=248,ft(s,r),n=0;n<16;n++)c[n]=s[n],h[n]=o[n]=u[n]=0;for(o[0]=h[0]=1,n=254;n>=0;--n)yt(o,c,i=a[n>>>3]>>>(7&n)&1),yt(u,h,i),mt(l,o,u),wt(o,o,u),mt(u,c,h),wt(c,c,h),kt(h,l),kt(y,o),bt(o,u,o),bt(u,c,l),mt(l,o,u),wt(o,o,u),kt(c,o),wt(u,h,y),bt(o,u,rt),mt(o,o,h),bt(u,u,o),bt(o,h,y),bt(h,c,s),kt(c,l),yt(o,c,i),yt(u,h,i);for(n=0;n<16;n++)s[n+16]=o[n],s[n+32]=u[n],s[n+48]=c[n],s[n+64]=h[n];var p=s.subarray(32),g=s.subarray(16);return vt(p,p),bt(g,g,p),pt(e,g),0}function At(e,t){return Kt(e,t,Je)}var Et=[1116352408,3609767458,1899447441,602891725,3049323471,3964484399,3921009573,2173295548,961987163,4081628472,1508970993,3053834265,2453635748,2937671579,2870763221,3664609560,3624381080,2734883394,310598401,1164996542,607225278,1323610764,1426881987,3590304994,1925078388,4068182383,2162078206,991336113,2614888103,633803317,3248222580,3479774868,3835390401,2666613458,4022224774,944711139,264347078,2341262773,604807628,2007800933,770255983,1495990901,1249150122,1856431235,1555081692,3175218132,1996064986,2198950837,2554220882,3999719339,2821834349,766784016,2952996808,2566594879,3210313671,3203337956,3336571891,1034457026,3584528711,2466948901,113926993,3758326383,338241895,168717936,666307205,1188179964,773529912,1546045734,1294757372,1522805485,1396182291,2643833823,1695183700,2343527390,1986661051,1014477480,2177026350,1206759142,2456956037,344077627,2730485921,1290863460,2820302411,3158454273,3259730800,3505952657,3345764771,106217008,3516065817,3606008344,3600352804,1432725776,4094571909,1467031594,275423344,851169720,430227734,3100823752,506948616,1363258195,659060556,3750685593,883997877,3785050280,958139571,3318307427,1322822218,3812723403,1537002063,2003034995,1747873779,3602036899,1955562222,1575990012,2024104815,1125592928,2227730452,2716904306,2361852424,442776044,2428436474,593698344,2756734187,3733110249,3204031479,2999351573,3329325298,3815920427,3391569614,3928383900,3515267271,566280711,3940187606,3454069534,4118630271,4000239992,116418474,1914138554,174292421,2731055270,289380356,3203993006,460393269,320620315,685471733,587496836,852142971,1086792851,1017036298,365543100,1126000580,2618297676,1288033470,3409855158,1501505948,4234509866,1607167915,987167468,1816402316,1246189591];function St(e,t,r,i){for(var n,a,s,o,c,u,h,l,y,p,g,d,f,m,w,b,k,v,K,A,E,S,P,U,D,x,I=new Int32Array(16),C=new Int32Array(16),B=e[0],T=e[1],M=e[2],_=e[3],F=e[4],R=e[5],L=e[6],N=e[7],z=t[0],O=t[1],q=t[2],j=t[3],H=t[4],G=t[5],V=t[6],W=t[7],$=0;i>=128;){for(K=0;K<16;K++)A=8*K+$,I[K]=r[A+0]<<24|r[A+1]<<16|r[A+2]<<8|r[A+3],C[K]=r[A+4]<<24|r[A+5]<<16|r[A+6]<<8|r[A+7];for(K=0;K<80;K++)if(n=B,a=T,s=M,o=_,c=F,u=R,h=L,N,y=z,p=O,g=q,d=j,f=H,m=G,w=V,W,P=65535&(S=W),U=S>>>16,D=65535&(E=N),x=E>>>16,P+=65535&(S=(H>>>14|F<<18)^(H>>>18|F<<14)^(F>>>9|H<<23)),U+=S>>>16,D+=65535&(E=(F>>>14|H<<18)^(F>>>18|H<<14)^(H>>>9|F<<23)),x+=E>>>16,P+=65535&(S=H&G^~H&V),U+=S>>>16,D+=65535&(E=F&R^~F&L),x+=E>>>16,E=Et[2*K],P+=65535&(S=Et[2*K+1]),U+=S>>>16,D+=65535&E,x+=E>>>16,E=I[K%16],U+=(S=C[K%16])>>>16,D+=65535&E,x+=E>>>16,D+=(U+=(P+=65535&S)>>>16)>>>16,P=65535&(S=v=65535&P|U<<16),U=S>>>16,D=65535&(E=k=65535&D|(x+=D>>>16)<<16),x=E>>>16,P+=65535&(S=(z>>>28|B<<4)^(B>>>2|z<<30)^(B>>>7|z<<25)),U+=S>>>16,D+=65535&(E=(B>>>28|z<<4)^(z>>>2|B<<30)^(z>>>7|B<<25)),x+=E>>>16,U+=(S=z&O^z&q^O&q)>>>16,D+=65535&(E=B&T^B&M^T&M),x+=E>>>16,l=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,b=65535&P|U<<16,P=65535&(S=d),U=S>>>16,D=65535&(E=o),x=E>>>16,U+=(S=v)>>>16,D+=65535&(E=k),x+=E>>>16,T=n,M=a,_=s,F=o=65535&(D+=(U+=(P+=65535&S)>>>16)>>>16)|(x+=D>>>16)<<16,R=c,L=u,N=h,B=l,O=y,q=p,j=g,H=d=65535&P|U<<16,G=f,V=m,W=w,z=b,K%16==15)for(A=0;A<16;A++)E=I[A],P=65535&(S=C[A]),U=S>>>16,D=65535&E,x=E>>>16,E=I[(A+9)%16],P+=65535&(S=C[(A+9)%16]),U+=S>>>16,D+=65535&E,x+=E>>>16,k=I[(A+1)%16],P+=65535&(S=((v=C[(A+1)%16])>>>1|k<<31)^(v>>>8|k<<24)^(v>>>7|k<<25)),U+=S>>>16,D+=65535&(E=(k>>>1|v<<31)^(k>>>8|v<<24)^k>>>7),x+=E>>>16,k=I[(A+14)%16],U+=(S=((v=C[(A+14)%16])>>>19|k<<13)^(k>>>29|v<<3)^(v>>>6|k<<26))>>>16,D+=65535&(E=(k>>>19|v<<13)^(v>>>29|k<<3)^k>>>6),x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,I[A]=65535&D|x<<16,C[A]=65535&P|U<<16;P=65535&(S=z),U=S>>>16,D=65535&(E=B),x=E>>>16,E=e[0],U+=(S=t[0])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[0]=B=65535&D|x<<16,t[0]=z=65535&P|U<<16,P=65535&(S=O),U=S>>>16,D=65535&(E=T),x=E>>>16,E=e[1],U+=(S=t[1])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[1]=T=65535&D|x<<16,t[1]=O=65535&P|U<<16,P=65535&(S=q),U=S>>>16,D=65535&(E=M),x=E>>>16,E=e[2],U+=(S=t[2])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[2]=M=65535&D|x<<16,t[2]=q=65535&P|U<<16,P=65535&(S=j),U=S>>>16,D=65535&(E=_),x=E>>>16,E=e[3],U+=(S=t[3])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[3]=_=65535&D|x<<16,t[3]=j=65535&P|U<<16,P=65535&(S=H),U=S>>>16,D=65535&(E=F),x=E>>>16,E=e[4],U+=(S=t[4])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[4]=F=65535&D|x<<16,t[4]=H=65535&P|U<<16,P=65535&(S=G),U=S>>>16,D=65535&(E=R),x=E>>>16,E=e[5],U+=(S=t[5])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[5]=R=65535&D|x<<16,t[5]=G=65535&P|U<<16,P=65535&(S=V),U=S>>>16,D=65535&(E=L),x=E>>>16,E=e[6],U+=(S=t[6])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[6]=L=65535&D|x<<16,t[6]=V=65535&P|U<<16,P=65535&(S=W),U=S>>>16,D=65535&(E=N),x=E>>>16,E=e[7],U+=(S=t[7])>>>16,D+=65535&E,x+=E>>>16,x+=(D+=(U+=(P+=65535&S)>>>16)>>>16)>>>16,e[7]=N=65535&D|x<<16,t[7]=W=65535&P|U<<16,$+=128,i-=128}return i}function Pt(e,t,r){var i,n=new Int32Array(8),a=new Int32Array(8),s=new Uint8Array(256),o=r;for(n[0]=1779033703,n[1]=3144134277,n[2]=1013904242,n[3]=2773480762,n[4]=1359893119,n[5]=2600822924,n[6]=528734635,n[7]=1541459225,a[0]=4089235720,a[1]=2227873595,a[2]=4271175723,a[3]=1595750129,a[4]=2917565137,a[5]=725511199,a[6]=4215389547,a[7]=327033209,St(n,a,t,r),r%=128,i=0;i<r;i++)s[i]=t[o-r+i];for(s[r]=128,s[(r=256-128*(r<112?1:0))-9]=0,ct(s,r-8,o/536870912|0,o<<3),St(n,a,s,r),i=0;i<8;i++)ct(e,8*i,n[i],a[i]);return 0}function Ut(e,t){var r=Xe(),i=Xe(),n=Xe(),a=Xe(),s=Xe(),o=Xe(),c=Xe(),u=Xe(),h=Xe();wt(r,e[1],e[0]),wt(h,t[1],t[0]),bt(r,r,h),mt(i,e[0],e[1]),mt(h,t[0],t[1]),bt(i,i,h),bt(n,e[3],t[3]),bt(n,n,nt),bt(a,e[2],t[2]),mt(a,a,a),wt(s,i,r),wt(o,a,n),mt(c,a,n),mt(u,i,r),bt(e[0],s,o),bt(e[1],u,c),bt(e[2],c,o),bt(e[3],s,u)}function Dt(e,t,r){var i;for(i=0;i<4;i++)yt(e[i],t[i],r)}function xt(e,t){var r=Xe(),i=Xe(),n=Xe();vt(n,t[2]),bt(r,t[0],n),bt(i,t[1],n),pt(e,i),e[31]^=dt(r)<<7}function It(e,t,r){var i,n;for(ht(e[0],et),ht(e[1],tt),ht(e[2],tt),ht(e[3],et),n=255;n>=0;--n)Dt(e,t,i=r[n/8|0]>>(7&n)&1),Ut(t,e),Ut(e,e),Dt(e,t,i)}function Ct(e,t){var r=[Xe(),Xe(),Xe(),Xe()];ht(r[0],at),ht(r[1],st),ht(r[2],tt),bt(r[3],at,st),It(e,r,t)}function Bt(e,t,r){var i,n=new Uint8Array(64),a=[Xe(),Xe(),Xe(),Xe()];for(r||Ye(t,32),Pt(n,t,32),n[0]&=248,n[31]&=127,n[31]|=64,Ct(a,n),xt(e,a),i=0;i<32;i++)t[i+32]=e[i];return 0}var Tt=new Float64Array([237,211,245,92,26,99,18,88,214,156,247,162,222,249,222,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16]);function Mt(e,t){var r,i,n,a;for(i=63;i>=32;--i){for(r=0,n=i-32,a=i-12;n<a;++n)t[n]+=r-16*t[i]*Tt[n-(i-32)],r=Math.floor((t[n]+128)/256),t[n]-=256*r;t[n]+=r,t[i]=0}for(r=0,n=0;n<32;n++)t[n]+=r-(t[31]>>4)*Tt[n],r=t[n]>>8,t[n]&=255;for(n=0;n<32;n++)t[n]-=r*Tt[n];for(i=0;i<32;i++)t[i+1]+=t[i]>>8,e[i]=255&t[i]}function _t(e){var t,r=new Float64Array(64);for(t=0;t<64;t++)r[t]=e[t];for(t=0;t<64;t++)e[t]=0;Mt(e,r)}function Ft(e,t){var r=Xe(),i=Xe(),n=Xe(),a=Xe(),s=Xe(),o=Xe(),c=Xe();return ht(e[2],tt),ft(e[1],t),kt(n,e[1]),bt(a,n,it),wt(n,n,e[2]),mt(a,e[2],a),kt(s,a),kt(o,s),bt(c,o,s),bt(r,c,n),bt(r,r,a),function(e,t){var r,i=Xe();for(r=0;r<16;r++)i[r]=t[r];for(r=250;r>=0;r--)kt(i,i),1!==r&&bt(i,i,t);for(r=0;r<16;r++)e[r]=i[r]}(r,r),bt(r,r,n),bt(r,r,a),bt(r,r,a),bt(e[0],r,a),kt(i,e[0]),bt(i,i,a),gt(i,n)&&bt(e[0],e[0],ot),kt(i,e[0]),bt(i,i,a),gt(i,n)?-1:(dt(e[0])===t[31]>>7&&wt(e[0],et,e[0]),bt(e[3],e[0],e[1]),0)}var Rt=64;function Lt(){for(var e=0;e<arguments.length;e++)if(!(arguments[e]instanceof Uint8Array))throw new TypeError("unexpected type, use Uint8Array")}Qe.scalarMult=function(e,t){if(Lt(e,t),32!==e.length)throw Error("bad n size");if(32!==t.length)throw Error("bad p size");var r=new Uint8Array(32);return Kt(r,e,t),r},Qe.box={},Qe.box.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(32);return function(e,t){Ye(t,32),At(e,t)}(e,t),{publicKey:e,secretKey:t}},Qe.box.keyPair.fromSecretKey=function(e){if(Lt(e),32!==e.length)throw Error("bad secret key size");var t=new Uint8Array(32);return At(t,e),{publicKey:t,secretKey:new Uint8Array(e)}},Qe.sign=function(e,t){if(Lt(e,t),64!==t.length)throw Error("bad secret key size");var r=new Uint8Array(Rt+e.length);return function(e,t,r,i){var n,a,s=new Uint8Array(64),o=new Uint8Array(64),c=new Uint8Array(64),u=new Float64Array(64),h=[Xe(),Xe(),Xe(),Xe()];Pt(s,i,32),s[0]&=248,s[31]&=127,s[31]|=64;var l=r+64;for(n=0;n<r;n++)e[64+n]=t[n];for(n=0;n<32;n++)e[32+n]=s[32+n];for(Pt(c,e.subarray(32),r+32),_t(c),Ct(h,c),xt(e,h),n=32;n<64;n++)e[n]=i[n];for(Pt(o,e,r+64),_t(o),n=0;n<64;n++)u[n]=0;for(n=0;n<32;n++)u[n]=c[n];for(n=0;n<32;n++)for(a=0;a<32;a++)u[n+a]+=o[n]*s[a];Mt(e.subarray(32),u)}(r,e,e.length,t),r},Qe.sign.detached=function(e,t){for(var r=Qe.sign(e,t),i=new Uint8Array(Rt),n=0;n<i.length;n++)i[n]=r[n];return i},Qe.sign.detached.verify=function(e,t,r){if(Lt(e,t,r),t.length!==Rt)throw Error("bad signature size");if(32!==r.length)throw Error("bad public key size");var i,n=new Uint8Array(Rt+e.length),a=new Uint8Array(Rt+e.length);for(i=0;i<Rt;i++)n[i]=t[i];for(i=0;i<e.length;i++)n[i+Rt]=e[i];return function(e,t,r,i){var n,a=new Uint8Array(32),s=new Uint8Array(64),o=[Xe(),Xe(),Xe(),Xe()],c=[Xe(),Xe(),Xe(),Xe()];if(r<64)return-1;if(Ft(c,i))return-1;for(n=0;n<r;n++)e[n]=t[n];for(n=0;n<32;n++)e[n+32]=i[n];if(Pt(s,e,r),_t(s),It(o,c,s),Ct(c,t.subarray(32)),Ut(o,c),xt(a,o),r-=64,ut(t,0,a,0)){for(n=0;n<r;n++)e[n]=0;return-1}for(n=0;n<r;n++)e[n]=t[n+64];return r}(a,n,n.length,r)>=0},Qe.sign.keyPair=function(){var e=new Uint8Array(32),t=new Uint8Array(64);return Bt(e,t),{publicKey:e,secretKey:t}},Qe.sign.keyPair.fromSecretKey=function(e){if(Lt(e),64!==e.length)throw Error("bad secret key size");for(var t=new Uint8Array(32),r=0;r<t.length;r++)t[r]=e[32+r];return{publicKey:t,secretKey:new Uint8Array(e)}},Qe.sign.keyPair.fromSeed=function(e){if(Lt(e),32!==e.length)throw Error("bad seed size");for(var t=new Uint8Array(32),r=new Uint8Array(64),i=0;i<32;i++)r[i]=e[i];return Bt(t,r,!0),{publicKey:t,secretKey:r}},Qe.setPRNG=function(e){Ye=e},function(){if(Ze&&Ze.getRandomValues){Qe.setPRNG((function(e,t){var r,i=new Uint8Array(t);for(r=0;r<t;r+=65536)Ze.getRandomValues(i.subarray(r,r+Math.min(t-r,65536)));for(r=0;r<t;r++)e[r]=i[r];!function(e){for(var t=0;t<e.length;t++)e[t]=0}(i)}))}}();const Nt={"2a8648ce3d030107":T.curve.nistP256,"2b81040022":T.curve.nistP384,"2b81040023":T.curve.nistP521,"2b8104000a":T.curve.secp256k1,"2b06010401da470f01":T.curve.ed25519Legacy,"2b060104019755010501":T.curve.curve25519Legacy,"2b2403030208010107":T.curve.brainpoolP256r1,"2b240303020801010b":T.curve.brainpoolP384r1,"2b240303020801010d":T.curve.brainpoolP512r1};class zt{constructor(e){if(e instanceof zt)this.oid=e.oid;else if(F.isArray(e)||F.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return F.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return F.uint8ArrayToHex(this.oid)}getName(){const e=Nt[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function Ot(e){let t,r=0;const i=e[0];return i<192?([r]=e,t=1):i<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===i&&(r=F.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function qt(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):F.concatUint8Array([new Uint8Array([255]),F.writeNumber(e,4)])}function jt(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function Ht(e){return new Uint8Array([192|e])}function Gt(e,t){return F.concatUint8Array([Ht(e),qt(t)])}function Vt(e){return[T.packet.literalData,T.packet.compressedData,T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData].includes(e)}async function Wt(e,t){const r=I(e);let i,n;try{const s=await r.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const o=await r.readByte();let c,u,h=-1,l=-1;l=0,64&o&&(l=1),l?h=63&o:(h=(63&o)>>2,u=3&o);const y=Vt(h);let p,g=null;if(y){if("array"===F.isStream(e)){const e=new a;i=C(e),g=e}else{const e=new TransformStream;i=C(e.writable),g=e.readable}n=t({tag:h,packet:g})}else g=[];do{if(l){const e=await r.readByte();if(p=!1,e<192)c=e;else if(e>=192&&e<224)c=(e-192<<8)+await r.readByte()+192;else if(e>223&&e<255){if(c=1<<(31&e),p=!0,!y)throw new TypeError("This packet type does not support partial lengths.")}else c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte()}else switch(u){case 0:c=await r.readByte();break;case 1:c=await r.readByte()<<8|await r.readByte();break;case 2:c=await r.readByte()<<24|await r.readByte()<<16|await r.readByte()<<8|await r.readByte();break;default:c=1/0}if(c>0){let e=0;for(;;){i&&await i.ready;const{done:t,value:n}=await r.read();if(t){if(c===1/0)break;throw Error("Unexpected end of packet")}const a=c===1/0?n:n.subarray(0,c-e);if(i?await i.write(a):g.push(a),e+=n.length,e>=c){r.unshift(n.subarray(c-e+n.length));break}}}}while(p);const d=await r.peekBytes(y?1/0:2);return i?(await i.ready,await i.close()):(g=F.concatUint8Array(g),await t({tag:h,packet:g})),!d||!d.length}catch(e){if(i)return await i.abort(e),!0;throw e}finally{i&&await n,r.releaseLock()}}class $t extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,$t),this.name="UnsupportedError"}}class Zt extends $t{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,$t),this.name="UnknownPacketError"}}class Qt{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}
+/*! noble-ed25519 - MIT License (c) 2019 Paul Miller (paulmillr.com) */const Xt=BigInt(0),Yt=BigInt(1),Jt=BigInt(2),er=BigInt(8),tr=BigInt("7237005577332262213973186563042994240857116359379907606001950938285454250989"),rr=Object.freeze({a:BigInt(-1),d:BigInt("37095705934669439343138083508754565189542113879843219016388785533085940283555"),P:BigInt("57896044618658097711785492504343953926634992332820282019728792003956564819949"),l:tr,n:tr,h:BigInt(8),Gx:BigInt("15112221349535400772501151409588531511454012693041857206046113283949847762202"),Gy:BigInt("46316835694926478169428394003475163141307993866256225615783033603165251855960")}),ir=BigInt("0x10000000000000000000000000000000000000000000000000000000000000000"),nr=BigInt("19681161376707505956807079304988542015446066515923890162744021073123829784752");BigInt("6853475219497561581579357271197624642482790079785650197046958215289687604742");const ar=BigInt("25063068953384623474111414158702152701244531502492656460079210482610430750235"),sr=BigInt("54469307008909316920995813868745141605393597292927456921205312896311721017578"),or=BigInt("1159843021668779879193775521855586647937357759715417654439879720876111806838"),cr=BigInt("40440834346308536858101042469323190826248399146238708352240133220865137265952");class ur{constructor(e,t,r,i){this.x=e,this.y=t,this.z=r,this.t=i}static fromAffine(e){if(!(e instanceof fr))throw new TypeError("ExtendedPoint#fromAffine: expected Point");return e.equals(fr.ZERO)?ur.ZERO:new ur(e.x,e.y,Yt,Dr(e.x*e.y))}static toAffineBatch(e){const t=function(e,t=rr.P){const r=Array(e.length),i=e.reduce(((e,i,n)=>i===Xt?e:(r[n]=e,Dr(e*i,t))),Yt),n=xr(i,t);return e.reduceRight(((e,i,n)=>i===Xt?e:(r[n]=Dr(e*r[n],t),Dr(e*i,t))),n),r}(e.map((e=>e.z)));return e.map(((e,r)=>e.toAffine(t[r])))}static normalizeZ(e){return this.toAffineBatch(e).map(this.fromAffine)}equals(e){lr(e);const{x:t,y:r,z:i}=this,{x:n,y:a,z:s}=e,o=Dr(t*s),c=Dr(n*i),u=Dr(r*s),h=Dr(a*i);return o===c&&u===h}negate(){return new ur(Dr(-this.x),this.y,this.z,Dr(-this.t))}double(){const{x:e,y:t,z:r}=this,{a:i}=rr,n=Dr(e*e),a=Dr(t*t),s=Dr(Jt*Dr(r*r)),o=Dr(i*n),c=e+t,u=Dr(Dr(c*c)-n-a),h=o+a,l=h-s,y=o-a,p=Dr(u*l),g=Dr(h*y),d=Dr(u*y),f=Dr(l*h);return new ur(p,g,f,d)}add(e){lr(e);const{x:t,y:r,z:i,t:n}=this,{x:a,y:s,z:o,t:c}=e,u=Dr((r-t)*(s+a)),h=Dr((r+t)*(s-a)),l=Dr(h-u);if(l===Xt)return this.double();const y=Dr(i*Jt*c),p=Dr(n*Jt*o),g=p+y,d=h+u,f=p-y,m=Dr(g*l),w=Dr(d*f),b=Dr(g*f),k=Dr(l*d);return new ur(m,w,k,b)}subtract(e){return this.add(e.negate())}precomputeWindow(e){const t=1+256/e,r=[];let i=this,n=i;for(let a=0;a<t;a++){n=i,r.push(n);for(let t=1;t<2**(e-1);t++)n=n.add(i),r.push(n);i=n.double()}return r}wNAF(e,t){!t&&this.equals(ur.BASE)&&(t=fr.BASE);const r=t&&t._WINDOW_SIZE||1;if(256%r)throw Error("Point#wNAF: Invalid precomputation window, must be power of 2");let i=t&&dr.get(t);i||(i=this.precomputeWindow(r),t&&1!==r&&(i=ur.normalizeZ(i),dr.set(t,i)));let n=ur.ZERO,a=ur.BASE;const s=1+256/r,o=2**(r-1),c=BigInt(2**r-1),u=2**r,h=BigInt(r);for(let t=0;t<s;t++){const r=t*o;let s=Number(e&c);e>>=h,s>o&&(s-=u,e+=Yt);const l=r,y=r+Math.abs(s)-1,p=t%2!=0,g=s<0;0===s?a=a.add(hr(p,i[l])):n=n.add(hr(g,i[y]))}return ur.normalizeZ([n,a])[0]}multiply(e,t){return this.wNAF(_r(e,rr.l),t)}multiplyUnsafe(e){let t=_r(e,rr.l,!1);const r=ur.BASE,i=ur.ZERO;if(t===Xt)return i;if(this.equals(i)||t===Yt)return this;if(this.equals(r))return this.wNAF(t);let n=i,a=this;for(;t>Xt;)t&Yt&&(n=n.add(a)),a=a.double(),t>>=Yt;return n}isSmallOrder(){return this.multiplyUnsafe(rr.h).equals(ur.ZERO)}isTorsionFree(){let e=this.multiplyUnsafe(rr.l/Jt).double();return rr.l%Jt&&(e=e.add(this)),e.equals(ur.ZERO)}toAffine(e){const{x:t,y:r,z:i}=this,n=this.equals(ur.ZERO);null==e&&(e=n?er:xr(i));const a=Dr(t*e),s=Dr(r*e),o=Dr(i*e);if(n)return fr.ZERO;if(o!==Yt)throw Error("invZ was invalid");return new fr(a,s)}fromRistrettoBytes(){pr()}toRistrettoBytes(){pr()}fromRistrettoHash(){pr()}}function hr(e,t){const r=t.negate();return e?r:t}function lr(e){if(!(e instanceof ur))throw new TypeError("ExtendedPoint expected")}function yr(e){if(!(e instanceof gr))throw new TypeError("RistrettoPoint expected")}function pr(){throw Error("Legacy method: switch to RistrettoPoint")}ur.BASE=new ur(rr.Gx,rr.Gy,Yt,Dr(rr.Gx*rr.Gy)),ur.ZERO=new ur(Xt,Yt,Yt,Xt);class gr{constructor(e){this.ep=e}static calcElligatorRistrettoMap(e){const{d:t}=rr,r=Dr(nr*e*e),i=Dr((r+Yt)*or);let n=BigInt(-1);const a=Dr((n-t*r)*Dr(r+t));let{isValid:s,value:o}=Cr(i,a),c=Dr(o*e);Er(c)||(c=Dr(-c)),s||(o=c),s||(n=r);const u=Dr(n*(r-Yt)*cr-a),h=o*o,l=Dr((o+o)*a),y=Dr(u*ar),p=Dr(Yt-h),g=Dr(Yt+h);return new ur(Dr(l*g),Dr(p*y),Dr(y*g),Dr(l*p))}static hashToCurve(e){const t=Ur((e=Mr(e,64)).slice(0,32)),r=this.calcElligatorRistrettoMap(t),i=Ur(e.slice(32,64)),n=this.calcElligatorRistrettoMap(i);return new gr(r.add(n))}static fromHex(e){e=Mr(e,32);const{a:t,d:r}=rr,i="RistrettoPoint.fromHex: the hex is not valid encoding of RistrettoPoint",n=Ur(e);if(!function(e,t){if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0}(Ar(n),e)||Er(n))throw Error(i);const a=Dr(n*n),s=Dr(Yt+t*a),o=Dr(Yt-t*a),c=Dr(s*s),u=Dr(o*o),h=Dr(t*r*c-u),{isValid:l,value:y}=Br(Dr(h*u)),p=Dr(y*o),g=Dr(y*p*h);let d=Dr((n+n)*p);Er(d)&&(d=Dr(-d));const f=Dr(s*g),m=Dr(d*f);if(!l||Er(m)||f===Xt)throw Error(i);return new gr(new ur(d,f,Yt,m))}toRawBytes(){let{x:e,y:t,z:r,t:i}=this.ep;const n=Dr(Dr(r+t)*Dr(r-t)),a=Dr(e*t),s=Dr(a*a),{value:o}=Br(Dr(n*s)),c=Dr(o*n),u=Dr(o*a),h=Dr(c*u*i);let l;if(Er(i*h)){let r=Dr(t*nr),i=Dr(e*nr);e=r,t=i,l=Dr(c*sr)}else l=u;Er(e*h)&&(t=Dr(-t));let y=Dr((r-t)*l);return Er(y)&&(y=Dr(-y)),Ar(y)}toHex(){return kr(this.toRawBytes())}toString(){return this.toHex()}equals(e){yr(e);const t=this.ep,r=e.ep,i=Dr(t.x*r.y)===Dr(t.y*r.x),n=Dr(t.y*r.y)===Dr(t.x*r.x);return i||n}add(e){return yr(e),new gr(this.ep.add(e.ep))}subtract(e){return yr(e),new gr(this.ep.subtract(e.ep))}multiply(e){return new gr(this.ep.multiply(e))}multiplyUnsafe(e){return new gr(this.ep.multiplyUnsafe(e))}}gr.BASE=new gr(ur.BASE),gr.ZERO=new gr(ur.ZERO);const dr=new WeakMap;class fr{constructor(e,t){this.x=e,this.y=t}_setWindowSize(e){this._WINDOW_SIZE=e,dr.delete(this)}static fromHex(e,t=!0){const{d:r,P:i}=rr,n=(e=Mr(e,32)).slice();n[31]=-129&e[31];const a=Sr(n);if(t&&a>=i)throw Error("Expected 0 < hex < P");if(!t&&a>=ir)throw Error("Expected 0 < hex < 2**256");const s=Dr(a*a),o=Dr(s-Yt),c=Dr(r*s+Yt);let{isValid:u,value:h}=Cr(o,c);if(!u)throw Error("Point.fromHex: invalid y coordinate");const l=(h&Yt)===Yt;return!!(128&e[31])!==l&&(h=Dr(-h)),new fr(h,a)}static async fromPrivateKey(e){return(await Rr(e)).point}toRawBytes(){const e=Ar(this.y);return e[31]|=this.x&Yt?128:0,e}toHex(){return kr(this.toRawBytes())}toX25519(){const{y:e}=this;return Ar(Dr((Yt+e)*xr(Yt-e)))}isTorsionFree(){return ur.fromAffine(this).isTorsionFree()}equals(e){return this.x===e.x&&this.y===e.y}negate(){return new fr(Dr(-this.x),this.y)}add(e){return ur.fromAffine(this).add(ur.fromAffine(e)).toAffine()}subtract(e){return this.add(e.negate())}multiply(e){return ur.fromAffine(this).multiply(e,this).toAffine()}}fr.BASE=new fr(rr.Gx,rr.Gy),fr.ZERO=new fr(Xt,Yt);let mr=class e{constructor(e,t){this.r=e,this.s=t,this.assertValidity()}static fromHex(t){const r=Mr(t,64),i=fr.fromHex(r.slice(0,32),!1),n=Sr(r.slice(32,64));return new e(i,n)}assertValidity(){const{r:e,s:t}=this;if(!(e instanceof fr))throw Error("Expected Point instance");return _r(t,rr.l,!1),this}toRawBytes(){const e=new Uint8Array(64);return e.set(this.r.toRawBytes()),e.set(Ar(this.s),32),e}toHex(){return kr(this.toRawBytes())}};function wr(...e){if(!e.every((e=>e instanceof Uint8Array)))throw Error("Expected Uint8Array list");if(1===e.length)return e[0];const t=e.reduce(((e,t)=>e+t.length),0),r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}const br=Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function kr(e){if(!(e instanceof Uint8Array))throw Error("Uint8Array expected");let t="";for(let r=0;r<e.length;r++)t+=br[e[r]];return t}function vr(e){if("string"!=typeof e)throw new TypeError("hexToBytes: expected string, got "+typeof e);if(e.length%2)throw Error("hexToBytes: received invalid unpadded hex");const t=new Uint8Array(e.length/2);for(let r=0;r<t.length;r++){const i=2*r,n=e.slice(i,i+2),a=Number.parseInt(n,16);if(Number.isNaN(a)||a<0)throw Error("Invalid byte sequence");t[r]=a}return t}function Kr(e){return vr(e.toString(16).padStart(64,"0"))}function Ar(e){return Kr(e).reverse()}function Er(e){return(Dr(e)&Yt)===Yt}function Sr(e){if(!(e instanceof Uint8Array))throw Error("Expected Uint8Array");return BigInt("0x"+kr(Uint8Array.from(e).reverse()))}const Pr=BigInt("0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");function Ur(e){return Dr(Sr(e)&Pr)}function Dr(e,t=rr.P){const r=e%t;return r>=Xt?r:t+r}function xr(e,t=rr.P){if(e===Xt||t<=Xt)throw Error(`invert: expected positive integers, got n=${e} mod=${t}`);let r=Dr(e,t),i=t,n=Xt,a=Yt;for(;r!==Xt;){const e=i%r,t=n-a*(i/r);i=r,r=e,n=a,a=t}if(i!