@protontech/openpgp 6.1.1-patch.4 → 6.2.1

package/dist/lightweight/noble_hashes.min.mjs

@@ -1,3 +1,3 @@
-/*! OpenPGP.js v6.1.1-patch.4 - 2025-07-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{H as t,C as s,M as h,c as i,s as e,a as r,b as n}from"./sha512.min.mjs";import{w as o,e as a,f as l,g as f}from"./sha3.min.mjs";const c=/* @__PURE__ */new Uint32Array([1732584193,4023233417,2562383102,271733878,3285377520]),p=/* @__PURE__ */new Uint32Array(80);class A extends t{constructor(){super(64,20,8,!1),this.A=0|c[0],this.B=0|c[1],this.C=0|c[2],this.D=0|c[3],this.E=0|c[4]}get(){const{A:t,B:s,C:h,D:i,E:e}=this;return[t,s,h,i,e]}set(t,s,h,i,e){this.A=0|t,this.B=0|s,this.C=0|h,this.D=0|i,this.E=0|e}process(t,i){for(let s=0;s<16;s++,i+=4)p[s]=t.getUint32(i,!1);for(let t=16;t<80;t++)p[t]=a(p[t-3]^p[t-8]^p[t-14]^p[t-16],1);let{A:e,B:r,C:n,D:o,E:l}=this;for(let t=0;t<80;t++){let i,f;t<20?(i=s(r,n,o),f=1518500249):t<40?(i=r^n^o,f=1859775393):t<60?(i=h(r,n,o),f=2400959708):(i=r^n^o,f=3395469782);const c=a(e,5)+i+l+f+p[t]|0;l=o,o=n,n=a(r,30),r=e,e=c}e=e+this.A|0,r=r+this.B|0,n=n+this.C|0,o=o+this.D|0,l=l+this.E|0,this.set(e,r,n,o,l)}roundClean(){p.fill(0)}destroy(){this.set(0,0,0,0,0),this.buffer.fill(0)}}const d=/* @__PURE__ */o((()=>new A)),u=/* @__PURE__ */new Uint8Array([7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8]),m=/* @__PURE__ */new Uint8Array(Array(16).fill(0).map(((t,s)=>s)));let w=[m],y=[/* @__PURE__ */m.map((t=>(9*t+5)%16))];for(let t=0;t<4;t++)for(let s of[w,y])s.push(s[t].map((t=>u[t])));const C=/* @__PURE__ */[[11,14,15,12,5,8,7,9,11,13,14,15,6,7,9,8],[12,13,11,15,6,9,9,7,12,15,11,13,7,8,7,7],[13,15,14,11,7,7,6,8,13,14,13,12,5,5,6,9],[14,11,12,14,8,6,5,5,15,12,15,14,9,9,8,6],[15,12,13,13,9,5,8,6,14,11,12,11,8,6,5,5]].map((t=>new Uint8Array(t))),U=/* @__PURE__ */w.map(((t,s)=>t.map((t=>C[s][t])))),g=/* @__PURE__ */y.map(((t,s)=>t.map((t=>C[s][t])))),B=/* @__PURE__ */new Uint32Array([0,1518500249,1859775393,2400959708,2840853838]),D=/* @__PURE__ */new Uint32Array([1352829926,1548603684,1836072691,2053994217,0]);function b(t,s,h,i){return 0===t?s^h^i:1===t?s&h|~s&i:2===t?(s|~h)^i:3===t?s&i|h&~i:s^(h|~i)}const E=/* @__PURE__ */new Uint32Array(16);class M extends t{constructor(){super(64,20,8,!0),this.h0=1732584193,this.h1=-271733879,this.h2=-1732584194,this.h3=271733878,this.h4=-1009589776}get(){const{h0:t,h1:s,h2:h,h3:i,h4:e}=this;return[t,s,h,i,e]}set(t,s,h,i,e){this.h0=0|t,this.h1=0|s,this.h2=0|h,this.h3=0|i,this.h4=0|e}process(t,s){for(let h=0;h<16;h++,s+=4)E[h]=t.getUint32(s,!0);let h=0|this.h0,i=h,e=0|this.h1,r=e,n=0|this.h2,o=n,l=0|this.h3,f=l,c=0|this.h4,p=c;for(let t=0;t<5;t++){const s=4-t,A=B[t],d=D[t],u=w[t],m=y[t],C=U[t],M=g[t];for(let s=0;s<16;s++){const i=a(h+b(t,e,n,l)+E[u[s]]+A,C[s])+c|0;h=c,c=l,l=0|a(n,10),n=e,e=i}for(let t=0;t<16;t++){const h=a(i+b(s,r,o,f)+E[m[t]]+d,M[t])+p|0;i=p,p=f,f=0|a(o,10),o=r,r=h}}this.set(this.h1+n+f|0,this.h2+l+p|0,this.h3+c+i|0,this.h4+h+r|0,this.h0+e+o|0)}roundClean(){E.fill(0)}destroy(){this.destroyed=!0,this.buffer.fill(0),this.set(0,0,0,0,0)}}const x=/* @__PURE__ */o((()=>new M)),j=Array.from({length:64},((t,s)=>Math.floor(2**32*Math.abs(Math.sin(s+1))))),_=(t,s,h)=>t&s^~t&h,H=/* @__PURE__ */new Uint32Array([1732584193,4023233417,2562383102,271733878]),O=/* @__PURE__ */new Uint32Array(16);class k extends t{constructor(){super(64,16,8,!0),this.A=0|H[0],this.B=0|H[1],this.C=0|H[2],this.D=0|H[3]}get(){const{A:t,B:s,C:h,D:i}=this;return[t,s,h,i]}set(t,s,h,i){this.A=0|t,this.B=0|s,this.C=0|h,this.D=0|i}process(t,s){for(let h=0;h<16;h++,s+=4)O[h]=t.getUint32(s,!0);let{A:h,B:i,C:e,D:r}=this;for(let t=0;t<64;t++){let s,n,o;t<16?(s=_(i,e,r),n=t,o=[7,12,17,22]):t<32?(s=_(r,i,e),n=(5*t+1)%16,o=[5,9,14,20]):t<48?(s=i^e^r,n=(3*t+5)%16,o=[4,11,16,23]):(s=e^(i|~r),n=7*t%16,o=[6,10,15,21]),s=s+h+j[t]+O[n],h=r,r=e,e=i,i+=a(s,o[t%4])}h=h+this.A|0,i=i+this.B|0,e=e+this.C|0,r=r+this.D|0,this.set(h,i,e,r)}roundClean(){O.fill(0)}destroy(){this.set(0,0,0,0),this.buffer.fill(0)}}const q=new Map(Object.entries({md5:/* @__PURE__ */o((()=>new k)),sha1:d,sha224:i,sha256:e,sha384:r,sha512:n,sha3_256:l,sha3_512:f,ripemd160:x}));export{q as nobleHashes};
+/*! OpenPGP.js v6.2.1 - 2025-08-28 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{l as t,q as s,u as h,f as i,C as e,M as r,w as n,v as o,x as a,p as f,o as l,n as c,y as p}from"./sha512.min.mjs";const u=/* @__PURE__ */Uint32Array.from([1732584193,4023233417,2562383102,271733878,3285377520]),A=/* @__PURE__ */new Uint32Array(80);class d extends s{constructor(){super(64,20,8,!1),this.A=0|u[0],this.B=0|u[1],this.C=0|u[2],this.D=0|u[3],this.E=0|u[4]}get(){const{A:t,B:s,C:h,D:i,E:e}=this;return[t,s,h,i,e]}set(t,s,h,i,e){this.A=0|t,this.B=0|s,this.C=0|h,this.D=0|i,this.E=0|e}process(t,s){for(let h=0;h<16;h++,s+=4)A[h]=t.getUint32(s,!1);for(let t=16;t<80;t++)A[t]=h(A[t-3]^A[t-8]^A[t-14]^A[t-16],1);let{A:i,B:n,C:o,D:a,E:f}=this;for(let t=0;t<80;t++){let s,l;t<20?(s=e(n,o,a),l=1518500249):t<40?(s=n^o^a,l=1859775393):t<60?(s=r(n,o,a),l=2400959708):(s=n^o^a,l=3395469782);const c=h(i,5)+s+f+l+A[t]|0;f=a,a=o,o=h(n,30),n=i,i=c}i=i+this.A|0,n=n+this.B|0,o=o+this.C|0,a=a+this.D|0,f=f+this.E|0,this.set(i,n,o,a,f)}roundClean(){i(A)}destroy(){this.set(0,0,0,0,0),i(this.buffer)}}const m=/* @__PURE__ */t((()=>new d)),y=/* @__PURE__ */Uint8Array.from([7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8]),C=/* @__PURE__ */(()=>Uint8Array.from(Array(16).fill(0).map(((t,s)=>s))))(),w=/* @__PURE__ */(()=>C.map((t=>(9*t+5)%16)))(),U=/* @__PURE__ */(()=>{const t=[[C],[w]];for(let s=0;s<4;s++)for(let h of t)h.push(h[s].map((t=>y[t])));return t})(),B=/* @__PURE__ */(()=>U[0])(),D=/* @__PURE__ */(()=>U[1])(),g=/* @__PURE__ */[[11,14,15,12,5,8,7,9,11,13,14,15,6,7,9,8],[12,13,11,15,6,9,9,7,12,15,11,13,7,8,7,7],[13,15,14,11,7,7,6,8,13,14,13,12,5,5,6,9],[14,11,12,14,8,6,5,5,15,12,15,14,9,9,8,6],[15,12,13,13,9,5,8,6,14,11,12,11,8,6,5,5]].map((t=>Uint8Array.from(t))),b=/* @__PURE__ */B.map(((t,s)=>t.map((t=>g[s][t])))),x=/* @__PURE__ */D.map(((t,s)=>t.map((t=>g[s][t])))),E=/* @__PURE__ */Uint32Array.from([0,1518500249,1859775393,2400959708,2840853838]),M=/* @__PURE__ */Uint32Array.from([1352829926,1548603684,1836072691,2053994217,0]);function j(t,s,h,i){return 0===t?s^h^i:1===t?s&h|~s&i:2===t?(s|~h)^i:3===t?s&i|h&~i:s^(h|~i)}const _=/* @__PURE__ */new Uint32Array(16);class q extends s{constructor(){super(64,20,8,!0),this.h0=1732584193,this.h1=-271733879,this.h2=-1732584194,this.h3=271733878,this.h4=-1009589776}get(){const{h0:t,h1:s,h2:h,h3:i,h4:e}=this;return[t,s,h,i,e]}set(t,s,h,i,e){this.h0=0|t,this.h1=0|s,this.h2=0|h,this.h3=0|i,this.h4=0|e}process(t,s){for(let h=0;h<16;h++,s+=4)_[h]=t.getUint32(s,!0);let i=0|this.h0,e=i,r=0|this.h1,n=r,o=0|this.h2,a=o,f=0|this.h3,l=f,c=0|this.h4,p=c;for(let t=0;t<5;t++){const s=4-t,u=E[t],A=M[t],d=B[t],m=D[t],y=b[t],C=x[t];for(let s=0;s<16;s++){const e=h(i+j(t,r,o,f)+_[d[s]]+u,y[s])+c|0;i=c,c=f,f=0|h(o,10),o=r,r=e}for(let t=0;t<16;t++){const i=h(e+j(s,n,a,l)+_[m[t]]+A,C[t])+p|0;e=p,p=l,l=0|h(a,10),a=n,n=i}}this.set(this.h1+o+l|0,this.h2+f+p|0,this.h3+c+e|0,this.h4+i+n|0,this.h0+r+a|0)}roundClean(){i(_)}destroy(){this.destroyed=!0,i(this.buffer),this.set(0,0,0,0,0)}}const v=m,O=/* @__PURE__ */t((()=>new q)),k=Array.from({length:64},((t,s)=>Math.floor(2**32*Math.abs(Math.sin(s+1))))),z=(t,s,h)=>t&s^~t&h,F=/* @__PURE__ */new Uint32Array([1732584193,4023233417,2562383102,271733878]),G=/* @__PURE__ */new Uint32Array(16);class H extends s{constructor(){super(64,16,8,!0),this.A=0|F[0],this.B=0|F[1],this.C=0|F[2],this.D=0|F[3]}get(){const{A:t,B:s,C:h,D:i}=this;return[t,s,h,i]}set(t,s,h,i){this.A=0|t,this.B=0|s,this.C=0|h,this.D=0|i}process(t,s){for(let h=0;h<16;h++,s+=4)G[h]=t.getUint32(s,!0);let{A:i,B:e,C:r,D:n}=this;for(let t=0;t<64;t++){let s,o,a;t<16?(s=z(e,r,n),o=t,a=[7,12,17,22]):t<32?(s=z(n,e,r),o=(5*t+1)%16,a=[5,9,14,20]):t<48?(s=e^r^n,o=(3*t+5)%16,a=[4,11,16,23]):(s=r^(e|~n),o=7*t%16,a=[6,10,15,21]),s=s+i+k[t]+G[o],i=n,n=r,r=e,e+=h(s,a[t%4])}i=i+this.A|0,e=e+this.B|0,r=r+this.C|0,n=n+this.D|0,this.set(i,e,r,n)}roundClean(){G.fill(0)}destroy(){this.set(0,0,0,0),this.buffer.fill(0)}}const I=new Map(Object.entries({md5:/* @__PURE__ */n((()=>new H)),sha1:v,sha224:p,sha256:c,sha384:l,sha512:f,sha3_256:a,sha3_512:o,ripemd160:O}));export{I as nobleHashes};
 //# sourceMappingURL=noble_hashes.min.mjs.map

package/dist/lightweight/noble_hashes.min.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"noble_hashes.min.mjs","sources":["../../node_modules/@noble/hashes/esm/sha1.js","../../node_modules/@noble/hashes/esm/ripemd160.js","../../../../../src/crypto/hash/md5.ts","../../src/crypto/hash/noble_hashes.js"],"sourcesContent":["import { HashMD, Chi, Maj } from './_md.js';\nimport { rotl, wrapConstructor } from './utils.js';\n// SHA1 (RFC 3174). It was cryptographically broken: prefer newer algorithms.\n// Initial state\nconst SHA1_IV = /* @__PURE__ */ new Uint32Array([\n    0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0,\n]);\n// Temporary buffer, not used to store anything between runs\n// Named this way because it matches specification.\nconst SHA1_W = /* @__PURE__ */ new Uint32Array(80);\nexport class SHA1 extends HashMD {\n    constructor() {\n        super(64, 20, 8, false);\n        this.A = SHA1_IV[0] | 0;\n        this.B = SHA1_IV[1] | 0;\n        this.C = SHA1_IV[2] | 0;\n        this.D = SHA1_IV[3] | 0;\n        this.E = SHA1_IV[4] | 0;\n    }\n    get() {\n        const { A, B, C, D, E } = this;\n        return [A, B, C, D, E];\n    }\n    set(A, B, C, D, E) {\n        this.A = A | 0;\n        this.B = B | 0;\n        this.C = C | 0;\n        this.D = D | 0;\n        this.E = E | 0;\n    }\n    process(view, offset) {\n        for (let i = 0; i < 16; i++, offset += 4)\n            SHA1_W[i] = view.getUint32(offset, false);\n        for (let i = 16; i < 80; i++)\n            SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1);\n        // Compression function main loop, 80 rounds\n        let { A, B, C, D, E } = this;\n        for (let i = 0; i < 80; i++) {\n            let F, K;\n            if (i < 20) {\n                F = Chi(B, C, D);\n                K = 0x5a827999;\n            }\n            else if (i < 40) {\n                F = B ^ C ^ D;\n                K = 0x6ed9eba1;\n            }\n            else if (i < 60) {\n                F = Maj(B, C, D);\n                K = 0x8f1bbcdc;\n            }\n            else {\n                F = B ^ C ^ D;\n                K = 0xca62c1d6;\n            }\n            const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0;\n            E = D;\n            D = C;\n            C = rotl(B, 30);\n            B = A;\n            A = T;\n        }\n        // Add the compressed chunk to the current hash value\n        A = (A + this.A) | 0;\n        B = (B + this.B) | 0;\n        C = (C + this.C) | 0;\n        D = (D + this.D) | 0;\n        E = (E + this.E) | 0;\n        this.set(A, B, C, D, E);\n    }\n    roundClean() {\n        SHA1_W.fill(0);\n    }\n    destroy() {\n        this.set(0, 0, 0, 0, 0);\n        this.buffer.fill(0);\n    }\n}\n/**\n * SHA1 (RFC 3174) hash function.\n * It was cryptographically broken: prefer newer algorithms.