npm - @protontech/openpgp - Versions diffs - 6.2.1 → 6.2.2 - Mend

@protontech/openpgp 6.2.1 → 6.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/dist/lightweight/argon2id.min.mjs +1 -1
package/dist/lightweight/argon2id.mjs +1 -1
package/dist/lightweight/legacy_ciphers.min.mjs +1 -1
package/dist/lightweight/legacy_ciphers.mjs +1 -1
package/dist/lightweight/nacl-fast.min.mjs +1 -1
package/dist/lightweight/nacl-fast.mjs +1 -1
package/dist/lightweight/noble_curves.min.mjs +1 -1
package/dist/lightweight/noble_curves.mjs +1 -1
package/dist/lightweight/noble_hashes.min.mjs +1 -1
package/dist/lightweight/noble_hashes.mjs +1 -1
package/dist/lightweight/noble_post_quantum.min.mjs +1 -1
package/dist/lightweight/noble_post_quantum.mjs +1 -1
package/dist/lightweight/openpgp.min.mjs +3 -3
package/dist/lightweight/openpgp.min.mjs.map +1 -1
package/dist/lightweight/openpgp.mjs +8 -4
package/dist/lightweight/seek-bzip.min.mjs +1 -1
package/dist/lightweight/seek-bzip.mjs +1 -1
package/dist/lightweight/sha512.min.mjs +1 -1
package/dist/lightweight/sha512.mjs +1 -1
package/dist/node/openpgp.cjs +8 -4
package/dist/node/openpgp.min.cjs +3 -3
package/dist/node/openpgp.min.cjs.map +1 -1
package/dist/node/openpgp.min.mjs +3 -3
package/dist/node/openpgp.min.mjs.map +1 -1
package/dist/node/openpgp.mjs +8 -4
package/dist/openpgp.js +8 -4
package/dist/openpgp.min.js +3 -3
package/dist/openpgp.min.js.map +1 -1
package/dist/openpgp.min.mjs +3 -3
package/dist/openpgp.min.mjs.map +1 -1
package/dist/openpgp.mjs +8 -4
package/package.json +1 -1

package/dist/node/openpgp.min.cjs CHANGED Viewed

@@ -1,6 +1,6 @@
-/*! OpenPGP.js v6.2.1 - 2025-08-28 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
-"use strict";const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};var t=require("module"),r=require("node:crypto"),n="undefined"!=typeof document?document.currentScript:null;function i(e){var t=Object.create(null);return e&&Object.keys(e).forEach((function(r){if("default"!==r){var n=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,n.get?n:{enumerable:!0,get:function(){return e[r]}})}})),t.default=e,Object.freeze(t)}function s(e,t){return t.forEach((function(t){t&&"string"!=typeof t&&!Array.isArray(t)&&Object.keys(t).forEach((function(r){if("default"!==r&&!(r in e)){var n=Object.getOwnPropertyDescriptor(t,r);Object.defineProperty(e,r,n.get?n:{enumerable:!0,get:function(){return t[r]}})}}))})),Object.freeze(e)}var a=/*#__PURE__*/i(r);const o=Symbol("doneWritingPromise"),c=Symbol("doneWritingResolve"),u=Symbol("doneWritingReject"),h=Symbol("readingIndex");class ArrayStream extends Array{constructor(){super(),Object.setPrototypeOf(this,ArrayStream.prototype),this[o]=new Promise(((e,t)=>{this[c]=e,this[u]=t})),this[o].catch((()=>{}))}}function l(e){return e&&e.getReader&&Array.isArray(e)}function f(e){if(!l(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function y(t){if(l(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function p(e){return Uint8Array.prototype.isPrototypeOf(e)}function d(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!p(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let n=0;return e.forEach((function(e){r.set(e,n),n+=e.length})),r}ArrayStream.prototype.getReader=function(){return void 0===this[h]&&(this[h]=0),{read:async()=>(await this[o],this[h]===this.length?{value:void 0,done:!0}:{value:this[this[h]++],done:!1})}},ArrayStream.prototype.readToEnd=async function(e){await this[o];const t=e(this.slice(this[h]));return this.length=0,t},ArrayStream.prototype.clone=function(){const e=new ArrayStream;return e[o]=this[o].then((()=>{e.push(...this)})),e},f.prototype.write=async function(e){this.stream.push(e)},f.prototype.close=async function(){this.stream[c]()},f.prototype.abort=async function(e){return this.stream[u](e),e},f.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const g=new WeakSet,w=Symbol("externalBuffer");function A(e){if(this.stream=e,e[w]&&(this[w]=e[w].slice()),l(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(y(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||g.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{g.add(e)}catch(e){}}}function m(e){return y(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function b(e){if(y(e))return e;const t=new ArrayStream;return(async()=>{const r=M(t);await r.write(e),await r.close()})(),t}function k(e){return e.some((e=>y(e)&&!l(e)))?function(e){e=e.map(m);const t=K((async function(e){await Promise.all(n.map((t=>Q(t,e))))}));let r=Promise.resolve();const n=e.map(((n,i)=>I(n,((n,s)=>(r=r.then((()=>E(n,t.writable,{preventClose:i!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>l(e)))?function(e){const t=new ArrayStream;let r=Promise.resolve();return e.forEach(((n,i)=>(r=r.then((()=>E(n,t,{preventClose:i!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):d(e)}async function E(e,t,{preventClose:r=!1,preventAbort:n=!1,preventCancel:i=!1}={}){if(y(e)&&!l(e)){e=m(e);try{if(e[w]){const r=M(t);for(let t=0;t<e[w].length;t++)await r.ready,await r.write(e[w][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:n,preventCancel:i})}catch(e){}return}const s=T(e=b(e)),a=M(t);try{for(;;){await a.ready;const{done:e,value:t}=await s.read();if(e){r||await a.close();break}await a.write(t)}}catch(e){n||await a.abort(e)}finally{s.releaseLock(),a.releaseLock()}}function v(e,t){const r=new TransformStream(t);return E(e,r.writable),r.readable}function K(e){let t,r,n,i=!1,s=!1;return{readable:new ReadableStream({start(e){n=e},pull(){t?t():i=!0},async cancel(t){s=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(s)throw Error("Stream is cancelled");n.enqueue(e),i?i=!1:(await new Promise(((e,n)=>{t=e,r=n})),t=null,r=null)},close:n.close.bind(n),abort:n.error.bind(n)})}}function S(e,t=()=>{},r=()=>{}){if(l(e)){const n=new ArrayStream;return(async()=>{const i=M(n);try{const n=await x(e),s=t(n),a=r();let o;o=void 0!==s&&void 0!==a?k([s,a]):void 0!==s?s:a,await i.write(o),await i.close()}catch(e){await i.abort(e)}})(),n}if(y(e))return v(e,{async transform(e,r){try{const n=await t(e);void 0!==n&&r.enqueue(n)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const n=t(e),i=r();return void 0!==n&&void 0!==i?k([n,i]):void 0!