==Yt)throw Error("invert: does not exist");return Dr(n,t)}function Ir(e,t){const{P:r}=rr;let i=e;for(;t-- >Xt;)i*=i,i%=r;return i}function Cr(e,t){const r=Dr(t*t*t),i=function(e){const{P:t}=rr,r=BigInt(5),i=BigInt(10),n=BigInt(20),a=BigInt(40),s=BigInt(80),o=e*e%t*e%t,c=Ir(o,Jt)*o%t,u=Ir(c,Yt)*e%t,h=Ir(u,r)*u%t,l=Ir(h,i)*h%t,y=Ir(l,n)*l%t,p=Ir(y,a)*y%t,g=Ir(p,s)*p%t,d=Ir(g,s)*p%t,f=Ir(d,i)*h%t;return{pow_p_5_8:Ir(f,Jt)*e%t,b2:o}}(e*Dr(r*r*t)).pow_p_5_8;let n=Dr(e*r*i);const a=Dr(t*n*n),s=n,o=Dr(n*nr),c=a===e,u=a===Dr(-e),h=a===Dr(-e*nr);return c&&(n=s),(u||h)&&(n=o),Er(n)&&(n=Dr(-n)),{isValid:c||u,value:n}}function Br(e){return Cr(Yt,e)}function Tr(e){return Dr(Sr(e),rr.l)}function Mr(e,t){const r=e instanceof Uint8Array?Uint8Array.from(e):vr(e);if("number"==typeof t&&r.length!==t)throw Error(`Expected ${t} bytes`);return r}function _r(e,t,r=!0){if(!t)throw new TypeError("Specify max value");if("number"==typeof e&&Number.isSafeInteger(e)&&(e=BigInt(e)),"bigint"==typeof e&&e<t)if(r){if(Xt<e)return e}else if(Xt<=e)return e;throw new TypeError("Expected valid scalar: 0 < scalar < max")}let Fr;async function Rr(e){return function(e){const t=function(e){return e[0]&=248,e[31]&=127,e[31]|=64,e}(e.slice(0,32)),r=e.slice(32,64),i=Tr(t),n=fr.BASE.multiply(i),a=n.toRawBytes();return{head:t,prefix:r,scalar:i,point:n,pointBytes:a}}(await zr.sha512(function(e){if(32!==(e="bigint"==typeof e||"number"==typeof e?Kr(_r(e,ir)):Mr(e)).length)throw Error("Expected 32 bytes");return e}(e)))}async function Lr(e,t,r){const{r:i,SB:n,msg:a,pub:s}=function(e,t,r){t=Mr(t),r instanceof fr||(r=fr.fromHex(r,!1));const{r:i,s:n}=e instanceof mr?e.assertValidity():mr.fromHex(e);return{r:i,s:n,SB:ur.BASE.multiplyUnsafe(n),pub:r,msg:t}}(e,t,r),o=await zr.sha512(i.toRawBytes(),s.toRawBytes(),a);return function(e,t,r,i){const n=Tr(i),a=ur.fromAffine(e).multiplyUnsafe(n);return ur.fromAffine(t).add(a).subtract(r).multiplyUnsafe(rr.h).equals(ur.ZERO)}(s,i,n,o)}fr.BASE._setWindowSize(8);const Nr={node:null,web:"object"==typeof self&&"crypto"in self?self.crypto:void 0},zr={bytesToHex:kr,hexToBytes:vr,concatBytes:wr,getExtendedPublicKey:Rr,mod:Dr,invert:xr,TORSION_SUBGROUP:["0100000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac037a","0000000000000000000000000000000000000000000000000000000000000080","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05","ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f","26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc85","0000000000000000000000000000000000000000000000000000000000000000","c7176a703d4dd84fba3c0b760d10670f2a2053fa2c39ccc64ec7fd7792ac03fa"],hashToPrivateScalar:e=>{if((e=Mr(e)).length<40||e.length>1024)throw Error("Expected 40-1024 bytes of private key as per FIPS 186");return Dr(Sr(e),rr.l-Yt)+Yt},randomBytes:(e=32)=>{if(Nr.web)return Nr.web.getRandomValues(new Uint8Array(e));throw Error("The environment doesn't have randomBytes function")},randomPrivateKey:()=>zr.randomBytes(32),sha512:async(...e)=>{const t=wr(...e);if(Nr.web){const e=await Nr.web.subtle.digest("SHA-512",t.buffer);return new Uint8Array(e)}throw Error("The environment doesn't have sha512 function")},precompute(e=8,t=fr.BASE){const r=t.equals(fr.BASE)?t:new fr(t.x,t.y);return r._setWindowSize(e),r.multiply(Jt),r},sha512Sync:void 0};async function Or(e){switch(e){case T.publicKey.ed25519:try{const e=F.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]),r=await e.exportKey("jwk",t.privateKey),i=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(q(i.x)),seed:q(r.d)}}catch(t){if("NotSupportedError"!==t.name&&"OperationError"!==t.name&&"SyntaxError"!==t.name)throw t;const r=ye(Gr(e)),{publicKey:i}=Qe.sign.keyPair.fromSeed(r);return{A:i,seed:r}}case T.publicKey.ed448:{const e=await F.getNobleCurve(T.publicKey.ed448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function qr(e,t,r,i,n,a){if(Te(t)<Te(Vr(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=F.getWebCrypto(),r=$r(e,i,n),s=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",s,a))}}catch(e){if("NotSupportedError"!==e.name&&"SyntaxError"!==e.name)throw e;const t=F.concatUint8Array([n,i]);return{RS:Qe.sign.detached(a,t)}}case T.publicKey.ed448:return{RS:(await F.getNobleCurve(T.publicKey.ed448)).sign(a,n)};default:throw Error("Unsupported EdDSA algorithm")}}async function jr(e,t,{RS:r},i,n,a){if(Te(t)<Te(Vr(e)))throw Error("Hash algorithm too weak for EdDSA.");switch(e){case T.publicKey.ed25519:try{const t=F.getWebCrypto(),i=Wr(e,n),s=await t.importKey("jwk",i,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",s,r,a)}catch(e){if("NotSupportedError"!==e.name&&"SyntaxError"!==e.name)throw e;return Lr(r,a,n)}case T.publicKey.ed448:return(await F.getNobleCurve(T.publicKey.ed448)).verify(r,a,n);default:throw Error("Unsupported EdDSA algorithm")}}async function Hr(e,t,r){switch(e){case T.publicKey.ed25519:{const{publicKey:e}=Qe.sign.keyPair.fromSeed(r);return F.equalsUint8Array(t,e)}case T.publicKey.ed448:{const e=(await F.getNobleCurve(T.publicKey.ed448)).getPublicKey(r);return F.equalsUint8Array(t,e)}default:return!1}}function Gr(e){switch(e){case T.publicKey.ed25519:return 32;case T.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function Vr(e){switch(e){case T.publicKey.ed25519:return T.hash.sha256;case T.publicKey.ed448:return T.hash.sha512;default:throw Error("Unknown EdDSA algo")}}Object.defineProperties(zr,{sha512Sync:{configurable:!1,get:()=>Fr,set(e){Fr||(Fr=e)}}});const Wr=(e,t)=>{if(e===T.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:j(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},$r=(e,t,r)=>{if(e===T.publicKey.ed25519){const i=Wr(e,t);return i.d=j(r),i}throw Error("Unsupported EdDSA algorithm")};var Zr=/*#__PURE__*/Object.freeze({__proto__:null,generate:Or,getPayloadSize:Gr,getPreferredHashAlgo:Vr,sign:qr,validateParams:Hr,verify:jr});function Qr(e){return e instanceof Uint8Array||null!=e&&"object"==typeof e&&"Uint8Array"===e.constructor.name}function Xr(e,...t){if(!Qr(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error(`Uint8Array expected of length ${t}, not of length=${e.length}`)}function Yr(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Jr(e,t){Xr(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}
+/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */const ei=e=>new Uint8Array(e.buffer,e.byteOffset,e.byteLength),ti=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),ri=e=>new DataView(e.buffer,e.byteOffset,e.byteLength);if(!(68===new Uint8Array(new Uint32Array([287454020]).buffer)[0]))throw Error("Non little-endian hardware is not supported");function ii(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!Qr(e))throw Error("Uint8Array expected, got "+typeof e);e=ci(e)}return e}function ni(e,t){if(e.length!==t.length)return!1;let r=0;for(let i=0;i<e.length;i++)r|=e[i]^t[i];return 0===r}const ai=(e,t)=>(Object.assign(t,e),t);function si(e,t,r,i){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,i);const n=BigInt(32),a=BigInt(4294967295),s=Number(r>>n&a),o=Number(r&a);e.setUint32(t+0,s,i),e.setUint32(t+4,o,i)}function oi(e){return e.byteOffset%4==0}function ci(e){return Uint8Array.from(e)}function ui(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}const hi=16,li=/* @__PURE__ */new Uint8Array(16),yi=ti(li),pi=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class gi{constructor(e,t){this.blockLen=hi,this.outputLen=hi,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,Xr(e=ii(e),16);const r=ri(e);let i=r.getUint32(0,!1),n=r.getUint32(4,!1),a=r.getUint32(8,!1),s=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:pi(i),s1:pi(n),s2:pi(a),s3:pi(s)}),({s0:i,s1:n,s2:a,s3:s}={s3:(h=a)<<31|(l=s)>>>1,s2:(u=n)<<31|h>>>1,s1:(c=i)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const y=(e=>e>65536?8:e>1024?4:2)(t||1024);if(![1,2,4,8].includes(y))throw Error(`ghash: wrong window size=${y}, should be 2, 4 or 8`);this.W=y;const p=128/y,g=this.windowSize=2**y,d=[];for(let e=0;e<p;e++)for(let t=0;t<g;t++){let r=0,i=0,n=0,a=0;for(let s=0;s<y;s++){if(!(t>>>y-s-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[y*e+s];r^=c,i^=u,n^=h,a^=l}d.push({s0:r,s1:i,s2:n,s3:a})}this.t=d}_updateBlock(e,t,r,i){e^=this.s0,t^=this.s1,r^=this.s2,i^=this.s3;const{W:n,t:a,windowSize:s}=this;let o=0,c=0,u=0,h=0;const l=(1<<n)-1;let y=0;for(const p of[e,t,r,i])for(let e=0;e<4;e++){const t=p>>>8*e&255;for(let e=8/n-1;e>=0;e--){const r=t>>>n*e&l,{s0:i,s1:p,s2:g,s3:d}=a[y*s+r];o^=i,c^=p,u^=g,h^=d,y+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){e=ii(e),Yr(this);const t=ti(e),r=Math.floor(e.length/hi),i=e.length%hi;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return i&&(li.set(e.subarray(r*hi)),this._updateBlock(yi[0],yi[1],yi[2],yi[3]),ui(yi)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Yr(this),Jr(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=ti(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e}digest(){const e=new Uint8Array(hi);return this.digestInto(e),this.destroy(),e}}class di extends gi{constructor(e,t){const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const i=e[t];e[t]=i>>>1|r,r=(1&i)<<7}return e[0]^=225&-t,e}(ci(e=ii(e)));super(r,t),ui(r)}update(e){e=ii(e),Yr(this);const t=ti(e),r=e.length%hi,i=Math.floor(e.length/hi);for(let e=0;e<i;e++)this._updateBlock(pi(t[4*e+3]),pi(t[4*e+2]),pi(t[4*e+1]),pi(t[4*e+0]));return r&&(li.set(e.subarray(i*hi)),this._updateBlock(pi(yi[3]),pi(yi[2]),pi(yi[1]),pi(yi[0])),ui(yi)),this}digestInto(e){Yr(this),Jr(e,this),this.finished=!0;const{s0:t,s1:r,s2:i,s3:n}=this,a=ti(e);return a[0]=t,a[1]=r,a[2]=i,a[3]=n,e.reverse()}}function fi(e){const t=(t,r)=>e(r,t.length).update(ii(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const mi=fi(((e,t)=>new gi(e,t)));fi(((e,t)=>new di(e,t)));const wi=16,bi=new Uint8Array(wi),ki=283;function vi(e){return e<<1^ki&-(e>>7)}function Ki(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=vi(e);return r}const Ai=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=vi(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let i=e[255-r];i|=i<<8,t[e[r]]=255&(i^i>>4^i>>5^i>>6^i>>7^99)}return ui(e),t})(),Ei=/* @__PURE__ */Ai.map(((e,t)=>Ai.indexOf(t))),Si=e=>e<<24|e>>>8,Pi=e=>e<<8|e>>>24,Ui=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function Di(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,i)=>t(e[i]))),i=r.map(Pi),n=i.map(Pi),a=n.map(Pi),s=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;s[h]=r[t]^i[u],o[h]=n[t]^a[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:i,T2:n,T3:a,T01:s,T23:o}}const xi=/* @__PURE__ */Di(Ai,(e=>Ki(e,3)<<24|e<<16|e<<8|Ki(e,2))),Ii=/* @__PURE__ */Di(Ei,(e=>Ki(e,11)<<24|Ki(e,13)<<16|Ki(e,9)<<8|Ki(e,14))),Ci=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=vi(r))e[t]=r;return e})();function Bi(e){Xr(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: wrong key size: should be 16, 24 or 32, got: "+t);const{sbox2:r}=xi,i=[];oi(e)||i.push(e=ci(e));const n=ti(e),a=n.length,s=e=>_i(r,e,e,e,e),o=new Uint32Array(t+28);o.set(n);for(let e=a;e<o.length;e++){let t=o[e-1];e%a==0?t=s(Si(t))^Ci[e/a-1]:a>6&&e%a==4&&(t=s(t)),o[e]=o[e-a]^t}return ui(...i),o}function Ti(e){const t=Bi(e),r=t.slice(),i=t.length,{sbox2:n}=xi,{T0:a,T1:s,T2:o,T3:c}=Ii;for(let e=0;e<i;e+=4)for(let n=0;n<4;n++)r[e+n]=t[i-e-4+n];ui(t);for(let e=4;e<i-4;e++){const t=r[e],i=_i(n,t,t,t,t);r[e]=a[255&i]^s[i>>>8&255]^o[i>>>16&255]^c[i>>>24]}return r}function Mi(e,t,r,i,n,a){return e[r<<8&65280|i>>>8&255]^t[n>>>8&65280|a>>>24&255]}function _i(e,t,r,i,n){return e[255&t|65280&r]|e[i>>>16&255|n>>>16&65280]<<16}function Fi(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=xi;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^Mi(s,o,t,r,i,n),u=e[c++]^Mi(s,o,r,i,n,t),h=e[c++]^Mi(s,o,i,n,t,r),l=e[c++]^Mi(s,o,n,t,r,i);t=a,r=u,i=h,n=l}return{s0:e[c++]^_i(a,t,r,i,n),s1:e[c++]^_i(a,r,i,n,t),s2:e[c++]^_i(a,i,n,t,r),s3:e[c++]^_i(a,n,t,r,i)}}function Ri(e,t,r,i,n){const{sbox2:a,T01:s,T23:o}=Ii;let c=0;t^=e[c++],r^=e[c++],i^=e[c++],n^=e[c++];const u=e.length/4-2;for(let a=0;a<u;a++){const a=e[c++]^Mi(s,o,t,n,i,r),u=e[c++]^Mi(s,o,r,t,n,i),h=e[c++]^Mi(s,o,i,r,t,n),l=e[c++]^Mi(s,o,n,i,r,t);t=a,r=u,i=h,n=l}return{s0:e[c++]^_i(a,t,n,i,r),s1:e[c++]^_i(a,r,t,n,i),s2:e[c++]^_i(a,i,r,t,n),s3:e[c++]^_i(a,n,i,r,t)}}function Li(e,t){if(void 0===t)return new Uint8Array(e);if(Xr(t),t.length<e)throw Error(`aes: wrong destination length, expected at least ${e}, got: ${t.length}`);if(!oi(t))throw Error("unaligned dst");return t}function Ni(e,t,r,i){Xr(t,wi),Xr(r);const n=r.length;i=Li(n,i);const a=t,s=ti(a);let{s0:o,s1:c,s2:u,s3:h}=Fi(e,s[0],s[1],s[2],s[3]);const l=ti(r),y=ti(i);for(let t=0;t+4<=l.length;t+=4){y[t+0]=l[t+0]^o,y[t+1]=l[t+1]^c,y[t+2]=l[t+2]^u,y[t+3]=l[t+3]^h;let r=1;for(let e=a.length-1;e>=0;e--)r=r+(255&a[e])|0,a[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=Fi(e,s[0],s[1],s[2],s[3]))}const p=wi*Math.floor(l.length/4);if(p<n){const e=new Uint32Array([o,c,u,h]),t=ei(e);for(let e=p,a=0;e<n;e++,a++)i[e]=r[e]^t[a];ui(e)}return i}function zi(e,t,r,i,n){Xr(r,wi),Xr(i),n=Li(i.length,n);const a=r,s=ti(a),o=ri(a),c=ti(i),u=ti(n),h=t?0:12,l=i.length;let y=o.getUint32(h,t),{s0:p,s1:g,s2:d,s3:f}=Fi(e,s[0],s[1],s[2],s[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^p,u[r+1]=c[r+1]^g,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^f,y=y+1>>>0,o.setUint32(h,y,t),({s0:p,s1:g,s2:d,s3:f}=Fi(e,s[0],s[1],s[2],s[3]));const m=wi*Math.floor(c.length/4);if(m<l){const e=new Uint32Array([p,g,d,f]),t=ei(e);for(let e=m,r=0;e<l;e++,r++)n[e]=i[e]^t[r];ui(e)}return n}const Oi=ai({blockSize:16,nonceLength:16},(function(e,t){function r(r,i){if(Xr(r),void 0!==i&&(Xr(i),!oi(i)))throw Error("unaligned destination");const n=Bi(e),a=ci(t),s=[n,a];oi(r)||s.push(r=ci(r));const o=Ni(n,a,r,i);return ui(...s),o}return Xr(e),Xr(t,wi),{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const qi=ai({blockSize:16,nonceLength:16},(function(e,t,r={}){Xr(e),Xr(t,16);const i=!r.disablePadding;return{encrypt(r,n){const a=Bi(e),{b:s,o,out:c}=function(e,t,r){Xr(e);let i=e.length;const n=i%wi;if(!t&&0!==n)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");oi(e)||(e=ci(e));const a=ti(e);if(t){let e=wi-n;e||(e=wi),i+=e}const s=Li(i,r);return{b:a,o:ti(s),out:s}}(r,i,n);let u=t;const h=[a];oi(u)||h.push(u=ci(u));const l=ti(u);let y=l[0],p=l[1],g=l[2],d=l[3],f=0;for(;f+4<=s.length;)y^=s[f+0],p^=s[f+1],g^=s[f+2],d^=s[f+3],({s0:y,s1:p,s2:g,s3:d}=Fi(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d;if(i){const e=function(e){const t=new Uint8Array(16),r=ti(t);t.set(e);const i=wi-e.length;for(let e=wi-i;e<wi;e++)t[e]=i;return r}(r.subarray(4*f));y^=e[0],p^=e[1],g^=e[2],d^=e[3],({s0:y,s1:p,s2:g,s3:d}=Fi(a,y,p,g,d)),o[f++]=y,o[f++]=p,o[f++]=g,o[f++]=d}return ui(...h),c},decrypt(r,n){!function(e){if(Xr(e),e.length%wi!=0)throw Error("aes/(cbc-ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const a=Ti(e);let s=t;const o=[a];oi(s)||o.push(s=ci(s));const c=ti(s),u=Li(r.length,n);oi(r)||o.push(r=ci(r));const h=ti(r),l=ti(u);let y=c[0],p=c[1],g=c[2],d=c[3];for(let e=0;e+4<=h.length;){const t=y,r=p,i=g,n=d;y=h[e+0],p=h[e+1],g=h[e+2],d=h[e+3];const{s0:s,s1:o,s2:c,s3:u}=Ri(a,y,p,g,d);l[e++]=s^t,l[e++]=o^r,l[e++]=c^i,l[e++]=u^n}return ui(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const i=e[r-1];if(i<=0||i>16)throw Error("aes/pcks5: wrong padding");const n=e.subarray(0,-i);for(let t=0;t<i;t++)if(e[r-t-1]!==i)throw Error("aes/pcks5: wrong padding");return n}(u,i)}}})),ji=ai({blockSize:16,nonceLength:16},(function(e,t){function r(r,i,n){Xr(r);const a=r.length;n=Li(a,n);const s=Bi(e);let o=t;const c=[s];oi(o)||c.push(o=ci(o)),oi(r)||c.push(r=ci(r));const u=ti(r),h=ti(n),l=i?h:u,y=ti(o);let p=y[0],g=y[1],d=y[2],f=y[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:i,s3:n}=Fi(s,p,g,d,f);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^i,h[e+3]=u[e+3]^n,p=l[e++],g=l[e++],d=l[e++],f=l[e++]}const m=wi*Math.floor(u.length/4);if(m<a){({s0:p,s1:g,s2:d,s3:f}=Fi(s,p,g,d,f));const e=ei(new Uint32Array([p,g,d,f]));for(let t=m,i=0;t<a;t++,i++)n[t]=r[t]^e[i];ui(e)}return ui(...c),n}return Xr(e),Xr(t,16),{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));const Hi=ai({blockSize:16,nonceLength:12,tagLength:16},(function(e,t,r){if(Xr(e),Xr(t),void 0!==r&&Xr(r),t.length<8)throw Error("aes/gcm: invalid nonce length");const i=16;function n(e,t,i){const n=function(e,t,r,i,n){const a=null==n?0:n.length,s=e.create(r,i.length+a);n&&s.update(n),s.update(i);const o=new Uint8Array(16),c=ri(o);n&&si(c,0,BigInt(8*a),t),si(c,8,BigInt(8*i.length),t),s.update(o);const u=s.digest();return ui(o),u}(mi,!1,e,i,r);for(let e=0;e<t.length;e++)n[e]^=t[e];return n}function a(){const r=Bi(e),i=bi.slice(),n=bi.slice();if(zi(r,!1,n,n,i),12===t.length)n.set(t);else{const e=bi.slice();si(ri(e),8,BigInt(8*t.length),!1);const r=mi.create(i).update(t).update(e);r.digestInto(n),r.destroy()}return{xk:r,authKey:i,counter:n,tagMask:zi(r,!1,n,bi)}}return{encrypt(e){Xr(e);const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=new Uint8Array(e.length+i),u=[t,r,s,o];oi(e)||u.push(e=ci(e)),zi(t,!1,s,e,c);const h=n(r,o,c.subarray(0,c.length-i));return u.push(h),c.set(h,e.length),ui(...u),c},decrypt(e){if(Xr(e),e.length<i)throw Error("aes/gcm: ciphertext less than tagLen (16)");const{xk:t,authKey:r,counter:s,tagMask:o}=a(),c=[t,r,o,s];oi(e)||c.push(e=ci(e));const u=e.subarray(0,-16),h=e.subarray(-16),l=n(r,o,u);if(c.push(l),!ni(l,h))throw Error("aes/gcm: invalid ghash tag");const y=zi(t,!1,s,u);return ui(...c),y}}}));function Gi(e){return null!=e&&"object"==typeof e&&(e instanceof Uint32Array||"Uint32Array"===e.constructor.name)}function Vi(e,t){if(Xr(t,16),!Gi(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=ti(t);let{s0:i,s1:n,s2:a,s3:s}=Fi(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}function Wi(e,t){if(Xr(t,16),!Gi(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=ti(t);let{s0:i,s1:n,s2:a,s3:s}=Ri(e,r[0],r[1],r[2],r[3]);return r[0]=i,r[1]=n,r[2]=a,r[3]=s,t}const $i={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=Bi(e);if(16===t.length)Vi(r,t);else{const e=ti(t);let i=e[0],n=e[1];for(let t=0,a=1;t<6;t++)for(let t=2;t<e.length;t+=2,a++){const{s0:s,s1:o,s2:c,s3:u}=Fi(r,i,n,e[t],e[t+1]);i=s,n=o^Ui(a),e[t]=c,e[t+1]=u}e[0]=i,e[1]=n}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=Ti(e),i=t.length/8-1;if(1===i)Wi(r,t);else{const e=ti(t);let n=e[0],a=e[1];for(let t=0,s=6*i;t<6;t++)for(let t=2*i;t>=1;t-=2,s--){a^=Ui(s);const{s0:i,s1:o,s2:c,s3:u}=Ri(r,n,a,e[t],e[t+1]);n=i,a=o,e[t]=c,e[t+1]=u}e[0]=n,e[1]=a}r.fill(0)}},Zi=new Uint8Array(8).fill(166),Qi=ai({blockSize:8},(e=>({encrypt(t){if(Xr(t),!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const i=e[r];Xr(i),t+=i.length}const r=new Uint8Array(t);for(let t=0,i=0;t<e.length;t++){const n=e[t];r.set(n,i),i+=n.length}return r}(Zi,t);return $i.encrypt(e,r),r},decrypt(t){if(Xr(t),t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=ci(t);if($i.decrypt(e,r),!ni(r.subarray(0,8),Zi))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),Xi={expandKeyLE:Bi,expandKeyDecLE:Ti,encrypt:Fi,decrypt:Ri,encryptBlock:Vi,decryptBlock:Wi,ctrCounter:Ni,ctr32:zi};async function Yi(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:throw Error("Not a legacy cipher");case T.symmetric.cast5:case T.symmetric.blowfish:case T.symmetric.twofish:case T.symmetric.tripledes:{const{legacyCiphers:t}=await import("./legacy_ciphers.min.mjs"),r=T.read(T.symmetric,e),i=t.get(r);if(!i)throw Error("Unsupported cipher algorithm");return i}default:throw Error("Unsupported cipher algorithm")}}function Ji(e){switch(e){case T.symmetric.aes128:case T.symmetric.aes192:case T.symmetric.aes256:case T.symmetric.twofish:return 16;case T.symmetric.blowfish:case T.symmetric.cast5:case T.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function en(e){switch(e){case T.symmetric.aes128:case T.symmetric.blowfish:case T.symmetric.cast5:return 16;case T.symmetric.aes192:case T.symmetric.tripledes:return 24;case T.symmetric.aes256:case T.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function tn(e){return{keySize:en(e),blockSize:Ji(e)}}const rn=F.getWebCrypto();async function nn(e,t,r){const{keySize:i}=tn(e);if(!F.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");try{const e=await rn.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),i=await rn.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),n=await rn.wrapKey("raw",i,e,{name:"AES-KW"});return new Uint8Array(n)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;F.printDebugError("Browser did not support operation: "+e.message)}return Qi(t).encrypt(r)}async function an(e,t,r){const{keySize:i}=tn(e);if(!F.isAES(e)||t.length!==i)throw Error("Unexpected algorithm or key size");let n;try{n=await rn.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return F.printDebugError("Browser did not support operation: "+e.message),Qi(t).decrypt(r)}try{const e=await rn.unwrapKey("raw",r,n,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await rn.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}const sn=F.getWebCrypto();async function on(e,t,r,i,n){const a=T.read(T.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const s=await sn.importKey("raw",t,"HKDF",!1,["deriveBits"]),o=await sn.deriveBits({name:"HKDF",hash:a,salt:r,info:i},s,8*n);return new Uint8Array(o)}const cn={x25519:F.encodeUTF8("OpenPGP X25519"),x448:F.encodeUTF8("OpenPGP X448")};async function un(e){switch(e){case T.publicKey.x25519:{const e=ye(32),{publicKey:t}=Qe.box.keyPair.fromSecretKey(e);return{A:t,k:e}}case T.publicKey.x448:{const e=await F.getNobleCurve(T.publicKey.x448),t=e.utils.randomPrivateKey();return{A:e.getPublicKey(t),k:t}}default:throw Error("Unsupported ECDH algorithm")}}async function hn(e,t,r){switch(e){case T.publicKey.x25519:{const{publicKey:e}=Qe.box.keyPair.fromSecretKey(r);return F.equalsUint8Array(t,e)}case T.publicKey.x448:{const e=(await F.getNobleCurve(T.publicKey.x448)).getPublicKey(r);return F.equalsUint8Array(t,e)}default:return!1}}async function ln(e,t,r){const{ephemeralPublicKey:i,sharedSecret:n}=await gn(e,r),a=F.concatUint8Array([i,r,n]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:r}=tn(e),n=await on(T.hash.sha256,a,new Uint8Array,cn.x25519,r);return{ephemeralPublicKey:i,wrappedKey:await nn(e,n,t)}}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:r}=tn(T.symmetric.aes256),n=await on(T.hash.sha512,a,new Uint8Array,cn.x448,r);return{ephemeralPublicKey:i,wrappedKey:await nn(e,n,t)}}default:throw Error("Unsupported ECDH algorithm")}}async function yn(e,t,r,i,n){const a=await dn(e,t,i,n),s=F.concatUint8Array([t,i,a]);switch(e){case T.publicKey.x25519:{const e=T.symmetric.aes128,{keySize:t}=tn(e);return an(e,await on(T.hash.sha256,s,new Uint8Array,cn.x25519,t),r)}case T.publicKey.x448:{const e=T.symmetric.aes256,{keySize:t}=tn(T.symmetric.aes256);return an(e,await on(T.hash.sha512,s,new Uint8Array,cn.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}}function pn(e){switch(e){case T.publicKey.x25519:return 32;case T.