\n * @param message - data that would be hashed\n */\nexport const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1());\n//# sourceMappingURL=sha1.js.map","import { HashMD } from './_md.js';\nimport { rotl, wrapConstructor } from './utils.js';\n// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html\n// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf\nconst Rho = /* @__PURE__ */ new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]);\nconst Id = /* @__PURE__ */ new Uint8Array(new Array(16).fill(0).map((_, i) => i));\nconst Pi = /* @__PURE__ */ Id.map((i) => (9 * i + 5) % 16);\nlet idxL = [Id];\nlet idxR = [Pi];\nfor (let i = 0; i < 4; i++)\n    for (let j of [idxL, idxR])\n        j.push(j[i].map((k) => Rho[k]));\nconst shifts = /* @__PURE__ */ [\n    [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8],\n    [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7],\n    [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9],\n    [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6],\n    [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5],\n].map((i) => new Uint8Array(i));\nconst shiftsL = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts[i][j]));\nconst shiftsR = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts[i][j]));\nconst Kl = /* @__PURE__ */ new Uint32Array([\n    0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e,\n]);\nconst Kr = /* @__PURE__ */ new Uint32Array([\n    0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000,\n]);\n// It's called f() in spec.\nfunction f(group, x, y, z) {\n    if (group === 0)\n        return x ^ y ^ z;\n    else if (group === 1)\n        return (x & y) | (~x & z);\n    else if (group === 2)\n        return (x | ~y) ^ z;\n    else if (group === 3)\n        return (x & z) | (y & ~z);\n    else\n        return x ^ (y | ~z);\n}\n// Temporary buffer, not used to store anything between runs\nconst R_BUF = /* @__PURE__ */ new Uint32Array(16);\nexport class RIPEMD160 extends HashMD {\n    constructor() {\n        super(64, 20, 8, true);\n        this.h0 = 0x67452301 | 0;\n        this.h1 = 0xefcdab89 | 0;\n        this.h2 = 0x98badcfe | 0;\n        this.h3 = 0x10325476 | 0;\n        this.h4 = 0xc3d2e1f0 | 0;\n    }\n    get() {\n        const { h0, h1, h2, h3, h4 } = this;\n        return [h0, h1, h2, h3, h4];\n    }\n    set(h0, h1, h2, h3, h4) {\n        this.h0 = h0 | 0;\n        this.h1 = h1 | 0;\n        this.h2 = h2 | 0;\n        this.h3 = h3 | 0;\n        this.h4 = h4 | 0;\n    }\n    process(view, offset) {\n        for (let i = 0; i < 16; i++, offset += 4)\n            R_BUF[i] = view.getUint32(offset, true);\n        // prettier-ignore\n        let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el;\n        // Instead of iterating 0 to 80, we split it into 5 groups\n        // And use the groups in constants, functions, etc. Much simpler\n        for (let group = 0; group < 5; group++) {\n            const rGroup = 4 - group;\n            const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore\n            const rl = idxL[group], rr = idxR[group]; // prettier-ignore\n            const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore\n            for (let i = 0; i < 16; i++) {\n                const tl = (rotl(al + f(group, bl, cl, dl) + R_BUF[rl[i]] + hbl, sl[i]) + el) | 0;\n                al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore\n            }\n            // 2 loops are 10% faster\n            for (let i = 0; i < 16; i++) {\n                const tr = (rotl(ar + f(rGroup, br, cr, dr) + R_BUF[rr[i]] + hbr, sr[i]) + er) | 0;\n                ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore\n            }\n        }\n        // Add the compressed chunk to the current hash value\n        this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0);\n    }\n    roundClean() {\n        R_BUF.fill(0);\n    }\n    destroy() {\n        this.destroyed = true;\n        this.buffer.fill(0);\n        this.set(0, 0, 0, 0, 0);\n    }\n}\n/**\n * RIPEMD-160 - a hash function from 1990s.\n * @param message - msg that would be hashed\n */\nexport const ripemd160 = /* @__PURE__ */ wrapConstructor(() => new RIPEMD160());\n//# sourceMappingURL=ripemd160.js.map","// Copied from https://github.com/paulmillr/noble-hashes/blob/main/test/misc/md5.ts\n\nimport { HashMD } from '@noble/hashes/_md';\nimport { rotl, wrapConstructor } from '@noble/hashes/utils';\n\n// Per-round constants\nconst K = Array.from({ length: 64 }, (_, i) => Math.floor(2 ** 32 * Math.abs(Math.sin(i + 1))));\n// Choice: a ? b : c\nconst Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c);\n// Initial state (same as sha1, but 4 u32 instead of 5)\nconst IV = /* @__PURE__ */ new Uint32Array([0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476]);\n// Temporary buffer, not used to store anything between runs\n// Named this way for SHA1 compat\nconst MD5_W = /* @__PURE__ */ new Uint32Array(16);\nclass MD5 extends HashMD<MD5> {\n  private A = IV[0] | 0;\n  private B = IV[1] | 0;\n  private C = IV[2] | 0;\n  private D = IV[3] | 0;\n  constructor() {\n    super(64, 16, 8, true);\n  }\n  protected get(): [number, number, number, number] {\n    const { A, B, C, D } = this;\n    return [A, B, C, D];\n  }\n  protected set(A: number, B: number, C: number, D: number) {\n    this.A = A | 0;\n    this.B = B | 0;\n    this.C = C | 0;\n    this.D = D | 0;\n  }\n  protected process(view: DataView, offset: number): void {\n    for (let i = 0; i < 16; i++, offset += 4) MD5_W[i] = view.getUint32(offset, true);\n    // Compression function main loop, 64 rounds\n    let { A, B, C, D } = this;\n    for (let i = 0; i < 64; i++) {\n      // eslint-disable-next-line one-var, one-var-declaration-per-line\n      let F, g, s;\n      if (i < 16) {\n        // eslint-disable-next-line new-cap\n        F = Chi(B, C, D);\n        g = i;\n        s = [7, 12, 17, 22];\n      } else if (i < 32) {\n        // eslint-disable-next-line new-cap\n        F = Chi(D, B, C);\n        g = (5 * i + 1) % 16;\n        s = [5, 9, 14, 20];\n      } else if (i < 48) {\n        F = B ^ C ^ D;\n        g = (3 * i + 5) % 16;\n        s = [4, 11, 16, 23];\n      } else {\n        F = C ^ (B | ~D);\n        g = (7 * i) % 16;\n        s = [6, 10, 15, 21];\n      }\n      F = F + A + K[i] + MD5_W[g];\n      A = D;\n      D = C;\n      C = B;\n      B = B + rotl(F, s[i % 4]);\n    }\n    // Add the compressed chunk to the current hash value\n    A = (A + this.A) | 0;\n    B = (B + this.B) | 0;\n    C = (C + this.C) | 0;\n    D = (D + this.D) | 0;\n    this.set(A, B, C, D);\n  }\n  protected roundClean() {\n    MD5_W.fill(0);\n  }\n  destroy() {\n    this.set(0, 0, 0, 0);\n    this.buffer.fill(0);\n  }\n}\nexport const md5 = /* @__PURE__ */ wrapConstructor(() => new MD5());\n","/**\n * This file is needed to dynamic import the noble-hashes.\n * Separate dynamic imports are not convenient as they result in too many chunks,\n * which share a lot of code anyway.\n */\n\nimport { sha1 } from '@noble/hashes/sha1';\nimport { sha224, sha256 } from '@noble/hashes/sha256';\nimport { sha384, sha512 } from '@noble/hashes/sha512';\nimport { sha3_256, sha3_512 } from '@noble/hashes/sha3';\nimport { ripemd160 } from '@noble/hashes/ripemd160';\nimport { md5 } from './md5';\n\nexport const nobleHashes = new Map(Object.entries({\n  md5,\n  sha1,\n  sha224,\n  sha256,\n  sha384,\n  sha512,\n  sha3_256,\n  sha3_512,\n  ripemd160\n}));\n"],"names":["SHA1_IV","Uint32Array","SHA1_W","SHA1","HashMD","constructor","super","this","A","B","C","D","E","get","set","process","view","offset","i","getUint32","rotl","F","K","Chi","Maj","T","roundClean","fill","destroy","buffer","sha1","wrapConstructor","Rho","Uint8Array","Id","Array","map","_","idxL","idxR","j","push","k","shifts","shiftsL","idx","shiftsR","Kl","Kr","f","group","x","y","z","R_BUF","RIPEMD160","h0","h1","h2","h3","h4","al","ar","bl","br","cl","cr","dl","dr","el","er","rGroup","hbl","hbr","rl","rr","sl","sr","tl","tr","destroyed","ripemd160","from","length","Math","floor","abs","sin","a","b","c","IV","MD5_W","MD5","g","s","nobleHashes","Map","Object","entries","md5","sha224","sha256","sha384","sha512","sha3_256","sha3_512"],"mappings":";0OAIA,MAAMA,iBAA0B,IAAIC,YAAY,CAC5C,WAAY,WAAY,WAAY,UAAY,aAI9CC,iBAAyB,IAAID,YAAY,IACxC,MAAME,UAAaC,EACtB,WAAAC,GACIC,MAAM,GAAI,GAAI,GAAG,GACjBC,KAAKC,EAAiB,EAAbR,EAAQ,GACjBO,KAAKE,EAAiB,EAAbT,EAAQ,GACjBO,KAAKG,EAAiB,EAAbV,EAAQ,GACjBO,KAAKI,EAAiB,EAAbX,EAAQ,GACjBO,KAAKK,EAAiB,EAAbZ,EAAQ,EACzB,CACI,GAAAa,GACI,MAAML,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAML,KAC1B,MAAO,CAACC,EAAGC,EAAGC,EAAGC,EAAGC,EAC5B,CACI,GAAAE,CAAIN,EAAGC,EAAGC,EAAGC,EAAGC,GACZL,KAAKC,EAAQ,EAAJA,EACTD,KAAKE,EAAQ,EAAJA,EACTF,KAAKG,EAAQ,EAAJA,EACTH,KAAKI,EAAQ,EAAJA,EACTJ,KAAKK,EAAQ,EAAJA,CACjB,CACI,OAAAG,CAAQC,EAAMC,GACV,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EACnCf,EAAOgB,GAAKF,EAAKG,UAAUF,GAAQ,GACvC,IAAK,IAAIC,EAAI,GAAIA,EAAI,GAAIA,IACrBhB,EAAOgB,GAAKE,EAAKlB,EAAOgB,EAAI,GAAKhB,EAAOgB,EAAI,GAAKhB,EAAOgB,EAAI,IAAMhB,EAAOgB,EAAI,IAAK,GAEtF,IAAIV,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAML,KACxB,IAAK,IAAIW,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,IAAIG,EAAGC,EACHJ,EAAI,IACJG,EAAIE,EAAId,EAAGC,EAAGC,GACdW,EAAI,YAECJ,EAAI,IACTG,EAAIZ,EAAIC,EAAIC,EACZW,EAAI,YAECJ,EAAI,IACTG,EAAIG,EAAIf,EAAGC,EAAGC,GACdW,EAAI,aAGJD,EAAIZ,EAAIC,EAAIC,EACZW,EAAI,YAER,MAAMG,EAAKL,EAAKZ,EAAG,GAAKa,EAAIT,EAAIU,EAAIpB,EAAOgB,GAAM,EACjDN,EAAID,EACJA,EAAID,EACJA,EAAIU,EAAKX,EAAG,IACZA,EAAID,EACJA,EAAIiB,CAChB,CAEQjB,EAAKA,EAAID,KAAKC,EAAK,EACnBC,EAAKA,EAAIF,KAAKE,EAAK,EACnBC,EAAKA,EAAIH,KAAKG,EAAK,EACnBC,EAAKA,EAAIJ,KAAKI,EAAK,EACnBC,EAAKA,EAAIL,KAAKK,EAAK,EACnBL,KAAKO,IAAIN,EAAGC,EAAGC,EAAGC,EAAGC,EAC7B,CACI,UAAAc,GACIxB,EAAOyB,KAAK,EACpB,CACI,OAAAC,GACIrB,KAAKO,IAAI,EAAG,EAAG,EAAG,EAAG,GACrBP,KAAKsB,OAAOF,KAAK,EACzB,EAOO,MAAMG,iBAAuBC,GAAgB,IAAM,IAAI5B,IC/ExD6B,iBAAsB,IAAIC,WAAW,CAAC,EAAG,EAAG,GAAI,EAAG,GAAI,EAAG,GAAI,EAAG,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,IACzFC,iBAAqB,IAAID,WAAeE,MAAM,IAAIR,KAAK,GAAGS,KAAI,CAACC,EAAGnB,IAAMA,KAE9E,IAAIoB,EAAO,CAACJ,GACRK,EAAO,gBAFgBL,EAAGE,KAAKlB,IAAO,EAAIA,EAAI,GAAK,MAGvD,IAAK,IAAIA,EAAI,EAAGA,EAAI,EAAGA,IACnB,IAAK,IAAIsB,IAAK,CAACF,EAAMC,GACjBC,EAAEC,KAAKD,EAAEtB,GAAGkB,KAAKM,GAAMV,EAAIU,MACnC,MAAMC,iBAAyB,CAC3B,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,IACxDP,KAAKlB,GAAM,IAAIe,WAAWf,KACtB0B,iBAA0BN,EAAKF,KAAI,CAACS,EAAK3B,IAAM2B,EAAIT,KAAKI,GAAMG,EAAOzB,GAAGsB,OACxEM,iBAA0BP,EAAKH,KAAI,CAACS,EAAK3B,IAAM2B,EAAIT,KAAKI,GAAMG,EAAOzB,GAAGsB,OACxEO,iBAAqB,IAAI9C,YAAY,CACvC,EAAY,WAAY,WAAY,WAAY,aAE9C+C,iBAAqB,IAAI/C,YAAY,CACvC,WAAY,WAAY,WAAY,WAAY,IAGpD,SAASgD,EAAEC,EAAOC,EAAGC,EAAGC,GACpB,OAAc,IAAVH,EACOC,EAAIC,EAAIC,EACA,IAAVH,EACGC,EAAIC,GAAOD,EAAIE,EACR,IAAVH,GACGC,GAAKC,GAAKC,EACH,IAAVH,EACGC,EAAIE,EAAMD,GAAKC,EAEhBF,GAAKC,GAAKC,EACzB,CAEA,MAAMC,iBAAwB,IAAIrD,YAAY,IACvC,MAAMsD,UAAkBnD,EAC3B,WAAAC,GACIC,MAAM,GAAI,GAAI,GAAG,GACjBC,KAAKiD,GAAK,WACVjD,KAAKkD,IAAK,UACVlD,KAAKmD,IAAK,WACVnD,KAAKoD,GAAK,UACVpD,KAAKqD,IAAK,UAClB,CACI,GAAA/C,GACI,MAAM2C,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