==n?n:i}function I(e,t){if(y(e)&&!l(e)){let r;const n=new TransformStream({start(e){r=e}}),i=E(e,n.writable),s=K((async function(e){r.error(e),await i,await new Promise(setTimeout)}));return t(n.readable,s.writable),s.readable}e=b(e);const r=new ArrayStream;return t(e,r),r}function B(e,t){let r;const n=I(e,((e,i)=>{const s=T(e);s.remainder=()=>(s.releaseLock(),E(e,i),n),r=t(s)}));return r}function C(e){if(l(e))return e.clone();if(y(e)){const t=function(e){if(l(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(y(e)){const t=m(e).tee();return t[0][w]=t[1][w]=e[w],t}return[D(e),D(e)]}(e);return P(e,t[0]),t[1]}return D(e)}function U(e){return l(e)?C(e):y(e)?new ReadableStream({start(t){const r=I(e,(async(e,r)=>{const n=T(e),i=M(r);try{for(;;){await i.ready;const{done:e,value:r}=await n.read();if(e){try{t.close()}catch(e){}return void await i.close()}try{t.enqueue(r)}catch(e){}await i.write(r)}}catch(e){t.error(e),await i.abort(e)}}));P(e,r)}}):D(e)}function P(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,n])=>{"constructor"!==r&&(n.value?n.value=n.value.bind(t):n.get=n.get.bind(t),Object.defineProperty(e,r,n))}))}function D(e,t=0,r=1/0){if(l(e))throw Error("Not implemented");if(y(e)){if(t>=0&&r>=0){let n=0;return v(e,{transform(e,i){n<r?(n+e.length>=t&&i.enqueue(D(e,Math.max(t-n,0),r-n)),n+=e.length):i.terminate()}})}if(t<0&&(r<0||r===1/0)){let n=[];return S(e,(e=>{e.length>=-t?n=[e]:n.push(e)}),(()=>D(k(n),t,r)))}if(0===t&&r<0){let n;return S(e,(e=>{const i=n?k([n,e]):e;if(i.length>=-r)return n=D(i,r),D(i,t,r);n=i}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),R((async()=>D(await x(e),t,r)))}return e[w]&&(e=k(e[w].concat([e]))),p(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function x(e,t=k){return l(e)?e.readToEnd(t):y(e)?T(e).readToEnd(t):e}async function Q(e,t){if(y(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function R(e){const t=new ArrayStream;return(async()=>{const r=M(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function T(e){return new A(e)}function M(e){return new f(e)}A.prototype.read=async function(){if(this[w]&&this[w].length){return{done:!1,value:this[w].shift()}}return this._read()},A.prototype.releaseLock=function(){this[w]&&(this.stream[w]=this[w]),this._releaseLock()},A.prototype.cancel=function(e){return this._cancel(e)},A.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:n}=await this.read();if(n+="",r)return t.length?k(t):void 0;const i=n.indexOf("\n")+1;i&&(e=k(t.concat(n.substr(0,i))),t=[]),i!==n.length&&t.push(n.substr(i))}return this.unshift(...t),e},A.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(D(t,1)),r},A.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:n,value:i}=await this.read();if(n)return t.length?k(t):void 0;if(t.push(i),r+=i.length,r>=e){const r=k(t);return this.unshift(D(r,e)),D(r,0,e)}}},A.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},A.prototype.unshift=function(...e){this[w]||(this[w]=[]),1===e.length&&p(e[0])&&this[w].length&&e[0].length&&this[w][0].byteOffset>=e[0].length?this[w][0]=new Uint8Array(this[w][0].buffer,this[w][0].byteOffset-e[0].length,this[w][0].byteLength+e[0].length):this[w].unshift(...e.filter((e=>e&&e.length)))},A.prototype.readToEnd=async function(e=k){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const L=Symbol("byValue");var F={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,pqc_mldsa_ed25519:30,pqc_mlkem_x25519:35,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[L]||(e[L]=[],Object.entries(e).forEach((([t,r])=>{e[L][r]=t}))),void 0!==e[L][t])return e[L][t];throw Error("Invalid enum value.")}},O={preferredHashAlgorithm:F.hash.sha512,preferredSymmetricAlgorithm:F.symmetric.aes256,preferredCompressionAlgorithm:F.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:F.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:F.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([F.symmetric.aes128,F.symmetric.aes192,F.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,enforceGrammar:!0,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.2.1",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([F.hash.md5,F.hash.ripemd]),rejectMessageHashAlgorithms:new Set([F.hash.md5,F.hash.ripemd,F.hash.sha1]),rejectPublicKeyAlgorithms:new Set([F.publicKey.elgamal,F.publicKey.dsa]),rejectCurves:new Set([F.curve.secp256k1])};const N=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),_={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:t.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:n&&"SCRIPT"===n.tagName.toUpperCase()&&n.src||new URL("openpgp.min.cjs",document.baseURI).href),isArray:function(e){return e instanceof Array},isUint8Array:p,isStream:y,getNobleCurve:async(e,t)=>{if(!O.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await Promise.resolve().then((function(){return Nl}));switch(e){case F.publicKey.ecdh:case F.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case F.publicKey.x448:return r.get("x448");case F.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let n=0;n<t;n++)r[n]=e>>8*(t-n-1)&255;return r},readDate:function(e){const t=_.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return _.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return _.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),n=t-e.length;return r.set(e,n),r},uint8ArrayToMPI:function(e){const t=_.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),n=new Uint8Array([(65280&t)>>8,255&t]);return _.concatUint8Array([n,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+_.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return S(e,(e=>{if(!_.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,n=(e=new Uint8Array(e)).length;for(let i=0;i<n;i+=r)t.push(String.fromCharCode.apply(String,e.subarray(i,i+r<n?i+r:n)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return S(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return S(e,r,(()=>r(new Uint8Array,!0)))},concat:k,concatUint8Array:d,equalsUint8Array:function(e,t){if(!_.isUint8Array(e)||!_.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},findLastIndex:function(e,t){for(let r=e.length;r>=0;r--)if(t(e[r],r,e))return r;return-1},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return _.writeNumber(t,2)},printDebug:function(e){N&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){N&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let n=0;n<r;n++)t[n]=e[n]<<1^e[n+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!_.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return S(e,(e=>{let r;t&&(e=_.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const n=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&n.push(r);if(!n.length)return e;const i=new Uint8Array(e.length+n.length);let s=0;for(let t=0;t<n.length;t++){const r=e.subarray(n[t-1]||0,n[t]);i.set(r,s),s+=r.length,i[s-1]=13,i[s]=10,s++}return i.set(e.subarray(n[n.length-1]||0),s),i}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return S(e,(e=>{let r;13===(e=t&&10!==e[0]?_.