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function gn(e,t){switch(e){case T.publicKey.x25519:{const r=ye(pn(e)),i=Qe.scalarMult(r,t);fn(i);const{publicKey:n}=Qe.box.keyPair.fromSecretKey(r);return{ephemeralPublicKey:n,sharedSecret:i}}case T.publicKey.x448:{const e=await F.getNobleCurve(T.publicKey.x448),r=e.utils.randomPrivateKey(),i=e.getSharedSecret(r,t);fn(i);return{ephemeralPublicKey:e.getPublicKey(r),sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function dn(e,t,r,i){switch(e){case T.publicKey.x25519:{const e=Qe.scalarMult(i,t);return fn(e),e}case T.publicKey.x448:{const e=(await F.getNobleCurve(T.publicKey.x448)).getSharedSecret(i,t);return fn(e),e}default:throw Error("Unsupported ECDH algorithm")}}function fn(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}var mn=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:yn,encrypt:ln,generate:un,generateEphemeralEncryptionMaterial:gn,getPayloadSize:pn,recomputeSharedSecret:dn,validateParams:hn});const wn=F.getWebCrypto(),bn=F.getNodeCrypto(),kn={[T.curve.nistP256]:"P-256",[T.curve.nistP384]:"P-384",[T.curve.nistP521]:"P-521"},vn=bn?bn.getCurves():[],Kn=bn?{[T.curve.secp256k1]:vn.includes("secp256k1")?"secp256k1":void 0,[T.curve.nistP256]:vn.includes("prime256v1")?"prime256v1":void 0,[T.curve.nistP384]:vn.includes("secp384r1")?"secp384r1":void 0,[T.curve.nistP521]:vn.includes("secp521r1")?"secp521r1":void 0,[T.curve.ed25519Legacy]:vn.includes("ED25519")?"ED25519":void 0,[T.curve.curve25519Legacy]:vn.includes("X25519")?"X25519":void 0,[T.curve.brainpoolP256r1]:vn.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[T.curve.brainpoolP384r1]:vn.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[T.curve.brainpoolP512r1]:vn.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},An={[T.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:Kn[T.curve.nistP256],web:kn[T.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[T.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:Kn[T.curve.nistP384],web:kn[T.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[T.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:Kn[T.curve.nistP521],web:kn[T.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[T.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:Kn[T.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:T.publicKey.eddsaLegacy,hash:T.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:T.publicKey.ecdh,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[T.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:T.publicKey.ecdsa,hash:T.hash.sha256,cipher:T.symmetric.aes128,node:Kn[T.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[T.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:T.publicKey.ecdsa,hash:T.hash.sha384,cipher:T.symmetric.aes192,node:Kn[T.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[T.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:T.publicKey.ecdsa,hash:T.hash.sha512,cipher:T.symmetric.aes256,node:Kn[T.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class En{constructor(e){try{this.name=e instanceof zt?e.getName():T.write(T.curve,e)}catch(e){throw new $t("Unknown curve")}const t=An[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&F.getWebCrypto()?this.type="web":this.node&&F.getNodeCrypto()?this.type="node":this.name===T.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===T.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await wn.generateKey({name:"ECDSA",namedCurve:kn[e]},!0,["sign","verify"]),i=await wn.exportKey("jwk",r.privateKey);return{publicKey:In(await wn.exportKey("jwk",r.publicKey),t),privateKey:q(i.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return F.printDebugError("Browser did not support generating ec key "+e.message),xn(this.name)}case"node":return async function(e){const t=bn.createECDH(Kn[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await un(T.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:F.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await Or(T.publicKey.ed25519);return{publicKey:F.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return xn(this.name)}}}async function Sn(e){const t=new En(e),{oid:r,hash:i,cipher:n}=t,a=await t.genKeyPair();return{oid:r,Q:a.publicKey,secret:F.leftPad(a.privateKey,t.payloadSize),hash:i,cipher:n}}function Pn(e){return An[e.getName()].hash}async function Un(e,t,r,i){const n={[T.curve.nistP256]:!0,[T.curve.nistP384]:!0,[T.curve.nistP521]:!0,[T.curve.secp256k1]:!0,[T.curve.curve25519Legacy]:e===T.publicKey.ecdh,[T.curve.brainpoolP256r1]:!0,[T.curve.brainpoolP384r1]:!0,[T.curve.brainpoolP512r1]:!0},a=t.getName();if(!n[a])return!1;if(a===T.curve.curve25519Legacy){i=i.slice().reverse();const{publicKey:e}=Qe.box.keyPair.fromSecretKey(i);r=new Uint8Array(r);const t=new Uint8Array([64,...e]);return!!F.equalsUint8Array(t,r)}const s=(await F.getNobleCurve(T.publicKey.ecdsa,a)).getPublicKey(i,!1);return!!F.equalsUint8Array(s,r)}function Dn(e,t){const{payloadSize:r,wireFormatLeadingByte:i,name:n}=e,a=n===T.curve.curve25519Legacy||n===T.curve.ed25519Legacy?r:2*r;if(t[0]!==i||t.length!==a+1)throw Error("Invalid point encoding")}async function xn(e){const t=await F.getNobleCurve(T.publicKey.ecdsa,e),r=t.utils.randomPrivateKey();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function In(e,t){const r=q(e.x),i=q(e.y),n=new Uint8Array(r.length+i.length+1);return n[0]=t,n.set(r,1),n.set(i,r.length+1),n}function Cn(e,t,r){const i=e,n=r.slice(1,i+1),a=r.slice(i+1,2*i+1);return{kty:"EC",crv:t,x:j(n),y:j(a),ext:!0}}function Bn(e,t,r,i){const n=Cn(e,t,r);return n.d=j(i),n}const Tn=F.getWebCrypto(),Mn=F.getNodeCrypto();async function _n(e,t,r,i,n,a){const s=new En(e);if(Dn(s,i),r&&!F.isStream(r)){const e={publicKey:i,privateKey:n};switch(s.type){case"web":try{return await async function(e,t,r,i){const n=e.payloadSize,a=Bn(e.payloadSize,kn[e.name],i.publicKey,i.privateKey),s=await Tn.importKey("jwk",a,{name:"ECDSA",namedCurve:kn[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await Tn.sign({name:"ECDSA",namedCurve:kn[e.name],hash:{name:T.read(T.webHash,t)}},s,r));return{r:o.slice(0,n),s:o.slice(n,n<<1)}}(s,t,r,e)}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;F.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,i){const n=F.nodeRequire("eckey-utils"),a=F.getNodeBuffer(),{privateKey:s}=n.generateDer({curveName:Kn[e.name],privateKey:a.from(i)}),o=Mn.createSign(T.read(T.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:s,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(s,t,r,n)}}const o=(await F.getNobleCurve(T.publicKey.ecdsa,s.name)).sign(a,n,{lowS:!1});return{r:he(o.r,"be",s.payloadSize),s:he(o.s,"be",s.payloadSize)}}async function Fn(e,t,r,i,n,a){const s=new En(e);Dn(s,n);const o=async()=>0===a[0]&&Rn(s,r,a.subarray(1),n);if(i&&!F.isStream(i))switch(s.type){case"web":try{const e=await async function(e,t,{r,s:i},n,a){const s=Cn(e.payloadSize,kn[e.name],a),o=await Tn.importKey("jwk",s,{name:"ECDSA",namedCurve:kn[e.name],hash:{name:T.read(T.webHash,e.hash)}},!1,["verify"]),c=F.concatUint8Array([r,i]).buffer;return Tn.verify({name:"ECDSA",namedCurve:kn[e.name],hash:{name:T.read(T.webHash,t)}},o,c,n)}(s,t,r,i,n);return e||o()}catch(e){if("nistP521"!==s.name&&("DataError"===e.name||"OperationError"===e.name))throw e;F.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:i},n,a){const s=F.nodeRequire("eckey-utils"),o=F.getNodeBuffer(),{publicKey:c}=s.generateDer({curveName:Kn[e.name],publicKey:o.from(a)}),u=Mn.createVerify(T.read(T.hash,t));u.write(n),u.end();const h=F.concatUint8Array([r,i]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(s,t,r,i,n);return e||o()}}return await Rn(s,r,a,n)||o()}async function Rn(e,t,r,i){return(await F.getNobleCurve(T.publicKey.ecdsa,e.name)).verify(F.concatUint8Array([t.r,t.s]),r,i,{lowS:!1})}var Ln=/*#__PURE__*/Object.freeze({__proto__:null,sign:_n,validateParams:async function(e,t,r){const i=new En(e);if(i.keyType!==T.publicKey.ecdsa)return!1;switch(i.type){case"web":case"node":{const i=ye(8),n=T.hash.sha256,a=await Be(n,i);try{const s=await _n(e,n,i,t,r,a);return await Fn(e,n,s,i,t,a)}catch(e){return!1}}default:return Un(T.publicKey.ecdsa,e,t,r)}},verify:Fn});async function Nn(e,t,r,i,n,a){if(Dn(new En(e),i),Te(t)<Te(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const{RS:s}=await qr(T.publicKey.ed25519,t,0,i.subarray(1),n,a);return{r:s.subarray(0,32),s:s.subarray(32)}}async function zn(e,t,{r,s:i},n,a,s){if(Dn(new En(e),a),Te(t)<Te(T.hash.sha256))throw Error("Hash algorithm too weak for EdDSA.");const o=F.concatUint8Array([r,i]);return jr(T.publicKey.ed25519,t,{RS:o},0,a.subarray(1),s)}async function On(e,t,r){if(e.getName()!==T.curve.ed25519Legacy)return!1;const{publicKey:i}=Qe.sign.keyPair.fromSeed(r),n=new Uint8Array([64,...i]);return F.equalsUint8Array(t,n)}var qn=/*#__PURE__*/Object.freeze({__proto__:null,sign:Nn,validateParams:On,verify:zn});function jn(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const i=e.subarray(t-r),n=new Uint8Array(r).fill(r);if(F.equalsUint8Array(i,n))return e.subarray(0,t-r)}}throw Error("Invalid padding")}const Hn=F.getWebCrypto(),Gn=F.getNodeCrypto();function Vn(e,t,r,i){return F.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),F.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||i])}async function Wn(e,t,r,i,n=!1,a=!1){let s;if(n){for(s=0;s<t.length&&0===t[s];s++);t=t.subarray(s)}if(a){for(s=t.length-1;s>=0&&0===t[s];s--);t=t.subarray(0,s+1)}return(await Be(e,F.concatUint8Array([new Uint8Array([0,0,0,1]),t,i]))).subarray(0,r)}async function $n(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:i}=await gn(T.publicKey.x25519,t.subarray(1));return{publicKey:F.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),i]),sharedKey:r}}case"web":if(e.web&&F.getWebCrypto())try{return await async function(e,t){const r=Cn(e.payloadSize,e.web,t);let i=Hn.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),n=Hn.importKey("jwk",r,{name:"ECDH",namedCurve:e.web},!1,[]);[i,n]=await Promise.all([i,n]);let a=Hn.deriveBits({name:"ECDH",namedCurve:e.web,public:n},i.privateKey,e.sharedSize),s=Hn.exportKey("jwk",i.publicKey);[a,s]=await Promise.all([a,s]);const o=new Uint8Array(a),c=new Uint8Array(In(s,e.wireFormatLeadingByte));return{publicKey:c,sharedKey:o}}(e,t)}catch(r){return F.printDebugError(r),Jn(e,t)}break;case"node":return async function(e,t){const r=Gn.createECDH(e.node);r.generateKeys();const i=new Uint8Array(r.computeSecret(t));return{publicKey:new Uint8Array(r.getPublicKey()),sharedKey:i}}(e,t);default:return Jn(e,t)}}async function Zn(e,t,r,i,n){const a=function(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}(r),s=new En(e);Dn(s,i);const{publicKey:o,sharedKey:c}=await $n(s,i),u=Vn(T.publicKey.ecdh,e,t,n),{keySize:h}=tn(t.cipher),l=await Wn(t.hash,c,h,u);return{publicKey:o,wrappedKey:await nn(t.cipher,l,a)}}async function Qn(e,t,r,i){if(i.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(i,e.payloadSize-i.length),i=t}switch(e.type){case"curve25519Legacy":{const e=i.slice().reverse();return{secretKey:e,sharedKey:await dn(T.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&F.getWebCrypto())try{return await async function(e,t,r,i){const n=Bn(e.payloadSize,e.web,r,i);let a=Hn.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const s=Cn(e.payloadSize,e.web,t);let o=Hn.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,[]);[a,o]=await Promise.all([a,o]);let c=Hn.deriveBits({name:"ECDH",namedCurve:e.web,public:o},a,e.sharedSize),u=Hn.exportKey("jwk",a);[c,u]=await Promise.all([c,u]);const h=new Uint8Array(c);return{secretKey:q(u.d),sharedKey:h}}(e,t,r,i)}catch(r){return F.printDebugError(r),Yn(e,t,i)}break;case"node":return async function(e,t,r){const i=Gn.createECDH(e.node);i.setPrivateKey(r);const n=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:n}}(e,t,i);default:return Yn(e,t,i)}}async function Xn(e,t,r,i,n,a,s){const o=new En(e);Dn(o,n),Dn(o,r);const{sharedKey:c}=await Qn(o,r,n,a),u=Vn(T.publicKey.ecdh,e,t,s),{keySize:h}=tn(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await Wn(t.hash,c,h,u,1===e,2===e);return jn(await an(t.cipher,r,i))}catch(e){l=e}throw l}async function Yn(e,t,r){return{secretKey:r,sharedKey:(await F.getNobleCurve(T.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Jn(e,t){const r=await F.getNobleCurve(T.publicKey.ecdh,e.name),{publicKey:i,privateKey:n}=await e.genKeyPair();return{publicKey:i,sharedKey:r.getSharedSecret(n,t).subarray(1)}}var ea=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:En,ecdh:/*#__PURE__*/Object.freeze({__proto__:null,decrypt:Xn,encrypt:Zn,validateParams:async function(e,t,r){return Un(T.publicKey.ecdh,e,t,r)}}),ecdhX:mn,ecdsa:Ln,eddsa:Zr,eddsaLegacy:qn,generate:Sn,getPreferredHashAlgo:Pn});const ta=BigInt(0),ra=BigInt(1);const ia=new Set([T.hash.sha1,T.hash.sha256,T.hash.sha512]),na=F.getWebCrypto(),aa=F.getNodeCrypto();async function sa(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{publicKey:r,secretKey:i}=e.keygen(t);return{mlkemPublicKey:r,mlkemSecretKey:i}}throw Error("Unsupported KEM algorithm")}async function oa(e){const{eccPublicKey:t,eccSecretKey:r}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const{A:e,k:t}=await un(T.publicKey.x25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported KEM algorithm")}(e),{mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}=await async function(e){if(e===T.publicKey.pqc_mlkem_x25519){const t=ye(64),{mlkemSecretKey:r,mlkemPublicKey:i}=await sa(e,t);return{mlkemSeed:t,mlkemSecretKey:r,mlkemPublicKey:i}}throw Error("Unsupported KEM algorithm")}(e);return{eccPublicKey:t,eccSecretKey:r,mlkemPublicKey:i,mlkemSeed:n,mlkemSecretKey:a}}async function ca(e,t,r,i){const{eccKeyShare:n,eccCipherText:a}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ephemeralPublicKey:e,sharedSecret:r}=await gn(T.publicKey.x25519,t);return{eccCipherText:e,eccKeyShare:r}}throw Error("Unsupported KEM algorithm")}(e,t),{mlkemKeyShare:s,mlkemCipherText:o}=await async function(e,t){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs"),{cipherText:r,sharedSecret:i}=e.encapsulate(t);return{mlkemCipherText:r,mlkemKeyShare:i}}throw Error("Unsupported KEM algorithm")}(e,r),c=await ha(e,n,a,t,s,o,r);return{eccCipherText:a,mlkemCipherText:o,wrappedKey:await nn(T.symmetric.aes256,c,i)}}async function ua(e,t,r,i,n,a,s,o){const c=await async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519)return await dn(T.publicKey.x25519,t,0,r);throw Error("Unsupported KEM algorithm")}(e,t,i),u=await async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await import("./noble_post_quantum.min.mjs");return e.decapsulate(t,r)}throw Error("Unsupported KEM algorithm")}(e,r,a),h=await ha(e,c,t,n,u,r,s);return await an(T.symmetric.aes256,h,o)}async function ha(e,t,r,i,n,a,s){const o=F.concatUint8Array([n,t,r,i,a,s,new Uint8Array([e]),F.encodeUTF8("OpenPGPCompositeKDFv1")]);return await Be(T.hash.sha3_256,o)}async function la(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519)return hn(T.publicKey.x25519,t,r);throw Error("Unsupported KEM algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mlkem_x25519){const{mlkemPublicKey:i}=await sa(e,r);return F.equalsUint8Array(t,i)}throw Error("Unsupported KEM algorithm")}(e,i,n);return await a&&await s}async function ya(e,t){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs"),{secretKey:r,publicKey:i}=e.keygen(t);return{mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}async function pa(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSecretKey:t,eccPublicKey:r}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const{A:e,seed:t}=await Or(T.publicKey.ed25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported signature algorithm")}(e),{mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}=await async function(e){if(e===T.publicKey.pqc_mldsa_ed25519){const t=ye(32),{mldsaSecretKey:r,mldsaPublicKey:i}=await ya(e,t);return{mldsaSeed:t,mldsaSecretKey:r,mldsaPublicKey:i}}throw Error("Unsupported signature algorithm")}(e);return{eccSecretKey:t,eccPublicKey:r,mldsaSeed:i,mldsaSecretKey:n,mldsaPublicKey:a}}throw Error("Unsupported signature algorithm")}async function ga(e,t,r,i,n,a){if(t!==fa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const{eccSignature:s}=await async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519){const{RS:e}=await qr(T.publicKey.ed25519,t,0,i,r,n);return{eccSignature:e}}throw Error("Unsupported signature algorithm")}(e,t,r,i,a),{mldsaSignature:o}=await async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return{mldsaSignature:e.sign(t,r)}}throw Error("Unsupported signature algorithm")}(e,n,a);return{eccSignature:s,mldsaSignature:o}}throw Error("Unsupported signature algorithm")}async function da(e,t,r,i,n,{eccSignature:a,mldsaSignature:s}){if(t!==fa(e))throw Error("Unexpected hash algorithm for PQC signature");if(e===T.publicKey.pqc_mldsa_ed25519){const o=async function(e,t,r,i,n){if(e===T.publicKey.pqc_mldsa_ed25519)return jr(T.publicKey.ed25519,t,{RS:n},0,r,i);throw Error("Unsupported signature algorithm")}(e,t,r,n,a),c=async function(e,t,r,i){if(e===T.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await import("./noble_post_quantum.min.mjs");return e.verify(t,r,i)}throw Error("Unsupported signature algorithm")}(e,i,n,s);return await o&&await c}throw Error("Unsupported signature algorithm")}function fa(e){if(e===T.publicKey.pqc_mldsa_ed25519)return T.hash.sha3_256;throw Error("Unsupported signature algorithm")}async function ma(e,t,r,i,n){const a=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519)return Hr(T.publicKey.ed25519,t,r);throw Error("Unsupported signature algorithm")}(e,t,r),s=async function(e,t,r){if(e===T.publicKey.pqc_mldsa_ed25519){const{mldsaPublicKey:i}=await ya(e,r);return F.equalsUint8Array(t,i)}throw Error("Unsupported signature algorithm")}(e,i,n);return await a&&await s}class wa{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return F.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class ba{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!F.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return F.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}class ka{constructor(e){if(e){const{version:t,hash:r,cipher:i,replacementFingerprint:n}=e;this.version=t||1,this.hash=r,this.cipher=i,this.replacementFingerprint=n}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new $t("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const i=t-r+1;this.replacementFingerprint=e.slice(r,r+i),r+=i}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return F.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const va=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=T.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return T.read(e,this.data)}getValue(){return this.data}},Ka=va(T.aead),Aa=va(T.symmetric),Ea=va(T.hash);class Sa{static fromObject({wrappedKey:e,algorithm:t}){const r=new Sa;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=F.readExactSubarray(e,t,t+r),t+=r}write(){return F.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}const Pa=F.getWebCrypto(),Ua=F.getNodeCrypto(),Da=Ua?Ua.getCiphers():[],xa={idea:Da.includes("idea-cfb")?"idea-cfb":void 0,tripledes:Da.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:Da.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:Da.includes("bf-cfb")?"bf-cfb":void 0,aes128:Da.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:Da.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:Da.includes("aes-256-cfb")?"aes-256-cfb":void 0};async function Ia(e){const{blockSize:t}=tn(e),r=await ye(t),i=new Uint8Array([r[r.length-2],r[r.length-1]]);return F.concat([r,i])}async function Ca(e,t,r,i,n){const a=T.read(T.symmetric,e);if(F.getNodeCrypto()&&xa[a])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Ua.createCipheriv(xa[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(F.isAES(e))return async function(e,t,r,i){if(Pa&&await Ta.isSupported(e)){const n=new Ta(e,t,i);return F.isStream(r)?k(r,(e=>n.encryptChunk(e)),(()=>n.finish())):n.encrypt(r)}if(F.isStream(r)){const n=new Ma(!0,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return ji(t,i).encrypt(r)}(e,t,r,i);const s=new(await Yi(e))(t),o=s.blockSize,c=i.slice();let u=new Uint8Array;const h=e=>{e&&(u=F.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,i=0;for(;e?u.length>=o:u.length;){const e=s.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[i++]=c[r];u=u.subarray(o)}return t.subarray(0,i)};return k(r,h,h)}async function Ba(e,t,r,i){const n=T.read(T.symmetric,e);if(Ua&&xa[n])return function(e,t,r,i){const n=T.read(T.symmetric,e),a=new Ua.createDecipheriv(xa[n],t,i);return k(r,(e=>new Uint8Array(a.update(e))))}(e,t,r,i);if(F.isAES(e))return async function(e,t,r,i){if(F.isStream(r)){const n=new Ma(!1,e,t,i);return k(r,(e=>n.processChunk(e)),(()=>n.finish()))}return ji(t,i).decrypt(r)}(e,t,r,i);const a=new(await Yi(e))(t),s=a.blockSize;let o=i,c=new Uint8Array;const u=e=>{e&&(c=F.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,i=0;for(;e?c.length>=s:c.length;){const e=a.encrypt(o);for(o=c.subarray(0,s),r=0;r<s;r++)t[i++]=o[r]^e[r];c=c.subarray(s)}return t.subarray(0,i)};return k(r,u,u)}class Ta{constructor(e,t,r){const{blockSize:i}=tn(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=tn(e);return Pa.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await Pa.importKey("raw",this.key,r,!1,["encrypt"]);const i=await Pa.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(i).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=F.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=F.concatUint8Array([this.prevBlock,i.subarray(0,i.length-this.blockSize)]),a=await this._runCBC(n);return _a(a,i),this.prevBlock=a.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,a}let i;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;i=await this._runCBC(this.prevBlock),_a(i,t),this.prevBlock=i.slice(),this.i=0;const n=e.subarray(r.length);this.nextBlock.set(n,this.i),this.i+=n.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);_a(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(F.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return _a(t,e),this.clearSensitiveData(),t}}class Ma{constructor(e,t,r,i){this.forEncryption=e;const{blockSize:n}=tn(t);this.key=Xi.expandKeyLE(r),i.byteOffset%4!=0&&(i=i.slice()),this.prevBlock=Fa(i),this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n}_runCFB(e){const t=Fa(e),r=new Uint8Array(e.length),i=Fa(r);for(let e=0;e+4<=i.length;e+=4){const{s0:r,s1:n,s2:a,s3:s}=Xi.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);i[e+0]=t[e+0]^r,i[e+1]=t[e+1]^n,i[e+2]=t[e+2]^a,i[e+3]=t[e+3]^s,this.prevBlock=(this.forEncryption?i:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,i=F.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),n=this._runCFB(i);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,n}let i;if(this.i+=r.length,this.i===this.nextBlock.length){i=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else i=new Uint8Array;return i}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function _a(e,t){const r=Math.min(e.length,t.length);for(let i=0;i<r;i++)e[i]=e[i]^t[i]}const Fa=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));const Ra=F.getWebCrypto(),La=F.getNodeCrypto(),Na=16;function za(e,t){const r=e.length-Na;for(let i=0;i<Na;i++)e[i+r]^=t[i];return e}const Oa=new Uint8Array(Na);async function qa(e){const t=await ja(e),r=F.double(await t(Oa)),i=F.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%Na==0)return za(e,t);const i=new Uint8Array(e.length+(Na-e.length%Na));return i.set(e),i[e.length]=128,za(i,r)}(e,r,i))).subarray(-Na)}}async function ja(e){if(F.getNodeCrypto())return async function(t){const r=new La.createCipheriv("aes-"+8*e.length+"-cbc",e,Oa).update(t);return new Uint8Array(r)};if(F.getWebCrypto())try{return e=await Ra.