,GAAOrD,KAC/B,MAAO,CAACiD,EAAIC,EAAIC,EAAIC,EAAIC,EAChC,CACI,GAAA9C,CAAI0C,EAAIC,EAAIC,EAAIC,EAAIC,GAChBrD,KAAKiD,GAAU,EAALA,EACVjD,KAAKkD,GAAU,EAALA,EACVlD,KAAKmD,GAAU,EAALA,EACVnD,KAAKoD,GAAU,EAALA,EACVpD,KAAKqD,GAAU,EAALA,CAClB,CACI,OAAA7C,CAAQC,EAAMC,GACV,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EACnCqC,EAAMpC,GAAKF,EAAKG,UAAUF,GAAQ,GAEtC,IAAI4C,EAAe,EAAVtD,KAAKiD,GAAQM,EAAKD,EAAIE,EAAe,EAAVxD,KAAKkD,GAAQO,EAAKD,EAAIE,EAAe,EAAV1D,KAAKmD,GAAQQ,EAAKD,EAAIE,EAAe,EAAV5D,KAAKoD,GAAQS,EAAKD,EAAIE,EAAe,EAAV9D,KAAKqD,GAAQU,EAAKD,EAGvI,IAAK,IAAInB,EAAQ,EAAGA,EAAQ,EAAGA,IAAS,CACpC,MAAMqB,EAAS,EAAIrB,EACbsB,EAAMzB,EAAGG,GAAQuB,EAAMzB,EAAGE,GAC1BwB,EAAKpC,EAAKY,GAAQyB,EAAKpC,EAAKW,GAC5B0B,EAAKhC,EAAQM,GAAQ2B,EAAK/B,EAAQI,GACxC,IAAK,IAAIhC,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,MAAM4D,EAAM1D,EAAKyC,EAAKZ,EAAEC,EAAOa,EAAIE,EAAIE,GAAMb,EAAMoB,EAAGxD,IAAMsD,EAAKI,EAAG1D,IAAMmD,EAAM,EAChFR,EAAKQ,EAAIA,EAAKF,EAAIA,EAAoB,EAAf/C,EAAK6C,EAAI,IAASA,EAAKF,EAAIA,EAAKe,CACvE,CAEY,IAAK,IAAI5D,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,MAAM6D,EAAM3D,EAAK0C,EAAKb,EAAEsB,EAAQP,EAAIE,EAAIE,GAAMd,EAAMqB,EAAGzD,IAAMuD,EAAKI,EAAG3D,IAAMoD,EAAM,EACjFR,EAAKQ,EAAIA,EAAKF,EAAIA,EAAoB,EAAfhD,EAAK8C,EAAI,IAASA,EAAKF,EAAIA,EAAKe,CACvE,CACA,CAEQxE,KAAKO,IAAKP,KAAKkD,GAAKQ,EAAKG,EAAM,EAAI7D,KAAKmD,GAAKS,EAAKG,EAAM,EAAI/D,KAAKoD,GAAKU,EAAKP,EAAM,EAAIvD,KAAKqD,GAAKC,EAAKG,EAAM,EAAIzD,KAAKiD,GAAKO,EAAKG,EAAM,EAC3I,CACI,UAAAxC,GACI4B,EAAM3B,KAAK,EACnB,CACI,OAAAC,GACIrB,KAAKyE,WAAY,EACjBzE,KAAKsB,OAAOF,KAAK,GACjBpB,KAAKO,IAAI,EAAG,EAAG,EAAG,EAAG,EAC7B,EAMO,MAAMmE,iBAA4BlD,GAAgB,IAAM,IAAIwB,IC9F7DjC,EAAIa,MAAM+C,KAAK,CAAEC,OAAQ,KAAM,CAAC9C,EAAGnB,IAAMkE,KAAKC,MAAM,GAAK,GAAKD,KAAKE,IAAIF,KAAKG,IAAIrE,EAAI,OAEpFK,EAAM,CAACiE,EAAWC,EAAWC,IAAeF,EAAIC,GAAOD,EAAIE,EAE3DC,iBAAqB,IAAI1F,YAAY,CAAC,WAAY,WAAY,WAAY,YAG1E2F,iBAAwB,IAAI3F,YAAY,IAC9C,MAAM4F,UAAYzF,EAKhB,WAAAC,GACEC,MAAM,GAAI,GAAI,GAAG,GALXC,KAAAC,EAAY,EAARmF,EAAG,GACPpF,KAAAE,EAAY,EAARkF,EAAG,GACPpF,KAAAG,EAAY,EAARiF,EAAG,GACPpF,KAAAI,EAAY,EAARgF,EAAG,GAIL,GAAA9E,GACR,MAAML,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAMJ,KACvB,MAAO,CAACC,EAAGC,EAAGC,EAAGC,GAET,GAAAG,CAAIN,EAAWC,EAAWC,EAAWC,GAC7CJ,KAAKC,EAAQ,EAAJA,EACTD,KAAKE,EAAQ,EAAJA,EACTF,KAAKG,EAAQ,EAAJA,EACTH,KAAKI,EAAQ,EAAJA,EAED,OAAAI,CAAQC,EAAgBC,GAChC,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EAAG2E,EAAM1E,GAAKF,EAAKG,UAAUF,GAAQ,GAE5E,IAAIT,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAMJ,KACrB,IAAK,IAAIW,EAAI,EAAGA,EAAI,GAAIA,IAAK,CAE3B,IAAIG,EAAGyE,EAAGC,EACN7E,EAAI,IAENG,EAAIE,EAAId,EAAGC,EAAGC,GACdmF,EAAI5E,EACJ6E,EAAI,CAAC,EAAG,GAAI,GAAI,KACP7E,EAAI,IAEbG,EAAIE,EAAIZ,EAAGF,EAAGC,GACdoF,GAAK,EAAI5E,EAAI,GAAK,GAClB6E,EAAI,CAAC,EAAG,EAAG,GAAI,KACN7E,EAAI,IACbG,EAAIZ,EAAIC,EAAIC,EACZmF,GAAK,EAAI5E,EAAI,GAAK,GAClB6E,EAAI,CAAC,EAAG,GAAI,GAAI,MAEhB1E,EAAIX,GAAKD,GAAKE,GACdmF,EAAK,EAAI5E,EAAK,GACd6E,EAAI,CAAC,EAAG,GAAI,GAAI,KAElB1E,EAAIA,EAAIb,EAAIc,EAAEJ,GAAK0E,EAAME,GACzBtF,EAAIG,EACJA,EAAID,EACJA,EAAID,EACJA,GAAQW,EAAKC,EAAG0E,EAAE7E,EAAI,IAGxBV,EAAKA,EAAID,KAAKC,EAAK,EACnBC,EAAKA,EAAIF,KAAKE,EAAK,EACnBC,EAAKA,EAAIH,KAAKG,EAAK,EACnBC,EAAKA,EAAIJ,KAAKI,EAAK,EACnBJ,KAAKO,IAAIN,EAAGC,EAAGC,EAAGC,GAEV,UAAAe,GACRkE,EAAMjE,KAAK,GAEb,OAAAC,GACErB,KAAKO,IAAI,EAAG,EAAG,EAAG,GAClBP,KAAKsB,OAAOF,KAAK,IAGd,MClEMqE,EAAc,IAAIC,IAAIC,OAAOC,QAAQ,CAChDC,mBDiEiCrE,GAAgB,IAAM,IAAI8D,IChE3D/D,OACAuE,SACAC,SACAC,SACAC,SACAC,WACAC,WACAzB","x_google_ignoreList":[0,1]}
+{"version":3,"file":"noble_hashes.min.mjs","sources":["../../node_modules/@noble/hashes/esm/legacy.js","../../node_modules/@noble/hashes/esm/sha1.js","../../node_modules/@noble/hashes/esm/ripemd160.js","../../../src/crypto/hash/md5.ts","../../src/crypto/hash/noble_hashes.js"],"sourcesContent":["/**\n\nSHA1 (RFC 3174), MD5 (RFC 1321) and RIPEMD160 (RFC 2286) legacy, weak hash functions.\nDon't use them in a new protocol. What \"weak\" means:\n\n- Collisions can be made with 2^18 effort in MD5, 2^60 in SHA1, 2^80 in RIPEMD160.\n- No practical pre-image attacks (only theoretical, 2^123.4)\n- HMAC seems kinda ok: https://datatracker.ietf.org/doc/html/rfc6151\n * @module\n */\nimport { Chi, HashMD, Maj } from \"./_md.js\";\nimport { clean, createHasher, rotl } from \"./utils.js\";\n/** Initial SHA1 state */\nconst SHA1_IV = /* @__PURE__ */ Uint32Array.from([\n    0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0,\n]);\n// Reusable temporary buffer\nconst SHA1_W = /* @__PURE__ */ new Uint32Array(80);\n/** SHA1 legacy hash class. */\nexport class SHA1 extends HashMD {\n    constructor() {\n        super(64, 20, 8, false);\n        this.A = SHA1_IV[0] | 0;\n        this.B = SHA1_IV[1] | 0;\n        this.C = SHA1_IV[2] | 0;\n        this.D = SHA1_IV[3] | 0;\n        this.E = SHA1_IV[4] | 0;\n    }\n    get() {\n        const { A, B, C, D, E } = this;\n        return [A, B, C, D, E];\n    }\n    set(A, B, C, D, E) {\n        this.A = A | 0;\n        this.B = B | 0;\n        this.C = C | 0;\n        this.D = D | 0;\n        this.E = E | 0;\n    }\n    process(view, offset) {\n        for (let i = 0; i < 16; i++, offset += 4)\n            SHA1_W[i] = view.getUint32(offset, false);\n        for (let i = 16; i < 80; i++)\n            SHA1_W[i] = rotl(SHA1_W[i - 3] ^ SHA1_W[i - 8] ^ SHA1_W[i - 14] ^ SHA1_W[i - 16], 1);\n        // Compression function main loop, 80 rounds\n        let { A, B, C, D, E } = this;\n        for (let i = 0; i < 80; i++) {\n            let F, K;\n            if (i < 20) {\n                F = Chi(B, C, D);\n                K = 0x5a827999;\n            }\n            else if (i < 40) {\n                F = B ^ C ^ D;\n                K = 0x6ed9eba1;\n            }\n            else if (i < 60) {\n                F = Maj(B, C, D);\n                K = 0x8f1bbcdc;\n            }\n            else {\n                F = B ^ C ^ D;\n                K = 0xca62c1d6;\n            }\n            const T = (rotl(A, 5) + F + E + K + SHA1_W[i]) | 0;\n            E = D;\n            D = C;\n            C = rotl(B, 30);\n            B = A;\n            A = T;\n        }\n        // Add the compressed chunk to the current hash value\n        A = (A + this.A) | 0;\n        B = (B + this.B) | 0;\n        C = (C + this.C) | 0;\n        D = (D + this.D) | 0;\n        E = (E + this.E) | 0;\n        this.set(A, B, C, D, E);\n    }\n    roundClean() {\n        clean(SHA1_W);\n    }\n    destroy() {\n        this.set(0, 0, 0, 0, 0);\n        clean(this.buffer);\n    }\n}\n/** SHA1 (RFC 3174) legacy hash function. It was cryptographically broken. */\nexport const sha1 = /* @__PURE__ */ createHasher(() => new SHA1());\n/** Per-round constants */\nconst p32 = /* @__PURE__ */ Math.pow(2, 32);\nconst K = /* @__PURE__ */ Array.from({ length: 64 }, (_, i) => Math.floor(p32 * Math.abs(Math.sin(i + 1))));\n/** md5 initial state: same as sha1, but 4 u32 instead of 5. */\nconst MD5_IV = /* @__PURE__ */ SHA1_IV.slice(0, 4);\n// Reusable temporary buffer\nconst MD5_W = /* @__PURE__ */ new Uint32Array(16);\n/** MD5 legacy hash class. */\nexport class MD5 extends HashMD {\n    constructor() {\n        super(64, 16, 8, true);\n        this.A = MD5_IV[0] | 0;\n        this.B = MD5_IV[1] | 0;\n        this.C = MD5_IV[2] | 0;\n        this.D = MD5_IV[3] | 0;\n    }\n    get() {\n        const { A, B, C, D } = this;\n        return [A, B, C, D];\n    }\n    set(A, B, C, D) {\n        this.A = A | 0;\n        this.B = B | 0;\n        this.C = C | 0;\n        this.D = D | 0;\n    }\n    process(view, offset) {\n        for (let i = 0; i < 16; i++, offset += 4)\n            MD5_W[i] = view.getUint32(offset, true);\n        // Compression function main loop, 64 rounds\n        let { A, B, C, D } = this;\n        for (let i = 0; i < 64; i++) {\n            let F, g, s;\n            if (i < 16) {\n                F = Chi(B, C, D);\n                g = i;\n                s = [7, 12, 17, 22];\n            }\n            else if (i < 32) {\n                F = Chi(D, B, C);\n                g = (5 * i + 1) % 16;\n                s = [5, 9, 14, 20];\n            }\n            else if (i < 48) {\n                F = B ^ C ^ D;\n                g = (3 * i + 5) % 16;\n                s = [4, 11, 16, 23];\n            }\n            else {\n                F = C ^ (B | ~D);\n                g = (7 * i) % 16;\n                s = [6, 10, 15, 21];\n            }\n            F = F + A + K[i] + MD5_W[g];\n            A = D;\n            D = C;\n            C = B;\n            B = B + rotl(F, s[i % 4]);\n        }\n        // Add the compressed chunk to the current hash value\n        A = (A + this.A) | 0;\n        B = (B + this.B) | 0;\n        C = (C + this.C) | 0;\n        D = (D + this.D) | 0;\n        this.set(A, B, C, D);\n    }\n    roundClean() {\n        clean(MD5_W);\n    }\n    destroy() {\n        this.set(0, 0, 0, 0);\n        clean(this.buffer);\n    }\n}\n/**\n * MD5 (RFC 1321) legacy hash function. It was cryptographically broken.\n * MD5 architecture is similar to SHA1, with some differences:\n * - Reduced output length: 16 bytes (128 bit) instead of 20\n * - 64 rounds, instead of 80\n * - Little-endian: could be faster, but will require more code\n * - Non-linear index selection: huge speed-up for unroll\n * - Per round constants: more memory accesses, additional speed-up for unroll\n */\nexport const md5 = /* @__PURE__ */ createHasher(() => new MD5());\n// RIPEMD-160\nconst Rho160 = /* @__PURE__ */ Uint8Array.from([\n    7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,\n]);\nconst Id160 = /* @__PURE__ */ (() => Uint8Array.from(new Array(16).fill(0).map((_, i) => i)))();\nconst Pi160 = /* @__PURE__ */ (() => Id160.map((i) => (9 * i + 5) % 16))();\nconst idxLR = /* @__PURE__ */ (() => {\n    const L = [Id160];\n    const R = [Pi160];\n    const res = [L, R];\n    for (let i = 0; i < 4; i++)\n        for (let j of res)\n            j.push(j[i].map((k) => Rho160[k]));\n    return res;\n})();\nconst idxL = /* @__PURE__ */ (() => idxLR[0])();\nconst idxR = /* @__PURE__ */ (() => idxLR[1])();\n// const [idxL, idxR] = idxLR;\nconst shifts160 = /* @__PURE__ */ [\n    [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8],\n    [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7],\n    [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9],\n    [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6],\n    [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5],\n].map((i) => Uint8Array.from(i));\nconst shiftsL160 = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts160[i][j]));\nconst shiftsR160 = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts160[i][j]));\nconst Kl160 = /* @__PURE__ */ Uint32Array.from([\n    0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e,\n]);\nconst Kr160 = /* @__PURE__ */ Uint32Array.from([\n    0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000,\n]);\n// It's called f() in spec.