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let n=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const i=r-(10===e[r]?1:0);t&&e.copyWithin(n,t,i),n+=i-t}return e.subarray(0,n)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return e instanceof Error?e:Error(e);if(e instanceof Error){try{e.message+=": "+t.message,e.cause=t}catch(e){}return e}return Error(e+": "+t.message,{cause:t})},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let n;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){n=e}}))),r(n)}))},selectUint8Array:function(e,t,r){const n=Math.max(t.length,r.length),i=new Uint8Array(n);let s=0;for(let n=0;n<i.length;n++)i[n]=t[n]&256-e|r[n]&255+e,s+=e&n<t.length|1-e&n<r.length;return i.subarray(0,s)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===F.symmetric.aes128||e===F.symmetric.aes192||e===F.symmetric.aes256}},H=_.getNodeBuffer();let z,G;function q(e){let t=new Uint8Array;return S(e,(e=>{t=_.concatUint8Array([t,e]);const r=[],n=Math.floor(t.length/45),i=45*n,s=z(t.subarray(0,i));for(let e=0;e<n;e++)r.push(s.substr(60*e,60)),r.push("\n");return t=t.subarray(i),r.join("")}),(()=>t.length?z(t)+"\n":""))}function j(e){let t="";return S(e,(e=>{t+=e;let r=0;const n=[" ","\t","\r","\n"];for(let e=0;e<n.length;e++){const i=n[e];for(let e=t.indexOf(i);-1!==e;e=t.indexOf(i,e+1))r++}let i=t.length;for(;i>0&&(i-r)%4!=0;i--)n.includes(t[i])&&r--;const s=G(t.substr(0,i));return t=t.substr(i),s}),(()=>G(t)))}function V(e){return j(e.replace(/-/g,"+").replace(/_/g,"/"))}function Y(e,t){let r=q(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function Z(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?F.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?F.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?F.armor.signed:/MESSAGE/.test(t[1])?F.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?F.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?F.armor.privateKey:/SIGNATURE/.test(t[1])?F.armor.signature:void 0}function J(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function X(e){const t=function(e){let t=13501623;return S(e,(e=>{const r=$?Math.floor(e.length/4):0,n=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=n[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let n=4*r;n<e.length;n++)t=t>>8^W[0][255&t^e[n]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return q(t)}H?(z=e=>H.from(e).toString("base64"),G=e=>{const t=H.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(z=e=>btoa(_.uint8ArrayToString(e)),G=e=>_.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function ee(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||_.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||_.printDebugError(Error("Unknown header: "+e[t]))}function te(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function re(e){return new Promise((async(t,r)=>{try{const n=/^-----[^-]+-----$/m,i=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let s;const a=[];let o,c,u=a,h=[];const l=j(I(e,(async(e,f)=>{const y=T(e);try{for(;;){let e=await y.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=_.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),s)if(o)c||s!==F.armor.signed||(n.test(e)?(h=h.join("\r\n"),c=!0,ee(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(n.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),i.test(e)){if(ee(u),o=!0,c||s!==F.armor.signed){t({text:h,data:l,headers:a,type:s});break}}else u.push(e);else n.test(e)&&(s=Z(e))}}catch(e){return void r(e)}const p=M(f);try{for(;;){await p.ready;const{done:e,value:t}=await y.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await y.readToEnd();e.length||(e=""),e=r+e,e=_.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(n);if(1===t.length)throw Error("Misformed armored text");const i=te(t[0].slice(0,-1));await p.write(i);break}await p.write(r)}await p.ready,await p.close()}catch(e){await p.abort(e)}})))}catch(e){r(e)}})).then((async e=>(l(e.data)&&(e.data=await x(e.data)),e)))}function ne(e,t,r,n,i,s=!1,a=O){let o,c;e===F.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=s&&U(t),h=[];switch(e){case F.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+n+"-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+n+"-----\n");break;case F.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case F.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP SIGNATURE-----\n");break;case F.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE-----\n");break;case F.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case F.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case F.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP SIGNATURE-----\n")}return _.concat(h)}const ie=BigInt(0),se=BigInt(1);function ae(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function oe(e,t){const r=e%t;return r<ie?r+t:r}function ce(e,t,r){if(r===ie)throw Error("Modulo cannot be zero");if(r===se)return BigInt(0);if(t<ie)throw Error("Unsopported negative exponent");let n=t,i=e;i%=r;let s=BigInt(1);for(;n>ie;){const e=n&se;n>>=se;s=e?s*i%r:s,i=i*i%r}return s}function ue(e){return e>=ie?e:-e}function he(e,t){const{gcd:r,x:n}=function(e,t){let r=BigInt(0),n=BigInt(1),i=BigInt(1),s=BigInt(0),a=ue(e),o=ue(t);const c=e<ie,u=t<ie;for(;o!==ie;){const e=a/o;let t=r;r=i-e*r,i=t,t=n,n=s-e*n,s=t,t=o,o=a%o,a=t}return{x:c?-i:i,y:u?-s:s,gcd:a}}(e,t);if(r!==se)throw Error("Inverse does not exist");return oe(n+t,t)}function le(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function fe(e,t){return(e>>BigInt(t)&se)===ie?0:1}function ye(e){const t=e<ie?BigInt(-1):ie;let r=1,n=e;for(;(n>>=se)!==t;)r++;return r}function pe(e){const t=e<ie?BigInt(-1):ie,r=BigInt(8);let n=1,i=e;for(;(i>>=r)!==t;)n++;return n}function de(e,t="be",r){let n=e.toString(16);n.length%2==1&&(n="0"+n);const i=n.length/2,s=new Uint8Array(r||i),a=r?r-i:0;let o=0;for(;o<i;)s[o+a]=parseInt(n.slice(2*o,2*o+2),16),o++;return"be"!==t&&s.reverse(),s}const ge=_.getNodeCrypto();function we(e){const t="undefined"!=typeof crypto?crypto:ge?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function Ae(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return oe(ae(we(pe(r)+8)),r)+e}const me=BigInt(1);function be(e,t,r){const n=BigInt(30),i=me<<BigInt(e-1),s=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let a=Ae(i,i<<me),o=le(oe(a,n));do{a+=BigInt(s[o]),o=(o+s[o])%s.length,ye(a)>e&&(a=oe(a,i<<me),a+=i,o=le(oe(a,n)))}while(!ke(a,t,r));return a}function ke(e,t,r){return(!t||function(e,t){let r=e,n=t;for(;n!==ie;){const e=n;n=r%n,r=e}return r}(e-me,t)===me)&&(!!function(e){const t=BigInt(0);return Ee.every((r=>oe(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return ce(t,e-me,e)===me}(e)&&!!function(e,t){const r=ye(e);t||(t=Math.max(1,r/48|0));const n=e-me;let i=0;for(;!fe(n,i);)i++;const s=e>>BigInt(i);for(;t>0;t--){let t,r=ce(Ae(BigInt(2),n),s,e);if(r!==me&&r!