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await Ra.encrypt({name:"AES-CBC",iv:Oa,length:8*Na},e,t);return new Uint8Array(r).subarray(0,r.byteLength-Na)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;F.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return qi(e,Oa,{disablePadding:!0}).encrypt(t)}}const Ha=F.getWebCrypto(),Ga=F.getNodeCrypto(),Va=F.getNodeBuffer(),Wa=16,$a=Wa,Za=Wa,Qa=new Uint8Array(Wa),Xa=new Uint8Array(Wa);Xa[Wa-1]=1;const Ya=new Uint8Array(Wa);async function Ja(e){const t=await qa(e);return function(e,r){return t(F.concatUint8Array([e,r]))}}async function es(e){if(F.getNodeCrypto())return async function(t,r){const i=new Ga.createCipheriv("aes-"+8*e.length+"-ctr",e,r),n=Va.concat([i.update(t),i.final()]);return new Uint8Array(n)};if(F.getWebCrypto())try{const t=await Ha.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const i=await Ha.encrypt({name:"AES-CTR",counter:r,length:8*Wa},t,e);return new Uint8Array(i)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;F.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return Oi(e,r).encrypt(t)}}async function ts(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,i]=await Promise.all([Ja(t),es(t)]);return{encrypt:async function(e,t,n){const[a,s]=await Promise.all([r(Qa,t),r(Xa,n)]),o=await i(e,a),c=await r(Ya,o);for(let e=0;e<Za;e++)c[e]^=s[e]^a[e];return F.concatUint8Array([o,c])},decrypt:async function(e,t,n){if(e.length<Za)throw Error("Invalid EAX ciphertext");const a=e.subarray(0,-Za),s=e.subarray(-Za),[o,c,u]=await Promise.all([r(Qa,t),r(Xa,n),r(Ya,a)]),h=u;for(let e=0;e<Za;e++)h[e]^=c[e]^o[e];if(!F.equalsUint8Array(s,h))throw Error("Authentication tag mismatch");return await i(a,o)}}}Ya[Wa-1]=2,ts.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},ts.blockLength=Wa,ts.ivLength=$a,ts.tagLength=Za;const rs=16,is=15,ns=16;function as(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function ss(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function os(e,t){return ss(e.slice(),t)}const cs=new Uint8Array(rs),us=new Uint8Array([1]);async function hs(e,t){const{keySize:r}=tn(e);if(!F.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let i=0;const n=qi(t,cs,{disablePadding:!0}),a=e=>n.encrypt(e),s=e=>n.decrypt(e);let o;function c(e,t,r,n){const s=t.length/rs|0;!function(e,t){const r=F.nbits(Math.max(e.length,t.length)/rs|0)-1;for(let e=i+1;e<=r;e++)o[e]=F.double(o[e-1]);i=r}(t,n);const c=F.concatUint8Array([cs.subarray(0,is-r.length),us,r]),u=63&c[rs-1];c[rs-1]&=192;const h=a(c),l=F.concatUint8Array([h,os(h.subarray(0,8),h.subarray(1,9))]),y=F.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),p=new Uint8Array(rs),g=new Uint8Array(t.length+ns);let d,f=0;for(d=0;d<s;d++)ss(y,o[as(d+1)]),g.set(ss(e(os(y,t)),y),f),ss(p,e===a?t:g.subarray(f)),t=t.subarray(rs),f+=rs;if(t.length){ss(y,o.x);const r=a(y);g.set(os(t,r),f);const i=new Uint8Array(rs);i.set(e===a?t:g.subarray(f,-ns),0),i[t.length]=128,ss(p,i),f+=t.length}const m=ss(a(ss(ss(p,y),o.$)),function(e){if(!e.length)return cs;const t=e.length/rs|0,r=new Uint8Array(rs),i=new Uint8Array(rs);for(let n=0;n<t;n++)ss(r,o[as(n+1)]),ss(i,a(os(r,e))),e=e.subarray(rs);if(e.length){ss(r,o.x);const t=new Uint8Array(rs);t.set(e,0),t[e.length]=128,ss(t,r),ss(i,a(t))}return i}(n));return g.set(m,f),g}return function(){const e=a(cs),t=F.double(e);o=[],o[0]=F.double(t),o.x=e,o.$=t}(),{encrypt:async function(e,t,r){return c(a,e,t,r)},decrypt:async function(e,t,r){if(e.length<ns)throw Error("Invalid OCB ciphertext");const i=e.subarray(-ns);e=e.subarray(0,-ns);const n=c(s,e,t,r);if(F.equalsUint8Array(i,n.subarray(-ns)))return n.subarray(0,-ns);throw Error("Authentication tag mismatch")}}}hs.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},hs.blockLength=rs,hs.ivLength=is,hs.tagLength=ns;const ls=F.getWebCrypto(),ys=F.getNodeCrypto(),ps=F.getNodeBuffer(),gs=16,ds="AES-GCM";async function fs(e,t){if(e!==T.symmetric.aes128&&e!==T.symmetric.aes192&&e!==T.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(F.getNodeCrypto())return{encrypt:async function(e,r,i=new Uint8Array){const n=new ys.createCipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i);const a=ps.concat([n.update(e),n.final(),n.getAuthTag()]);return new Uint8Array(a)},decrypt:async function(e,r,i=new Uint8Array){const n=new ys.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);n.setAAD(i),n.setAuthTag(e.slice(e.length-gs,e.length));const a=ps.concat([n.update(e.slice(0,e.length-gs)),n.final()]);return new Uint8Array(a)}};if(F.getWebCrypto())try{const e=await ls.importKey("raw",t,{name:ds},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(i,n,a=new Uint8Array){if(r&&!i.length)return Hi(t,n,a).encrypt(i);const s=await ls.encrypt({name:ds,iv:n,additionalData:a,tagLength:8*gs},e,i);return new Uint8Array(s)},decrypt:async function(i,n,a=new Uint8Array){if(r&&i.length===gs)return Hi(t,n,a).decrypt(i);try{const t=await ls.decrypt({name:ds,iv:n,additionalData:a,tagLength:8*gs},e,i);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;F.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,i){return Hi(t,r,i).encrypt(e)},decrypt:async function(e,r,i){return Hi(t,r,i).decrypt(e)}}}function ms(e,t=!1){switch(e){case T.aead.eax:return ts;case T.aead.ocb:return hs;case T.aead.gcm:return fs;case T.aead.experimentalGCM:if(!t)throw Error("Unexpected non-standard `experimentalGCM` AEAD algorithm provided in `config.preferredAEADAlgorithm`: use `gcm` instead");return fs;default:throw Error("Unsupported AEAD mode")}}async function ws(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await je(n,e,t)}}case T.publicKey.elgamal:{const{p:e,g:t,y:i}=r;return async function(e,t,r,i){t=te(t),r=te(r),i=te(i);const n=te(_e(e,ue(t))),a=pe($e,t-$e);return{c1:he(ie(r,a,t)),c2:he(re(ie(i,a,t)*n,t))}}(n,e,t,i)}case T.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:i}=r,{publicKey:s,wrappedKey:o}=await Zn(e,i,n,t,a);return{V:s,C:new wa(o)}}case T.publicKey.x25519:case T.publicKey.x448:{if(t&&!F.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:i}=r,{ephemeralPublicKey:a,wrappedKey:s}=await ln(e,n,i);return{ephemeralPublicKey:a,C:Sa.fromObject({algorithm:t,wrappedKey:s})}}case T.publicKey.aead:{if(!i)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:a}=i,s=M.preferredAEADAlgorithm,o=ms(M.preferredAEADAlgorithm),{ivLength:c}=o,u=ye(c),h=await o(t,a),l=await h.encrypt(n,u,new Uint8Array);return{aeadMode:new Ka(s),iv:u,c:new ba(l)}}case T.publicKey.pqc_mlkem_x25519:{const{eccPublicKey:i,mlkemPublicKey:a}=r,{eccCipherText:s,mlkemCipherText:o,wrappedKey:c}=await ca(e,i,a,n);return{eccCipherText:s,mlkemCipherText:o,C:Sa.fromObject({algorithm:t,wrappedKey:c})}}default:return[]}}async function bs(e,t,r,i,n,a){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:{const{c:e}=i,{n,e:s}=t,{d:o,p:c,q:u,u:h}=r;return He(e,n,s,o,c,u,h,a)}case T.publicKey.elgamal:{const{c1:e,c2:n}=i;return async function(e,t,r,i,n){return e=te(e),t=te(t),r=te(r),Fe(he(re(ae(ie(e,i=te(i),r),r)*t,r),"be",ue(r)),n)}(e,n,t.p,r.x,a)}case T.publicKey.ecdh:{const{oid:e,Q:a,kdfParams:s}=t,{d:o}=r,{V:c,C:u}=i;return Xn(e,s,c,u.data,a,o,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:n}=t,{k:a}=r,{ephemeralPublicKey:s,C:o}=i;if(null!==o.algorithm&&!F.isAES(o.algorithm))throw Error("AES session key expected");return yn(e,s,o.wrappedKey,n,a)}case T.publicKey.aead:{const{cipher:e}=t,n=e.getValue(),{keyMaterial:a}=r,{aeadMode:s,iv:o,c}=i,u=ms(s.getValue());return(await u(n,a)).decrypt(c.data,o,new Uint8Array)}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:n,mlkemSecretKey:a}=r,{eccPublicKey:s,mlkemPublicKey:o}=t,{eccCipherText:c,mlkemCipherText:u,C:h}=i;return ua(e,c,u,n,s,a,o,h.wrappedKey)}default:throw Error("Unknown public key encryption algorithm.")}}async function ks(e,t,r){let i=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=F.readMPI(t.subarray(i));i+=e.length+2;const r=F.readMPI(t.subarray(i));i+=r.length+2;const n=F.readMPI(t.subarray(i));i+=n.length+2;const a=F.readMPI(t.subarray(i));return i+=a.length+2,{read:i,privateParams:{d:e,p:r,q:n,u:a}}}case T.publicKey.dsa:case T.publicKey.elgamal:{const e=F.readMPI(t.subarray(i));return i+=e.length+2,{read:i,privateParams:{x:e}}}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const n=Us(e,r.oid);let a=F.readMPI(t.subarray(i));return i+=a.length+2,a=F.leftPad(a,n),{read:i,privateParams:{d:a}}}case T.publicKey.eddsaLegacy:{const n=Us(e,r.oid);if(r.oid.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let a=F.readMPI(t.subarray(i));return i+=a.length+2,a=F.leftPad(a,n),{read:i,privateParams:{seed:a}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const r=Us(e),n=F.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{seed:n}}}case T.publicKey.x25519:case T.publicKey.x448:{const r=Us(e),n=F.readExactSubarray(t,i,i+r);return i+=n.length,{read:i,privateParams:{k:n}}}case T.publicKey.hmac:{const{cipher:e}=r,n=Te(e.getValue()),a=t.subarray(i,i+32);i+=32;const s=t.subarray(i,i+n);return i+=n,{read:i,privateParams:{hashSeed:a,keyMaterial:s}}}case T.publicKey.aead:{const{cipher:e}=r,n=t.subarray(i,i+32);i+=32;const{keySize:a}=tn(e.getValue()),s=t.subarray(i,i+a);return i+=a,{read:i,privateParams:{hashSeed:n,keyMaterial:s}}}case T.publicKey.pqc_mlkem_x25519:{const r=F.readExactSubarray(t,i,i+Us(T.publicKey.x25519));i+=r.length;const n=F.readExactSubarray(t,i,i+64);i+=n.length;const{mlkemSecretKey:a}=await sa(e,n);return{read:i,privateParams:{eccSecretKey:r,mlkemSecretKey:a,mlkemSeed:n}}}case T.publicKey.pqc_mldsa_ed25519:{const r=F.readExactSubarray(t,i,i+Us(T.publicKey.ed25519));i+=r.length;const n=F.readExactSubarray(t,i,i+32);i+=n.length;const{mldsaSecretKey:a}=await ya(e,n);return{read:i,privateParams:{eccSecretKey:r,mldsaSecretKey:a,mldsaSeed:n}}}default:throw new $t("Unknown public key encryption algorithm.")}}function vs(e,t){const r=new Set([T.publicKey.ed25519,T.publicKey.x25519,T.publicKey.ed448,T.publicKey.x448,T.publicKey.aead,T.publicKey.hmac,T.publicKey.pqc_mlkem_x25519,T.publicKey.pqc_mldsa_ed25519]),i={[T.publicKey.pqc_mlkem_x25519]:new Set(["mlkemSecretKey"]),[T.publicKey.pqc_mldsa_ed25519]:new Set(["mldsaSecretKey"])},n=Object.keys(t).map((n=>{if(i[e]?.has(n))return new Uint8Array;const a=t[n];return F.isUint8Array(a)?r.has(e)?a:F.uint8ArrayToMPI(a):a.write()}));return F.concatUint8Array(n)}async function Ks(e,t,r,i){switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:return async function(e,t){if(t=BigInt(t),F.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:he(t),hash:{name:"SHA-1"}},i=await Le.generateKey(r,!0,["sign","verify"]);return We(await Le.exportKey("jwk",i.privateKey),t)}if(F.getNodeCrypto()){const r={modulusLength:e,publicExponent:se(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},i=await new Promise(((e,t)=>{Ne.generateKeyPair("rsa",r,((r,i,n)=>{r?t(r):e(n)}))}));return We(i,t)}let r,i,n;do{i=de(e-(e>>1),t,40),r=de(e>>1,t,40),n=r*i}while(ce(n)!==e);const a=(r-ze)*(i-ze);return i<r&&([r,i]=[i,r]),{n:he(n),e:he(t),d:he(ae(t,a)),p:he(r),q:he(i),u:he(ae(r,i))}}(t,65537).then((({n:e,e:t,d:r,p:i,q:n,u:a})=>({privateParams:{d:r,p:i,q:n,u:a},publicParams:{n:e,e:t}})));case T.publicKey.ecdsa:return Sn(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new zt(e),Q:t}})));case T.publicKey.eddsaLegacy:return Sn(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new zt(e),Q:t}})));case T.publicKey.ecdh:return Sn(r).then((({oid:e,Q:t,secret:r,hash:i,cipher:n})=>({privateParams:{d:r},publicParams:{oid:new zt(e),Q:t,kdfParams:new ka({hash:i,cipher:n})}})));case T.publicKey.ed25519:case T.publicKey.ed448:return Or(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case T.publicKey.x25519:case T.publicKey.x448:return un(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case T.publicKey.hmac:return As(await async function(e){if(!ia.has(e))throw Error("Unsupported hash algorithm.");const t=T.read(T.webHash,e),r=na||aa.webcrypto.subtle,i=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),n=await r.exportKey("raw",i);return new Uint8Array(n)}(i),new Ea(i));case T.publicKey.aead:return As(Ss(i),new Aa(i));case T.publicKey.pqc_mlkem_x25519:return oa(e).then((({eccSecretKey:e,eccPublicKey:t,mlkemSeed:r,mlkemSecretKey:i,mlkemPublicKey:n})=>({privateParams:{eccSecretKey:e,mlkemSeed:r,mlkemSecretKey:i},publicParams:{eccPublicKey:t,mlkemPublicKey:n}})));case T.publicKey.pqc_mldsa_ed25519:return pa(e).then((({eccSecretKey:e,eccPublicKey:t,mldsaSeed:r,mldsaSecretKey:i,mldsaPublicKey:n})=>({privateParams:{eccSecretKey:e,mldsaSeed:r,mldsaSecretKey:i},publicParams:{eccPublicKey:t,mldsaPublicKey:n}})));case T.publicKey.dsa:case T.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}}async function As(e,t){const r=ye(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await Be(T.hash.sha256,r)}}}async function Es(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const{n:e,e:i}=t,{d:n,p:a,q:s,u:o}=r;return async function(e,t,r,i,n,a){if(e=te(e),(i=te(i))*(n=te(n))!==e)return!1;const s=BigInt(2);if(re(i*(a=te(a)),n)!==BigInt(1))return!1;t=te(t),r=te(r);const o=pe(s,s<<BigInt(Math.floor(ce(e)/3))),c=o*r*t;return!(re(c,i-ze)!==o||re(c,n-ze)!==o)}(e,i,n,a,s,o)}case T.publicKey.dsa:{const{p:e,q:i,g:n,y:a}=t,{x:s}=r;return async function(e,t,r,i,n){if(e=te(e),t=te(t),r=te(r),i=te(i),r<=ra||r>=e)return!1;if(re(e-ra,t)!==ta)return!1;if(ie(r,t,e)!==ra)return!1;const a=BigInt(ce(t));if(a<BigInt(150)||!fe(t,null,32))return!1;n=te(n);const s=BigInt(2);return i===ie(r,t*pe(s<<a-ra,s<<a)+n,e)}(e,i,n,a,s)}case T.publicKey.elgamal:{const{p:e,g:i,y:n}=t,{x:a}=r;return async function(e,t,r,i){if(e=te(e),t=te(t),r=te(r),t<=$e||t>=e)return!1;const n=BigInt(ce(e));if(n<BigInt(1023))return!1;if(ie(t,e-$e,e)!==$e)return!1;let a=t,s=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;s<c;){if(a=re(a*t,e),a===$e)return!1;s++}i=te(i);const u=pe(o<<n-$e,o<<n);return r===ie(t,(e-$e)*u+i,e)}(e,i,n,a)}case T.publicKey.ecdsa:case T.publicKey.ecdh:{const i=ea[T.read(T.publicKey,e)],{oid:n,Q:a}=t,{d:s}=r;return i.validateParams(n,a,s)}case T.publicKey.eddsaLegacy:{const{Q:e,oid:i}=t,{seed:n}=r;return On(i,e,n)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:i}=t,{seed:n}=r;return Hr(e,i,n)}case T.publicKey.x25519:case T.publicKey.x448:{const{A:i}=t,{k:n}=r;return hn(e,i,n)}case T.publicKey.hmac:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r;return Te(e.getValue())===a.length&&F.equalsUint8Array(i,await Be(T.hash.sha256,n))}case T.publicKey.aead:{const{cipher:e,digest:i}=t,{hashSeed:n,keyMaterial:a}=r,{keySize:s}=tn(e.getValue());return s===a.length&&F.equalsUint8Array(i,await Be(T.hash.sha256,n))}case T.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:i,mlkemSeed:n}=r,{eccPublicKey:a,mlkemPublicKey:s}=t;return la(e,a,i,s,n)}case T.publicKey.pqc_mldsa_ed25519:{const{eccSecretKey:i,mldsaSeed:n}=r,{eccPublicKey:a,mldsaPublicKey:s}=t;return ma(e,a,i,s,n)}default:throw Error("Unknown public key algorithm.")}}function Ss(e){const{keySize:t}=tn(e);return ye(t)}function Ps(e){try{e.getName()}catch(e){throw new $t("Unknown curve OID")}}function Us(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.ecdh:case T.publicKey.eddsaLegacy:return new En(t).payloadSize;case T.publicKey.ed25519:case T.publicKey.ed448:return Gr(e);case T.publicKey.x25519:case T.publicKey.x448:return pn(e);default:throw Error("Unknown elliptic algo")}}async function Ds(e,t,r,i,n,a,s){switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:n}=i;return qe(t,a,F.leftPad(r.s,e.length),e,n,s)}case T.publicKey.dsa:{const{g:e,p:t,q:n,y:a}=i,{r:o,s:c}=r;return async function(e,t,r,i,n,a,s,o){if(t=te(t),r=te(r),a=te(a),s=te(s),n=te(n),o=te(o),t<=ta||t>=s||r<=ta||r>=s)return F.printDebug("invalid DSA Signature"),!1;const c=re(te(i.subarray(0,ue(s))),s),u=ae(r,s);if(u===ta)return F.printDebug("invalid DSA Signature"),!1;n=re(n,a),o=re(o,a);const h=re(c*u,s),l=re(t*u,s);return re(re(ie(n,h,a)*ie(o,l,a),a),s)===t}(0,o,c,s,e,t,n,a)}case T.publicKey.ecdsa:{const{oid:e,Q:n}=i,o=new En(e).payloadSize;return Fn(e,t,{r:F.leftPad(r.r,o),s:F.leftPad(r.s,o)},a,n,s)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=i,a=new En(e).payloadSize;return zn(e,t,{r:F.leftPad(r.r,a),s:F.leftPad(r.s,a)},0,n,s)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=i;return jr(e,t,r,0,n,s)}case T.publicKey.hmac:{if(!n)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=i,{keyMaterial:t}=n;return async function(e,t,r,i){if(!ia.has(e))throw Error("Unsupported hash algorithm.");const n=T.read(T.webHash,e),a=na||aa.webcrypto.subtle,s=await a.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["verify"]);return a.verify("HMAC",s,r,i)}(e.getValue(),t,r.mac.data,s)}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n,mldsaPublicKey:a}=i;return da(e,t,n,a,s,r)}default:throw Error("Unknown signature algorithm.")}}async function xs(e,t,r,i,n,a){if(!r||!i)throw Error("Missing key parameters");switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const{n:e,e:s}=r,{d:o,p:c,q:u,u:h}=i;return{s:await Oe(t,n,e,s,o,c,u,h,a)}}case T.publicKey.dsa:{const{g:e,p:t,q:n}=r,{x:s}=i;return async function(e,t,r,i,n,a){const s=BigInt(0);let o,c,u,h;i=te(i),n=te(n),r=te(r),a=te(a),r=re(r,i),a=re(a,n);const l=re(te(t.subarray(0,ue(n))),n);for(;;){if(o=pe(ra,n),c=re(ie(r,o,i),n),c===s)continue;const e=re(a*c,n);if(h=re(l+e,n),u=re(ae(o,n)*h,n),u!==s)break}return{r:he(c,"be",ue(i)),s:he(u,"be",ue(i))}}(0,a,e,t,n,s)}case T.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case T.publicKey.ecdsa:{const{oid:e,Q:s}=r,{d:o}=i;return _n(e,t,n,s,o,a)}case T.publicKey.eddsaLegacy:{const{oid:e,Q:n}=r,{seed:s}=i;return Nn(e,t,0,n,s,a)}case T.publicKey.ed25519:case T.publicKey.ed448:{const{A:n}=r,{seed:s}=i;return qr(e,t,0,n,s,a)}case T.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=i,n=await async function(e,t,r){if(!ia.has(e))throw Error("Unsupported hash algorithm.");const i=T.read(T.webHash,e),n=na||aa.webcrypto.subtle,a=await n.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["sign"]),s=await n.sign("HMAC",a,r);return new Uint8Array(s)}(e.getValue(),t,a);return{mac:new ba(n)}}case T.publicKey.pqc_mldsa_ed25519:{const{eccPublicKey:n}=r,{eccSecretKey:s,mldsaSecretKey:o}=i;return ga(e,t,s,n,o,a)}default:throw Error("Unknown signature algorithm.")}}fs.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},fs.blockLength=16,fs.ivLength=12,fs.tagLength=gs;class Is extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,Is),this.name="Argon2OutOfMemoryError"}}let Cs,Bs,Ts=2<<19;class Ms{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return Ts}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){Ts=e}static reloadWasmModule(){Cs&&(Bs=Cs(),Bs.catch((()=>{})))}constructor(e=M){const{passes:t,parallelism:r,memoryExponent:i}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=i}generateSalt(){this.salt=ye(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([T.write(T.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return F.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{Cs=Cs||(await import("./argon2id.min.mjs")).default,Bs=Bs||Cs();const i=await Bs,n=i({version:19,type:2,password:F.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>Ms.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&Ms.reloadWasmModule(),n}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new Is("Could not allocate required memory for Argon2"):e}}}class _s{constructor(e,t=M){this.algorithm=T.hash.sha256,this.type=T.read(T.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=ye(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==F.uint8ArrayToString(e.subarray(t,t+3)))throw new $t("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new $t("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new $t("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,...F.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([T.write(T.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return F.concatUint8Array(e)}async produceKey(e,t){e=F.encodeUTF8(e);const r=[];let i=0,n=0;for(;i<t;){let t;switch(this.type){case"simple":t=F.concatUint8Array([new Uint8Array(n),e]);break;case"salted":t=F.concatUint8Array([new Uint8Array(n),this.salt,e]);break;case"iterated":{const r=F.concatUint8Array([this.salt,e]);let i=r.length;const a=Math.max(this.getCount(),i);t=new Uint8Array(n+a),t.set(r,n);for(let e=n+i;e<a;e+=i,i*=2)t.copyWithin(e,n,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const a=await Be(this.algorithm,t);r.push(a),i+=a.length,n++}return F.concatUint8Array(r).subarray(0,t)}}const Fs=new Set([T.s2k.argon2,T.s2k.iterated]);function Rs(e,t=M){switch(e){case T.s2k.argon2:return new Ms(t);case T.s2k.iterated:case T.s2k.gnu:case T.s2k.salted:case T.s2k.simple:return new _s(e,t);default:throw new $t("Unsupported S2K type")}}function Ls(e){const{s2kType:t}=e;if(!Fs.has(t))throw Error("The provided `config.s2kType` value is not allowed");return Rs(t,e)}var Ns=Uint8Array,zs=Uint16Array,Os=Uint32Array,qs=new Ns([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),js=new Ns([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),Hs=new Ns([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),Gs=function(e,t){for(var r=new zs(31),i=0;i<31;++i)r[i]=t+=1<<e[i-1];var n=new Os(r[30]);for(i=1;i<30;++i)for(var a=r[i];a<r[i+1];++a)n[a]=a-r[i]<<5|i;return[r,n]},Vs=Gs(qs,2),Ws=Vs[0],$s=Vs[1];Ws[28]=258,$s[258]=28;for(var Zs=Gs(js,0),Qs=Zs[0],Xs=Zs[1],Ys=new zs(32768),Js=0;Js<32768;++Js){var eo=(43690&Js)>>>1|(21845&Js)<<1;eo=(61680&(eo=(52428&eo)>>>2|(13107&eo)<<2))>>>4|(3855&eo)<<4,Ys[Js]=((65280&eo)>>>8|(255&eo)<<8)>>>1}var to=function(e,t,r){for(var i=e.length,n=0,a=new zs(t);n<i;++n)e[n]&&++a[e[n]-1];var s,o=new zs(t);for(n=0;n<t;++n)o[n]=o[n-1]+a[n-1]<<1;if(r){s=new zs(1<<t);var c=15-t;for(n=0;n<i;++n)if(e[n])for(var u=n<<4|e[n],h=t-e[n],l=o[e[n]-1]++<<h,y=l|(1<<h)-1;l<=y;++l)s[Ys[l]>>>c]=u}else for(s=new zs(i),n=0;n<i;++n)e[n]&&(s[n]=Ys[o[e[n]-1]++]>>>15-e[n]);return s},ro=new Ns(288);for(Js=0;Js<144;++Js)ro[Js]=8;for(Js=144;Js<256;++Js)ro[Js]=9;for(Js=256;Js<280;++Js)ro[Js]=7;for(Js=280;Js<288;++Js)ro[Js]=8;var io=new Ns(32);for(Js=0;Js<32;++Js)io[Js]=5;var no=/*#__PURE__*/to(ro,9,0),ao=/*#__PURE__*/to(ro,9,1),so=/*#__PURE__*/to(io,5,0),oo=/*#__PURE__*/to(io,5,1),co=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},uo=function(e,t,r){var i=t/8|0;return(e[i]|e[i+1]<<8)>>(7&t)&r},ho=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},lo=function(e){return(e+7)/8|0},yo=function(e,t,r){(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length);var i=new(2==e.BYTES_PER_ELEMENT?zs:4==e.BYTES_PER_ELEMENT?Os:Ns)(r-t);return i.set(e.subarray(t,r)),i},po=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],go=function(e,t,r){var i=Error(t||po[e]);if(i.code=e,Error.captureStackTrace&&Error.captureStackTrace(i,go),!r)throw i;return i},fo=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8},mo=function(e,t,r){r<<=7&t;var i=t/8|0;e[i]|=r,e[i+1]|=r>>>8,e[i+2]|=r>>>16},wo=function(e,t){for(var r=[],i=0;i<e.length;++i)e[i]&&r.push({s:i,f:e[i]});var n=r.length,a=r.slice();if(!n)return[So,0];if(1==n){var s=new Ns(r[0].s+1);return s[r[0].s]=1,[s,1]}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=n-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var y=a[0].s;for(i=1;i<n;++i)a[i].s>y&&(y=a[i].s);var p=new zs(y+1),g=bo(r[h-1],p,0);if(g>t){i=0;var d=0,f=g-t,m=1<<f;for(a.sort((function(e,t){return p[t.s]-p[e.s]||e.f-t.f}));i<n;++i){var w=a[i].s;if(!