\nfunction ripemd_f(group, x, y, z) {\n    if (group === 0)\n        return x ^ y ^ z;\n    if (group === 1)\n        return (x & y) | (~x & z);\n    if (group === 2)\n        return (x | ~y) ^ z;\n    if (group === 3)\n        return (x & z) | (y & ~z);\n    return x ^ (y | ~z);\n}\n// Reusable temporary buffer\nconst BUF_160 = /* @__PURE__ */ new Uint32Array(16);\nexport class RIPEMD160 extends HashMD {\n    constructor() {\n        super(64, 20, 8, true);\n        this.h0 = 0x67452301 | 0;\n        this.h1 = 0xefcdab89 | 0;\n        this.h2 = 0x98badcfe | 0;\n        this.h3 = 0x10325476 | 0;\n        this.h4 = 0xc3d2e1f0 | 0;\n    }\n    get() {\n        const { h0, h1, h2, h3, h4 } = this;\n        return [h0, h1, h2, h3, h4];\n    }\n    set(h0, h1, h2, h3, h4) {\n        this.h0 = h0 | 0;\n        this.h1 = h1 | 0;\n        this.h2 = h2 | 0;\n        this.h3 = h3 | 0;\n        this.h4 = h4 | 0;\n    }\n    process(view, offset) {\n        for (let i = 0; i < 16; i++, offset += 4)\n            BUF_160[i] = view.getUint32(offset, true);\n        // prettier-ignore\n        let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el;\n        // Instead of iterating 0 to 80, we split it into 5 groups\n        // And use the groups in constants, functions, etc. Much simpler\n        for (let group = 0; group < 5; group++) {\n            const rGroup = 4 - group;\n            const hbl = Kl160[group], hbr = Kr160[group]; // prettier-ignore\n            const rl = idxL[group], rr = idxR[group]; // prettier-ignore\n            const sl = shiftsL160[group], sr = shiftsR160[group]; // prettier-ignore\n            for (let i = 0; i < 16; i++) {\n                const tl = (rotl(al + ripemd_f(group, bl, cl, dl) + BUF_160[rl[i]] + hbl, sl[i]) + el) | 0;\n                al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore\n            }\n            // 2 loops are 10% faster\n            for (let i = 0; i < 16; i++) {\n                const tr = (rotl(ar + ripemd_f(rGroup, br, cr, dr) + BUF_160[rr[i]] + hbr, sr[i]) + er) | 0;\n                ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore\n            }\n        }\n        // Add the compressed chunk to the current hash value\n        this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0);\n    }\n    roundClean() {\n        clean(BUF_160);\n    }\n    destroy() {\n        this.destroyed = true;\n        clean(this.buffer);\n        this.set(0, 0, 0, 0, 0);\n    }\n}\n/**\n * RIPEMD-160 - a legacy hash function from 1990s.\n * * https://homes.esat.kuleuven.be/~bosselae/ripemd160.html\n * * https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf\n */\nexport const ripemd160 = /* @__PURE__ */ createHasher(() => new RIPEMD160());\n//# sourceMappingURL=legacy.js.map","/**\n * SHA1 (RFC 3174) legacy hash function.\n * @module\n * @deprecated\n */\nimport { SHA1 as SHA1n, sha1 as sha1n } from \"./legacy.js\";\n/** @deprecated Use import from `noble/hashes/legacy` module */\nexport const SHA1 = SHA1n;\n/** @deprecated Use import from `noble/hashes/legacy` module */\nexport const sha1 = sha1n;\n//# sourceMappingURL=sha1.js.map","/**\n * RIPEMD-160 legacy hash function.\n * https://homes.esat.kuleuven.be/~bosselae/ripemd160.html\n * https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf\n * @module\n * @deprecated\n */\nimport { RIPEMD160 as RIPEMD160n, ripemd160 as ripemd160n } from \"./legacy.js\";\n/** @deprecated Use import from `noble/hashes/legacy` module */\nexport const RIPEMD160 = RIPEMD160n;\n/** @deprecated Use import from `noble/hashes/legacy` module */\nexport const ripemd160 = ripemd160n;\n//# sourceMappingURL=ripemd160.js.map","// Copied from https://github.com/paulmillr/noble-hashes/blob/main/test/misc/md5.ts\n\nimport { HashMD } from '@noble/hashes/_md';\nimport { rotl, wrapConstructor } from '@noble/hashes/utils';\n\n// Per-round constants\nconst K = Array.from({ length: 64 }, (_, i) => Math.floor(2 ** 32 * Math.abs(Math.sin(i + 1))));\n// Choice: a ? b : c\nconst Chi = (a: number, b: number, c: number) => (a & b) ^ (~a & c);\n// Initial state (same as sha1, but 4 u32 instead of 5)\nconst IV = /* @__PURE__ */ new Uint32Array([0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476]);\n// Temporary buffer, not used to store anything between runs\n// Named this way for SHA1 compat\nconst MD5_W = /* @__PURE__ */ new Uint32Array(16);\nclass MD5 extends HashMD<MD5> {\n  private A = IV[0] | 0;\n  private B = IV[1] | 0;\n  private C = IV[2] | 0;\n  private D = IV[3] | 0;\n  constructor() {\n    super(64, 16, 8, true);\n  }\n  protected get(): [number, number, number, number] {\n    const { A, B, C, D } = this;\n    return [A, B, C, D];\n  }\n  protected set(A: number, B: number, C: number, D: number) {\n    this.A = A | 0;\n    this.B = B | 0;\n    this.C = C | 0;\n    this.D = D | 0;\n  }\n  protected process(view: DataView, offset: number): void {\n    for (let i = 0; i < 16; i++, offset += 4) MD5_W[i] = view.getUint32(offset, true);\n    // Compression function main loop, 64 rounds\n    let { A, B, C, D } = this;\n    for (let i = 0; i < 64; i++) {\n      // eslint-disable-next-line one-var, one-var-declaration-per-line\n      let F, g, s;\n      if (i < 16) {\n        // eslint-disable-next-line new-cap\n        F = Chi(B, C, D);\n        g = i;\n        s = [7, 12, 17, 22];\n      } else if (i < 32) {\n        // eslint-disable-next-line new-cap\n        F = Chi(D, B, C);\n        g = (5 * i + 1) % 16;\n        s = [5, 9, 14, 20];\n      } else if (i < 48) {\n        F = B ^ C ^ D;\n        g = (3 * i + 5) % 16;\n        s = [4, 11, 16, 23];\n      } else {\n        F = C ^ (B | ~D);\n        g = (7 * i) % 16;\n        s = [6, 10, 15, 21];\n      }\n      F = F + A + K[i] + MD5_W[g];\n      A = D;\n      D = C;\n      C = B;\n      B = B + rotl(F, s[i % 4]);\n    }\n    // Add the compressed chunk to the current hash value\n    A = (A + this.A) | 0;\n    B = (B + this.B) | 0;\n    C = (C + this.C) | 0;\n    D = (D + this.D) | 0;\n    this.set(A, B, C, D);\n  }\n  protected roundClean() {\n    MD5_W.fill(0);\n  }\n  destroy() {\n    this.set(0, 0, 0, 0);\n    this.buffer.fill(0);\n  }\n}\nexport const md5 = /* @__PURE__ */ wrapConstructor(() => new MD5());\n","/**\n * This file is needed to dynamic import the noble-hashes.\n * Separate dynamic imports are not convenient as they result in too many chunks,\n * which share a lot of code anyway.\n */\n\nimport { sha1 } from '@noble/hashes/sha1';\nimport { sha224, sha256 } from '@noble/hashes/sha256';\nimport { sha384, sha512 } from '@noble/hashes/sha512';\nimport { sha3_256, sha3_512 } from '@noble/hashes/sha3';\nimport { ripemd160 } from '@noble/hashes/ripemd160';\nimport { md5 } from './md5';\n\nexport const nobleHashes = new Map(Object.entries({\n  md5,\n  sha1,\n  sha224,\n  sha256,\n  sha384,\n  sha512,\n  sha3_256,\n  sha3_512,\n  ripemd160\n}));\n"],"names":["SHA1_IV","Uint32Array","from","SHA1_W","SHA1","HashMD","constructor","super","this","A","B","C","D","E","get","set","process","view","offset","i","getUint32","rotl","F","K","Chi","Maj","T","roundClean","clean","destroy","buffer","sha1","createHasher","Rho160","Uint8Array","Id160","Array","fill","map","_","Pi160","idxLR","res","j","push","k","idxL","idxR","shifts160","shiftsL160","idx","shiftsR160","Kl160","Kr160","ripemd_f","group","x","y","z","BUF_160","RIPEMD160","h0","h1","h2","h3","h4","al","ar","bl","br","cl","cr","dl","dr","el","er","rGroup","hbl","hbr","rl","rr","sl","sr","tl","tr","destroyed","sha1n","ripemd160","length","Math","floor","abs","sin","a","b","c","IV","MD5_W","MD5","g","s","nobleHashes","Map","Object","entries","md5","wrapConstructor","sha224","sha256","sha384","sha512","sha3_256","sha3_512"],"mappings":";4NAaA,MAAMA,iBAA0BC,YAAYC,KAAK,CAC7C,WAAY,WAAY,WAAY,UAAY,aAG9CC,iBAAyB,IAAIF,YAAY,IAExC,MAAMG,UAAaC,EACtB,WAAAC,GACIC,MAAM,GAAI,GAAI,GAAG,GACjBC,KAAKC,EAAiB,EAAbT,EAAQ,GACjBQ,KAAKE,EAAiB,EAAbV,EAAQ,GACjBQ,KAAKG,EAAiB,EAAbX,EAAQ,GACjBQ,KAAKI,EAAiB,EAAbZ,EAAQ,GACjBQ,KAAKK,EAAiB,EAAbb,EAAQ,EACrB,CACA,GAAAc,GACI,MAAML,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAML,KAC1B,MAAO,CAACC,EAAGC,EAAGC,EAAGC,EAAGC,EACxB,CACA,GAAAE,CAAIN,EAAGC,EAAGC,EAAGC,EAAGC,GACZL,KAAKC,EAAQ,EAAJA,EACTD,KAAKE,EAAQ,EAAJA,EACTF,KAAKG,EAAQ,EAAJA,EACTH,KAAKI,EAAQ,EAAJA,EACTJ,KAAKK,EAAQ,EAAJA,CACb,CACA,OAAAG,CAAQC,EAAMC,GACV,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EACnCf,EAAOgB,GAAKF,EAAKG,UAAUF,GAAQ,GACvC,IAAK,IAAIC,EAAI,GAAIA,EAAI,GAAIA,IACrBhB,EAAOgB,GAAKE,EAAKlB,EAAOgB,EAAI,GAAKhB,EAAOgB,EAAI,GAAKhB,EAAOgB,EAAI,IAAMhB,EAAOgB,EAAI,IAAK,GAEtF,IAAIV,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAML,KACxB,IAAK,IAAIW,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,IAAIG,EAAGC,EACHJ,EAAI,IACJG,EAAIE,EAAId,EAAGC,EAAGC,GACdW,EAAI,YAECJ,EAAI,IACTG,EAAIZ,EAAIC,EAAIC,EACZW,EAAI,YAECJ,EAAI,IACTG,EAAIG,EAAIf,EAAGC,EAAGC,GACdW,EAAI,aAGJD,EAAIZ,EAAIC,EAAIC,EACZW,EAAI,YAER,MAAMG,EAAKL,EAAKZ,EAAG,GAAKa,EAAIT,EAAIU,EAAIpB,EAAOgB,GAAM,EACjDN,EAAID,EACJA,EAAID,EACJA,EAAIU,EAAKX,EAAG,IACZA,EAAID,EACJA,EAAIiB,CACR,CAEAjB,EAAKA,EAAID,KAAKC,EAAK,EACnBC,EAAKA,EAAIF,KAAKE,EAAK,EACnBC,EAAKA,EAAIH,KAAKG,EAAK,EACnBC,EAAKA,EAAIJ,KAAKI,EAAK,EACnBC,EAAKA,EAAIL,KAAKK,EAAK,EACnBL,KAAKO,IAAIN,EAAGC,EAAGC,EAAGC,EAAGC,EACzB,CACA,UAAAc,GACIC,EAAMzB,EACV,CACA,OAAA0B,GACIrB,KAAKO,IAAI,EAAG,EAAG,EAAG,EAAG,GACrBa,EAAMpB,KAAKsB,OACf,EAGG,MAAMC,iBAAuBC,GAAa,IAAM,IAAI5B,IAsFrD6B,iBAAyBC,WAAWhC,KAAK,CAC3C,EAAG,EAAG,GAAI,EAAG,GAAI,EAAG,GAAI,EAAG,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,IAEjDiC,iBAAwB,KAAOD,WAAWhC,KAASkC,MAAM,IAAIC,KAAK,GAAGC,KAAI,CAACC,EAAGpB,IAAMA,KAA3D,GACxBqB,iBAAwB,KAAOL,EAAMG,KAAKnB,IAAO,EAAIA,EAAI,GAAK,KAAtC,GACxBsB,iBAAwB,MAC1B,MAEMC,EAAM,CAFF,CAACP,GACD,CAACK,IAEX,IAAK,IAAIrB,EAAI,EAAGA,EAAI,EAAGA,IACnB,IAAK,IAAIwB,KAAKD,EACVC,EAAEC,KAAKD,EAAExB,GAAGmB,KAAKO,GAAMZ,EAAOY,MACtC,OAAOH,CACV,EAR6B,GASxBI,iBAAuB,KAAOL,EAAM,GAAb,GACvBM,iBAAuB,KAAON,EAAM,GAAb,GAEvBO,iBAA4B,CAC9B,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,GACtD,CAAC,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,EAAG,GAAI,GAAI,GAAI,GAAI,EAAG,EAAG,EAAG,IACxDV,KAAKnB,GAAMe,WAAWhC,KAAKiB,KACvB8B,iBAA6BH,EAAKR,KAAI,CAACY,EAAK/B,IAAM+B,EAAIZ,KAAKK,GAAMK,EAAU7B,GAAGwB,OAC9EQ,iBAA6BJ,EAAKT,KAAI,CAACY,EAAK/B,IAAM+B,EAAIZ,KAAKK,GAAMK,EAAU7B,GAAGwB,OAC9ES,iBAAwBnD,YAAYC,KAAK,CAC3C,EAAY,WAAY,WAAY,WAAY,aAE9CmD,iBAAwBpD,YAAYC,KAAK,CAC3C,WAAY,WAAY,WAAY,WAAY,IAGpD,SAASoD,EAASC,EAAOC,EAAGC,EAAGC,GAC3B,OAAc,IAAVH,EACOC,EAAIC,EAAIC,EACL,IAAVH,EACQC,EAAIC,GAAOD,EAAIE,EACb,IAAVH,GACQC,GAAKC,GAAKC,EACR,IAAVH,EACQC,EAAIE,EAAMD,GAAKC,EACpBF,GAAKC,GAAKC,EACrB,CAEA,MAAMC,iBAA0B,IAAI1D,YAAY,IACzC,MAAM2D,UAAkBvD,EAC3B,WAAAC,GACIC,MAAM,GAAI,GAAI,GAAG,GACjBC,KAAKqD,GAAK,WACVrD,KAAKsD,IAAK,UACVtD,KAAKuD,IAAK,WACVvD,KAAKwD,GAAK,UACVxD,KAAKyD,IAAK,UACd,CACA,GAAAnD,GACI,MAAM+C,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,EAAEC,GAAEA,GAAOzD,KAC/B,MAAO,CAACqD,EAAIC,EAAIC,EAAIC,EAAIC,EAC5B,CACA,GAAAlD,CAAI8C,EAAIC,EAAIC,EAAIC,EAAIC,GAChBzD,KAAKqD,GAAU,EAALA,EACVrD,KAAKsD,GAAU,EAALA,EACVtD,KAAKuD,GAAU,EAALA,EACVvD,KAAKwD,GAAU,EAALA,EACVxD,KAAKyD,GAAU,EAALA,CACd,CACA,OAAAjD,CAAQC,EAAMC,GACV,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EACnCyC,EAAQxC,GAAKF,EAAKG,UAAUF,GAAQ,GAExC,IAAIgD,EAAe,EAAV1D,KAAKqD,GAAQM,EAAKD,EAAIE,EAAe,EAAV5D,KAAKsD,GAAQO,EAAKD,EAAIE,EAAe,EAAV9D,KAAKuD,GAAQQ,EAAKD,EAAIE,EAAe,EAAVhE,KAAKwD,GAAQS,EAAKD,EAAIE,EAAe,EAAVlE,KAAKyD,GAAQU,EAAKD,EAGvI,IAAK,IAAInB,EAAQ,EAAGA,EAAQ,EAAGA,IAAS,CACpC,MAAMqB,EAAS,EAAIrB,EACbsB,EAAMzB,EAAMG,GAAQuB,EAAMzB,EAAME,GAChCwB,EAAKjC,EAAKS,GAAQyB,EAAKjC,EAAKQ,GAC5B0B,EAAKhC,EAAWM,GAAQ2B,EAAK/B,EAAWI,GAC9C,IAAK,IAAIpC,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,MAAMgE,EAAM9D,EAAK6C,EAAKZ,EAASC,EAAOa,EAAIE,EAAIE,GAAMb,EAAQoB,EAAG5D,IAAM0D,EAAKI,EAAG9D,IAAMuD,EAAM,EACzFR,EAAKQ,EAAIA,EAAKF,EAAIA,EAAoB,EAAfnD,EAAKiD,EAAI,IAASA,EAAKF,EAAIA,EAAKe,CAC3D,CAEA,IAAK,IAAIhE,EAAI,EAAGA,EAAI,GAAIA,IAAK,CACzB,MAAMiE,EAAM/D,EAAK8C,EAAKb,EAASsB,EAAQP,EAAIE,EAAIE,GAAMd,EAAQqB,EAAG7D,IAAM2D,EAAKI,EAAG/D,IAAMwD,EAAM,EAC1FR,EAAKQ,EAAIA,EAAKF,EAAIA,EAAoB,EAAfpD,EAAKkD,EAAI,IAASA,EAAKF,EAAIA,EAAKe,CAC3D,CACJ,CAEA5E,KAAKO,IAAKP,KAAKsD,GAAKQ,EAAKG,EAAM,EAAIjE,KAAKuD,GAAKS,EAAKG,EAAM,EAAInE,KAAKwD,GAAKU,EAAKP,EAAM,EAAI3D,KAAKyD,GAAKC,EAAKG,EAAM,EAAI7D,KAAKqD,GAAKO,EAAKG,EAAM,EACvI,CACA,UAAA5C,GACIC,EAAM+B,EACV,CACA,OAAA9B,GACIrB,KAAK6E,WAAY,EACjBzD,EAAMpB,KAAKsB,QACXtB,KAAKO,IAAI,EAAG,EAAG,EAAG,EAAG,EACzB,EAOG,MC9QMgB,EAAOuD,ECEPC,iBF4Q4BvD,GAAa,IAAM,IAAI4B,IGjR1DrC,EAAIa,MAAMlC,KAAK,CAAEsF,OAAQ,KAAM,CAACjD,EAAGpB,IAAMsE,KAAKC,MAAM,GAAK,GAAKD,KAAKE,IAAIF,KAAKG,IAAIzE,EAAI,OAEpFK,EAAM,CAACqE,EAAWC,EAAWC,IAAeF,EAAIC,GAAOD,EAAIE,EAE3DC,iBAAqB,IAAI/F,YAAY,CAAC,WAAY,WAAY,WAAY,YAG1EgG,iBAAwB,IAAIhG,YAAY,IAC9C,MAAMiG,UAAY7F,EAKhB,WAAAC,GACEC,MAAM,GAAI,GAAI,GAAG,GALXC,KAAAC,EAAY,EAARuF,EAAG,GACPxF,KAAAE,EAAY,EAARsF,EAAG,GACPxF,KAAAG,EAAY,EAARqF,EAAG,GACPxF,KAAAI,EAAY,EAARoF,EAAG,EAGf,CACU,GAAAlF,GACR,MAAML,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAMJ,KACvB,MAAO,CAACC,EAAGC,EAAGC,EAAGC,EACnB,CACU,GAAAG,CAAIN,EAAWC,EAAWC,EAAWC,GAC7CJ,KAAKC,EAAQ,EAAJA,EACTD,KAAKE,EAAQ,EAAJA,EACTF,KAAKG,EAAQ,EAAJA,EACTH,KAAKI,EAAQ,EAAJA,CACX,CACU,OAAAI,CAAQC,EAAgBC,GAChC,IAAK,IAAIC,EAAI,EAAGA,EAAI,GAAIA,IAAKD,GAAU,EAAG+E,EAAM9E,GAAKF,EAAKG,UAAUF,GAAQ,GAE5E,IAAIT,EAAEA,EAACC,EAAEA,EAACC,EAAEA,EAACC,EAAEA,GAAMJ,KACrB,IAAK,IAAIW,EAAI,EAAGA,EAAI,GAAIA,IAAK,CAE3B,IAAIG,EAAG6E,EAAGC,EACNjF,EAAI,IAENG,EAAIE,EAAId,EAAGC,EAAGC,GACduF,EAAIhF,EACJiF,EAAI,CAAC,EAAG,GAAI,GAAI,KACPjF,EAAI,IAEbG,EAAIE,EAAIZ,EAAGF,EAAGC,GACdwF,GAAK,EAAIhF,EAAI,GAAK,GAClBiF,EAAI,CAAC,EAAG,EAAG,GAAI,KACNjF,EAAI,IACbG,EAAIZ,EAAIC,EAAIC,EACZuF,GAAK,EAAIhF,EAAI,GAAK,GAClBiF,EAAI,CAAC,EAAG,GAAI,GAAI,MAEhB9E,EAAIX,GAAKD,GAAKE,GACduF,EAAK,EAAIhF,EAAK,GACdiF,EAAI,CAAC,EAAG,GAAI,GAAI,KAElB9E,EAAIA,EAAIb,EAAIc,EAAEJ,GAAK8E,EAAME,GACzB1F,EAAIG,EACJA,EAAID,EACJA,EAAID,EACJA,GAAQW,EAAKC,EAAG8E,EAAEjF,EAAI,GACxB,CAEAV,EAAKA,EAAID,KAAKC,EAAK,EACnBC,EAAKA,EAAIF,KAAKE,EAAK,EACnBC,EAAKA,EAAIH,KAAKG,EAAK,EACnBC,EAAKA,EAAIJ,KAAKI,EAAK,EACnBJ,KAAKO,IAAIN,EAAGC,EAAGC,EAAGC,EACpB,CACU,UAAAe,GACRsE,EAAM5D,KAAK,EACb,CACA,OAAAR,GACErB,KAAKO,IAAI,EAAG,EAAG,EAAG,GAClBP,KAAKsB,OAAOO,KAAK,EACnB,EAEK,MClEMgE,EAAc,IAAIC,IAAIC,OAAOC,QAAQ,CAChDC,mBDiEiCC,GAAgB,IAAM,IAAIR,IChE3DnE,OACA4E,SACAC,SACAC,SACAC,SACAC,WACAC,WACAzB","x_google_ignoreList":[0,1,2]}

package/dist/lightweight/noble_hashes.mjs

@@ -1,17 +1,25 @@
-/*! OpenPGP.js v6.1.1-patch.4 - 2025-07-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+/*! OpenPGP.js v6.2.1 - 2025-08-28 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
 const globalThis = typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
 
-import { H as HashMD, C as Chi$1, M as Maj, c as sha224, s as sha256, a as sha384, b as sha512 } from './sha512.mjs';
-import { w as wrapConstructor, e as rotl, f as sha3_256, g as sha3_512 } from './sha3.mjs';
+import { l as createHasher, q as HashMD, u as rotl, f as clean, C as Chi$1, M as Maj, w as wrapConstructor, v as sha3_512, x as sha3_256, p as sha512, o as sha384, n as sha256, y as sha224 } from './sha512.mjs';
 
-// SHA1 (RFC 3174). It was cryptographically broken: prefer newer algorithms.
-// Initial state
-const SHA1_IV = /* @__PURE__ */ new Uint32Array([
+/**
+
+SHA1 (RFC 3174), MD5 (RFC 1321) and RIPEMD160 (RFC 2286) legacy, weak hash functions.
+Don't use them in a new protocol. What "weak" means:
+
+- Collisions can be made with 2^18 effort in MD5, 2^60 in SHA1, 2^80 in RIPEMD160.
+- No practical pre-image attacks (only theoretical, 2^123.4)
+- HMAC seems kinda ok: https://datatracker.ietf.org/doc/html/rfc6151
+ * @module
+ */
+/** Initial SHA1 state */
+const SHA1_IV = /* @__PURE__ */ Uint32Array.from([
     0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0,
 ]);
-// Temporary buffer, not used to store anything between runs
-// Named this way because it matches specification.
+// Reusable temporary buffer
 const SHA1_W = /* @__PURE__ */ new Uint32Array(80);
+/** SHA1 legacy hash class. */
 class SHA1 extends HashMD {
     constructor() {
         super(64, 20, 8, false);
@@ -73,60 +81,62 @@ class SHA1 extends HashMD {
         this.set(A, B, C, D, E);
     }
     roundClean() {
-        SHA1_W.fill(0);
+        clean(SHA1_W);
     }
     destroy() {
         this.set(0, 0, 0, 0, 0);
-        this.buffer.fill(0);
+        clean(this.buffer);
     }
 }
-/**
- * SHA1 (RFC 3174) hash function.
- * It was cryptographically broken: prefer newer algorithms.
- * @param message - data that would be hashed
- */
-const sha1 = /* @__PURE__ */ wrapConstructor(() => new SHA1());
-
-// https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
-// https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf
-const Rho = /* @__PURE__ */ new Uint8Array([7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8]);
-const Id = /* @__PURE__ */ new Uint8Array(new Array(16).fill(0).map((_, i) => i));
-const Pi = /* @__PURE__ */ Id.map((i) => (9 * i + 5) % 16);
-let idxL = [Id];
-let idxR = [Pi];
-for (let i = 0; i < 4; i++)
-    for (let j of [idxL, idxR])
-        j.push(j[i].map((k) => Rho[k]));
-const shifts = /* @__PURE__ */ [
+/** SHA1 (RFC 3174) legacy hash function. It was cryptographically broken. */
+const sha1$1 = /* @__PURE__ */ createHasher(() => new SHA1());
+// RIPEMD-160
+const Rho160 = /* @__PURE__ */ Uint8Array.from([
+    7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
+]);
+const Id160 = /* @__PURE__ */ (() => Uint8Array.from(new Array(16).fill(0).map((_, i) => i)))();
+const Pi160 = /* @__PURE__ */ (() => Id160.map((i) => (9 * i + 5) % 16))();
+const idxLR = /* @__PURE__ */ (() => {
+    const L = [Id160];
+    const R = [Pi160];
+    const res = [L, R];
+    for (let i = 0; i < 4; i++)
+        for (let j of res)
+            j.push(j[i].map((k) => Rho160[k]));
+    return res;
+})();
+const idxL = /* @__PURE__ */ (() => idxLR[0])();
+const idxR = /* @__PURE__ */ (() => idxLR[1])();
+// const [idxL, idxR] = idxLR;
+const shifts160 = /* @__PURE__ */ [
     [11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8],
     [12, 13, 11, 15, 6, 9, 9, 7, 12, 15, 11, 13, 7, 8, 7, 7],
     [13, 15, 14, 11, 7, 7, 6, 8, 13, 14, 13, 12, 5, 5, 6, 9],
     [14, 11, 12, 14, 8, 6, 5, 5, 15, 12, 15, 14, 9, 9, 8, 6],
     [15, 12, 13, 13, 9, 5, 8, 6, 14, 11, 12, 11, 8, 6, 5, 5],
-].map((i) => new Uint8Array(i));
-const shiftsL = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts[i][j]));
-const shiftsR = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts[i][j]));
-const Kl = /* @__PURE__ */ new Uint32Array([
+].map((i) => Uint8Array.from(i));
+const shiftsL160 = /* @__PURE__ */ idxL.map((idx, i) => idx.map((j) => shifts160[i][j]));
+const shiftsR160 = /* @__PURE__ */ idxR.map((idx, i) => idx.map((j) => shifts160[i][j]));
+const Kl160 = /* @__PURE__ */ Uint32Array.from([
     0x00000000, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e,
 ]);
-const Kr = /* @__PURE__ */ new Uint32Array([
+const Kr160 = /* @__PURE__ */ Uint32Array.from([
     0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0x00000000,
 ]);
 // It's called f() in spec.
-function f(group, x, y, z) {
+function ripemd_f(group, x, y, z) {
     if (group === 0)
         return x ^ y ^ z;
-    else if (group === 1)
+    if (group === 1)
         return (x & y) | (~x & z);
-    else if (group === 2)
+    if (group === 2)
         return (x | ~y) ^ z;
-    else if (group === 3)
+    if (group === 3)
         return (x & z) | (y & ~z);
-    else
-        return x ^ (y | ~z);
+    return x ^ (y | ~z);
 }
-// Temporary buffer, not used to store anything between runs
-const R_BUF = /* @__PURE__ */ new Uint32Array(16);
+// Reusable temporary buffer
+const BUF_160 = /* @__PURE__ */ new Uint32Array(16);
 class RIPEMD160 extends HashMD {
     constructor() {
         super(64, 20, 8, true);
@@ -149,23 +159,23 @@ class RIPEMD160 extends HashMD {
     }
     process(view, offset) {
         for (let i = 0; i < 16; i++, offset += 4)
-            R_BUF[i] = view.getUint32(offset, true);
+            BUF_160[i] = view.getUint32(offset, true);
         // prettier-ignore
         let al = this.h0 | 0, ar = al, bl = this.h1 | 0, br = bl, cl = this.h2 | 0, cr = cl, dl = this.h3 | 0, dr = dl, el = this.h4 | 0, er = el;
         // Instead of iterating 0 to 80, we split it into 5 groups
         // And use the groups in constants, functions, etc. Much simpler
         for (let group = 0; group < 5; group++) {
             const rGroup = 4 - group;
-            const hbl = Kl[group], hbr = Kr[group]; // prettier-ignore
+            const hbl = Kl160[group], hbr = Kr160[group]; // prettier-ignore
             const rl = idxL[group], rr = idxR[group]; // prettier-ignore
-            const sl = shiftsL[group], sr = shiftsR[group]; // prettier-ignore
+            const sl = shiftsL160[group], sr = shiftsR160[group]; // prettier-ignore
             for (let i = 0; i < 16; i++) {
-                const tl = (rotl(al + f(group, bl, cl, dl) + R_BUF[rl[i]] + hbl, sl[i]) + el) | 0;
+                const tl = (rotl(al + ripemd_f(group, bl, cl, dl) + BUF_160[rl[i]] + hbl, sl[i]) + el) | 0;
                 al = el, el = dl, dl = rotl(cl, 10) | 0, cl = bl, bl = tl; // prettier-ignore
             }
             // 2 loops are 10% faster
             for (let i = 0; i < 16; i++) {
-                const tr = (rotl(ar + f(rGroup, br, cr, dr) + R_BUF[rr[i]] + hbr, sr[i]) + er) | 0;
+                const tr = (rotl(ar + ripemd_f(rGroup, br, cr, dr) + BUF_160[rr[i]] + hbr, sr[i]) + er) | 0;
                 ar = er, er = dr, dr = rotl(cr, 10) | 0, cr = br, br = tr; // prettier-ignore
             }
         }
@@ -173,19 +183,38 @@ class RIPEMD160 extends HashMD {
         this.set((this.h1 + cl + dr) | 0, (this.h2 + dl + er) | 0, (this.h3 + el + ar) | 0, (this.h4 + al + br) | 0, (this.h0 + bl + cr) | 0);
     }
     roundClean() {
-        R_BUF.fill(0);
+        clean(BUF_160);
     }
     destroy() {
         this.destroyed = true;
-        this.buffer.fill(0);
+        clean(this.buffer);
         this.set(0, 0, 0, 0, 0);
     }
 }
 /**
- * RIPEMD-160 - a hash function from 1990s.
- * @param message - msg that would be hashed
+ * RIPEMD-160 - a legacy hash function from 1990s.
+ * * https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
+ * * https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf
+ */
+const ripemd160$1 = /* @__PURE__ */ createHasher(() => new RIPEMD160());
+
+/**
+ * SHA1 (RFC 3174) legacy hash function.
+ * @module
+ * @deprecated
+ */
+/** @deprecated Use import from `noble/hashes/legacy` module */
+const sha1 = sha1$1;
+
+/**
+ * RIPEMD-160 legacy hash function.