==n){for(t=1;t<i;t++){if(r=oe(r*r,e),r===me)return!1;if(r===n)break}if(t===i)return!1}}return!0}(e,r)))}const Ee=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const ve=_.getWebCrypto(),Ke=_.getNodeCrypto(),Se=Ke&&Ke.getHashes();function Ie(e){if(Ke&&Se.includes(e))return async function(t){const r=Ke.createHash(e);return S(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function Be(e,t){const r=async()=>{const{nobleHashes:t}=await Promise.resolve().then((function(){return pf})),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(l(e)&&(e=await x(e)),_.isStream(e)){const t=(await r()).create();return S(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ve&&t)return new Uint8Array(await ve.digest(t,e));return(await r())(e)}}const Ce=Ie("md5")||Be("md5"),Ue=Ie("sha1")||Be("sha1","SHA-1"),Pe=Ie("sha224")||Be("sha224"),De=Ie("sha256")||Be("sha256","SHA-256"),xe=Ie("sha384")||Be("sha384","SHA-384"),Qe=Ie("sha512")||Be("sha512","SHA-512"),Re=Ie("ripemd160")||Be("ripemd160"),Te=Ie("sha3-256")||Be("sha3_256"),Me=Ie("sha3-512")||Be("sha3_512");function Le(e,t){switch(e){case F.hash.md5:return Ce(t);case F.hash.sha1:return Ue(t);case F.hash.ripemd:return Re(t);case F.hash.sha256:return De(t);case F.hash.sha384:return xe(t);case F.hash.sha512:return Qe(t);case F.hash.sha224:return Pe(t);case F.hash.sha3_256:return Te(t);case F.hash.sha3_512:return Me(t);default:throw Error("Unsupported hash function")}}function Fe(e){switch(e){case F.hash.md5:return 16;case F.hash.sha1:case F.hash.ripemd:return 20;case F.hash.sha256:return 32;case F.hash.sha384:return 48;case F.hash.sha512:return 64;case F.hash.sha224:return 28;case F.hash.sha3_256:return 32;case F.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}}const Oe=[];function Ne(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const n=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const n=we(e-r);for(let e=0;e<n.length;e++)0!==n[e]&&(t[r++]=n[e])}return t}(t-r-3),i=new Uint8Array(t);return i[1]=2,i.set(n,2),i.set(e,t-r),i}function _e(e,t){let r=2,n=1;for(let t=r;t<e.length;t++)n&=0!==e[t],r+=n;const i=r-2,s=e.subarray(r+1),a=0===e[0]&2===e[1]&i>=8&!n;if(t)return _.selectUint8Array(a,s,t);if(a)return s;throw Error("Decryption error")}function He(e,t,r){let n;if(t.length!==Fe(e))throw Error("Invalid hash length");const i=new Uint8Array(Oe[e].length);for(n=0;n<Oe[e].length;n++)i[n]=Oe[e][n];const s=i.length+t.length;if(r<s+11)throw Error("Intended encoded message length too short");const a=new Uint8Array(r-s-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(a,2),o.set(i,r-s),o.set(t,r-t.length),o}Oe[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Oe[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Oe[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Oe[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Oe[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Oe[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Oe[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];const ze=_.getWebCrypto(),Ge=_.getNodeCrypto(),qe=BigInt(1);async function je(e,t,r,n,i,s,a,o,c){if(Fe(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!_.isStream(t))if(_.getWebCrypto())try{return await async function(e,t,r,n,i,s,a,o){const c=await Je(r,n,i,s,a,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await ze.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await ze.sign("RSASSA-PKCS1-v1_5",h,t))}(F.read(F.webHash,e),t,r,n,i,s,a,o)}catch(e){_.printDebugError(e)}else if(_.getNodeCrypto())return async function(e,t,r,n,i,s,a,o){const c=Ge.createSign(F.read(F.hash,e));c.write(t),c.end();const u=await Je(r,n,i,s,a,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,n,i,s,a,o);return async function(e,t,r,n){t=ae(t);const i=ae(He(e,n,pe(t)));return r=ae(r),de(ce(i,r,t),"be",pe(t))}(e,r,i,c)}async function Ve(e,t,r,n,i,s){if(t&&!_.isStream(t))if(_.getWebCrypto())try{return await async function(e,t,r,n,i){const s=Xe(n,i),a=await ze.importKey("jwk",s,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return ze.verify("RSASSA-PKCS1-v1_5",a,r,t)}(F.read(F.webHash,e),t,r,n,i)}catch(e){_.printDebugError(e)}else if(_.getNodeCrypto())return async function(e,t,r,n,i){const s=Xe(n,i),a={key:s,format:"jwk",type:"pkcs1"},o=Ge.createVerify(F.read(F.hash,e));o.write(t),o.end();try{return o.verify(a,r)}catch(e){return!1}}(e,t,r,n,i);return async function(e,t,r,n,i){if(r=ae(r),t=ae(t),n=ae(n),t>=r)throw Error("Signature size cannot exceed modulus size");const s=de(ce(t,n,r),"be",pe(r)),a=He(e,i,pe(r));return _.equalsUint8Array(s,a)}(e,r,n,i,s)}async function Ye(e,t,r){return _.getNodeCrypto()?async function(e,t,r){const n=Xe(t,r),i={key:n,format:"jwk",type:"pkcs1",padding:Ge.constants.RSA_PKCS1_PADDING};return new Uint8Array(Ge.publicEncrypt(i,e))}(e,t,r):async function(e,t,r){if(t=ae(t),e=ae(Ne(e,pe(t))),r=ae(r),e>=t)throw Error("Message size cannot exceed modulus size");return de(ce(e,r,t),"be",pe(t))}(e,t,r)}async function Ze(e,t,r,n,i,s,a,o){if(_.getNodeCrypto()&&!o)try{return await async function(e,t,r,n,i,s,a){const o=await Je(t,r,n,i,s,a),c={key:o,format:"jwk",type:"pkcs1",padding:Ge.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Ge.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,n,i,s,a)}catch(e){_.printDebugError(e)}return async function(e,t,r,n,i,s,a,o){if(e=ae(e),t=ae(t),r=ae(r),n=ae(n),i=ae(i),s=ae(s),a=ae(a),e>=t)throw Error("Data too large.");const c=oe(n,s-qe),u=oe(n,i-qe),h=Ae(BigInt(2),t),l=ce(he(h,t),r,t);e=oe(e*l,t);const f=ce(e,u,i),y=ce(e,c,s),p=oe(a*(y-f),s);let d=p*i+f;return d=oe(d*h,t),_e(de(d,"be",pe(t)),o)}(e,t,r,n,i,s,a,o)}async function Je(e,t,r,n,i,s){const a=ae(n),o=ae(i),c=ae(r);let u=oe(c,o-qe),h=oe(c,a-qe);return h=de(h),u=de(u),{kty:"RSA",n:Y(e),e:Y(t),d:Y(r),p:Y(i),q:Y(n),dp:Y(u),dq:Y(h),qi:Y(s),ext:!0}}function Xe(e,t){return{kty:"RSA",n:Y(e),e:Y(t),ext:!0}}function We(e,t){return{n:V(e.n),e:de(t),d:V(e.d),p:V(e.q),q:V(e.p),u:V(e.qi)}}const $e=BigInt(1);const et={"2a8648ce3d030107":F.curve.nistP256,"2b81040022":F.curve.nistP384,"2b81040023":F.curve.nistP521,"2b8104000a":F.curve.secp256k1,"2b06010401da470f01":F.curve.ed25519Legacy,"2b060104019755010501":F.curve.curve25519Legacy,"2b2403030208010107":F.curve.brainpoolP256r1,"2b240303020801010b":F.curve.brainpoolP384r1,"2b240303020801010d":F.curve.brainpoolP512r1};class tt{constructor(e){if(e instanceof tt)this.oid=e.oid;else if(_.isArray(e)||_.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return _.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return _.uint8ArrayToHex(this.oid)}getName(){const e=et[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function rt(e){let t,r=0;const n=e[0];return n<192?([r]=e,t=1):n<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===n&&(r=_.