(p[w]>t))break;d+=m-(1<<g-p[w]),p[w]=t}for(d>>>=f;d>0;){var b=a[i].s;p[b]<t?d-=1<<t-p[b]++-1:++i}for(;i>=0&&d;--i){var k=a[i].s;p[k]==t&&(--p[k],++d)}g=t}return[new Ns(p),g]},bo=function(e,t,r){return-1==e.s?Math.max(bo(e.l,t,r+1),bo(e.r,t,r+1)):t[e.s]=r},ko=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new zs(++t),i=0,n=e[0],a=1,s=function(e){r[i++]=e},o=1;o<=t;++o)if(e[o]==n&&o!=t)++a;else{if(!n&&a>2){for(;a>138;a-=138)s(32754);a>2&&(s(a>10?a-11<<5|28690:a-3<<5|12305),a=0)}else if(a>3){for(s(n),--a;a>6;a-=6)s(8304);a>2&&(s(a-3<<5|8208),a=0)}for(;a--;)s(n);a=1,n=e[o]}return[r.subarray(0,i),t]},vo=function(e,t){for(var r=0,i=0;i<t.length;++i)r+=e[i]*t[i];return r},Ko=function(e,t,r){var i=r.length,n=lo(t+2);e[n]=255&i,e[n+1]=i>>>8,e[n+2]=255^e[n],e[n+3]=255^e[n+1];for(var a=0;a<i;++a)e[n+a+4]=r[a];return 8*(n+4+i)},Ao=function(e,t,r,i,n,a,s,o,c,u,h){fo(t,h++,r),++n[256];for(var l=wo(n,15),y=l[0],p=l[1],g=wo(a,15),d=g[0],f=g[1],m=ko(y),w=m[0],b=m[1],k=ko(d),v=k[0],K=k[1],A=new zs(19),E=0;E<w.length;++E)A[31&w[E]]++;for(E=0;E<v.length;++E)A[31&v[E]]++;for(var S=wo(A,7),P=S[0],U=S[1],D=19;D>4&&!P[Hs[D-1]];--D);var x,I,C,B,T=u+5<<3,M=vo(n,ro)+vo(a,io)+s,_=vo(n,y)+vo(a,d)+s+14+3*D+vo(A,P)+(2*A[16]+3*A[17]+7*A[18]);if(T<=M&&T<=_)return Ko(t,h,e.subarray(c,c+u));if(fo(t,h,1+(_<M)),h+=2,_<M){x=to(y,p,0),I=y,C=to(d,f,0),B=d;var F=to(P,U,0);fo(t,h,b-257),fo(t,h+5,K-1),fo(t,h+10,D-4),h+=14;for(E=0;E<D;++E)fo(t,h+3*E,P[Hs[E]]);h+=3*D;for(var R=[w,v],L=0;L<2;++L){var N=R[L];for(E=0;E<N.length;++E){var z=31&N[E];fo(t,h,F[z]),h+=P[z],z>15&&(fo(t,h,N[E]>>>5&127),h+=N[E]>>>12)}}}else x=no,I=ro,C=so,B=io;for(E=0;E<o;++E)if(i[E]>255){z=i[E]>>>18&31;mo(t,h,x[z+257]),h+=I[z+257],z>7&&(fo(t,h,i[E]>>>23&31),h+=qs[z]);var O=31&i[E];mo(t,h,C[O]),h+=B[O],O>3&&(mo(t,h,i[E]>>>5&8191),h+=js[O])}else mo(t,h,x[i[E]]),h+=I[i[E]];return mo(t,h,x[256]),h+I[256]},Eo=/*#__PURE__*/new Os([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),So=/*#__PURE__*/new Ns(0),Po=function(e,t,r,i,n){return function(e,t,r,i,n,a){var s=e.length,o=new Ns(i+s+5*(1+Math.ceil(s/7e3))+n),c=o.subarray(i,o.length-n),u=0;if(!t||s<8)for(var h=0;h<=s;h+=65535){var l=h+65535;l>=s&&(c[u>>3]=a),u=Ko(c,u+1,e.subarray(h,l))}else{for(var y=Eo[t-1],p=y>>>13,g=8191&y,d=(1<<r)-1,f=new zs(32768),m=new zs(d+1),w=Math.ceil(r/3),b=2*w,k=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<b)&d},v=new Os(25e3),K=new zs(288),A=new zs(32),E=0,S=0,P=(h=0,0),U=0,D=0;h<s;++h){var x=k(h),I=32767&h,C=m[x];if(f[I]=C,m[x]=I,U<=h){var B=s-h;if((E>7e3||P>24576)&&B>423){u=Ao(e,c,0,v,K,A,S,P,D,h-D,u),P=E=S=0,D=h;for(var T=0;T<286;++T)K[T]=0;for(T=0;T<30;++T)A[T]=0}var M=2,_=0,F=g,R=I-C&32767;if(B>2&&x==k(h-R))for(var L=Math.min(p,B)-1,N=Math.min(32767,h),z=Math.min(258,B);R<=N&&--F&&I!=C;){if(e[h+M]==e[h+M-R]){for(var O=0;O<z&&e[h+O]==e[h+O-R];++O);if(O>M){if(M=O,_=R,O>L)break;var q=Math.min(R,O-2),j=0;for(T=0;T<q;++T){var H=h-R+T+32768&32767,G=H-f[H]+32768&32767;G>j&&(j=G,C=H)}}}R+=(I=C)-(C=f[I])+32768&32767}if(_){v[P++]=268435456|$s[M]<<18|Xs[_];var V=31&$s[M],W=31&Xs[_];S+=qs[V]+js[W],++K[257+V],++A[W],U=h+M,++E}else v[P++]=e[h],++K[e[h]]}}u=Ao(e,c,a,v,K,A,S,P,D,h-D,u),!a&&7&u&&(u=Ko(c,u+1,So))}return yo(o,0,i+lo(u)+n)}(e,null==t.level?6:t.level,null==t.mem?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):12+t.mem,r,i,!n)},Uo=/*#__PURE__*/function(){function e(e,t){t||"function"!=typeof e||(t=e,e={}),this.ondata=t,this.o=e||{}}return e.prototype.p=function(e,t){this.ondata(Po(e,this.o,0,0,!t),t)},e.prototype.push=function(e,t){this.ondata||go(5),this.d&&go(4),this.d=t,this.p(e,t||!1)},e}(),Do=/*#__PURE__*/function(){function e(e){this.s={},this.p=new Ns(0),this.ondata=e}return e.prototype.e=function(e){this.ondata||go(5),this.d&&go(4);var t=this.p.length,r=new Ns(t+e.length);r.set(this.p),r.set(e,t),this.p=r},e.prototype.c=function(e){this.d=this.s.i=e||!1;var t=this.s.b,r=function(e,t,r){var i=e.length;if(!i||r&&r.f&&!r.l)return t||new Ns(0);var n=!t||r,a=!r||r.i;r||(r={}),t||(t=new Ns(3*i));var s=function(e){var r=t.length;if(e>r){var i=new Ns(Math.max(2*r,e));i.set(t),t=i}},o=r.f||0,c=r.p||0,u=r.b||0,h=r.l,l=r.d,y=r.m,p=r.n,g=8*i;do{if(!h){o=uo(e,c,1);var d=uo(e,c+1,3);if(c+=3,!d){var f=e[(U=lo(c)+4)-4]|e[U-3]<<8,m=U+f;if(m>i){a&&go(0);break}n&&s(u+f),t.set(e.subarray(U,m),u),r.b=u+=f,r.p=c=8*m,r.f=o;continue}if(1==d)h=ao,l=oo,y=9,p=5;else if(2==d){var w=uo(e,c,31)+257,b=uo(e,c+10,15)+4,k=w+uo(e,c+5,31)+1;c+=14;for(var v=new Ns(k),K=new Ns(19),A=0;A<b;++A)K[Hs[A]]=uo(e,c+3*A,7);c+=3*b;var E=co(K),S=(1<<E)-1,P=to(K,E,1);for(A=0;A<k;){var U,D=P[uo(e,c,S)];if(c+=15&D,(U=D>>>4)<16)v[A++]=U;else{var x=0,I=0;for(16==U?(I=3+uo(e,c,3),c+=2,x=v[A-1]):17==U?(I=3+uo(e,c,7),c+=3):18==U&&(I=11+uo(e,c,127),c+=7);I--;)v[A++]=x}}var C=v.subarray(0,w),B=v.subarray(w);y=co(C),p=co(B),h=to(C,y,1),l=to(B,p,1)}else go(1);if(c>g){a&&go(0);break}}n&&s(u+131072);for(var T=(1<<y)-1,M=(1<<p)-1,_=c;;_=c){var F=(x=h[ho(e,c)&T])>>>4;if((c+=15&x)>g){a&&go(0);break}if(x||go(2),F<256)t[u++]=F;else{if(256==F){_=c,h=null;break}var R=F-254;if(F>264){var L=qs[A=F-257];R=uo(e,c,(1<<L)-1)+Ws[A],c+=L}var N=l[ho(e,c)&M],z=N>>>4;if(N||go(3),c+=15&N,B=Qs[z],z>3&&(L=js[z],B+=ho(e,c)&(1<<L)-1,c+=L),c>g){a&&go(0);break}n&&s(u+131072);for(var O=u+R;u<O;u+=4)t[u]=t[u-B],t[u+1]=t[u+1-B],t[u+2]=t[u+2-B],t[u+3]=t[u+3-B];u=O}}r.l=h,r.p=_,r.b=u,r.f=o,h&&(o=1,r.m=y,r.d=l,r.n=p)}while(!o);return u==t.length?t:yo(t,0,u)}(this.p,this.o,this.s);this.ondata(yo(r,t,this.s.b),this.d),this.o=yo(r,this.s.b-32768),this.s.b=this.o.length,this.p=yo(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),xo=/*#__PURE__*/function(){function e(e,t){var r,i;this.c=(r=1,i=0,{p:function(e){for(var t=r,n=i,a=0|e.length,s=0;s!=a;){for(var o=Math.min(s+2655,a);s<o;++s)n+=t+=e[s];t=(65535&t)+15*(t>>16),n=(65535&n)+15*(n>>16)}r=t,i=n},d:function(){return(255&(r%=65521))<<24|r>>>8<<16|(255&(i%=65521))<<8|i>>>8}}),this.v=1,Uo.call(this,e,t)}return e.prototype.push=function(e,t){Uo.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){this.c.p(e);var r=Po(e,this.o,this.v&&2,t&&4,!t);this.v&&(function(e,t){var r=t.level,i=0==r?0:r<6?1:9==r?3:2;e[0]=120,e[1]=i<<6|(i?32-2*i:1)}(r,this.o),this.v=0),t&&function(e,t,r){for(;r;++t)e[t]=r,r>>>=8}(r,r.length-4,this.c.d()),this.ondata(r,t)},e}(),Io=/*#__PURE__*/function(){function e(e){this.v=1,Do.call(this,e)}return e.prototype.push=function(e,t){if(Do.prototype.e.call(this,e),this.v){if(this.p.length<2&&!t)return;this.p=this.p.subarray(2),this.v=0}t&&(this.p.length<4&&go(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),Do.prototype.c.call(this,t)},e}(),Co="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{Co.decode(So,{stream:!0}),1}catch(e){}class Bo{static get tag(){return T.packet.literalData}constructor(e=new Date){this.format=T.literal.utf8,this.date=F.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=T.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||F.isStream(this.text))&&(this.text=F.decodeUTF8(F.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=F.canonicalizeEOL(F.encodeUTF8(this.text))),e?E(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await K(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=F.decodeUTF8(await e.readBytes(r)),this.date=F.readDate(await e.readBytes(4));let i=e.remainder();s(i)&&(i=await U(i)),this.setBytes(i,t)}))}writeHeader(){const e=F.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),i=F.writeDate(this.date);return F.concatUint8Array([r,t,e,i])}write(){const e=this.writeHeader(),t=this.getBytes();return F.concat([e,t])}}class To{constructor(){this.bytes=""}read(e){return this.bytes=F.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return F.stringToUint8Array(this.bytes)}toHex(){return F.uint8ArrayToHex(F.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new To;return t.read(F.hexToUint8Array(e)),t}static wildcard(){const e=new To;return e.read(new Uint8Array(8)),e}}const Mo=Symbol("verified"),_o="salt@notations.openpgpjs.org",Fo=new Set([T.signatureSubpacket.issuerKeyID,T.signatureSubpacket.issuerFingerprint,T.signatureSubpacket.embeddedSignature]);class Ro{static get tag(){return T.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new To,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[Mo]=null}read(e,t=M){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new $t("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new $t(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const i=e.subarray(r,e.length),{read:n,signatureParams:a}=function(e,t){let r=0;switch(e){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.rsaSign:{const e=F.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case T.publicKey.dsa:case T.publicKey.ecdsa:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=F.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.eddsaLegacy:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=F.readMPI(t.subarray(r));return r+=i.length+2,{read:r,signatureParams:{r:e,s:i}}}case T.publicKey.ed25519:case T.publicKey.ed448:{const i=2*Gr(e),n=F.readExactSubarray(t,r,r+i);return r+=n.length,{read:r,signatureParams:{RS:n}}}case T.publicKey.hmac:{const e=new ba;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}case T.publicKey.pqc_mldsa_ed25519:{const e=2*Gr(T.publicKey.ed25519),i=F.readExactSubarray(t,r,r+e);r+=i.length;const n=F.readExactSubarray(t,r,r+3309);return r+=n.length,{read:r,signatureParams:{eccSignature:i,mldsaSignature:n}}}default:throw new $t("Unknown signature algorithm.")}}(this.publicKeyAlgorithm,i);if(n<i.length)throw Error("Error reading MPIs");this.params=a}writeParams(){return this.params instanceof Promise?x((async()=>vs(this.publicKeyAlgorithm,await this.params))):vs(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),F.concat(e)}async sign(e,t,r=new Date,i=!1,n){this.version=e.version,this.created=F.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const a=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=No(this.hashAlgorithm);if(null===this.salt)this.salt=ye(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(n.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===_o)).length)throw Error("Unexpected existing salt notation");{const e=ye(No(this.hashAlgorithm));this.rawNotations.push({name:_o,value:e,humanReadable:!1,critical:!1})}}a.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=F.concat(a);const s=this.toHash(this.signatureType,t,i),o=await this.hash(this.signatureType,t,s,i);this.signedHashValue=P(A(o),0,2);const c=async()=>xs(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,s,await U(o));F.isStream(o)?this.params=c():(this.params=await c(),this[Mo]=!0)}writeHashedSubPackets(){const e=T.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(Lo(e.signatureCreationTime,!0,F.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(Lo(e.signatureExpirationTime,!0,F.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(Lo(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(Lo(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(Lo(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(Lo(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(Lo(e.keyExpirationTime,!0,F.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(Lo(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=F.concat([r,this.revocationKeyFingerprint]),t.push(Lo(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(Lo(e.issuerKeyID,!0,this.issuerKeyID.write())),this.rawNotations.forEach((({name:i,value:n,humanReadable:a,critical:s})=>{r=[new Uint8Array([a?128:0,0,0,0])];const o=F.encodeUTF8(i);r.push(F.writeNumber(o.length,2)),r.push(F.writeNumber(n.length,2)),r.push(o),r.push(n),r=F.concat(r),t.push(Lo(e.notationData,s,r))})),null!==this.preferredHashAlgorithms&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(Lo(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(Lo(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.keyServerPreferences)),t.push(Lo(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(Lo(e.preferredKeyServer,!1,F.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(Lo(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(Lo(e.policyURI,!1,F.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.keyFlags)),t.push(Lo(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(Lo(e.signersUserID,!1,F.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=F.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(Lo(e.reasonForRevocation,!0,r))),null!==this.features&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.features)),t.push(Lo(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(F.stringToUint8Array(this.signatureTargetHash)),r=F.concat(r),t.push(Lo(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(Lo(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=F.concat(r),t.push(Lo(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=F.stringToUint8Array(F.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(Lo(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(Lo(e.preferredCipherSuites,!1,r)));const i=F.concat(t),n=F.writeNumber(i.length,6===this.version?4:2);return F.concat([n,i])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>Lo(e,t,r))),t=F.concat(e),r=F.writeNumber(t.length,6===this.version?4:2);return F.concat([r,t])}readSubPacket(e,t=!0){let r=0;const i=!!(128&e[r]),n=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)}),Fo.has(n)))switch(n){case T.signatureSubpacket.signatureCreationTime:this.created=F.readDate(e.subarray(r,e.length));break;case T.signatureSubpacket.signatureExpirationTime:{const t=F.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case T.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case T.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case T.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case T.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case T.signatureSubpacket.keyExpirationTime:{const t=F.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case T.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case T.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case T.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const n=F.readNumber(e.subarray(r,r+2));r+=2;const a=F.readNumber(e.subarray(r,r+2));r+=2;const s=F.decodeUTF8(e.subarray(r,r+n)),o=e.subarray(r+n,r+n+a);this.rawNotations.push({name:s,humanReadable:t,value:o,critical:i}),t&&(this.notations[s]=F.decodeUTF8(o));break}case T.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=F.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case T.signatureSubpacket.policyURI:this.policyURI=F.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signersUserID:this.signersUserID=F.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=F.decodeUTF8(e.subarray(r,e.length));break;case T.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=Te(this.signatureTargetHashAlgorithm);this.signatureTargetHash=F.uint8ArrayToString(e.subarray(r,r+t));break}case T.signatureSubpacket.embeddedSignature:this.embeddedSignature=new Ro,this.embeddedSignature.read(e.subarray(r,e.length));break;case T.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case T.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case T.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:n,critical:i,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const i=6===this.version?4:2,n=F.readNumber(e.subarray(0,i));let a=i;for(;a<2+n;){const i=Ot(e.subarray(a,e.length));a+=i.offset,this.readSubPacket(e.subarray(a,a+i.len),t,r),a+=i.len}return a}toSign(e,t){const r=T.signature;switch(e){case r.binary:return null!==t.text?F.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return F.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,i;if(t.userID)i=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");i=209,e=t.userAttribute}const n=e.write();return F.concat([this.toSign(r.key,t),new Uint8Array([i]),F.writeNumber(n.length,4),n])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return F.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return k(A(this.signatureData),(e=>{r+=e.length}),(()=>{const i=[];return 5!==this.version||this.signatureType!==T.signature.binary&&this.signatureType!==T.signature.text||(t?i.push(new Uint8Array(6)):i.push(e.writeHeader())),i.push(new Uint8Array([this.version,255])),5===this.version&&i.push(new Uint8Array(4)),i.push(F.writeNumber(r,4)),F.concat(i)}))}toHash(e,t,r=!1){const i=this.toSign(e,t);return F.concat([this.salt||new Uint8Array,i,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,i=!1){if(6===this.version&&this.salt.length!==No(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,i)),Be(this.hashAlgorithm,r)}async verify(e,t,r,i=new Date,n=!1,a=M){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const s=t===T.signature.binary||t===T.signature.text;if(!(this[Mo]&&!s)){let i,a;if(this.hashed?a=await this.hashed:(i=this.toHash(t,r,n),a=await this.hash(t,r,i)),a=await U(a),this.signedHashValue[0]!==a[0]||this.signedHashValue[1]!==a[1])throw Error("Signed digest did not match");this.params=await this.params;const s=this.publicKeyAlgorithm===T.publicKey.hmac?e.privateParams:null;if(this[Mo]=await Ds(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,s,i,a),!this[Mo])throw Error("Signature verification failed")}const o=F.normalizeDate(i);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(a.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(a.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[T.signature.binary,T.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+T.read(T.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&a.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=F.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function Lo(e,t,r){const i=[];return i.push(qt(r.length+1)),i.push(new Uint8Array([(t?128:0)|e])),i.push(r),F.concat(i)}function No(e){switch(e){case T.hash.sha256:return 16;case T.hash.sha384:return 24;case T.hash.sha512:return 32;case T.hash.sha224:case T.hash.sha3_256:return 16;case T.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class zo{static get tag(){return T.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new zo;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new $t(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new To,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new To,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),F.concatUint8Array(e)}calculateTrailer(...e){return x((async()=>Ro.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==T.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!F.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!F.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function Oo(e,t){if(!t[e]){let t;try{t=T.read(T.packet,e)}catch(t){throw new Zt("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}zo.prototype.hash=Ro.prototype.hash,zo.prototype.toHash=Ro.prototype.toHash,zo.prototype.toSign=Ro.prototype.toSign;class qo extends Array{static async fromBinary(e,t,r=M){const i=new qo;return await i.read(e,t,r),i}async read(e,t,r=M){r.additionalAllowedPackets.length&&(t={...t,...F.constructAllowedPackets(r.additionalAllowedPackets)}),this.stream=v(e,(async(e,i)=>{const n=C(i);try{for(;;){await n.ready;if(await Wt(e,(async e=>{try{if(e.tag===T.packet.marker||e.tag===T.packet.trust||e.tag===T.packet.padding)return;const i=Oo(e.tag,t);i.packets=new qo,i.fromStream=F.isStream(e.packet),await i.read(e.packet,r),await n.write(i)}catch(t){if(t instanceof Zt){if(!(e.tag<=39))return;await n.abort(t)}const i=!r.ignoreUnsupportedPackets&&t instanceof $t,a=!(r.ignoreMalformedPackets||t instanceof $t);if(i||a||Vt(e.tag))await n.abort(t);else{const t=new Qt(e.tag,e.packet);await n.write(t)}F.printDebugError(t)}})))return await n.ready,void await n.close()}}catch(e){await n.abort(e)}}));const i=I(this.stream);for(;;){const{done:e,value:t}=await i.read();if(e?this.stream=null:this.push(t),e||Vt(t.constructor.tag))break}i.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof Qt?this[t].tag:this[t].constructor.tag,i=this[t].write();if(F.isStream(i)&&Vt(this[t].constructor.tag)){let t=[],n=0;const a=512;e.push(Ht(r)),e.push(k(i,(e=>{if(t.push(e),n+=e.length,n>=a){const e=Math.min(Math.log(n)/Math.LN2|0,30),r=2**e,i=F.concat([jt(e)].concat(t));return t=[i.subarray(1+r)],n=t[0].length,i.subarray(0,1+r)}}),(()=>F.concat([qt(n)].concat(t)))))}else{if(F.isStream(i)){let t=0;e.push(k(A(i),(e=>{t+=e.length}),(()=>Gt(r,t))))}else e.push(Gt(r,i.length));e.push(i)}}return F.concat(e)}filterByTag(...e){const t=new qo,r=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(r(this[i].constructor.tag))&&t.push(this[i]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,i=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(i(r[n].constructor.tag))&&t.push(n);return t}}const jo=/*#__PURE__*/F.constructAllowedPackets([Bo,zo,Ro]);class Ho{static get tag(){return T.packet.compressedData}constructor(e=M){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=M){await K(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),F.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=M){const t=T.read(T.compression,this.algorithm),r=Zo[t];if(!r)throw Error(t+" decompression not supported");this.packets=await qo.fromBinary(await r(this.compressed),jo,e)}compress(){const e=T.read(T.compression,this.algorithm),t=$o[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function Go(e,t){return r=>{if(!F.isStream(r)||s(r))return x((()=>U(r).then((e=>new Promise(((r,i)=>{const n=new t;n.ondata=e=>{r(e)};try{n.push(e,!0)}catch(e){i(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const i=r.getReader(),n=new t;return new ReadableStream({async start(e){for(n.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await i.read();if(e)return void n.push(new Uint8Array,!0);t.length&&n.push(t)}}})}}function Vo(){return async function(e){const{decode:t}=await import("./seek-bzip.min.mjs").then((function(e){return e.i}));return x((async()=>t(await U(e))))}}const Wo=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),$o={zip:/*#__PURE__*/Go(Wo("deflate-raw").compressor,Uo),zlib:/*#__PURE__*/Go(Wo("deflate").compressor,xo)},Zo={uncompressed:e=>e,zip:/*#__PURE__*/Go(Wo("deflate-raw").decompressor,Do),zlib:/*#__PURE__*/Go(Wo("deflate").decompressor,Io),bzip2:/*#__PURE__*/Vo()},Qo=/*#__PURE__*/F.constructAllowedPackets([Bo,Ho,zo,Ro]);class Xo{static get tag(){return T.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Xo;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new $t(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?F.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):F.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=M){const{blockSize:i,keySize:n}=tn(e);if(t.length!