+ * https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
+ * https://homes.esat.kuleuven.be/~bosselae/ripemd160/pdf/AB-9601/AB-9601.pdf
+ * @module
+ * @deprecated
  */
-const ripemd160 = /* @__PURE__ */ wrapConstructor(() => new RIPEMD160());
+/** @deprecated Use import from `noble/hashes/legacy` module */
+const ripemd160 = ripemd160$1;
 
 // Copied from https://github.com/paulmillr/noble-hashes/blob/main/test/misc/md5.ts
 // Per-round constants

package/dist/lightweight/noble_post_quantum.min.mjs

@@ -1,5 +1,4 @@
-/*! OpenPGP.js v6.1.1-patch.4 - 2025-07-14 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;import{c as e,r as t,l as n,s as r,f as o,g as c,m as s,d}from"./sha3.min.mjs";
-/*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */const l=e,u=t;function f(e,t){if(e.length!==t.length)return!1;let n=0;for(let r=0;r<e.length;r++)n|=e[r]^t[r];return 0===n}function i(...e){const t=e=>"number"==typeof e?e:e.bytesLen,n=e.reduce(((e,n)=>e+t(n)),0);return{bytesLen:n,encode:r=>{const o=new Uint8Array(n);for(let n=0,c=0;n<e.length;n++){const s=e[n],d=t(s),u="number"==typeof s?r[n]:s.encode(r[n]);l(u,d),o.set(u,c),"number"!=typeof s&&u.fill(0),c+=d}return o},decode:r=>{l(r,n);const o=[];for(const n of e){const e=t(n),c=r.subarray(0,e);o.push("number"==typeof n?c:n.decode(c)),r=r.subarray(e)}return o}}}function a(e,t){const n=t*e.bytesLen;return{bytesLen:n,encode:r=>{if(r.length!==t)throw Error(`vecCoder.encode: wrong length=${r.length}. Expected: ${t}`);const o=new Uint8Array(n);for(let t=0,n=0;t<r.length;t++){const c=e.encode(r[t]);o.set(c,n),c.fill(0),n+=c.length}return o},decode:t=>{l(t,n);const r=[];for(let n=0;n<t.length;n+=e.bytesLen)r.push(e.decode(t.subarray(n,n+e.bytesLen)));return r}}}function y(...e){for(const t of e)if(Array.isArray(t))for(const e of t)e.fill(0);else t.fill(0)}function p(e){return(1<<e)-1}
-/*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */function h(e,t=8){const n=e.toString(2).padStart(8,"0").slice(-t).padStart(7,"0").split("").reverse().join("");return Number.parseInt(n,2)}const g=e=>{const{newPoly:t,N:n,Q:r,F:o,ROOT_OF_UNITY:c,brvBits:s,isKyber:d}=e,l=(e,t=r)=>{const n=e%t|0;return 0|(n>=0?n:t+n)};const u=function(){const e=t(n);for(let t=0;t<n;t++){const n=h(t,s),o=BigInt(c)**BigInt(n)%BigInt(r);e[t]=0|Number(o)}return e}(),f=d?128:n,i=d?1:0,a={encode:e=>{for(let t=1,r=128;r>i;r>>=1)for(let o=0;o<n;o+=2*r){const n=u[t++];for(let t=o;t<o+r;t++){const o=l(n*e[t+r]);e[t+r]=0|l(e[t]-o),e[t]=0|l(e[t]+o)}}return e},decode:e=>{for(let t=f-1,r=1+i;r<f+i;r<<=1)for(let o=0;o<n;o+=2*r){const n=u[t--];for(let t=o;t<o+r;t++){const o=e[t];e[t]=l(o+e[t+r]),e[t+r]=l(n*(e[t+r]-o))}}for(let t=0;t<e.length;t++)e[t]=l(o*e[t]);return e}};return{mod:l,smod:(e,t=r)=>{const n=0|l(e,t);return 0|(n>t>>1?n-t:n)},nttZetas:u,NTT:a,bitsCoder:(e,r)=>{const o=p(e),c=e*(n/8);return{bytesLen:c,encode:t=>{const n=new Uint8Array(c);for(let c=0,s=0,d=0,l=0;c<t.length;c++)for(s|=(r.encode(t[c])&o)<<d,d+=e;d>=8;d-=8,s>>=8)n[l++]=s&p(d);return n},decode:c=>{const s=t(n);for(let t=0,n=0,d=0,l=0;t<c.length;t++)for(n|=c[t]<<d,d+=8;d>=e;d-=e,n>>=e)s[l++]=r.decode(n&o);return s}}}}},b=e=>(t,n)=>{n||(n=e.blockLen);const r=new Uint8Array(t.length+2);r.set(t);const o=t.length,c=new Uint8Array(n);let s=e.create({}),d=0,l=0;return{stats:()=>({calls:d,xofs:l}),get:(t,n)=>(r[o+0]=t,r[o+1]=n,s.destroy(),s=e.create({}).update(r),d++,()=>(l++,s.xofInto(c))),clean:()=>{s.destroy(),c.fill(0),r.fill(0)}}},A=/* @__PURE__ */b(n),L=/* @__PURE__ */b(r),w=256,T=3329,{mod:E,nttZetas:m,NTT:K,bitsCoder:U}=g({N:w,Q:T,F:3303,ROOT_OF_UNITY:17,newPoly:e=>new Uint16Array(e),brvBits:7,isKyber:!0}),k=e=>U(e,(e=>{if(e>=12)return{encode:e=>e,decode:e=>e};const t=2**(e-1);return{encode:t=>((t<<e)+T/2)/T,decode:n=>n*T+t>>>e}})(e));function M(e,t){for(let n=0;n<w;n++)e[n]=E(e[n]+t[n])}function B(e,t){for(let s=0;s<128;s++){let d=m[64+(s>>1)];1&s&&(d=-d);const{c0:l,c1:u}=(n=e[2*s+0],r=e[2*s+1],o=t[2*s+0],c=t[2*s+1],{c0:E(r*c*d+n*o),c1:E(n*c+r*o)});e[2*s+0]=l,e[2*s+1]=u}var n,r,o,c;return e}function O(e){const t=new Uint16Array(w);for(let n=0;n<w;){const r=e();if(r.length%3)throw Error("SampleNTT: unaligned block");for(let e=0;n<w&&e+3<=r.length;e+=3){const o=4095&(r[e+0]|r[e+1]<<8),c=4095&(r[e+1]>>4|r[e+2]<<4);o<T&&(t[n++]=o),n<w&&c<T&&(t[n++]=c)}}return t}function F(e,t,n,r){const o=e(r*w/4,t,n),c=new Uint16Array(w),d=s(o);let l=0;for(let e=0,t=0,n=0,o=0;e<d.length;e++){let s=d[e];for(let e=0;e<32;e++)n+=1&s,s>>=1,l+=1,l===r?(o=n,n=0):l===2*r&&(c[t++]=E(o-n),n=0,l=0)}if(l)throw Error("sampleCBD: leftover bits: "+l);return c}const S=e=>{const{K:t,PRF:n,XOF:r,HASH512:o,ETA1:c,ETA2:s,du:d,dv:l}=e,u=k(1),f=k(l),p=k(d),h=i(a(k(12),t),32),g=a(k(12),t),b=i(a(p,t),f),A=i(32,32);return{secretCoder:g,secretKeyLen:g.bytesLen,publicKeyLen:h.bytesLen,cipherTextLen:b.bytesLen,keygen:e=>{const s=new Uint8Array(33);s.set(e),s[32]=t;const d=o(s),[l,u]=A.decode(d),f=[],i=[];for(let e=0;e<t;e++)f.push(K.encode(F(n,u,e,c)));const a=r(l);for(let e=0;e<t;e++){const r=K.encode(F(n,u,t+e,c));for(let n=0;n<t;n++){M(r,B(O(a.get(n,e)),f[n]))}i.push(r)}a.clean();const p={publicKey:h.encode([i,l]),secretKey:g.encode(f)};return y(l,u,f,i,s,d),p},encrypt:(e,o,d)=>{const[l,f]=h.decode(e),i=[];for(let e=0;e<t;e++)i.push(K.encode(F(n,d,e,c)));const a=r(f),p=new Uint16Array(w),g=[];for(let e=0;e<t;e++){const r=F(n,d,t+e,s),o=new Uint16Array(w);for(let n=0;n<t;n++){M(o,B(O(a.get(e,n)),i[n]))}M(r,K.decode(o)),g.push(r),M(p,B(l[e],i[e])),o.fill(0)}a.clean();const A=F(n,d,2*t,s);M(A,K.decode(p));const L=u.decode(o);return M(L,A),y(l,i,p,A),b.encode([g,L])},decrypt:(e,n)=>{const[r,o]=b.decode(e),c=g.decode(n),s=new Uint16Array(w);for(let e=0;e<t;e++)M(s,B(c[e],K.encode(r[e])));return function(e,t){for(let n=0;n<w;n++)e[n]=E(e[n]-t[n])}(o,K.decode(s)),y(s,c,r),u.encode(o)}}};function v(e){const t=S(e),{HASH256:n,HASH512:r,KDF:o}=e,{secretCoder:c,cipherTextLen:s}=t,d=t.publicKeyLen,a=i(t.secretKeyLen,t.publicKeyLen,32,32),p=a.bytesLen;return{publicKeyLen:d,msgLen:32,keygen:(e=u(64))=>{l(e,64);const{publicKey:r,secretKey:o}=t.keygen(e.subarray(0,32)),c=n(r),s=a.encode([o,r,c,e.subarray(32)]);return y(o,c),{publicKey:r,secretKey:s}},encapsulate:(o,s=u(32))=>{l(o,d),l(s,32);const i=o.subarray(0,384*e.K),a=c.encode(c.decode(i.slice()));if(!f(a,i))throw y(a),Error("ML-KEM.encapsulate: wrong publicKey modulus");y(a);const p=r.create().update(s).update(n(o)).digest(),h=t.encrypt(o,s,p.subarray(32,64));return p.subarray(32).fill(0),{cipherText:h,sharedSecret:p.subarray(0,32)}},decapsulate:(e,n)=>{l(n,p),l(e,s);const[c,d,u,i]=a.decode(n),h=t.decrypt(e,c),g=r.create().update(h).update(u).digest(),b=g.subarray(0,32),A=t.encrypt(d,h,g.subarray(32,64)),L=f(e,A),w=o.create({dkLen:32}).update(i).update(e).digest();return y(h,A,L?w:b),L?b:w}}}const N=/* @__PURE__ */v({...{HASH256:o,HASH512:c,KDF:r,XOF:A,PRF:function(e,t,n){return r.create({dkLen:e}).update(t).update(new Uint8Array([n])).digest()}},...{N:w,Q:T,K:3,ETA1:2,ETA2:2,du:10,dv:4,RBGstrength:192}}),R=256,_=8380417,I=13,H=0|Math.floor((_-1)/88),C=0|Math.floor((_-1)/32),x={K:6,L:5,D:I,GAMMA1:2**19,GAMMA2:C,TAU:49,ETA:4,OMEGA:55},G=e=>new Int32Array(e),{mod:Y,smod:D,NTT:P,bitsCoder:X}=g({N:R,Q:_,F:8347681,ROOT_OF_UNITY:1753,newPoly:G,isKyber:!1,brvBits:8}),$=e=>e,Q=(e,t=$,n=$)=>X(e,{encode:e=>t(n(e)),decode:e=>n(t(e))}),j=(e,t)=>{for(let n=0;n<e.length;n++)e[n]=Y(e[n]+t[n]);return e},W=(e,t)=>{for(let n=0;n<e.length;n++)e[n]=Y(e[n]-t[n]);return e},Z=e=>{for(let t=0;t<R;t++)e[t]<<=I;return e},q=(e,t)=>{for(let n=0;n<R;n++)if(Math.abs(D(e[n]))>=t)return!0;return!1},z=(e,t)=>{const n=G(R);for(let r=0;r<e.length;r++)n[r]=Y(e[r]*t[r]);return n};function J(e){const t=G(R);for(let n=0;n<R;){const r=e();if(r.length%3)throw Error("RejNTTPoly: unaligned block");for(let e=0;n<R&&e<=r.length-3;e+=3){const o=8388607&(r[e+0]|r[e+1]<<8|r[e+2]<<16);o<_&&(t[n++]=o)}}return t}const V=new Uint8Array(0);function ee(e){const{K:t,L:n,GAMMA1:o,GAMMA2:c,TAU:s,ETA:p,OMEGA:h}=e,{CRH_BYTES:g,TR_BYTES:b,C_TILDE_BYTES:A,XOF128:L,XOF256:w}=e;if(![2,4].includes(p))throw Error("Wrong ETA");if(![1<<17,1<<19].includes(o))throw Error("Wrong GAMMA1");if(![H,C].includes(c))throw Error("Wrong GAMMA2");const T=s*p,E=e=>{const t=Y(e),n=0|D(t,2*c);if(t-n==_-1)return{r1:0,r0:n-1|0};return{r1:0|Math.floor((t-n)/(2*c)),r0:n}},m=e=>E(e).r1,K=e=>E(e).r0,U=(e,t)=>{const n=Math.floor((_-1)/(2*c)),{r1:r,r0:o}=E(t);return 1===e?o>0?0|Y(r+1,n):0|Y(r-1,n):0|r},k=e=>{const t=Y(e),n=0|D(t,8192);return{r1:0|Math.floor((t-n)/8192),r0:n}},M={bytesLen:h+t,encode:e=>{if(!1===e)throw Error("hint.encode: hint is false");const n=new Uint8Array(h+t);for(let r=0,o=0;r<t;r++){for(let t=0;t<R;t++)0!==e[r][t]&&(n[o++]=t);n[h+r]=o}return n},decode:e=>{const n=[];let r=0;for(let o=0;o<t;o++){const t=G(R);if(e[h+o]<r||e[h+o]>h)return!1;for(let n=r;n<e[h+o];n++){if(n>r&&e[n]<=e[n-1])return!1;t[e[n]]=1}r=e[h+o],n.push(t)}for(let t=r;t<h;t++)if(0!==e[t])return!1;return n}},B=Q(2===p?3:4,(e=>p-e),(e=>{if(!(-p<=e&&e<=p))throw Error(`malformed key s1/s3 ${e} outside of ETA range [${-p}, ${p}]`);return e})),O=Q(13,(e=>4096-e)),F=Q(10),S=Q(o===1<<17?18:20,(e=>D(o-e))),v=a(Q(c===H?6:4),t),N=i(32,a(F,t)),I=i(32,32,b,a(B,n),a(B,t),a(O,t)),x=i(A,a(S,n),M),X=2===p?e=>e<15&&2-e%5:e=>e<9&&4-e;function $(e){const t=G(R);for(let n=0;n<R;){const r=e();for(let e=0;n<R&&e<r.length;e+=1){const o=X(15&r[e]),c=X(r[e]>>4&15);!1!==o&&(t[n++]=o),n<R&&!1!