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function nt(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):_.concatUint8Array([new Uint8Array([255]),_.writeNumber(e,4)])}function it(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function st(e){return new Uint8Array([192|e])}function at(e,t){return _.concatUint8Array([st(e),nt(t)])}function ot(e){return[F.packet.literalData,F.packet.compressedData,F.packet.symmetricallyEncryptedData,F.packet.symEncryptedIntegrityProtectedData,F.packet.aeadEncryptedData].includes(e)}async function ct(e,t,r){let n,i;try{const s=await e.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const a=await e.readByte();let o,c,u=-1,h=-1;h=0,64&a&&(h=1),h?u=63&a:(u=(63&a)>>2,c=3&a);const l=ot(u);let f,y=null;if(t&&l){if("array"===t){const e=new ArrayStream;n=M(e),y=e}else{const e=new TransformStream;n=M(e.writable),y=e.readable}i=r({tag:u,packet:y})}else y=[];do{if(h){const t=await e.readByte();if(f=!1,t<192)o=t;else if(t>=192&&t<224)o=(t-192<<8)+await e.readByte()+192;else if(t>223&&t<255){if(o=1<<(31&t),f=!0,!l)throw new TypeError("This packet type does not support partial lengths.")}else o=await e.readByte()<<24|await e.readByte()<<16|await e.readByte()<<8|await e.readByte()}else switch(c){case 0:o=await e.readByte();break;case 1:o=await e.readByte()<<8|await e.readByte();break;case 2:o=await e.readByte()<<24|await e.readByte()<<16|await e.readByte()<<8|await e.readByte();break;default:o=1/0}if(o>0){let t=0;for(;;){n&&await n.ready;const{done:r,value:i}=await e.read();if(r){if(o===1/0)break;throw Error("Unexpected end of packet")}const s=o===1/0?i:i.subarray(0,o-t);if(n?await n.write(s):y.push(s),t+=i.length,t>=o){e.unshift(i.subarray(o-t+i.length));break}}}}while(f);n?(await n.ready,await n.close()):(y=_.concatUint8Array(y),await r({tag:u,packet:y}))}catch(e){if(n)return await n.abort(e),!0;throw e}finally{n&&await i}}class ut extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="UnsupportedError"}}class ht extends ut{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="UnknownPacketError"}}class lt extends ut{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="MalformedPacketError"}}class ft{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}async function yt(e){switch(e){case F.publicKey.ed25519:try{const e=_.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),r=await e.exportKey("jwk",t.privateKey),n=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(V(n.x)),seed:V(r.d)}}catch(t){if("NotSupportedError"!==t.name)throw t;const{default:r}=await Promise.resolve().then((function(){return sy})),n=we(wt(e)),{publicKey:i}=r.sign.keyPair.fromSeed(n);return{A:i,seed:n}}case F.publicKey.ed448:{const e=await _.getNobleCurve(F.publicKey.ed448),{secretKey:t,publicKey:r}=e.keygen();return{A:r,seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function pt(e,t,r,n,i,s){switch(e){case F.publicKey.ed25519:try{const t=_.getWebCrypto(),r=bt(e,n,i),a=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",a,s))}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy})),r=_.concatUint8Array([i,n]);return{RS:t.sign.detached(s,r)}}case F.publicKey.ed448:return{RS:(await _.getNobleCurve(F.publicKey.ed448)).sign(s,i)};default:throw Error("Unsupported EdDSA algorithm")}}async function dt(e,t,{RS:r},n,i,s){switch(e){case F.publicKey.ed25519:try{const t=_.getWebCrypto(),n=mt(e,i),a=await t.importKey("jwk",n,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",a,r,s)}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy}));return t.sign.detached.verify(s,r,i)}case F.publicKey.ed448:return(await _.getNobleCurve(F.publicKey.ed448)).verify(r,s,i);default:throw Error("Unsupported EdDSA algorithm")}}async function gt(e,t,r){switch(e){case F.publicKey.ed25519:try{const n=_.getWebCrypto(),i=bt(e,t,r),s=mt(e,t),a=await n.importKey("jwk",i,"Ed25519",!1,["sign"]),o=await n.importKey("jwk",s,"Ed25519",!1,["verify"]),c=we(8),u=new Uint8Array(await n.sign("Ed25519",a,c));return await n.verify("Ed25519",o,u,c)}catch(e){if("NotSupportedError"!==e.name)return!1;const{default:n}=await Promise.resolve().then((function(){return sy})),{publicKey:i}=n.sign.keyPair.fromSeed(r);return _.equalsUint8Array(t,i)}case F.publicKey.ed448:{const e=(await _.getNobleCurve(F.publicKey.ed448)).getPublicKey(r);return _.equalsUint8Array(t,e)}default:return!1}}function wt(e){switch(e){case F.publicKey.ed25519:return 32;case F.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function At(e){switch(e){case F.publicKey.ed25519:return F.hash.sha256;case F.publicKey.ed448:return F.hash.sha512;default:throw Error("Unknown EdDSA algo")}}const mt=(e,t)=>{if(e===F.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:Y(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},bt=(e,t,r)=>{if(e===F.publicKey.ed25519){const n=mt(e,t);return n.d=Y(r),n}throw Error("Unsupported EdDSA algorithm")};var kt=/*#__PURE__*/Object.freeze({__proto__:null,generate:yt,getPayloadSize:wt,getPreferredHashAlgo:At,sign:pt,validateParams:gt,verify:dt});
-/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */function Et(e){return e instanceof Uint8Array||ArrayBuffer.isView(e)&&"Uint8Array"===e.constructor.name}function vt(e,...t){if(!Et(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error("Uint8Array expected of length "+t+", got length="+e.length)}function Kt(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function St(e,t){vt(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}function It(e){return new Uint8Array(e.buffer,e.byteOffset,e.byteLength)}function Bt(e){return new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4))}function Ct(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}function Ut(e){return new DataView(e.buffer,e.byteOffset,e.byteLength)}const Pt=/* @__PURE__ */(()=>68===new Uint8Array(new Uint32Array([287454020]).buffer)[0])();function Dt(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected");return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!Et(e))throw Error("Uint8Array expected, got "+typeof e);e=Ot(e)}return e}function xt(e,t){return e.buffer===t.buffer&&e.byteOffset<t.byteOffset+t.byteLength&&t.byteOffset<e.byteOffset+e.byteLength}function Qt(e,t){if(xt(e,t)&&e.byteOffset<t.byteOffset)throw Error("complex overlap of input and output is not supported")}function Rt(e,t){if(e.length!==t.length)return!1;let r=0;for(let n=0;n<e.length;n++)r|=e[n]^t[n];return 0===r}const Tt=(e,t)=>{function r(r,...n){if(vt(r),!Pt)throw Error("Non little-endian hardware is not yet supported");if(void 0!==e.nonceLength){const t=n[0];if(!t)throw Error("nonce / iv required");e.varSizeNonce?vt(t):vt(t,e.nonceLength)}const i=e.tagLength;i&&void 0!