==n)throw Error("Unexpected session key size");let a=this.packets.write();if(s(a)&&(a=await U(a)),2===this.version)this.cipherAlgorithm=e,this.salt=ye(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Yo(this,"encrypt",t,a);else{const r=await Ia(e),n=new Uint8Array([211,20]),s=F.concat([r,a,n]),o=await Be(T.hash.sha1,E(s)),c=F.concat([s,o]);this.encrypted=await Ca(e,t,c,new Uint8Array(i))}return!0}async decrypt(e,t,r=M){if(t.length!==tn(e).keySize)throw Error("Unexpected session key size");let i,n=A(this.encrypted);if(s(n)&&(n=await U(n)),2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");i=await Yo(this,"decrypt",t,n)}else{const{blockSize:a}=tn(e),s=await Ba(e,t,n,new Uint8Array(a)),o=P(E(s),-20),c=P(s,0,-20),u=Promise.all([U(await Be(T.hash.sha1,E(c))),U(o)]).then((([e,t])=>{if(!F.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),h=P(c,a+2);i=P(h,0,-2),i=f([i,x((()=>u))]),F.isStream(n)&&r.allowUnauthenticatedStream||(i=await U(i))}return this.packets=await qo.fromBinary(i,Qo,r),!0}}async function Yo(e,t,r,i){const n=e instanceof Xo&&2===e.version,a=!n&&e.constructor.tag===T.packet.aeadEncryptedData;if(!n&&!a)throw Error("Unexpected packet type");const s=ms(e.aeadAlgorithm,a),o="decrypt"===t?s.tagLength:0,c="encrypt"===t?s.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=a?8:0,l=new ArrayBuffer(13+h),y=new Uint8Array(l,0,5+h),p=new Uint8Array(l),g=new DataView(l),d=new Uint8Array(l,5,8);y.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let f,w,b=0,k=Promise.resolve(),K=0,A=0;if(n){const{keySize:t}=tn(e.cipherAlgorithm),{ivLength:i}=s,n=new Uint8Array(l,0,5),a=await on(T.hash.sha256,r,e.salt,n,t+i);r=a.subarray(0,t),f=a.subarray(t),f.fill(0,f.length-8),w=new DataView(f.buffer,f.byteOffset,f.byteLength)}else f=e.iv;const E=await s(e.cipherAlgorithm,r);return v(i,(async(r,i)=>{if("array"!==F.isStream(r)){const t=new TransformStream({},{highWaterMark:F.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});m(t.readable,i),i=t.writable}const a=I(r),s=C(i);try{for(;;){let e=await a.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let i,l,m;if(e=e.subarray(0,e.length-o),n)m=f;else{m=f.slice();for(let e=0;e<8;e++)m[f.length-8+e]^=d[e]}if(!b||e.length?(a.unshift(r),i=E[t](e,m,y),i.catch((()=>{})),A+=e.length-o+c):(g.setInt32(5+h+4,K),i=E[t](r,m,p),i.catch((()=>{})),A+=c,l=!0),K+=e.length-o,k=k.then((()=>i)).then((async e=>{await s.ready,await s.write(e),A-=e.length})).catch((e=>s.abort(e))),(l||A>s.desiredSize)&&await k,l){await s.close();break}n?w.setInt32(f.length-4,++b):g.setInt32(9,++b)}}catch(e){await s.ready.catch((()=>{})),await s.abort(e)}}))}const Jo=/*#__PURE__*/F.constructAllowedPackets([Bo,Ho,zo,Ro]);class ec{static get tag(){return T.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=T.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await K(e,(async e=>{const t=await e.readByte();if(1!==t)throw new $t(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=ms(this.aeadAlgorithm,!0);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return F.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=M){this.packets=await qo.fromBinary(await Yo(this,"decrypt",t,A(this.encrypted)),Jo,r)}async encrypt(e,t,r=M){this.cipherAlgorithm=e;const{ivLength:i}=ms(this.aeadAlgorithm,!0);this.iv=ye(i),this.chunkSizeByte=r.aeadChunkSizeByte;const n=this.packets.write();this.encrypted=await Yo(this,"encrypt",t,n)}}const tc=new Set([T.publicKey.x25519,T.publicKey.x448,T.publicKey.pqc_mlkem_x25519]);class rc{static get tag(){return T.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new To,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:i,sessionKeyAlgorithm:n}){const a=new rc;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return a.version=e,6===e&&(a.publicKeyVersion=r?null:t.version,a.publicKeyFingerprint=r?null:t.getFingerprintBytes()),a.publicKeyID=r?To.wildcard():t.getKeyID(),a.publicKeyAlgorithm=t.algorithm,a.sessionKey=i,a.sessionKeyAlgorithm=n,a}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new $t(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const i=r-1;this.publicKeyFingerprint=e.subarray(t,t+i),t+=i,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=To.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:return{c:F.readMPI(t.subarray(r))};case T.publicKey.elgamal:{const e=F.readMPI(t.subarray(r));return r+=e.length+2,{c1:e,c2:F.readMPI(t.subarray(r))}}case T.publicKey.ecdh:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=new wa;return i.read(t.subarray(r)),{V:e,C:i}}case T.publicKey.x25519:case T.publicKey.x448:{const i=Us(e),n=F.readExactSubarray(t,r,r+i);r+=n.length;const a=new Sa;return a.read(t.subarray(r)),{ephemeralPublicKey:n,C:a}}case T.publicKey.aead:{const e=new Ka;r+=e.read(t.subarray(r));const{ivLength:i}=ms(e.getValue()),n=t.subarray(r,r+i);r+=i;const a=new ba;return r+=a.read(t.subarray(r)),{aeadMode:e,iv:n,c:a}}case T.publicKey.pqc_mlkem_x25519:{const e=F.readExactSubarray(t,r,r+Us(T.publicKey.x25519));r+=e.length;const i=F.readExactSubarray(t,r,r+1088);r+=i.length;const n=new Sa;return n.read(t.subarray(r)),{eccCipherText:e,mlkemCipherText:i,C:n}}default:throw new $t("Unknown public key encryption algorithm.")}}(this.publicKeyAlgorithm,e.subarray(t)),tc.has(this.publicKeyAlgorithm))if(3===this.version)this.sessionKeyAlgorithm=T.write(T.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),vs(this.publicKeyAlgorithm,this.encrypted)),F.concatUint8Array(e)}async encrypt(e){const t=T.write(T.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=ic(this.version,t,r,this.sessionKey),a=t===T.publicKey.aead?e.privateParams:null;this.encrypted=await ws(t,r,e.publicParams,a,n,i)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?ic(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,i=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),n=await bs(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,i,r),{sessionKey:a,sessionKeyAlgorithm:s}=function(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:{const t=r.subarray(0,r.length-2),n=r.subarray(r.length-2),a=F.writeChecksum(t.subarray(t.length%8)),s=a[0]===n[0]&a[1]===n[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(i){const t=s&o.sessionKeyAlgorithm===i.sessionKeyAlgorithm&o.sessionKey.length===i.sessionKey.length;return{sessionKey:F.selectUint8Array(t,o.sessionKey,i.sessionKey),sessionKeyAlgorithm:6===e?null:F.selectUint8(t,o.sessionKeyAlgorithm,i.sessionKeyAlgorithm)}}if(s&&(6===e||T.read(T.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,n,t);if(3===this.version){const e=!tc.has(this.publicKeyAlgorithm);if(this.sessionKeyAlgorithm=e?s:this.sessionKeyAlgorithm,a.length!==tn(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=a}}function ic(e,t,r,i){switch(t){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.aead:return F.concatUint8Array([new Uint8Array(6===e?[]:[r]),i,F.writeChecksum(i.subarray(i.length%8))]);case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return i;default:throw Error("Unsupported public key algorithm")}}class nc{static get tag(){return T.packet.symEncryptedSessionKey}constructor(e=M){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=T.write(T.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new $t(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const i=e[t++];if(this.s2k=Rs(i),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=ms(this.aeadAlgorithm,!0);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const i=r.length,n=3+i+this.iv.length;t=F.concatUint8Array([new Uint8Array([this.version,n,e,this.aeadAlgorithm,i]),r,this.iv,this.encrypted])}else 5===this.version?t=F.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=F.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=F.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:i}=tn(t),n=await this.s2k.produceKey(e,i);if(this.version>=5){const e=ms(this.aeadAlgorithm,!0),r=new Uint8Array([192|nc.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),a=6===this.version?await on(T.hash.sha256,n,new Uint8Array,r,i):n,s=await e(t,a);this.sessionKey=await s.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await Ba(t,n,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=T.write(T.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==tn(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=n}async encrypt(e,t=M){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=Ls(t),this.s2k.generateSalt();const{blockSize:i,keySize:n}=tn(r),a=await this.s2k.produceKey(e,n);if(null===this.sessionKey&&(this.sessionKey=Ss(this.sessionKeyAlgorithm)),this.version>=5){const e=ms(this.aeadAlgorithm);this.iv=ye(e.ivLength);const t=new Uint8Array([192|nc.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),i=6===this.version?await on(T.hash.sha256,a,new Uint8Array,t,n):a,s=await e(r,i);this.encrypted=await s.encrypt(this.sessionKey,this.iv,t)}else{const e=F.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await Ca(r,a,e,new Uint8Array(i))}}}class ac{static get tag(){return T.packet.publicKey}constructor(e=new Date,t=M){this.version=t.v6Keys?6:4,this.created=F.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new ac,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}async read(e,t=M){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new $t("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=F.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:i}=function(e,t){let r=0;switch(e){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=F.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{n:e,e:i}}}case T.publicKey.dsa:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=F.readMPI(t.subarray(r));r+=i.length+2;const n=F.readMPI(t.subarray(r));r+=n.length+2;const a=F.readMPI(t.subarray(r));return r+=a.length+2,{read:r,publicParams:{p:e,q:i,g:n,y:a}}}case T.publicKey.elgamal:{const e=F.readMPI(t.subarray(r));r+=e.length+2;const i=F.readMPI(t.subarray(r));r+=i.length+2;const n=F.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{p:e,g:i,y:n}}}case T.publicKey.ecdsa:{const e=new zt;r+=e.read(t),Ps(e);const i=F.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.eddsaLegacy:{const e=new zt;if(r+=e.read(t),Ps(e),e.getName()!==T.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let i=F.readMPI(t.subarray(r));return r+=i.length+2,i=F.leftPad(i,33),{read:r,publicParams:{oid:e,Q:i}}}case T.publicKey.ecdh:{const e=new zt;r+=e.read(t),Ps(e);const i=F.readMPI(t.subarray(r));r+=i.length+2;const n=new ka;return r+=n.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:i,kdfParams:n}}}case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.x25519:case T.publicKey.x448:{const i=F.readExactSubarray(t,r,r+Us(e));return r+=i.length,{read:r,publicParams:{A:i}}}case T.publicKey.hmac:case T.publicKey.aead:{const e=new Aa;r+=e.read(t);const i=Te(T.hash.sha256),n=t.subarray(r,r+i);return r+=i,{read:r,publicParams:{cipher:e,digest:n}}}case T.publicKey.pqc_mlkem_x25519:{const e=F.readExactSubarray(t,r,r+Us(T.publicKey.x25519));r+=e.length;const i=F.readExactSubarray(t,r,r+1184);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mlkemPublicKey:i}}}case T.publicKey.pqc_mldsa_ed25519:{const e=F.readExactSubarray(t,r,r+Us(T.publicKey.ed25519));r+=e.length;const i=F.readExactSubarray(t,r,r+1952);return r+=i.length,{read:r,publicParams:{eccPublicKey:e,mldsaPublicKey:i}}}default:throw new $t("Unknown public key encryption algorithm.")}}(this.algorithm,e.subarray(r));if(6===this.version&&i.oid&&(i.oid.getName()===T.curve.curve25519Legacy||i.oid.getName()===T.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error("Unexpected key version: ML-DSA and ML-KEM algorithms can only be used with v6 keys");return this.publicParams=i,r+=t,await this.computeFingerprintAndKeyID(),r}throw new $t(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(F.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=vs(this.algorithm,this.publicParams);return this.version>=5&&e.push(F.writeNumber(t.length,4)),e.push(t),F.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,i=e>=5?4:2;return F.concatUint8Array([new Uint8Array([r]),F.writeNumber(t.length,i),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new To,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await Be(T.hash.sha256,e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await Be(T.hash.sha1,e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return F.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&F.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=T.read(T.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=F.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}ac.prototype.readPublicKey=ac.prototype.read,ac.prototype.writePublicKey=ac.prototype.write;const sc=/*#__PURE__*/F.constructAllowedPackets([Bo,Ho,zo,Ro]);class oc{static get tag(){return T.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=M){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:i}=tn(e),n=await U(A(this.encrypted)),a=await Ba(e,t,n.subarray(i+2),n.subarray(2,i+2));this.packets=await qo.fromBinary(a,sc,r)}async encrypt(e,t,r=M){const i=this.packets.write(),{blockSize:n}=tn(e),a=await Ia(e),s=await Ca(e,t,a,new Uint8Array(n)),o=await Ca(e,t,i,s.subarray(2));this.encrypted=F.concat([s,o])}}class cc{static get tag(){return T.packet.marker}read(e){return 80===e[0]&&71===e[1]&&80===e[2]}write(){return new Uint8Array([80,71,80])}}class uc extends ac{static get tag(){return T.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new uc,{version:r,created:i,algorithm:n,publicParams:a,keyID:s,fingerprint:o}=e;return t.version=r,t.created=i,t.algorithm=n,t.publicParams=a,t.keyID=s,t.fingerprint=o,t}}class hc{static get tag(){return T.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=Ot(e.subarray(t,e.length));t+=r.offset,this.attributes.push(F.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(qt(this.attributes[t].length)),e.push(F.stringToUint8Array(this.attributes[t]));return F.concatUint8Array(e)}equals(e){return!!(e&&e instanceof hc)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class lc extends ac{static get tag(){return T.packet.secretKey}constructor(e=new Date,t=M){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=M){let r=await this.readPublicKey(e,t);const i=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=Rs(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+tn(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+ms(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(i),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!F.equalsUint8Array(F.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=await ks(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof $t)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return F.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=vs(this.algorithm,this.privateParams)),5===this.version&&t.push(F.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(F.writeChecksum(this.keyMaterial))),F.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=M){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=Rs(T.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=T.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=M){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=Ls(t),this.s2k.generateSalt();const r=vs(this.algorithm,this.privateParams);this.symmetric=T.symmetric.aes256;const{blockSize:i}=tn(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const n=ms(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const a=Ht(this.constructor.tag),s=await yc(this.version,this.s2k,e,this.symmetric,this.aead,a,this.isLegacyAEAD),o=await n(this.symmetric,s);this.iv=this.isLegacyAEAD?ye(i):ye(n.ivLength);const c=this.isLegacyAEAD?new Uint8Array:F.concatUint8Array([a,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,n.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const t=await yc(this.version,this.s2k,e,this.symmetric);this.iv=ye(i),this.keyMaterial=await Ca(this.symmetric,t,F.concatUint8Array([r,await Be(T.hash.sha1,r)]),this.iv)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=Ht(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let i;if(t=await yc(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=ms(this.aead,!0),n=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:F.concatUint8Array([r,this.writePublicKey()]);i=await n.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await Ba(this.symmetric,t,this.keyMaterial,this.iv);i=e.subarray(0,-20);const r=await Be(T.hash.sha1,i);if(!F.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=await ks(this.algorithm,i,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await Es(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===T.publicKey.ecdh&&t===T.curve.curve25519Legacy||this.algorithm===T.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);if(6!==this.version&&(this.algorithm===T.publicKey.pqc_mldsa_ed25519||this.algorithm===T.publicKey.pqc_mlkem_x25519))throw Error(`Cannot generate v${this.version} keys of type 'pqc'. Generate a v6 key instead`);const{privateParams:i,publicParams:n}=await Ks(this.algorithm,e,t,r);this.privateParams=i,this.publicParams=n,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function yc(e,t,r,i,n,a,s){if("argon2"===t.type&&!n)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=tn(i),c=await t.produceKey(r,o);if(!n||5===e||s)return c;const u=F.concatUint8Array([a,new Uint8Array([e,i,n])]);return on(T.hash.sha256,c,new Uint8Array,u,o)}class pc{static get tag(){return T.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(F.isString(e)||e.name&&!F.isString(e.name)||e.email&&!F.isEmailAddress(e.email)||e.comment&&!F.isString(e.comment))throw Error("Invalid user ID format");const t=new pc;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=M){const r=F.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const i=/^(?<name>[^()]+\s+)?(?<comment>\([^()]+\)\s+)?(?<email><\S+@\S+>)$/.exec(r);if(null!==i){const{name:e,comment:t,email:r}=i.groups;this.comment=t?.replace(/^\(|\)|\s$/g,"").trim()||"",this.name=e?.trim()||"",this.email=r.substring(1,r.length-1)}else/^[^\s@]+@[^\s@]+$/.test(r)&&(this.email=r);this.userID=r}write(){return F.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class gc extends lc{static get tag(){return T.packet.secretSubkey}constructor(e=new Date,t=M){super(e,t)}}class dc{static get tag(){return T.packet.trust}read(){throw new $t("Trust packets are not supported")}write(){throw new $t("Trust packets are not supported")}}class fc{static get tag(){return T.packet.padding}constructor(){this.padding=null}read(e){}write(){return this.padding}async createPadding(e){this.padding=await ye(e)}}const mc=/*#__PURE__*/F.constructAllowedPackets([Ro]);class wc{constructor(e){this.packets=e||new qo}write(){return this.packets.write()}armor(e=M){const t=this.packets.some((e=>e.constructor.tag===Ro.tag&&6!==e.version));return Y(T.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function bc({armoredSignature:e,binarySignature:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readSignature: must pass options object containing `armoredSignature` or `binarySignature`");if(e&&!F.isString(e))throw Error("readSignature: options.armoredSignature must be a string");if(t&&!F.isUint8Array(t))throw Error("readSignature: options.binarySignature must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.signature)throw Error("Armored text not of type signature");n=t}const s=await qo.fromBinary(n,mc,r);return new wc(s)}async function kc(e,t){const r=new gc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function vc(e,t){const r=new lc(e.date,t);return r.packets=null,r.algorithm=T.write(T.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Kc(e,t,r,i,n=new Date,a){let s,o;for(let c=e.length-1;c>=0;c--)try{(!s||e[c].created>=s.created)&&(await e[c].verify(t,r,i,n,void 0,a),s=e[c])}catch(e){o=e}if(!s)throw F.wrapError(`Could not find valid ${T.read(T.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return s}function Ac(e,t,r=new Date){const i=F.normalizeDate(r);if(null!==i){const r=xc(e,t);return!(e.created<=i&&i<r)}return!1}async function Ec(e,t,r,i){const n={};n.key=t,n.bind=e;const a={signatureType:T.signature.subkeyBinding};r.sign?(a.keyFlags=[T.keyFlags.signData],a.embeddedSignature=await Pc(n,[],e,{signatureType:T.signature.keyBinding},r.date,void 0,void 0,void 0,i)):a.keyFlags=r.forwarding?[T.keyFlags.forwardedCommunication]:[T.keyFlags.encryptCommunication|T.keyFlags.encryptStorage],r.keyExpirationTime>0&&(a.keyExpirationTime=r.keyExpirationTime,a.keyNeverExpires=!1);return await Pc(n,[],t,a,r.date,void 0,void 0,void 0,i)}async function Sc(e,t,r=new Date,i=[],n){if(t.algorithm===T.publicKey.pqc_mldsa_ed25519)return fa(t.algorithm);const a=T.hash.sha256,s=n.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,i[t],n)).preferredHashAlgorithms||[]))),c=new Map;for(const e of o)for(const t of e)try{const e=T.write(T.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===a,h=()=>{if(0===c.size)return a;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>Te(e)-Te(t)))[0];return Te(e)>=Te(a)?e:a};if(new Set([T.publicKey.ecdsa,T.publicKey.eddsaLegacy,T.publicKey.ed25519,T.publicKey.ed448]).has(t.algorithm)){const e=function(e,t){switch(e){case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return Pn(t);case T.publicKey.ed25519:case T.publicKey.ed448:return Vr(e);default:throw Error("Unknown elliptic signing algo")}}(t.algorithm,t.publicParams.oid),r=u(s),i=Te(s)>=Te(e);if(r&&i)return s;{const t=h();return Te(t)>=Te(e)?t:e}}return u(s)?s:h()}async function Pc(e,t,r,i,n,a,s=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new Ro;return Object.assign(u,i),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await Sc(t,r,n,a,c),u.rawNotations=[...s],await u.sign(r,e,n,o,c),u}async function Uc(e,t,r,i=new Date,n){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(i)||n&&!await n(e)||t[r].some((function(t){return F.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function Dc(e,t,r,i,n,a,s=new Date,o){a=a||e;const c=[];return await Promise.all(i.map((async function(e){try{if(!n||e.issuerKeyID.equals(n.issuerKeyID)){const i=![T.reasonForRevocation.keyRetired,T.reasonForRevocation.keySuperseded,T.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(a,t,r,i?null:s,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),n?(n.revoked=!!c.some((e=>e.equals(n.issuerKeyID)))||(n.revoked||!1),n.revoked):c.length>0}function xc(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function Ic(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=F.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"pqc":e.sign?e.algorithm=T.publicKey.pqc_mldsa_ed25519:e.algorithm=T.publicKey.pqc_mlkem_x25519;break;case"ecc":try{e.curve=T.write(T.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==T.curve.ed25519Legacy&&e.curve!==T.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?T.curve.ed25519Legacy:T.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===T.curve.ed25519Legacy?T.publicKey.eddsaLegacy:T.publicKey.ecdsa:e.algorithm=T.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?T.publicKey.ed25519:T.