==c&&(t[n++]=c)}}return t}const ee=e=>{const t=G(R),n=r.create({}).update(e),o=new Uint8Array(r.blockLen);n.xofInto(o);const c=o.slice(0,8);for(let e=R-s,d=8,l=0,u=0;e<R;e++){let s=e+1;for(;s>e;)s=o[d++],d<r.blockLen||(n.xofInto(o),d=0);t[e]=t[s],t[s]=1-((c[l]>>u++&1)<<1),u>=8&&(l++,u=0)}return t},te=e=>{const t=G(R),n=G(R);for(let r=0;r<e.length;r++){const{r0:o,r1:c}=k(e[r]);t[r]=o,n[r]=c}return{r0:t,r1:n}},ne=(e,t)=>{for(let n=0;n<R;n++)e[n]=U(t[n],e[n]);return e},re=(e,t)=>{const n=G(R);let r=0;for(let d=0;d<R;d++){const l=(o=e[d],s=t[d],o<=c||o>_-c||o===_-c&&0===s?0:1);n[d]=l,r+=l}var o,s;return{v:n,cnt:r}},oe=i(32,64,32),ce={signRandBytes:32,keygen:(e=u(32))=>{const o=new Uint8Array(34);o.set(e),o[32]=t,o[33]=n;const[c,s,d]=oe.decode(r(o,{dkLen:oe.bytesLen})),l=w(s),f=[];for(let e=0;e<n;e++)f.push($(l.get(255&e,e>>8&255)));const i=[];for(let e=n;e<n+t;e++)i.push($(l.get(255&e,e>>8&255)));const a=f.map((e=>P.encode(e.slice()))),p=[],h=[],g=L(c),A=G(R);for(let e=0;e<t;e++){A.fill(0);for(let t=0;t<n;t++){const n=J(g.get(t,e));j(A,z(n,a[t]))}P.decode(A);const{r0:t,r1:r}=te(j(A,i[e]));p.push(t),h.push(r)}const T=N.encode([c,h]),E=r(T,{dkLen:b}),m=I.encode([c,d,E,f,i,p]);return g.clean(),l.clean(),y(c,s,d,f,i,a,A,p,h,E,o),{publicKey:T,secretKey:m}},sign:(e,s,d)=>{const[u,f,i,a,p,b]=I.decode(e),E=[],U=L(u);for(let e=0;e<t;e++){const t=[];for(let r=0;r<n;r++)t.push(J(U.get(r,e)));E.push(t)}U.clean();for(let e=0;e<n;e++)P.encode(a[e]);for(let e=0;e<t;e++)P.encode(p[e]),P.encode(b[e]);const k=r.create({dkLen:g}).update(i).update(s).digest(),M=d||new Uint8Array(32);l(M);const B=r.create({dkLen:g}).update(f).update(M).update(k).digest();l(B,g);const O=w(B,S.bytesLen);e:for(let e=0;;){const s=[];for(let t=0;t<n;t++,e++)s.push(S.decode(O.get(255&e,e>>8)()));const d=s.map((e=>P.encode(e.slice()))),l=[];for(let e=0;e<t;e++){const t=G(R);for(let r=0;r<n;r++)j(t,z(E[e][r],d[r]));P.decode(t),l.push(t)}const u=l.map((e=>e.map(m))),f=r.create({dkLen:A}).update(k).update(v.encode(u)).digest(),i=P.encode(ee(f)),g=a.map((e=>z(e,i)));for(let e=0;e<n;e++)if(j(P.decode(g[e]),s[e]),q(g[e],o-T))continue e;let L=0;const w=[];for(let e=0;e<t;e++){const t=P.decode(z(p[e],i)),n=W(l[e],t).map(K);if(q(n,c-T))continue e;const r=P.decode(z(b[e],i));if(q(r,c))continue e;j(n,r);const o=re(n,u[e]);w.push(o.v),L+=o.cnt}if(L>h)continue;O.clean();const U=x.encode([f,g,w]);return y(f,g,w,i,u,l,d,s,B,k,a,p,b,...E),U}throw Error("Unreachable code path reached, report this error")},verify:(e,c,s)=>{const[d,l]=N.decode(e),u=r(e,{dkLen:b});if(s.length!==x.bytesLen)return!1;const[i,a,y]=x.decode(s);if(!1===y)return!1;for(let e=0;e<n;e++)if(q(a[e],o-T))return!1;const p=r.create({dkLen:g}).update(u).update(c).digest(),w=P.encode(ee(i)),E=a.map((e=>e.slice()));for(let e=0;e<n;e++)P.encode(E[e]);const m=[],K=L(d);for(let e=0;e<t;e++){const t=z(P.encode(Z(l[e])),w),r=G(R);for(let t=0;t<n;t++){const n=J(K.get(t,e));j(r,z(n,E[t]))}const o=P.decode(W(r,t));m.push(ne(o,y[e]))}K.clean();const U=r.create({dkLen:A}).update(p).update(v.encode(m)).digest();for(const e of y){if(!(e.reduce(((e,t)=>e+t),0)<=h))return!1}for(const e of a)if(q(e,o-T))return!1;return f(i,U)}},se=(e,t=V)=>{if(l(e),l(t),t.length>255)throw Error("context should be less than 255 bytes");return d(new Uint8Array([0,t.length]),t,e)};return{internal:ce,keygen:ce.keygen,signRandBytes:ce.signRandBytes,sign:(e,t,n=V,r)=>{const o=se(t,n),c=ce.sign(e,o,r);return o.fill(0),c},verify:(e,t,n,r=V)=>ce.verify(e,se(t,r),n)}}const te=/* @__PURE__ */ee({...x,CRH_BYTES:64,TR_BYTES:64,C_TILDE_BYTES:48,XOF128:A,XOF256:L});export{te as ml_dsa65,N as ml_kem768};
+/*! OpenPGP.js v6.2.1 - 2025-08-28 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function t(e){if(!Number.isSafeInteger(e)||e<0)throw Error("positive integer expected, got "+e)}function n(e,...t){if(!((n=e)instanceof Uint8Array||ArrayBuffer.isView(n)&&"Uint8Array"===n.constructor.name))throw Error("Uint8Array expected");var n;if(t.length>0&&!t.includes(e.length))throw Error("Uint8Array expected of length "+t+", got length="+e.length)}function r(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}const o=/* @__PURE__ */BigInt(2**32-1),s=/* @__PURE__ */BigInt(32);function c(e,t=!1){return t?{h:Number(e&o),l:Number(e>>s&o)}:{h:0|Number(e>>s&o),l:0|Number(e&o)}}function i(e,t=!1){let n=new Uint32Array(e.length),r=new Uint32Array(e.length);for(let o=0;o<e.length;o++){const{h:s,l:i}=c(e[o],t);[n[o],r[o]]=[s,i]}return[n,r]}const u="object"==typeof e&&"crypto"in e?e.crypto:void 0,l=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4)),f=/* @__PURE__ */(()=>68===new Uint8Array(new Uint32Array([287454020]).buffer)[0])();function d(e){for(let n=0;n<e.length;n++)e[n]=(t=e[n])<<24&4278190080|t<<8&16711680|t>>>8&65280|t>>>24&255;var t}function a(e){return"string"==typeof e&&(e=function(e){if("string"!=typeof e)throw Error("utf8ToBytes expected string, got "+typeof e);return new Uint8Array((new TextEncoder).encode(e))}(e)),n(e),e}class h{clone(){return this._cloneInto()}}const y=[],p=[],g=[],b=/* @__PURE__ */BigInt(0),w=/* @__PURE__ */BigInt(1),A=/* @__PURE__ */BigInt(2),L=/* @__PURE__ */BigInt(7),k=/* @__PURE__ */BigInt(256),E=/* @__PURE__ */BigInt(113);for(let e=0,t=w,n=1,r=0;e<24;e++){[n,r]=[r,(2*n+3*r)%5],y.push(2*(5*r+n)),p.push((e+1)*(e+2)/2%64);let o=b;for(let e=0;e<7;e++)t=(t<<w^(t>>L)*E)%k,t&A&&(o^=w<<(w<</* @__PURE__ */BigInt(e))-w);g.push(o)}const[T,U]=/* @__PURE__ */i(g,!0),m=(e,t,n)=>n>32?((e,t,n)=>t<<n-32|e>>>64-n)(e,t,n):((e,t,n)=>e<<n|t>>>32-n)(e,t,n),I=(e,t,n)=>n>32?((e,t,n)=>e<<n-32|t>>>64-n)(e,t,n):((e,t,n)=>t<<n|e>>>32-n)(e,t,n);class O extends h{constructor(e,n,r,o=!1,s=24){if(super(),this.blockLen=e,this.suffix=n,this.outputLen=r,this.enableXOF=o,this.rounds=s,this.pos=0,this.posOut=0,this.finished=!1,this.destroyed=!1,t(r),0>=this.blockLen||this.blockLen>=200)throw Error("Sha3 supports only keccak-f1600 function");this.state=new Uint8Array(200),this.state32=l(this.state)}keccak(){f||d(this.state32),function(e,t=24){const n=new Uint32Array(10);for(let r=24-t;r<24;r++){for(let t=0;t<10;t++)n[t]=e[t]^e[t+10]^e[t+20]^e[t+30]^e[t+40];for(let t=0;t<10;t+=2){const r=(t+8)%10,o=(t+2)%10,s=n[o],c=n[o+1],i=m(s,c,1)^n[r],u=I(s,c,1)^n[r+1];for(let n=0;n<50;n+=10)e[t+n]^=i,e[t+n+1]^=u}let t=e[2],o=e[3];for(let n=0;n<24;n++){const r=p[n],s=m(t,o,r),c=I(t,o,r),i=y[n];t=e[i],o=e[i+1],e[i]=s,e[i+1]=c}for(let t=0;t<50;t+=10){for(let r=0;r<10;r++)n[r]=e[t+r];for(let r=0;r<10;r++)e[t+r]^=~n[(r+2)%10]&n[(r+4)%10]}e[0]^=T[r],e[1]^=U[r]}n.fill(0)}(this.state32,this.rounds),f||d(this.state32),this.posOut=0,this.pos=0}update(e){r(this);const{blockLen:t,state:n}=this,o=(e=a(e)).length;for(let r=0;r<o;){const s=Math.min(t-this.pos,o-r);for(let t=0;t<s;t++)n[this.pos++]^=e[r++];this.pos===t&&this.keccak()}return this}finish(){if(this.finished)return;this.finished=!0;const{state:e,suffix:t,pos:n,blockLen:r}=this;e[n]^=t,128&t&&n===r-1&&this.keccak(),e[r-1]^=128,this.keccak()}writeInto(e){r(this,!1),n(e),this.finish();const t=this.state,{blockLen:o}=this;for(let n=0,r=e.length;n<r;){this.posOut>=o&&this.keccak();const s=Math.min(o-this.posOut,r-n);e.set(t.subarray(this.posOut,this.posOut+s),n),this.posOut+=s,n+=s}return e}xofInto(e){if(!this.enableXOF)throw Error("XOF is not possible for this instance");return this.writeInto(e)}xof(e){return t(e),this.xofInto(new Uint8Array(e))}digestInto(e){if(function(e,t){n(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}(e,this),this.finished)throw Error("digest() was already called");return this.writeInto(e),this.destroy(),e}digest(){return this.digestInto(new Uint8Array(this.outputLen))}destroy(){this.destroyed=!0,this.state.fill(0)}_cloneInto(e){const{blockLen:t,suffix:n,outputLen:r,rounds:o,enableXOF:s}=this;return e||(e=new O(t,n,r,s,o)),e.state32.set(this.state32),e.pos=this.pos,e.posOut=this.posOut,e.finished=this.finished,e.rounds=o,e.suffix=n,e.outputLen=r,e.enableXOF=s,e.destroyed=this.destroyed,e}}const B=(e,t,n)=>function(e){const t=t=>e().update(a(t)).digest(),n=e();return t.outputLen=n.outputLen,t.blockLen=n.blockLen,t.create=()=>e(),t}((()=>new O(t,e,n))),K=/* @__PURE__ */B(6,136,32),x=/* @__PURE__ */B(6,72,64),M=(e,t,n)=>function(e){const t=(t,n)=>e(n).update(a(t)).digest(),n=e({});return t.outputLen=n.outputLen,t.blockLen=n.blockLen,t.create=t=>e(t),t}(((r={})=>new O(t,e,void 0===r.dkLen?n:r.dkLen,!0))),F=/* @__PURE__ */M(31,168,16),v=/* @__PURE__ */M(31,136,32),N=n,S=function(e=32){if(u&&"function"==typeof u.getRandomValues)return u.getRandomValues(new Uint8Array(e));if(u&&"function"==typeof u.randomBytes)return u.randomBytes(e);throw Error("crypto.getRandomValues must be defined")};function R(e,t){if(e.length!==t.length)return!1;let n=0;for(let r=0;r<e.length;r++)n|=e[r]^t[r];return 0===n}function _(...e){const t=e=>"number"==typeof e?e:e.bytesLen,n=e.reduce(((e,n)=>e+t(n)),0);return{bytesLen:n,encode:r=>{const o=new Uint8Array(n);for(let n=0,s=0;n<e.length;n++){const c=e[n],i=t(c),u="number"==typeof c?r[n]:c.encode(r[n]);N(u,i),o.set(u,s),"number"!=typeof c&&u.fill(0),s+=i}return o},decode:r=>{N(r,n);const o=[];for(const n of e){const e=t(n),s=r.subarray(0,e);o.push("number"==typeof n?s:n.decode(s)),r=r.subarray(e)}return o}}}function H(e,t){const n=t*e.bytesLen;return{bytesLen:n,encode:r=>{if(r.length!==t)throw Error(`vecCoder.encode: wrong length=${r.length}. Expected: ${t}`);const o=new Uint8Array(n);for(let t=0,n=0;t<r.length;t++){const s=e.encode(r[t]);o.set(s,n),s.fill(0),n+=s.length}return o},decode:t=>{N(t,n);const r=[];for(let n=0;n<t.length;n+=e.bytesLen)r.push(e.decode(t.subarray(n,n+e.bytesLen)));return r}}}function C(...e){for(const t of e)if(Array.isArray(t))for(const e of t)e.fill(0);else t.fill(0)}function X(e){return(1<<e)-1}