==n[1]&&vt(n[1]);const s=t(r,...n),a=(e,t)=>{if(void 0!==t){if(2!==e)throw Error("cipher output not supported");vt(t)}};let o=!1;return{encrypt(e,t){if(o)throw Error("cannot encrypt() twice with same key + nonce");return o=!0,vt(e),a(s.encrypt.length,t),s.encrypt(e,t)},decrypt(e,t){if(vt(e),i&&e.length<i)throw Error("invalid ciphertext length: smaller than tagLength="+i);return a(s.decrypt.length,t),s.decrypt(e,t)}}}return Object.assign(r,e),r};function Mt(e,t,r=!0){if(void 0===t)return new Uint8Array(e);if(t.length!==e)throw Error("invalid output length, expected "+e+", got: "+t.length);if(r&&!Ft(t))throw Error("invalid output, must be aligned");return t}function Lt(e,t,r,n){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,n);const i=BigInt(32),s=BigInt(4294967295),a=Number(r>>i&s),o=Number(r&s);e.setUint32(t+0,a,n),e.setUint32(t+4,o,n)}function Ft(e){return e.byteOffset%4==0}function Ot(e){return Uint8Array.from(e)}const Nt=16,_t=/* @__PURE__ */new Uint8Array(16),Ht=Bt(_t),zt=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class Gt{constructor(e,t){this.blockLen=Nt,this.outputLen=Nt,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,vt(e=Dt(e),16);const r=Ut(e);let n=r.getUint32(0,!1),i=r.getUint32(4,!1),s=r.getUint32(8,!1),a=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:zt(n),s1:zt(i),s2:zt(s),s3:zt(a)}),({s0:n,s1:i,s2:s,s3:a}={s3:(h=s)<<31|(l=a)>>>1,s2:(u=i)<<31|h>>>1,s1:(c=n)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const f=(y=t||1024)>65536?8:y>1024?4:2;var y;if(![1,2,4,8].includes(f))throw Error("ghash: invalid window size, expected 2, 4 or 8");this.W=f;const p=128/f,d=this.windowSize=2**f,g=[];for(let e=0;e<p;e++)for(let t=0;t<d;t++){let r=0,n=0,i=0,s=0;for(let a=0;a<f;a++){if(!(t>>>f-a-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[f*e+a];r^=c,n^=u,i^=h,s^=l}g.push({s0:r,s1:n,s2:i,s3:s})}this.t=g}_updateBlock(e,t,r,n){e^=this.s0,t^=this.s1,r^=this.s2,n^=this.s3;const{W:i,t:s,windowSize:a}=this;let o=0,c=0,u=0,h=0;const l=(1<<i)-1;let f=0;for(const y of[e,t,r,n])for(let e=0;e<4;e++){const t=y>>>8*e&255;for(let e=8/i-1;e>=0;e--){const r=t>>>i*e&l,{s0:n,s1:y,s2:p,s3:d}=s[f*a+r];o^=n,c^=y,u^=p,h^=d,f+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){Kt(this),vt(e=Dt(e));const t=Bt(e),r=Math.floor(e.length/Nt),n=e.length%Nt;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return n&&(_t.set(e.subarray(r*Nt)),this._updateBlock(Ht[0],Ht[1],Ht[2],Ht[3]),Ct(Ht)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Kt(this),St(e,this),this.finished=!0;const{s0:t,s1:r,s2:n,s3:i}=this,s=Bt(e);return s[0]=t,s[1]=r,s[2]=n,s[3]=i,e}digest(){const e=new Uint8Array(Nt);return this.digestInto(e),this.destroy(),e}}class qt extends Gt{constructor(e,t){vt(e=Dt(e));const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const n=e[t];e[t]=n>>>1|r,r=(1&n)<<7}return e[0]^=225&-t,e}(Ot(e));super(r,t),Ct(r)}update(e){e=Dt(e),Kt(this);const t=Bt(e),r=e.length%Nt,n=Math.floor(e.length/Nt);for(let e=0;e<n;e++)this._updateBlock(zt(t[4*e+3]),zt(t[4*e+2]),zt(t[4*e+1]),zt(t[4*e+0]));return r&&(_t.set(e.subarray(n*Nt)),this._updateBlock(zt(Ht[3]),zt(Ht[2]),zt(Ht[1]),zt(Ht[0])),Ct(Ht)),this}digestInto(e){Kt(this),St(e,this),this.finished=!0;const{s0:t,s1:r,s2:n,s3:i}=this,s=Bt(e);return s[0]=t,s[1]=r,s[2]=n,s[3]=i,e.reverse()}}function jt(e){const t=(t,r)=>e(r,t.length).update(Dt(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const Vt=jt(((e,t)=>new Gt(e,t)));jt(((e,t)=>new qt(e,t)));const Yt=16,Zt=/* @__PURE__ */new Uint8Array(Yt);function Jt(e){return e<<1^283&-(e>>7)}function Xt(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=Jt(e);return r}const Wt=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=Jt(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let n=e[255-r];n|=n<<8,t[e[r]]=255&(n^n>>4^n>>5^n>>6^n>>7^99)}return Ct(e),t})(),$t=/* @__PURE__ */Wt.map(((e,t)=>Wt.indexOf(t))),er=e=>e<<8|e>>>24,tr=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function rr(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,n)=>t(e[n]))),n=r.map(er),i=n.map(er),s=i.map(er),a=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;a[h]=r[t]^n[u],o[h]=i[t]^s[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:n,T2:i,T3:s,T01:a,T23:o}}const nr=/* @__PURE__ */rr(Wt,(e=>Xt(e,3)<<24|e<<16|e<<8|Xt(e,2))),ir=/* @__PURE__ */rr($t,(e=>Xt(e,11)<<24|Xt(e,13)<<16|Xt(e,9)<<8|Xt(e,14))),sr=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=Jt(r))e[t]=r;return e})();function ar(e){vt(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: invalid key size, should be 16, 24 or 32, got "+t);const{sbox2:r}=nr,n=[];Ft(e)||n.push(e=Ot(e));const i=Bt(e),s=i.length,a=e=>ur(r,e,e,e,e),o=new Uint32Array(t+28);o.set(i);for(let e=s;e<o.length;e++){let t=o[e-1];e%s==0?t=a((c=t)<<24|c>>>8)^sr[e/s-1]:s>6&&e%s==4&&(t=a(t)),o[e]=o[e-s]^t}var c;return Ct(...n),o}function or(e){const t=ar(e),r=t.slice(),n=t.length,{sbox2:i}=nr,{T0:s,T1:a,T2:o,T3:c}=ir;for(let e=0;e<n;e+=4)for(let i=0;i<4;i++)r[e+i]=t[n-e-4+i];Ct(t);for(let e=4;e<n-4;e++){const t=r[e],n=ur(i,t,t,t,t);r[e]=s[255&n]^a[n>>>8&255]^o[n>>>16&255]^c[n>>>24]}return r}function cr(e,t,r,n,i,s){return e[r<<8&65280|n>>>8&255]^t[i>>>8&65280|s>>>24&255]}function ur(e,t,r,n,i){return e[255&t|65280&r]|e[n>>>16&255|i>>>16&65280]<<16}function hr(e,t,r,n,i){const{sbox2:s,T01:a,T23:o}=nr;let c=0;t^=e[c++],r^=e[c++],n^=e[c++],i^=e[c++];const u=e.length/4-2;for(let s=0;s<u;s++){const s=e[c++]^cr(a,o,t,r,n,i),u=e[c++]^cr(a,o,r,n,i,t),h=e[c++]^cr(a,o,n,i,t,r),l=e[c++]^cr(a,o,i,t,r,n);t=s,r=u,n=h,i=l}return{s0:e[c++]^ur(s,t,r,n,i),s1:e[c++]^ur(s,r,n,i,t),s2:e[c++]^ur(s,n,i,t,r),s3:e[c++]^ur(s,i,t,r,n)}}function lr(e,t,r,n,i){const{sbox2:s,T01:a,T23:o}=ir;let c=0;t^=e[c++],r^=e[c++],n^=e[c++],i^=e[c++];const u=e.length/4-2;for(let s=0;s<u;s++){const s=e[c++]^cr(a,o,t,i,n,r),u=e[c++]^cr(a,o,r,t,i,n),h=e[c++]^cr(a,o,n,r,t,i),l=e[c++]^cr(a,o,i,n,r,t);t=s,r=u,n=h,i=l}return{s0:e[c++]^ur(s,t,i,n,r),s1:e[c++]^ur(s,r,t,i,n),s2:e[c++]^ur(s,n,r,t,i),s3:e[c++]^ur(s,i,n,r,t)}}function fr(e,t,r,n){vt(t,Yt),vt(r);const i=r.length;Qt(r,n=Mt(i,n));const s=t,a=Bt(s);let{s0:o,s1:c,s2:u,s3:h}=hr(e,a[0],a[1],a[2],a[3]);const l=Bt(r),f=Bt(n);for(let t=0;t+4<=l.length;t+=4){f[t+0]=l[t+0]^o,f[t+1]=l[t+1]^c,f[t+2]=l[t+2]^u,f[t+3]=l[t+3]^h;let r=1;for(let e=s.length-1;e>=0;e--)r=r+(255&s[e])|0,s[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=hr(e,a[0],a[1],a[2],a[3]))}const y=Yt*Math.floor(l.length/4);if(y<i){const e=new Uint32Array([o,c,u,h]),t=It(e);for(let e=y,s=0;e<i;e++,s++)n[e]=r[e]^t[s];Ct(e)}return n}function yr(e,t,r,n,i){vt(r,Yt),vt(n),i=Mt(n.length,i);const s=r,a=Bt(s),o=Ut(s),c=Bt(n),u=Bt(i),h=t?0:12,l=n.length;let f=o.getUint32(h,t),{s0:y,s1:p,s2:d,s3:g}=hr(e,a[0],a[1],a[2],a[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^y,u[r+1]=c[r+1]^p,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^g,f=f+1>>>0,o.setUint32(h,f,t),({s0:y,s1:p,s2:d,s3:g}=hr(e,a[0],a[1],a[2],a[3]));const w=Yt*Math.floor(c.length/4);if(w<l){const e=new Uint32Array([y,p,d,g]),t=It(e);for(let e=w,r=0;e<l;e++,r++)i[e]=n[e]^t[r];Ct(e)}return i}const pr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t){function r(r,n){if(vt(r),void 0!