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?T.publicKey.ed448:T.publicKey.x448;break;case"rsa":e.algorithm=T.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=T.publicKey.hmac;try{e.symmetric=T.write(T.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=T.publicKey.aead;try{e.symmetric=T.write(T.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function Cc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ed25519:case T.publicKey.ed448:case T.publicKey.hmac:case T.publicKey.pqc_mldsa_ed25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData);default:return!1}}function Bc(e,t,r){switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.aead:case T.publicKey.pqc_mlkem_x25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage);default:return!1}}function Tc(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaEncrypt:case T.publicKey.elgamal:case T.publicKey.ecdh:case T.publicKey.x25519:case T.publicKey.x448:case T.publicKey.pqc_mlkem_x25519:return!(!(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&T.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&T.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&T.keyFlags.forwardedCommunication));default:return!1}}function Mc(e,t){const r=T.write(T.publicKey,e.algorithm),i=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(i.algorithm+" keys are considered too weak.");switch(r){case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.rsaEncrypt:if(i.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:case T.publicKey.ecdh:if(t.rejectCurves.has(i.curve))throw Error(`Support for ${i.algorithm} keys using curve ${i.curve} is disabled.`)}}class _c{constructor(e,t){this.userID=e.constructor.tag===T.packet.userID?e:null,this.userAttribute=e.constructor.tag===T.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new qo;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new _c(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i},a=new _c(n.userID||n.userAttribute,this.mainKey);return a.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(i))throw Error("The user's own key can only be used for self-certifications");const a=await e.getSigningKey(void 0,t,void 0,r);return Pc(n,[e],a.keyPacket,{signatureType:T.signature.certGeneric,keyFlags:[T.keyFlags.certifyKeys|T.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await a.update(this,t,r),a}async isRevoked(e,t,r=new Date,i=M){const n=this.mainKey.keyPacket;return Dc(n,T.signature.certRevocation,{key:n,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,i)}async verifyCertificate(e,t,r=new Date,i){const n=this,a=this.mainKey.keyPacket,s={userID:this.userID,userAttribute:this.userAttribute,key:a},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const a=await t.getSigningKey(o,e.created,void 0,i);if(e.revoked||await n.isRevoked(e,a.keyPacket,r,i))throw Error("User certificate is revoked");try{await e.verify(a.keyPacket,T.signature.certGeneric,s,r,void 0,i)}catch(e){throw F.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const i=this,n=this.selfCertifications.concat(this.otherCertifications);return Promise.all(n.map((async n=>({keyID:n.issuerKeyID,valid:await i.verifyCertificate(n,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};let a;for(let s=this.selfCertifications.length-1;s>=0;s--)try{const a=this.selfCertifications[s];if(a.revoked||await r.isRevoked(a,void 0,e,t))throw Error("Self-certification is revoked");try{await a.verify(i,T.signature.certGeneric,n,e,void 0,t)}catch(e){throw F.wrapError("Self-certification is invalid",e)}return!0}catch(e){a=e}throw a}async update(e,t,r){const i=this.mainKey.keyPacket,n={userID:this.userID,userAttribute:this.userAttribute,key:i};await Uc(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(i,T.signature.certGeneric,n,t,!1,r),!0}catch(e){return!1}})),await Uc(e,this,"otherCertifications",t),await Uc(e,this,"revocationSignatures",t,(function(e){return Dc(i,T.signature.certRevocation,n,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=M){const a={userID:this.userID,userAttribute:this.userAttribute,key:e},s=new _c(a.userID||a.userAttribute,this.mainKey);return s.revocationSignatures.push(await Pc(a,[],e,{signatureType:T.signature.certRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}}class Fc{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new qo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new Fc(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,i=M){const n=this.mainKey.keyPacket;return Dc(n,T.signature.subkeyRevocation,{key:n,bind:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verify(e=new Date,t=M){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket},n=await Kc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t);if(n.revoked||await this.isRevoked(n,null,e,t))throw Error("Subkey is revoked");if(Ac(this.keyPacket,n,e))throw Error("Subkey is expired");return n}async getExpirationTime(e=new Date,t=M){const r=this.mainKey.keyPacket,i={key:r,bind:this.keyPacket};let n;try{n=await Kc(this.bindingSignatures,r,T.signature.subkeyBinding,i,e,t)}catch(e){return null}const a=xc(this.keyPacket,n),s=n.getExpirationTime();return a<s?a:s}async update(e,t=new Date,r=M){const i=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===T.packet.publicSubkey&&e.keyPacket.constructor.tag===T.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const n=this,a={key:i,bind:n.keyPacket};await Uc(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<n.bindingSignatures.length;t++)if(n.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>n.bindingSignatures[t].created&&(n.bindingSignatures[t]=e),!1;try{return await e.verify(i,T.signature.subkeyBinding,a,t,void 0,r),!0}catch(e){return!1}})),await Uc(e,this,"revocationSignatures",t,(function(e){return Dc(i,T.signature.subkeyRevocation,a,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=T.reasonForRevocation.noReason,string:r=""}={},i=new Date,n=M){const a={key:e,bind:this.keyPacket},s=new Fc(this.keyPacket,this.mainKey);return s.revocationSignatures.push(await Pc(a,[],e,{signatureType:T.signature.subkeyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,t),reasonForRevocationString:r},i,void 0,void 0,!1,n)),await s.update(this),s}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{Fc.prototype[e]=function(){return this.keyPacket[e]()}}));const Rc=/*#__PURE__*/F.constructAllowedPackets([Ro]),Lc=new Set([T.packet.publicKey,T.packet.privateKey]),Nc=new Set([T.packet.publicKey,T.packet.privateKey,T.packet.publicSubkey,T.packet.privateSubkey]);class zc{packetListToStructure(e,t=new Set){let r,i,n,a;for(const s of e){if(s instanceof Qt){Nc.has(s.tag)&&!a&&(a=Lc.has(s.tag)?Lc:Nc);continue}const e=s.constructor.tag;if(a){if(!a.has(e))continue;a=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case T.packet.publicKey:case T.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=s,i=this.getKeyID(),!i)throw Error("Missing Key ID");break;case T.packet.userID:case T.packet.userAttribute:r=new _c(s,this),this.users.push(r);break;case T.packet.publicSubkey:case T.packet.secretSubkey:r=null,n=new Fc(s,this),this.subkeys.push(n);break;case T.packet.signature:switch(s.signatureType){case T.signature.certGeneric:case T.signature.certPersona:case T.signature.certCasual:case T.signature.certPositive:if(!r){F.printDebug("Dropping certification signatures without preceding user packet");continue}s.issuerKeyID.equals(i)?r.selfCertifications.push(s):r.otherCertifications.push(s);break;case T.signature.certRevocation:r?r.revocationSignatures.push(s):this.directSignatures.push(s);break;case T.signature.key:this.directSignatures.push(s);break;case T.signature.subkeyBinding:if(!n){F.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}n.bindingSignatures.push(s);break;case T.signature.keyRevocation:this.revocationSignatures.push(s);break;case T.signature.subkeyRevocation:if(!n){F.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}n.revocationSignatures.push(s)}}}}toPacketList(){const e=new qo;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},i=M){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Mc(n,i)}catch(e){throw F.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await Kc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(!Cc(r.keyPacket,a,i))continue;if(!a.embeddedSignature)throw Error("Missing embedded signature");return await Kc([a.embeddedSignature],r.keyPacket,T.signature.keyBinding,e,t,i),Mc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Cc(n,a,i))return Mc(n,i),this}catch(e){s=e}throw F.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),s)}async getEncryptionKey(e,t=new Date,r={},i=M){await this.verifyPrimaryKey(t,r,i);const n=this.keyPacket;try{Mc(n,i)}catch(e){throw F.wrapError("Could not verify primary key",e)}const a=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created));let s;for(const r of a)if(!e||r.getKeyID().equals(e))try{await r.verify(t,i);const e={key:n,bind:r.keyPacket},a=await Kc(r.bindingSignatures,n,T.signature.subkeyBinding,e,t,i);if(Bc(r.keyPacket,a,i))return Mc(r.keyPacket,i),r}catch(e){s=e}try{const a=await this.getPrimarySelfSignature(t,r,i);if((!e||n.getKeyID().equals(e))&&Bc(n,a,i))return Mc(n,i),this}catch(e){s=e}throw F.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),s)}async isRevoked(e,t,r=new Date,i=M){return Dc(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,i)}async verifyPrimaryKey(e=new Date,t={},r=M){const i=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(Ac(i,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==i.version){const t=await Kc(this.directSignatures,i,T.signature.key,{key:i},e,r).catch((()=>{}));if(t&&Ac(i,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=M){let r;try{const i=await this.getPrimarySelfSignature(null,e,t),n=xc(this.keyPacket,i),a=i.getExpirationTime(),s=6!==this.keyPacket.version&&await Kc(this.directSignatures,this.keyPacket,T.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(s){const e=xc(this.keyPacket,s);r=Math.min(n,a,e)}else r=n<a?n:a}catch(e){r=null}return F.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=M){const i=this.keyPacket;if(6===i.version)return Kc(this.directSignatures,i,T.signature.key,{key:i},e,r);const{selfCertification:n}=await this.getPrimaryUser(e,t,r);return n}async getPrimaryUser(e=new Date,t={},r=M){const i=this.keyPacket,n=[];let a;for(let s=0;s<this.users.length;s++)try{const a=this.users[s];if(!a.userID)continue;if(void 0!==t.name&&a.userID.name!==t.name||void 0!==t.email&&a.userID.email!==t.email||void 0!==t.comment&&a.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:a.userID,key:i},c=await Kc(a.selfCertifications,i,T.signature.certGeneric,o,e,r);n.push({index:s,user:a,selfCertification:c})}catch(e){a=e}if(!n.length)throw a||Error("Could not find primary user");await Promise.all(n.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const s=n.sort((function(e,t){const r=e.selfCertification,i=t.selfCertification;return i.revoked-r.revoked||r.isPrimaryUserID-i.isPrimaryUserID||r.created-i.created})).pop(),{user:o,selfCertification:c}=s;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return s}async update(e,t=new Date,r=M){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const i=this.clone();return await Uc(e,i,"revocationSignatures",t,(n=>Dc(i.keyPacket,T.signature.keyRevocation,i,[n],null,e.keyPacket,t,r))),await Uc(e,i,"directSignatures",t),await Promise.all(e.users.map((async e=>{const n=i.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const n=i.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(n.length>0)await Promise.all(n.map((i=>i.update(e,t,r))));else{const t=e.clone();t.mainKey=i,i.subkeys.push(t)}}))),i}async getRevocationCertificate(e=new Date,t=M){const r={key:this.keyPacket},i=await Kc(this.revocationSignatures,this.keyPacket,T.signature.keyRevocation,r,e,t),n=new qo;n.push(i);const a=6!==this.keyPacket.version;return Y(T.armor.publicKey,n.write(),null,null,"This is a revocation certificate",a,t)}async applyRevocationCertificate(e,t=new Date,r=M){const i=await X(e),n=(await qo.fromBinary(i.data,Rc,r)).findPacket(T.packet.signature);if(!n||n.signatureType!==T.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!n.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await n.verify(this.keyPacket,T.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw F.wrapError("Could not verify revocation signature",e)}const a=this.clone();return a.revocationSignatures.push(n),a}async signPrimaryUser(e,t,r,i=M){const{index:n,user:a}=await this.getPrimaryUser(t,r,i),s=await a.certify(e,t,i),o=this.clone();return o.users[n]=s,o}async signAllUsers(e,t=new Date,r=M){const i=this.clone();return i.users=await Promise.all(this.users.map((function(i){return i.certify(e,t,r)}))),i}async verifyPrimaryUser(e,t=new Date,r,i=M){const n=this.keyPacket,{user:a}=await this.getPrimaryUser(t,r,i);return e?await a.verifyAllCertifications(e,t,i):[{keyID:n.getKeyID(),valid:await a.verify(t,i).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=M){const i=this.keyPacket,n=[];return await Promise.all(this.users.map((async a=>{const s=e?await a.verifyAllCertifications(e,t,r):[{keyID:i.getKeyID(),valid:await a.verify(t,r).catch((()=>!1))}];n.push(...s.map((e=>({userID:a.userID?a.userID.userID:null,userAttribute:a.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),n}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{zc.prototype[e]=Fc.prototype[e]}));class Oc extends zc{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([T.packet.secretKey,T.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=M){const t=6!==this.keyPacket.version;return Y(T.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class qc extends Oc{constructor(e){if(super(),this.packetListToStructure(e,new Set([T.packet.publicKey,T.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new qo,t=this.toPacketList();let r=!1;for(const i of t)if(!r||i.constructor.tag!==T.packet.Signature)switch(r&&(r=!1),i.constructor.tag){case T.packet.secretKey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=ac.fromSecretKeyPacket(i);e.push(t);break}case T.packet.secretSubkey:{if(i.algorithm===T.publicKey.aead||i.algorithm===T.publicKey.hmac){r=!0;break}const t=uc.fromSecretSubkeyPacket(i);e.push(t);break}default:e.push(i)}return new Oc(e)}armor(e=M){const t=6!==this.keyPacket.version;return Y(T.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},i=M){const n=this.keyPacket,a=[];let s=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){s=s||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:n,bind:this.subkeys[r].keyPacket},s=await Kc(this.subkeys[r].bindingSignatures,n,T.signature.subkeyBinding,e,t,i);Tc(this.subkeys[r].keyPacket,s,i)&&a.push(this.subkeys[r])}catch(e){s=e}}const o=await this.getPrimarySelfSignature(t,r,i);if(e&&!n.getKeyID().equals(e,!0)||!Tc(n,o,i)||(n.isDummy()?s=s||Error("Gnu-dummy key packets cannot be used for decryption"):a.push(this)),0===a.length)throw s||Error("No decryption key packets found");return a}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=M){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=T.reasonForRevocation.noReason,string:t=""}={},r=new Date,i=M){if(!this.isPrivate())throw Error("Need private key for revoking");const n={key:this.keyPacket},a=this.clone();return a.revocationSignatures.push(await Pc(n,[],this.keyPacket,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.write(T.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,i)),a}async addSubkey(e={}){const t={...M,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const i=r.getAlgorithmInfo();i.type=function(e){switch(T.write(T.publicKey,e)){case T.publicKey.rsaEncrypt:case T.publicKey.rsaEncryptSign:case T.publicKey.rsaSign:case T.publicKey.dsa:return"rsa";case T.publicKey.ecdsa:case T.publicKey.eddsaLegacy:return"ecc";case T.publicKey.ed25519:return"curve25519";case T.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(i.algorithm),i.rsaBits=i.bits||4096,i.curve=i.curve||"curve25519Legacy",e=Ic(e,i);const n=await kc(e,{...t,v6Keys:6===this.keyPacket.version});Mc(n,t);const a=await Ec(n,r,e,t),s=this.toPacketList();return s.push(n,a),new qc(s)}}const jc=/*#__PURE__*/F.constructAllowedPackets([ac,uc,lc,gc,pc,hc,Ro]);function Hc(e){for(const t of e)switch(t.constructor.tag){case T.packet.secretKey:return new qc(e);case T.packet.publicKey:return new Oc(e)}throw Error("No key packet found")}async function Gc(e,t,r,i){r.passphrase&&await e.encrypt(r.passphrase,i),await Promise.all(t.map((async function(e,t){const n=r.subkeys[t].passphrase;n&&await e.encrypt(n,i)})));const n=new qo;function a(e,t){return[t,...e.filter((e=>e!==t))]}function s(){const t={};t.keyFlags=[T.keyFlags.certifyKeys|T.keyFlags.signData];const n=a([T.symmetric.aes256,T.symmetric.aes128],i.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=n,i.aeadProtect){const e=a([T.aead.gcm,T.aead.eax,T.aead.ocb],i.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>n.map((t=>[t,e]))))}return t.preferredHashAlgorithms=a([T.hash.sha512,T.hash.sha256,...6===e.version?[T.hash.sha3_512,T.hash.sha3_256]:[]],i.preferredHashAlgorithm),t.preferredCompressionAlgorithms=a([T.compression.uncompressed,T.compression.zlib,T.compression.zip],i.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=T.features.modificationDetection,i.aeadProtect&&(t.features[0]|=T.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(n.push(e),6===e.version){const t={key:e},a=s();a.signatureType=T.signature.key;const o=await Pc(t,[],e,a,r.date,void 0,void 0,void 0,i);n.push(o)}await Promise.all(r.userIDs.map((async function(t,n){const a=pc.fromObject(t),o={userID:a,key:e},c=6!==e.version?s():{};c.signatureType=T.signature.certPositive,0===n&&(c.isPrimaryUserID=!0);return{userIDPacket:a,signaturePacket:await Pc(o,[],e,c,r.date,void 0,void 0,void 0,i)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{n.push(e),n.push(t)}))})),await Promise.all(t.map((async function(t,n){const a=r.subkeys[n];return{secretSubkeyPacket:t,subkeySignaturePacket:await Ec(t,e,a,i)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{n.push(e),n.push(t)}))}));const o={key:e};return n.push(await Pc(o,[],e,{signatureType:T.signature.keyRevocation,reasonForRevocationFlag:T.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,i)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new qc(n)}async function Vc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...M,...r},!e&&!t)throw Error("readKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!F.isString(e))throw Error("readKey: options.armoredKey must be a string");if(t&&!F.isUint8Array(t))throw Error("readKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");a=r}else a=t;const s=await qo.fromBinary(a,jc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===o.length)throw Error("No key packet found");return Hc(s.slice(o[0],o[1]))}async function Wc({armoredKey:e,binaryKey:t,config:r,...i}){if(r={...M,...r},!e&&!t)throw Error("readPrivateKey: must pass options object containing `armoredKey` or `binaryKey`");if(e&&!F.isString(e))throw Error("readPrivateKey: options.armoredKey must be a string");if(t&&!F.isUint8Array(t))throw Error("readPrivateKey: options.binaryKey must be a Uint8Array");const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));let a;if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");a=r}else a=t;const s=await qo.fromBinary(a,jc,r),o=s.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<o.length;e++){if(s[o[e]].constructor.tag===T.packet.publicKey)continue;const t=s.slice(o[e],o[e+1]);return new qc(t)}throw Error("No secret key packet found")}async function $c({armoredKeys:e,binaryKeys:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!F.isString(e))throw Error("readKeys: options.armoredKeys must be a string");if(t&&!F.isUint8Array(t))throw Error("readKeys: options.binaryKeys must be a Uint8Array");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.publicKey&&t!==T.armor.privateKey)throw Error("Armored text not of type key");n=r}const s=[],o=await qo.fromBinary(n,jc,r),c=o.indexOfTag(T.packet.publicKey,T.packet.secretKey);if(0===c.length)throw Error("No key packet found");for(let e=0;e<c.length;e++){const t=Hc(o.slice(c[e],c[e+1]));s.push(t)}return s}async function Zc({armoredKeys:e,binaryKeys:t,config:r}){r={...M,...r};let i=e||t;if(!i)throw Error("readPrivateKeys: must pass options object containing `armoredKeys` or `binaryKeys`");if(e&&!F.isString(e))throw Error("readPrivateKeys: options.armoredKeys must be a string");if(t&&!F.isUint8Array(t))throw Error("readPrivateKeys: options.binaryKeys must be a Uint8Array");if(e){const{type:t,data:r}=await X(e);if(t!==T.armor.privateKey)throw Error("Armored text not of type private key");i=r}const n=[],a=await qo.fromBinary(i,jc,r),s=a.indexOfTag(T.packet.publicKey,T.packet.secretKey);for(let e=0;e<s.length;e++){if(a[s[e]].constructor.tag===T.packet.publicKey)continue;const t=a.slice(s[e],s[e+1]),r=new qc(t);n.push(r)}if(0===n.length)throw Error("No secret key packet found");return n}const Qc=/*#__PURE__*/F.constructAllowedPackets([Bo,Ho,ec,Xo,oc,rc,nc,zo,Ro]),Xc=/*#__PURE__*/F.constructAllowedPackets([nc]),Yc=/*#__PURE__*/F.constructAllowedPackets([Ro]);class Jc{constructor(e){this.packets=e||new qo}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(T.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(T.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,i=new Date,n=M){const a=this.packets.filterByTag(T.packet.symmetricallyEncryptedData,T.packet.symEncryptedIntegrityProtectedData,T.packet.aeadEncryptedData);if(0===a.length)throw Error("No encrypted data found");const s=a[0],o=s.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,i,n);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!F.isUint8Array(t)||!s.cipherAlgorithm&&!F.isString(e))throw Error("Invalid session key for decryption.");try{const r=s.cipherAlgorithm||T.write(T.symmetric,e);await s.decrypt(r,t,n)}catch(e){F.printDebugError(e),u=e}})));if(D(s.encrypted),s.encrypted=null,await h,!s.packets||!s.packets.length)throw u||Error("Decryption failed.");const l=new Jc(s.packets);return s.packets=new qo,l}async decryptSessionKeys(e,t,r,i=new Date,n=M){let a,s=[];if(t){const e=this.packets.filterByTag(T.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let i;i=r?await qo.fromBinary(e.write(),Xc,n):e,await Promise.all(i.map((async function(e){try{await e.decrypt(t),s.push(e)}catch(e){F.printDebugError(e),e instanceof Is&&(a=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(T.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,n)).map((e=>e.keyPacket))}catch(e){return void(a=e)}let c=[T.symmetric.aes256,T.symmetric.aes128,T.symmetric.tripledes,T.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(i,void 0,n);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(n.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===T.publicKey.rsaEncrypt||t.publicKeyAlgorithm===T.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===T.publicKey.rsaSign||t.publicKeyAlgorithm===T.publicKey.elgamal)){const i=t.write();await Promise.all((r?[r]:Array.from(n.