+/*! noble-post-quantum - MIT License (c) 2024 Paul Miller (paulmillr.com) */function G(e,t=8){const n=e.toString(2).padStart(8,"0").slice(-t).padStart(7,"0").split("").reverse().join("");return Number.parseInt(n,2)}const Y=e=>{const{newPoly:t,N:n,Q:r,F:o,ROOT_OF_UNITY:s,brvBits:c,isKyber:i}=e,u=(e,t=r)=>{const n=e%t|0;return 0|(n>=0?n:t+n)};const l=function(){const e=t(n);for(let t=0;t<n;t++){const n=G(t,c),o=BigInt(s)**BigInt(n)%BigInt(r);e[t]=0|Number(o)}return e}(),f=i?128:n,d=i?1:0,a={encode:e=>{for(let t=1,r=128;r>d;r>>=1)for(let o=0;o<n;o+=2*r){const n=l[t++];for(let t=o;t<o+r;t++){const o=u(n*e[t+r]);e[t+r]=0|u(e[t]-o),e[t]=0|u(e[t]+o)}}return e},decode:e=>{for(let t=f-1,r=1+d;r<f+d;r<<=1)for(let o=0;o<n;o+=2*r){const n=l[t--];for(let t=o;t<o+r;t++){const o=e[t];e[t]=u(o+e[t+r]),e[t+r]=u(n*(e[t+r]-o))}}for(let t=0;t<e.length;t++)e[t]=u(o*e[t]);return e}};return{mod:u,smod:(e,t=r)=>{const n=0|u(e,t);return 0|(n>t>>1?n-t:n)},nttZetas:l,NTT:a,bitsCoder:(e,r)=>{const o=X(e),s=e*(n/8);return{bytesLen:s,encode:t=>{const n=new Uint8Array(s);for(let s=0,c=0,i=0,u=0;s<t.length;s++)for(c|=(r.encode(t[s])&o)<<i,i+=e;i>=8;i-=8,c>>=8)n[u++]=c&X(i);return n},decode:s=>{const c=t(n);for(let t=0,n=0,i=0,u=0;t<s.length;t++)for(n|=s[t]<<i,i+=8;i>=e;i-=e,n>>=e)c[u++]=r.decode(n&o);return c}}}}},D=e=>(t,n)=>{n||(n=e.blockLen);const r=new Uint8Array(t.length+2);r.set(t);const o=t.length,s=new Uint8Array(n);let c=e.create({}),i=0,u=0;return{stats:()=>({calls:i,xofs:u}),get:(t,n)=>(r[o+0]=t,r[o+1]=n,c.destroy(),c=e.create({}).update(r),i++,()=>(u++,c.xofInto(s))),clean:()=>{c.destroy(),s.fill(0),r.fill(0)}}},P=/* @__PURE__ */D(F),$=/* @__PURE__ */D(v),Q=256,V=3329,{mod:j,nttZetas:W,NTT:Z,bitsCoder:q}=Y({N:Q,Q:V,F:3303,ROOT_OF_UNITY:17,newPoly:e=>new Uint16Array(e),brvBits:7,isKyber:!0}),z=e=>q(e,(e=>{if(e>=12)return{encode:e=>e,decode:e=>e};const t=2**(e-1);return{encode:t=>((t<<e)+V/2)/V,decode:n=>n*V+t>>>e}})(e));function J(e,t){for(let n=0;n<Q;n++)e[n]=j(e[n]+t[n])}function ee(e,t){for(let c=0;c<128;c++){let i=W[64+(c>>1)];1&c&&(i=-i);const{c0:u,c1:l}=(n=e[2*c+0],r=e[2*c+1],o=t[2*c+0],s=t[2*c+1],{c0:j(r*s*i+n*o),c1:j(n*s+r*o)});e[2*c+0]=u,e[2*c+1]=l}var n,r,o,s;return e}function te(e){const t=new Uint16Array(Q);for(let n=0;n<Q;){const r=e();if(r.length%3)throw Error("SampleNTT: unaligned block");for(let e=0;n<Q&&e+3<=r.length;e+=3){const o=4095&(r[e+0]|r[e+1]<<8),s=4095&(r[e+1]>>4|r[e+2]<<4);o<V&&(t[n++]=o),n<Q&&s<V&&(t[n++]=s)}}return t}function ne(e,t,n,r){const o=e(r*Q/4,t,n),s=new Uint16Array(Q),c=l(o);let i=0;for(let e=0,t=0,n=0,o=0;e<c.length;e++){let u=c[e];for(let e=0;e<32;e++)n+=1&u,u>>=1,i+=1,i===r?(o=n,n=0):i===2*r&&(s[t++]=j(o-n),n=0,i=0)}if(i)throw Error("sampleCBD: leftover bits: "+i);return s}const re=e=>{const{K:t,PRF:n,XOF:r,HASH512:o,ETA1:s,ETA2:c,du:i,dv:u}=e,l=z(1),f=z(u),d=z(i),a=_(H(z(12),t),32),h=H(z(12),t),y=_(H(d,t),f),p=_(32,32);return{secretCoder:h,secretKeyLen:h.bytesLen,publicKeyLen:a.bytesLen,cipherTextLen:y.bytesLen,keygen:e=>{const c=new Uint8Array(33);c.set(e),c[32]=t;const i=o(c),[u,l]=p.decode(i),f=[],d=[];for(let e=0;e<t;e++)f.push(Z.encode(ne(n,l,e,s)));const y=r(u);for(let e=0;e<t;e++){const r=Z.encode(ne(n,l,t+e,s));for(let n=0;n<t;n++){J(r,ee(te(y.get(n,e)),f[n]))}d.push(r)}y.clean();const g={publicKey:a.encode([d,u]),secretKey:h.encode(f)};return C(u,l,f,d,c,i),g},encrypt:(e,o,i)=>{const[u,f]=a.decode(e),d=[];for(let e=0;e<t;e++)d.push(Z.encode(ne(n,i,e,s)));const h=r(f),p=new Uint16Array(Q),g=[];for(let e=0;e<t;e++){const r=ne(n,i,t+e,c),o=new Uint16Array(Q);for(let n=0;n<t;n++){J(o,ee(te(h.get(e,n)),d[n]))}J(r,Z.decode(o)),g.push(r),J(p,ee(u[e],d[e])),o.fill(0)}h.clean();const b=ne(n,i,2*t,c);J(b,Z.decode(p));const w=l.decode(o);return J(w,b),C(u,d,p,b),y.encode([g,w])},decrypt:(e,n)=>{const[r,o]=y.decode(e),s=h.decode(n),c=new Uint16Array(Q);for(let e=0;e<t;e++)J(c,ee(s[e],Z.encode(r[e])));return function(e,t){for(let n=0;n<Q;n++)e[n]=j(e[n]-t[n])}(o,Z.decode(c)),C(c,s,r),l.encode(o)}}};function oe(e){const t=re(e),{HASH256:n,HASH512:r,KDF:o}=e,{secretCoder:s,cipherTextLen:c}=t,i=t.publicKeyLen,u=_(t.secretKeyLen,t.publicKeyLen,32,32),l=u.bytesLen;return{publicKeyLen:i,msgLen:32,keygen:(e=S(64))=>{N(e,64);const{publicKey:r,secretKey:o}=t.keygen(e.subarray(0,32)),s=n(r),c=u.encode([o,r,s,e.subarray(32)]);return C(o,s),{publicKey:r,secretKey:c}},encapsulate:(o,c=S(32))=>{N(o,i),N(c,32);const u=o.subarray(0,384*e.K),l=s.encode(s.decode(u.slice()));if(!R(l,u))throw C(l),Error("ML-KEM.encapsulate: wrong publicKey modulus");C(l);const f=r.create().update(c).update(n(o)).digest(),d=t.encrypt(o,c,f.subarray(32,64));return f.subarray(32).fill(0),{cipherText:d,sharedSecret:f.subarray(0,32)}},decapsulate:(e,n)=>{N(n,l),N(e,c);const[s,i,f,d]=u.decode(n),a=t.decrypt(e,s),h=r.create().update(a).update(f).digest(),y=h.subarray(0,32),p=t.encrypt(i,a,h.subarray(32,64)),g=R(e,p),b=o.create({dkLen:32}).update(d).update(e).digest();return C(a,p,g?b:y),g?y:b}}}const se=/* @__PURE__ */oe({...{HASH256:K,HASH512:x,KDF:v,XOF:P,PRF:function(e,t,n){return v.create({dkLen:e}).update(t).update(new Uint8Array([n])).digest()}},...{N:Q,Q:V,K:3,ETA1:2,ETA2:2,du:10,dv:4,RBGstrength:192}}),ce=256,ie=8380417,ue=95232,le=261888,fe={K:6,L:5,D:13,GAMMA1:2**19,GAMMA2:le,TAU:49,ETA:4,OMEGA:55},de=e=>new Int32Array(e),{mod:ae,smod:he,NTT:ye,bitsCoder:pe}=Y({N:ce,Q:ie,F:8347681,ROOT_OF_UNITY:1753,newPoly:de,isKyber:!1,brvBits:8}),ge=e=>e,be=(e,t=ge,n=ge)=>pe(e,{encode:e=>t(n(e)),decode:e=>n(t(e))}),we=(e,t)=>{for(let n=0;n<e.length;n++)e[n]=ae(e[n]+t[n]);return e},Ae=(e,t)=>{for(let n=0;n<e.length;n++)e[n]=ae(e[n]-t[n]);return e},Le=e=>{for(let t=0;t<ce;t++)e[t]<<=13;return e},ke=(e,t)=>{for(let n=0;n<ce;n++)if(Math.abs(he(e[n]))>=t)return!0;return!1},Ee=(e,t)=>{const n=de(ce);for(let r=0;r<e.length;r++)n[r]=ae(e[r]*t[r]);return n};function Te(e){const t=de(ce);for(let n=0;n<ce;){const r=e();if(r.length%3)throw Error("RejNTTPoly: unaligned block");for(let e=0;n<ce&&e<=r.length-3;e+=3){const o=8388607&(r[e+0]|r[e+1]<<8|r[e+2]<<16);o<ie&&(t[n++]=o)}}return t}const Ue=new Uint8Array(0);function me(e){const{K:t,L:r,GAMMA1:o,GAMMA2:s,TAU:c,ETA:i,OMEGA:u}=e,{CRH_BYTES:l,TR_BYTES:f,C_TILDE_BYTES:d,XOF128:a,XOF256:h}=e;if(![2,4].includes(i))throw Error("Wrong ETA");if(![1<<17,1<<19].includes(o))throw Error("Wrong GAMMA1");if(![ue,le].includes(s))throw Error("Wrong GAMMA2");const y=c*i,p=e=>{const t=ae(e),n=0|he(t,2*s);if(t-n==ie-1)return{r1:0,r0:n-1|0};return{r1:0|Math.floor((t-n)/(2*s)),r0:n}},g=e=>p(e).r1,b=e=>p(e).r0,w=(e,t)=>{const n=Math.floor((ie-1)/(2*s)),{r1:r,r0:o}=p(t);return 1===e?o>0?0|ae(r+1,n):0|ae(r-1,n):0|r},A=e=>{const t=ae(e),n=0|he(t,8192);return{r1:0|Math.floor((t-n)/8192),r0:n}},L={bytesLen:u+t,encode:e=>{if(!1===e)throw Error("hint.encode: hint is false");const n=new Uint8Array(u+t);for(let r=0,o=0;r<t;r++){for(let t=0;t<ce;t++)0!==e[r][t]&&(n[o++]=t);n[u+r]=o}return n},decode:e=>{const n=[];let r=0;for(let o=0;o<t;o++){const t=de(ce);if(e[u+o]<r||e[u+o]>u)return!1;for(let n=r;n<e[u+o];n++){if(n>r&&e[n]<=e[n-1])return!1;t[e[n]]=1}r=e[u+o],n.push(t)}for(let t=r;t<u;t++)if(0!==e[t])return!1;return n}},k=be(2===i?3:4,(e=>i-e),(e=>{if(!(-i<=e&&e<=i))throw Error(`malformed key s1/s3 ${e} outside of ETA range [${-i}, ${i}]`);return e})),E=be(13,(e=>4096-e)),T=be(10),U=be(o===1<<17?18:20,(e=>he(o-e))),m=H(be(s===ue?6:4),t),I=_(32,H(T,t)),O=_(32,32,f,H(k,r),H(k,t),H(E,t)),B=_(d,H(U,r),L),K=2===i?e=>e<15&&2-e%5:e=>e<9&&4-e;function x(e){const t=de(ce);for(let n=0;n<ce;){const r=e();for(let e=0;n<ce&&e<r.length;e+=1){const o=K(15&r[e]),s=K(r[e]>>4&15);!1!==o&&(t[n++]=o),n<ce&&!1!==s&&(t[n++]=s)}}return t}const M=e=>{const t=de(ce),n=v.create({}).update(e),r=new Uint8Array(v.blockLen);n.xofInto(r);const o=r.slice(0,8);for(let e=ce-c,s=8,i=0,u=0;e<ce;e++){let c=e+1;for(;c>e;)c=r[s++],s<v.blockLen||(n.xofInto(r),s=0);t[e]=t[c],t[c]=1-((o[i]>>u++&1)<<1),u>=8&&(i++,u=0)}return t},F=e=>{const t=de(ce),n=de(ce);for(let r=0;r<e.length;r++){const{r0:o,r1:s}=A(e[r]);t[r]=o,n[r]=s}return{r0:t,r1:n}},X=(e,t)=>{for(let n=0;n<ce;n++)e[n]=w(t[n],e[n]);return e},G=(e,t)=>{const n=de(ce);let r=0;for(let i=0;i<ce;i++){const u=(o=e[i],c=t[i],o<=s||o>ie-s||o===ie-s&&0===c?0:1);n[i]=u,r+=u}var o,c;return{v:n,cnt:r}},Y=_(32,64,32),D={signRandBytes:32,keygen:(e=S(32))=>{const n=new Uint8Array(34);n.set(e),n[32]=t,n[33]=r;const[o,s,c]=Y.decode(v(n,{dkLen:Y.bytesLen})),i=h(s),u=[];for(let e=0;e<r;e++)u.push(x(i.get(255&e,e>>8&255)));const l=[];for(let e=r;e<r+t;e++)l.push(x(i.get(255&e,e>>8&255)));const d=u.map((e=>ye.encode(e.slice()))),y=[],p=[],g=a(o),b=de(ce);for(let e=0;e<t;e++){b.fill(0);for(let t=0;t<r;t++){const n=Te(g.get(t,e));we(b,Ee(n,d[t]))}ye.decode(b);const{r0:t,r1:n}=F(we(b,l[e]));y.push(t),p.push(n)}const w=I.encode([o,p]),A=v(w,{dkLen:f}),L=O.encode([o,c,A,u,l,y]);return g.clean(),i.clean(),C(o,s,c,u,l,d,b,y,p,A,n),{publicKey:w,secretKey:L}},sign:(e,n,c)=>{const[i,f,p,w,A,L]=O.decode(e),k=[],E=a(i);for(let e=0;e<t;e++){const t=[];for(let n=0;n<r;n++)t.push(Te(E.get(n,e)));k.push(t)}E.clean();for(let e=0;e<r;e++)ye.encode(w[e]);for(let e=0;e<t;e++)ye.encode(A[e]),ye.encode(L[e]);const T=v.create({dkLen:l}).update(p).update(n).digest(),I=c||new Uint8Array(32);N(I);const K=v.create({dkLen:l}).update(f).update(I).update(T).digest();N(K,l);const x=h(K,U.bytesLen);e:for(let e=0;;){const n=[];for(let t=0;t<r;t++,e++)n.push(U.decode(x.get(255&e,e>>8)()));const c=n.map((e=>ye.encode(e.slice()))),i=[];for(let e=0;e<t;e++){const t=de(ce);for(let n=0;n<r;n++)we(t,Ee(k[e][n],c[n]));ye.decode(t),i.push(t)}const l=i.map((e=>e.map(g))),f=v.create({dkLen:d}).update(T).update(m.encode(l)).digest(),a=ye.encode(M(f)),h=w.map((e=>Ee(e,a)));for(let e=0;e<r;e++)if(we(ye.decode(h[e]),n[e]),ke(h[e],o-y))continue e;let p=0;const E=[];for(let e=0;e<t;e++){const t=ye.decode(Ee(A[e],a)),n=Ae(i[e],t).map(b);if(ke(n,s-y))continue e;const r=ye.decode(Ee(L[e],a));if(ke(r,s))continue e;we(n,r);const o=G(n,l[e]);E.push(o.v),p+=o.cnt}if(p>u)continue;x.clean();const I=B.encode([f,h,E]);return C(f,h,E,a,l,i,c,n,K,T,w,A,L,...k),I}throw Error("Unreachable code path reached, report this error")},verify:(e,n,s)=>{const[c,i]=I.decode(e),h=v(e,{dkLen:f});if(s.length!==B.bytesLen)return!1;const[p,g,b]=B.decode(s);if(!1===b)return!1;for(let e=0;e<r;e++)if(ke(g[e],o-y))return!1;const w=v.create({dkLen:l}).update(h).update(n).digest(),A=ye.encode(M(p)),L=g.map((e=>e.slice()));for(let e=0;e<r;e++)ye.encode(L[e]);const k=[],E=a(c);for(let e=0;e<t;e++){const t=Ee(ye.encode(Le(i[e])),A),n=de(ce);for(let t=0;t<r;t++){const r=Te(E.get(t,e));we(n,Ee(r,L[t]))}const o=ye.decode(Ae(n,t));k.push(X(o,b[e]))}E.clean();const T=v.create({dkLen:d}).update(w).update(m.encode(k)).digest();for(const e of b){if(!(e.reduce(((e,t)=>e+t),0)<=u))return!1}for(const e of g)if(ke(e,o-y))return!1;return R(p,T)}},P=(e,t=Ue)=>{if(N(e),N(t),t.length>255)throw Error("context should be less than 255 bytes");return function(...e){let t=0;for(let r=0;r<e.length;r++){const o=e[r];n(o),t+=o.length}const r=new Uint8Array(t);for(let t=0,n=0;t<e.length;t++){const o=e[t];r.set(o,n),n+=o.length}return r}(new Uint8Array([0,t.length]),t,e)};return{internal:D,keygen:D.keygen,signRandBytes:D.signRandBytes,sign:(e,t,n=Ue,r)=>{const o=P(t,n),s=D.sign(e,o,r);return o.fill(0),s},verify:(e,t,n,r=Ue)=>D.verify(e,P(t,r),n)}}const Ie=/* @__PURE__ */me({...fe,CRH_BYTES:64,TR_BYTES:64,C_TILDE_BYTES:48,XOF128:P,XOF256:$});export{Ie as ml_dsa65,se as ml_kem768};
 //# sourceMappingURL=noble_post_quantum.min.mjs.map