==n&&(vt(n),!Ft(n)))throw Error("unaligned destination");const i=ar(e),s=Ot(t),a=[i,s];Ft(r)||a.push(r=Ot(r));const o=fr(i,s,r,n);return Ct(...a),o}return{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const dr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t,r={}){const n=!r.disablePadding;return{encrypt(r,i){const s=ar(e),{b:a,o,out:c}=function(e,t,r){vt(e);let n=e.length;const i=n%Yt;if(!t&&0!==i)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Ft(e)||(e=Ot(e));const s=Bt(e);if(t){let e=Yt-i;e||(e=Yt),n+=e}return Qt(e,r=Mt(n,r)),{b:s,o:Bt(r),out:r}}(r,n,i);let u=t;const h=[s];Ft(u)||h.push(u=Ot(u));const l=Bt(u);let f=l[0],y=l[1],p=l[2],d=l[3],g=0;for(;g+4<=a.length;)f^=a[g+0],y^=a[g+1],p^=a[g+2],d^=a[g+3],({s0:f,s1:y,s2:p,s3:d}=hr(s,f,y,p,d)),o[g++]=f,o[g++]=y,o[g++]=p,o[g++]=d;if(n){const e=function(e){const t=new Uint8Array(16),r=Bt(t);t.set(e);const n=Yt-e.length;for(let e=Yt-n;e<Yt;e++)t[e]=n;return r}(r.subarray(4*g));f^=e[0],y^=e[1],p^=e[2],d^=e[3],({s0:f,s1:y,s2:p,s3:d}=hr(s,f,y,p,d)),o[g++]=f,o[g++]=y,o[g++]=p,o[g++]=d}return Ct(...h),c},decrypt(r,i){!function(e){if(vt(e),e.length%Yt!=0)throw Error("aes-(cbc/ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const s=or(e);let a=t;const o=[s];Ft(a)||o.push(a=Ot(a));const c=Bt(a);i=Mt(r.length,i),Ft(r)||o.push(r=Ot(r)),Qt(r,i);const u=Bt(r),h=Bt(i);let l=c[0],f=c[1],y=c[2],p=c[3];for(let e=0;e+4<=u.length;){const t=l,r=f,n=y,i=p;l=u[e+0],f=u[e+1],y=u[e+2],p=u[e+3];const{s0:a,s1:o,s2:c,s3:d}=lr(s,l,f,y,p);h[e++]=a^t,h[e++]=o^r,h[e++]=c^n,h[e++]=d^i}return Ct(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const n=e[r-1];if(n<=0||n>16)throw Error("aes/pcks5: wrong padding");const i=e.subarray(0,-n);for(let t=0;t<n;t++)if(e[r-t-1]!==n)throw Error("aes/pcks5: wrong padding");return i}(i,n)}}})),gr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t){function r(r,n,i){vt(r);const s=r.length;if(xt(r,i=Mt(s,i)))throw Error("overlapping src and dst not supported.");const a=ar(e);let o=t;const c=[a];Ft(o)||c.push(o=Ot(o)),Ft(r)||c.push(r=Ot(r));const u=Bt(r),h=Bt(i),l=n?h:u,f=Bt(o);let y=f[0],p=f[1],d=f[2],g=f[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:n,s3:i}=hr(a,y,p,d,g);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^n,h[e+3]=u[e+3]^i,y=l[e++],p=l[e++],d=l[e++],g=l[e++]}const w=Yt*Math.floor(u.length/4);if(w<s){({s0:y,s1:p,s2:d,s3:g}=hr(a,y,p,d,g));const e=It(new Uint32Array([y,p,d,g]));for(let t=w,n=0;t<s;t++,n++)i[t]=r[t]^e[n];Ct(e)}return Ct(...c),i}return{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));function wr(e,t,r,n,i){const s=i?i.length:0,a=e.create(r,n.length+s);i&&a.update(i);const o=function(e,t,r){const n=new Uint8Array(16),i=Ut(n);return Lt(i,0,BigInt(t),r),Lt(i,8,BigInt(e),r),n}(8*n.length,8*s,t);a.update(n),a.update(o);const c=a.digest();return Ct(o),c}const Ar=/* @__PURE__ */Tt({blockSize:16,nonceLength:12,tagLength:16,varSizeNonce:!0},(function(e,t,r){if(t.length<8)throw Error("aes/gcm: invalid nonce length");function n(e,t,n){const i=wr(Vt,!1,e,n,r);for(let e=0;e<t.length;e++)i[e]^=t[e];return i}function i(){const r=ar(e),n=Zt.slice(),i=Zt.slice();if(yr(r,!1,i,i,n),12===t.length)i.set(t);else{const e=Zt.slice();Lt(Ut(e),8,BigInt(8*t.length),!1);const r=Vt.create(n).update(t).update(e);r.digestInto(i),r.destroy()}return{xk:r,authKey:n,counter:i,tagMask:yr(r,!1,i,Zt)}}return{encrypt(e){const{xk:t,authKey:r,counter:s,tagMask:a}=i(),o=new Uint8Array(e.length+16),c=[t,r,s,a];Ft(e)||c.push(e=Ot(e)),yr(t,!1,s,e,o.subarray(0,e.length));const u=n(r,a,o.subarray(0,o.length-16));return c.push(u),o.set(u,e.length),Ct(...c),o},decrypt(e){const{xk:t,authKey:r,counter:s,tagMask:a}=i(),o=[t,r,a,s];Ft(e)||o.push(e=Ot(e));const c=e.subarray(0,-16),u=e.subarray(-16),h=n(r,a,c);if(o.push(h),!Rt(h,u))throw Error("aes/gcm: invalid ghash tag");const l=yr(t,!1,s,c);return Ct(...o),l}}}));function mr(e){return e instanceof Uint32Array||ArrayBuffer.isView(e)&&"Uint32Array"===e.constructor.name}function br(e,t){if(vt(t,16),!mr(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Bt(t);let{s0:n,s1:i,s2:s,s3:a}=hr(e,r[0],r[1],r[2],r[3]);return r[0]=n,r[1]=i,r[2]=s,r[3]=a,t}function kr(e,t){if(vt(t,16),!mr(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Bt(t);let{s0:n,s1:i,s2:s,s3:a}=lr(e,r[0],r[1],r[2],r[3]);return r[0]=n,r[1]=i,r[2]=s,r[3]=a,t}const Er={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=ar(e);if(16===t.length)br(r,t);else{const e=Bt(t);let n=e[0],i=e[1];for(let t=0,s=1;t<6;t++)for(let t=2;t<e.length;t+=2,s++){const{s0:a,s1:o,s2:c,s3:u}=hr(r,n,i,e[t],e[t+1]);n=a,i=o^tr(s),e[t]=c,e[t+1]=u}e[0]=n,e[1]=i}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=or(e),n=t.length/8-1;if(1===n)kr(r,t);else{const e=Bt(t);let i=e[0],s=e[1];for(let t=0,a=6*n;t<6;t++)for(let t=2*n;t>=1;t-=2,a--){s^=tr(a);const{s0:n,s1:o,s2:c,s3:u}=lr(r,i,s,e[t],e[t+1]);i=n,s=o,e[t]=c,e[t+1]=u}e[0]=i,e[1]=s}r.fill(0)}},vr=/* @__PURE__ */new Uint8Array(8).fill(166),Kr=/* @__PURE__ */Tt({blockSize:8},(e=>({encrypt(t){if(!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const n=e[r];vt(n),t+=n.length}const r=new Uint8Array(t);for(let t=0,n=0;t<e.length;t++){const i=e[t];r.set(i,n),n+=i.length}return r}(vr,t);return Er.encrypt(e,r),r},decrypt(t){if(t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=Ot(t);if(Er.decrypt(e,r),!Rt(r.subarray(0,8),vr))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),Sr={expandKeyLE:ar,expandKeyDecLE:or,encrypt:hr,decrypt:lr,encryptBlock:br,decryptBlock:kr,ctrCounter:fr,ctr32:yr};async function Ir(e){switch(e){case F.symmetric.aes128:case F.symmetric.aes192:case F.symmetric.aes256:throw Error("Not a legacy cipher");case F.symmetric.cast5:case F.symmetric.blowfish:case F.symmetric.twofish:case F.symmetric.tripledes:{const{legacyCiphers:t}=await Promise.resolve().then((function(){return by})),r=F.read(F.symmetric,e),n=t.get(r);if(!n)throw Error("Unsupported cipher algorithm");return n}default:throw Error("Unsupported cipher algorithm")}}function Br(e){switch(e){case F.symmetric.aes128:case F.symmetric.aes192:case F.symmetric.aes256:case F.symmetric.twofish:return 16;case F.symmetric.blowfish:case F.symmetric.cast5:case F.