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new rc;r.read(i);const n={sessionKeyAlgorithm:t,sessionKey:Ss(t)};try{await r.decrypt(e,n),s.push(r)}catch(e){F.printDebugError(e),a=e}})))}else try{await t.decrypt(e);const i=r||t.sessionKeyAlgorithm;if(i&&!c.includes(T.write(T.symmetric,i)))throw Error("A non-preferred symmetric algorithm was used.");s.push(t)}catch(e){F.printDebugError(e),a=e}})))}))),D(t.encrypted),t.encrypted=null})))}}if(s.length>0){if(s.length>1){const e=new Set;s=s.filter((t=>{const r=t.sessionKeyAlgorithm+F.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return s.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&T.read(T.symmetric,e.sessionKeyAlgorithm)})))}throw a||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(T.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],i=M){const{symmetricAlgo:n,aeadAlgo:a}=await async function(e=[],t=new Date,r=[],i=M){const n=await Promise.all(e.map(((e,n)=>e.getPrimarySelfSignature(t,r[n],i))));if(e.length?!i.ignoreSEIPDv2FeatureFlag&&n.every((e=>e.features&&e.features[0]&T.features.seipdv2)):i.aeadProtect){const e={symmetricAlgo:T.symmetric.aes128,aeadAlgo:T.aead.ocb},t=[{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:i.preferredAEADAlgorithm},{symmetricAlgo:i.preferredSymmetricAlgorithm,aeadAlgo:T.aead.ocb},{symmetricAlgo:T.symmetric.aes128,aeadAlgo:i.preferredAEADAlgorithm}];for(const e of t)if(n.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const a=T.symmetric.aes128,s=i.preferredSymmetricAlgorithm;return{symmetricAlgo:n.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(s)))?s:a,aeadAlgo:void 0}}(e,t,r,i),s=T.read(T.symmetric,n),o=a?T.read(T.aead,a):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===T.publicKey.x25519||e.keyPacket.algorithm===T.publicKey.x448)&&!o&&!F.isAES(n))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:Ss(n),algorithm:s,aeadAlgorithm:o}}async encrypt(e,t,r,i=!1,n=[],a=new Date,s=[],o=M){if(r){if(!F.isUint8Array(r.data)||!F.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Jc.generateSessionKey(e,a,s,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Jc.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Jc.encryptSessionKey(c,u,h,e,t,i,n,a,s,o),y=Xo.fromObject({version:h?2:1,aeadAlgorithm:h?T.write(T.aead,h):null});y.packets=this.packets;const p=T.write(T.symmetric,u);return await y.encrypt(p,c,o),l.packets.push(y),y.packets=new qo,l}static async encryptSessionKey(e,t,r,i,n,a=!1,s=[],o=new Date,c=[],u=M){const h=new qo,l=T.write(T.symmetric,t),y=r&&T.write(T.aead,r);if(i){const t=await Promise.all(i.map((async function(t,r){const i=await t.getEncryptionKey(s[r],o,c,u),n=rc.fromObject({version:y?6:3,encryptionKeyPacket:i.keyPacket,anonymousRecipient:a,sessionKey:e,sessionKeyAlgorithm:l});return await n.encrypt(i.keyPacket),delete n.sessionKey,n})));h.push(...t)}if(n){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,i=async function(e,a,s,o){const c=new nc(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=a,s&&(c.aeadAlgorithm=s),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(n.map((e=>t(c,e))))).reduce(r))return i(e,a,o)}return delete c.sessionKey,c},a=await Promise.all(n.map((t=>i(e,l,y,t))));h.push(...a)}return new Jc(h)}async sign(e=[],t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=M){const u=new qo,h=this.packets.findPacket(T.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await eu(h,e,t,r,i,n,a,s,o,!1,c),y=l.map(((e,t)=>zo.fromSignaturePacket(e,0===t))).reverse();return u.push(...y),u.push(h),u.push(...l),new Jc(u)}compress(e,t=M){if(e===T.compression.uncompressed)return this;const r=new Ho(t);r.algorithm=e,r.packets=this.packets;const i=new qo;return i.push(r),new Jc(i)}async signDetached(e=[],t=[],r=null,i=[],n=[],a=new Date,s=[],o=[],c=M){const u=this.packets.findPacket(T.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new wc(await eu(u,e,t,r,i,n,a,s,o,!0,c))}async verify(e,t=new Date,r=M){const i=this.unwrapCompressed(),n=i.packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");s(i.packets.stream)&&i.packets.push(...await U(i.packets.stream,(e=>e||[])));const a=i.packets.filterByTag(T.packet.onePassSignature).reverse(),o=i.packets.filterByTag(T.packet.signature);return a.length&&!o.length&&F.isStream(i.packets.stream)&&!s(i.packets.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=x((async()=>(await e.correspondingSig).signatureData)),e.hashed=U(await e.hash(e.signatureType,n[0],void 0,!1)),e.hashed.catch((()=>{}))}))),i.packets.stream=v(i.packets.stream,(async(e,t)=>{const r=I(e),i=C(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await i.ready,await i.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await i.abort(e)}})),tu(a,n,e,t,!1,r)):tu(o,n,e,t,!1,r)}verifyDetached(e,t,r=new Date,i=M){const n=this.unwrapCompressed().packets.filterByTag(T.packet.literalData);if(1!==n.length)throw Error("Can only verify message with one literal data packet.");return tu(e.packets.filterByTag(T.packet.signature),n,t,r,!0,i)}unwrapCompressed(){const e=this.packets.filterByTag(T.packet.compressedData);return e.length?new Jc(e[0].packets):this}async appendSignature(e,t=M){await this.packets.read(F.isUint8Array(e)?e:(await X(e)).data,Yc,t)}write(){return this.packets.write()}armor(e=M){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Xo.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===Ro.tag&&6!==e.version));return Y(T.armor.message,this.write(),null,null,null,r,e)}}async function eu(e,t,r=[],i=null,n=[],a=new Date,s=[],o=[],c=[],u=!1,h=M){const l=new qo,y=null===e.text?T.signature.binary:T.signature.text;if(await Promise.all(t.map((async(t,i)=>{const l=s[i];if(!t.isPrivate())throw Error("Need private key for signing");const p=await t.getSigningKey(n[i],a,l,h);return Pc(e,r.length?r:[t],p.keyPacket,{signatureType:y},a,o,c,u,h)}))).then((e=>{l.push(...e)})),i){const e=i.packets.filterByTag(T.packet.signature);l.push(...e)}return l}async function tu(e,t,r,i=new Date,n=!1,a=M){return Promise.all(e.filter((function(e){return["text","binary"].includes(T.read(T.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,i=new Date,n=!1,a=M){let s,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){s=t,o=r[0];break}}const c=e instanceof zo?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],i,n,a);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await s.getSigningKey(o.getKeyID(),r.created,void 0,a)}catch(e){if(!a.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await s.getSigningKey(o.getKeyID(),i,void 0,a)}return!0})(),signature:(async()=>{const e=await c,t=new qo;return e&&t.push(e),new wc(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,i,n,a)})))}async function ru({armoredMessage:e,binaryMessage:t,config:r,...i}){r={...M,...r};let n=e||t;if(!n)throw Error("readMessage: must pass options object containing `armoredMessage` or `binaryMessage`");if(e&&!F.isString(e)&&!F.isStream(e))throw Error("readMessage: options.armoredMessage must be a string or stream");if(t&&!F.isUint8Array(t)&&!F.isStream(t))throw Error("readMessage: options.binaryMessage must be a Uint8Array or stream");const a=Object.keys(i);if(a.length>0)throw Error("Unknown option: "+a.join(", "));const s=F.isStream(n);if(e){const{type:e,data:t}=await X(n);if(e!==T.armor.message)throw Error("Armored text not of type message");n=t}const o=await qo.fromBinary(n,Qc,r),c=new Jc(o);return c.fromStream=s,c}async function iu({text:e,binary:t,filename:r,date:i=new Date,format:n=(void 0!==e?"utf8":"binary"),...a}){const s=void 0!==e?e:t;if(void 0===s)throw Error("createMessage: must pass options object containing `text` or `binary`");if(e&&!F.isString(e)&&!F.isStream(e))throw Error("createMessage: options.text must be a string or stream");if(t&&!F.isUint8Array(t)&&!F.isStream(t))throw Error("createMessage: options.binary must be a Uint8Array or stream");const o=Object.keys(a);if(o.length>0)throw Error("Unknown option: "+o.join(", "));const c=F.isStream(s),u=new Bo(i);void 0!==e?u.setText(s,T.write(T.literal,n)):u.setBytes(s,T.write(T.literal,n)),void 0!==r&&u.setFilename(r);const h=new qo;h.push(u);const l=new Jc(h);return l.fromStream=c,l}const nu=/*#__PURE__*/F.constructAllowedPackets([Ro]);class au{constructor(e,t){if(this.text=F.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof wc))throw Error("Invalid signature input");this.signature=t||new wc(new qo)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,i=[],n=new Date,a=[],s=[],o=[],c=M){const u=new Bo;u.setText(this.text);const h=new wc(await eu(u,e,t,r,i,n,a,s,o,!0,c));return new au(this.text,h)}verify(e,t=new Date,r=M){const i=this.signature.packets.filterByTag(T.packet.signature),n=new Bo;return n.setText(this.text),tu(i,[n],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=M){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>T.read(T.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return Y(T.armor.signed,r,void 0,void 0,void 0,t,e)}}async function su({cleartextMessage:e,config:t,...r}){if(t={...M,...t},!e)throw Error("readCleartextMessage: must pass options object containing `cleartextMessage`");if(!F.isString(e))throw Error("readCleartextMessage: options.cleartextMessage must be a string");const i=Object.keys(r);if(i.length>0)throw Error("Unknown option: "+i.join(", "));const n=await X(e);if(n.type!==T.armor.signed)throw Error("No cleartext signed message.");const a=await qo.fromBinary(n.data,nu,t);!function(e,t){const r=function(e){const r=e=>t=>e.hashAlgorithm===t;for(let i=0;i<t.length;i++)if(t[i].constructor.tag===T.packet.signature&&!e.some(r(t[i])))return!1;return!0},i=[];if(e.forEach((e=>{const t=e.match(/^Hash: (.+)$/);if(!t)throw Error('Only "Hash" header allowed in cleartext signed message');{const e=t[1].replace(/\s/g,"").split(",").map((e=>{try{return T.write(T.hash,e.toLowerCase())}catch(t){throw Error("Unknown hash algorithm in armor header: "+e.toLowerCase())}}));i.push(...e)}})),i.length&&!r(i))throw Error("Hash algorithm mismatch in armor header and signature")}(n.headers,a);const s=new wc(a);return new au(n.text,s)}async function ou({text:e,...t}){if(!e)throw Error("createCleartextMessage: must pass options object containing `text`");if(!F.isString(e))throw Error("createCleartextMessage: options.text must be a string");const r=Object.keys(t);if(r.length>0)throw Error("Unknown option: "+r.join(", "));return new au(e)}async function cu({userIDs:e=[],passphrase:t,type:r,curve:i,rsaBits:n=4096,symmetricHash:a="sha256",symmetricCipher:s="aes256",keyExpirationTime:o=0,date:c=new Date,subkeys:u=[{}],format:h="armored",config:l,...y}){Eu(l={...M,...l}),r||i?(r=r||"ecc",i=i||"curve25519Legacy"):(r=l.v6Keys?"curve25519":"ecc",i="curve25519Legacy"),e=Su(e);const p=Object.keys(y);if(p.length>0)throw Error("Unknown option: "+p.join(", "));if(0===e.length&&!l.v6Keys)throw Error("UserIDs are required for V4 keys");if("rsa"===r&&n<l.minRSABits)throw Error(`rsaBits should be at least ${l.minRSABits}, got: ${n}`);const g={userIDs:e,passphrase:t,type:r,rsaBits:n,curve:i,keyExpirationTime:o,date:c,subkeys:u,symmetricHash:a,symmetricCipher:s};try{const{key:e,revocationCertificate:t}=await async function(e,t){e.sign=!0,(e=Ic(e)).subkeys=e.subkeys.map(((t,r)=>Ic(e.subkeys[r],e)));let r=[vc(e,t)];r=r.concat(e.subkeys.map((e=>kc(e,t))));const i=await Promise.all(r),n=await Gc(i[0],i.slice(1),e,t),a=await n.getRevocationCertificate(e.date,t);return n.revocationSignatures=[],{key:n,revocationCertificate:a}}(g,l);return e.getKeys().forEach((({keyPacket:e})=>Mc(e,l))),{privateKey:Du(e,h,l),publicKey:"symmetric"!==r?Du(e.toPublic(),h,l):null,revocationCertificate:t}}catch(e){throw F.wrapError("Error generating keypair",e)}}async function uu({privateKey:e,userIDs:t=[],passphrase:r,keyExpirationTime:i=0,date:n,format:a="armored",config:s,...o}){Eu(s={...M,...s}),t=Su(t);const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(0===t.length&&6!==e.keyPacket.version)throw Error("UserIDs are required for V4 keys");const u={privateKey:e,userIDs:t,passphrase:r,keyExpirationTime:i,date:n};try{const{key:e,revocationCertificate:t}=await async function(e,t){e=o(e);const{privateKey:r}=e;if(!r.isPrivate())throw Error("Cannot reformat a public key");if(r.keyPacket.isDummy())throw Error("Cannot reformat a gnu-dummy primary key");if(!r.getKeys().every((({keyPacket:e})=>e.isDecrypted())))throw Error("Key is not decrypted");const i=r.keyPacket;e.subkeys||(e.subkeys=await Promise.all(r.subkeys.map((async e=>{const r=e.keyPacket,n={key:i,bind:r},a=await Kc(e.bindingSignatures,i,T.signature.subkeyBinding,n,null,t).catch((()=>({})));return{sign:a.keyFlags&&a.keyFlags[0]&T.keyFlags.signData,forwarding:a.keyFlags&&a.keyFlags[0]&T.keyFlags.forwardedCommunication}}))));const n=r.subkeys.map((e=>e.keyPacket));if(e.subkeys.length!==n.length)throw Error("Number of subkey options does not match number of subkeys");e.subkeys=e.subkeys.map((t=>o(t,e)));const a=await Gc(i,n,e,t),s=await a.getRevocationCertificate(e.date,t);return a.revocationSignatures=[],{key:a,revocationCertificate:s};function o(e,t={}){return e.keyExpirationTime=e.keyExpirationTime||t.keyExpirationTime,e.passphrase=F.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e}}(u,s);return{privateKey:Du(e,a,s),publicKey:Du(e.toPublic(),a,s),revocationCertificate:t}}catch(e){throw F.wrapError("Error reformatting keypair",e)}}async function hu({key:e,revocationCertificate:t,reasonForRevocation:r,date:i=new Date,format:n="armored",config:a,...s}){Eu(a={...M,...a});const o=Object.keys(s);if(o.length>0)throw Error("Unknown option: "+o.join(", "));try{const s=t?await e.applyRevocationCertificate(t,i,a):await e.revoke(r,i,a);return s.isPrivate()?{privateKey:Du(s,n,a),publicKey:Du(s.toPublic(),n,a)}:{privateKey:null,publicKey:Du(s,n,a)}}catch(e){throw F.wrapError("Error revoking key",e)}}async function lu({privateKey:e,passphrase:t,config:r,...i}){Eu(r={...M,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot decrypt a public key");const a=e.clone(!0),s=F.isArray(t)?t:[t];try{return await Promise.all(a.getKeys().map((e=>F.anyPromise(s.map((t=>e.keyPacket.decrypt(t))))))),await a.validate(r),a}catch(e){throw a.clearPrivateParams(),F.wrapError("Error decrypting private key",e)}}async function yu({privateKey:e,passphrase:t,config:r,...i}){Eu(r={...M,...r});const n=Object.keys(i);if(n.length>0)throw Error("Unknown option: "+n.join(", "));if(!e.isPrivate())throw Error("Cannot encrypt a public key");const a=e.clone(!0),s=a.getKeys(),o=F.isArray(t)?t:Array(s.length).fill(t);if(o.length!==s.length)throw Error("Invalid number of passphrases given for key encryption");try{return await Promise.all(s.map((async(e,t)=>{const{keyPacket:i}=e;await i.encrypt(o[t],r),i.clearPrivateParams()}))),a}catch(e){throw a.clearPrivateParams(),F.wrapError("Error encrypting private key",e)}}async function pu({message:e,encryptionKeys:t,signingKeys:r,passwords:i,sessionKey:n,format:a="armored",signature:s=null,wildcard:o=!1,signingKeyIDs:c=[],encryptionKeyIDs:u=[],date:h=new Date,signingUserIDs:l=[],encryptionUserIDs:y=[],signatureNotations:p=[],config:g,...d}){if(Eu(g={...M,...g}),ku(e),Ku(a),t=Su(t),r=Su(r),i=Su(i),c=Su(c),u=Su(u),l=Su(l),y=Su(y),p=Su(p),d.detached)throw Error("The `detached` option has been removed from openpgp.encrypt, separately call openpgp.sign instead. Don't forget to remove the `privateKeys` option as well.");if(d.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encrypt, pass `encryptionKeys` instead");if(d.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.encrypt, pass `signingKeys` instead");if(void 0!==d.armor)throw Error("The `armor` option has been removed from openpgp.encrypt, pass `format` instead.");const f=Object.keys(d);if(f.length>0)throw Error("Unknown option: "+f.join(", "));r||(r=[]);try{if((r.length||s)&&(e=await e.sign(r,t,s,c,h,l,u,p,g)),e=e.compress(await async function(e=[],t=new Date,r=[],i=M){const n=T.compression.uncompressed,a=i.preferredCompressionAlgorithm,s=await Promise.all(e.map((async function(e,n){const s=(await e.getPrimarySelfSignature(t,r[n],i)).preferredCompressionAlgorithms;return!!s&&s.indexOf(a)>=0})));return s.every(Boolean)?a:n}(t,h,y,g),g),e=await e.encrypt(t,i,n,o,u,h,y,g),"object"===a)return e;const d="armored"===a?e.armor(g):e.write();return await Pu(d)}catch(e){throw F.wrapError("Error encrypting message",e)}}async function gu({message:e,decryptionKeys:t,passwords:r,sessionKeys:i,verificationKeys:n,expectSigned:a=!1,format:s="utf8",signature:o=null,date:c=new Date,config:u,...h}){if(Eu(u={...M,...u}),ku(e),n=Su(n),t=Su(t),r=Su(r),i=Su(i),h.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decrypt, pass `decryptionKeys` instead");if(h.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.decrypt, pass `verificationKeys` instead");const l=Object.keys(h);if(l.length>0)throw Error("Unknown option: "+l.join(", "));try{const h=await e.decrypt(t,r,i,c,u);n||(n=[]);const l={};if(l.signatures=o?await h.verifyDetached(o,n,c,u):await h.verify(n,c,u),l.data="binary"===s?h.getLiteralData():h.getText(),l.filename=h.getFilename(),Uu(l,e),a){if(0===n.length)throw Error("Verification keys are required to verify message signatures");if(0===l.signatures.length)throw Error("Message is not signed");l.data=f([l.data,x((async()=>(await F.anyPromise(l.signatures.map((e=>e.verified))),"binary"===s?new Uint8Array:"")))])}return l.data=await Pu(l.data),l}catch(e){throw F.wrapError("Error decrypting message",e)}}async function du({message:e,signingKeys:t,recipientKeys:r=[],format:i="armored",detached:n=!1,signingKeyIDs:a=[],date:s=new Date,signingUserIDs:o=[],recipientUserIDs:c=[],signatureNotations:u=[],config:h,...l}){if(Eu(h={...M,...h}),vu(e),Ku(i),t=Su(t),a=Su(a),o=Su(o),r=Su(r),c=Su(c),u=Su(u),l.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.sign, pass `signingKeys` instead");if(void 0!==l.armor)throw Error("The `armor` option has been removed from openpgp.sign, pass `format` instead.");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(e instanceof au&&"binary"===i)throw Error("Cannot return signed cleartext message in binary format");if(e instanceof au&&n)throw Error("Cannot detach-sign a cleartext message");if(!t||0===t.length)throw Error("No signing keys provided");try{let l;if(l=n?await e.signDetached(t,r,void 0,a,s,o,c,u,h):await e.sign(t,r,void 0,a,s,o,c,u,h),"object"===i)return l;return l="armored"===i?l.armor(h):l.write(),n&&(l=v(e.packets.write(),(async(e,t)=>{await Promise.all([m(l,t),U(e).catch((()=>{}))])}))),await Pu(l)}catch(e){throw F.wrapError("Error signing message",e)}}async function fu({message:e,verificationKeys:t,expectSigned:r=!1,format:i="utf8",signature:n=null,date:a=new Date,config:s,...o}){if(Eu(s={...M,...s}),vu(e),t=Su(t),o.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.verify, pass `verificationKeys` instead");const c=Object.keys(o);if(c.length>0)throw Error("Unknown option: "+c.join(", "));if(e instanceof au&&"binary"===i)throw Error("Can't return cleartext message data as binary");if(e instanceof au&&n)throw Error("Can't verify detached cleartext signature");try{const o={};if(o.signatures=n?await e.verifyDetached(n,t,a,s):await e.verify(t,a,s),o.data="binary"===i?e.getLiteralData():e.getText(),e.fromStream&&!n&&Uu(o,e),r){if(0===o.signatures.length)throw Error("Message is not signed");o.data=f([o.data,x((async()=>(await F.anyPromise(o.signatures.map((e=>e.verified))),"binary"===i?new Uint8Array:"")))])}return o.data=await Pu(o.data),o}catch(e){throw F.wrapError("Error verifying signed message",e)}}async function mu({encryptionKeys:e,date:t=new Date,encryptionUserIDs:r=[],config:i,...n}){if(Eu(i={...M,...i}),e=Su(e),r=Su(r),n.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.generateSessionKey, pass `encryptionKeys` instead");const a=Object.keys(n);if(a.length>0)throw Error("Unknown option: "+a.join(", "));try{return await Jc.generateSessionKey(e,t,r,i)}catch(e){throw F.wrapError("Error generating session key",e)}}async function wu({data:e,algorithm:t,aeadAlgorithm:r,encryptionKeys:i,passwords:n,format:a="armored",wildcard:s=!1,encryptionKeyIDs:o=[],date:c=new Date,encryptionUserIDs:u=[],config:h,...l}){if(Eu(h={...M,...h}),function(e){if(!F.isUint8Array(e))throw Error("Parameter [data] must be of type Uint8Array")}(e),function(e,t){if(!F.isString(e))throw Error("Parameter ["+t+"] must be of type String")}(t,"algorithm"),Ku(a),i=Su(i),n=Su(n),o=Su(o),u=Su(u),l.publicKeys)throw Error("The `publicKeys` option has been removed from openpgp.encryptSessionKey, pass `encryptionKeys` instead");const y=Object.keys(l);if(y.length>0)throw Error("Unknown option: "+y.join(", "));if(!(i&&0!==i.length||n&&0!==n.length))throw Error("No encryption keys or passwords provided.");try{return Du(await Jc.encryptSessionKey(e,t,r,i,n,s,o,c,u,h),a,h)}catch(e){throw F.wrapError("Error encrypting session key",e)}}async function bu({message:e,decryptionKeys:t,passwords:r,date:i=new Date,config:n,...a}){if(Eu(n={...M,...n}),ku(e),t=Su(t),r=Su(r),a.privateKeys)throw Error("The `privateKeys` option has been removed from openpgp.decryptSessionKeys, pass `decryptionKeys` instead");const s=Object.keys(a);if(s.length>0)throw Error("Unknown option: "+s.join(", "));try{return await e.decryptSessionKeys(t,r,void 0,i,n)}catch(e){throw F.wrapError("Error decrypting session keys",e)}}function ku(e){if(!(e instanceof Jc))throw Error("Parameter [message] needs to be of type Message")}function vu(e){if(!(e instanceof au||e instanceof Jc))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function Ku(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const Au=Object.keys(M).length;function Eu(e){const t=Object.keys(e);if(t.length!==Au)for(const e of t)if(void 0===M[e])throw Error("Unknown config property: "+e)}function Su(e){return e&&!F.isArray(e)&&(e=[e]),e}async function Pu(e){return"array"===F.isStream(e)?U(e):e}function Uu(e,t){e.data=v(t.packets.stream,(async(t,r)=>{await m(e.data,r,{preventClose:!0});const i=C(r);try{await U(t,(e=>e)),await i.close()}catch(e){await i.abort(e)}}))}function Du(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}export{ec as AEADEncryptedDataPacket,Is as Argon2OutOfMemoryError,Ms as Argon2S2K,au as CleartextMessage,Ho as CompressedDataPacket,ka as KDFParams,Bo as LiteralDataPacket,cc as MarkerPacket,Jc as Message,zo as OnePassSignaturePacket,qo as PacketList,fc as PaddingPacket,qc as PrivateKey,Oc as PublicKey,rc as PublicKeyEncryptedSessionKeyPacket,ac as PublicKeyPacket,uc as PublicSubkeyPacket,lc as SecretKeyPacket,gc as SecretSubkeyPacket,wc as Signature,Ro as SignaturePacket,Fc as Subkey,Xo as SymEncryptedIntegrityProtectedDataPacket,nc as SymEncryptedSessionKeyPacket,oc as SymmetricallyEncryptedDataPacket,dc as TrustPacket,Qt as UnparseablePacket,hc as UserAttributePacket,pc as UserIDPacket,Y as armor,M as config,ou as createCleartextMessage,iu as createMessage,gu as decrypt,lu as decryptKey,bu as decryptSessionKeys,pu as encrypt,yu as encryptKey,wu as encryptSessionKey,T as enums,cu as generateKey,mu as generateSessionKey,su as readCleartextMessage,Vc as readKey,$c as readKeys,ru as readMessage,Wc as readPrivateKey,Zc as readPrivateKeys,bc as readSignature,uu as reformatKey,hu as revokeKey,du as sign,X as unarmor,fu as verify};
 //# sourceMappingURL=openpgp.min.mjs.map