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function Cr(e){switch(e){case F.symmetric.aes128:case F.symmetric.blowfish:case F.symmetric.cast5:return 16;case F.symmetric.aes192:case F.symmetric.tripledes:return 24;case F.symmetric.aes256:case F.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function Ur(e){return{keySize:Cr(e),blockSize:Br(e)}}const Pr=_.getWebCrypto();async function Dr(e,t,r){const{keySize:n}=Ur(e);if(!_.isAES(e)||t.length!==n)throw Error("Unexpected algorithm or key size");try{const e=await Pr.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),n=await Pr.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),i=await Pr.wrapKey("raw",n,e,{name:"AES-KW"});return new Uint8Array(i)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;_.printDebugError("Browser did not support operation: "+e.message)}return Kr(t).encrypt(r)}async function xr(e,t,r){const{keySize:n}=Ur(e);if(!_.isAES(e)||t.length!==n)throw Error("Unexpected algorithm or key size");let i;try{i=await Pr.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return _.printDebugError("Browser did not support operation: "+e.message),Kr(t).decrypt(r)}try{const e=await Pr.unwrapKey("raw",r,i,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Pr.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}async function Qr(e,t,r,n,i){const s=_.getWebCrypto(),a=F.read(F.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const o=await s.importKey("raw",t,"HKDF",!1,["deriveBits"]),c=await s.deriveBits({name:"HKDF",hash:a,salt:r,info:n},o,8*i);return new Uint8Array(c)}const Rr={x25519:_.encodeUTF8("OpenPGP X25519"),x448:_.encodeUTF8("OpenPGP X448")};async function Tr(e){switch(e){case F.publicKey.x25519:try{const e=_.getWebCrypto(),t=await e.generateKey("X25519",!0,["deriveKey","deriveBits"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),r=await e.exportKey("jwk",t.privateKey),n=await e.exportKey("jwk",t.publicKey);if(r.x!==n.x){const e=Error("Unexpected mismatching public point");throw e.name="NotSupportedError",e}return{A:new Uint8Array(V(n.x)),k:V(r.d)}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy})),{secretKey:r,publicKey:n}=t.box.keyPair();return{A:n,k:r}}case F.publicKey.x448:{const e=await _.getNobleCurve(F.publicKey.x448),{secretKey:t,publicKey:r}=e.keygen();return{A:r,k:t}}default:throw Error("Unsupported ECDH algorithm")}}async function Mr(e,t,r){switch(e){case F.publicKey.x25519:try{const{ephemeralPublicKey:n,sharedSecret:i}=await Nr(e,t),s=await _r(e,n,t,r);return _.equalsUint8Array(i,s)}catch(e){return!1}case F.publicKey.x448:{const e=(await _.getNobleCurve(F.publicKey.x448)).getPublicKey(r);return _.equalsUint8Array(t,e)}default:return!1}}async function Lr(e,t,r){const{ephemeralPublicKey:n,sharedSecret:i}=await Nr(e,r),s=_.concatUint8Array([n,r,i]);switch(e){case F.publicKey.x25519:{const e=F.symmetric.aes128,{keySize:r}=Ur(e),i=await Qr(F.hash.sha256,s,new Uint8Array,Rr.x25519,r);return{ephemeralPublicKey:n,wrappedKey:await Dr(e,i,t)}}case F.publicKey.x448:{const e=F.symmetric.aes256,{keySize:r}=Ur(F.symmetric.aes256),i=await Qr(F.hash.sha512,s,new Uint8Array,Rr.x448,r);return{ephemeralPublicKey:n,wrappedKey:await Dr(e,i,t)}}default:throw Error("Unsupported ECDH algorithm")}}async function Fr(e,t,r,n,i){const s=await _r(e,t,n,i),a=_.concatUint8Array([t,n,s]);switch(e){case F.publicKey.x25519:{const e=F.symmetric.aes128,{keySize:t}=Ur(e);return xr(e,await Qr(F.hash.sha256,a,new Uint8Array,Rr.x25519,t),r)}case F.publicKey.x448:{const e=F.symmetric.aes256,{keySize:t}=Ur(F.symmetric.aes256);return xr(e,await Qr(F.hash.sha512,a,new Uint8Array,Rr.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}}function Or(e){switch(e){case F.publicKey.x25519:return 32;case F.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function Nr(e,t){switch(e){case F.publicKey.x25519:try{const r=_.getWebCrypto(),n=await r.generateKey("X25519",!0,["deriveKey","deriveBits"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),i=await r.exportKey("jwk",n.publicKey);if((await r.exportKey("jwk",n.privateKey)).x!==i.x){const e=Error("Unexpected mismatching public point");throw e.name="NotSupportedError",e}const s=zr(e,t),a=await r.importKey("jwk",s,"X25519",!1,[]),o=await r.deriveBits({name:"X25519",public:a},n.privateKey,8*Or(e));return{sharedSecret:new Uint8Array(o),ephemeralPublicKey:new Uint8Array(V(i.x))}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:r}=await Promise.resolve().then((function(){return sy})),{secretKey:n,publicKey:i}=r.box.keyPair(),s=r.scalarMult(n,t);return Hr(s),{ephemeralPublicKey:i,sharedSecret:s}}case F.publicKey.x448:{const e=await _.getNobleCurve(F.publicKey.x448),{secretKey:r,publicKey:n}=e.keygen(),i=e.getSharedSecret(r,t);return Hr(i),{ephemeralPublicKey:n,sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function _r(e,t,r,n){switch(e){case F.publicKey.x25519:try{const i=_.getWebCrypto(),s=function(e,t,r){if(e===F.publicKey.x25519){const n=zr(e,t);return n.d=Y(r),n}throw Error("Unsupported ECDH algorithm")}(e,r,n),a=zr(e,t),o=await i.importKey("jwk",s,"X25519",!1,["deriveKey","deriveBits"]),c=await i.importKey("jwk",a,"X25519",!1,[]),u=await i.deriveBits({name:"X25519",public:c},o,8*Or(e));return new Uint8Array(u)}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:r}=await Promise.resolve().then((function(){return sy})),i=r.scalarMult(n,t);return Hr(i),i}case F.publicKey.x448:{const e=(await _.getNobleCurve(F.publicKey.x448)).getSharedSecret(n,t);return Hr(e),e}default:throw Error("Unsupported ECDH algorithm")}}function Hr(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}function zr(e,t){if(e===F.publicKey.x25519){return{kty:"OKP",crv:"X25519",x:Y(t),ext:!0}}throw Error("Unsupported ECDH algorithm")}var Gr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:Fr,encrypt:Lr,generate:Tr,generateEphemeralEncryptionMaterial:Nr,getPayloadSize:Or,recomputeSharedSecret:_r,validateParams:Mr});const qr=_.getWebCrypto(),jr=_.getNodeCrypto(),Vr={[F.curve.nistP256]:"P-256",[F.curve.nistP384]:"P-384",[F.curve.nistP521]:"P-521"},Yr=jr?jr.getCurves():[],Zr=jr?{[F.curve.secp256k1]:Yr.includes("secp256k1")?"secp256k1":void 0,[F.curve.nistP256]:Yr.includes("prime256v1")?"prime256v1":void 0,[F.curve.nistP384]:Yr.includes("secp384r1")?"secp384r1":void 0,[F.curve.nistP521]:Yr.includes("secp521r1")?"secp521r1":void 0,[F.curve.ed25519Legacy]:Yr.includes("ED25519")?"ED25519":void 0,[F.curve.curve25519Legacy]:Yr.includes("X25519")?"X25519":void 0,[F.curve.brainpoolP256r1]:Yr.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[F.curve.brainpoolP384r1]:Yr.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[F.curve.brainpoolP512r1]:Yr.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},Jr={[F.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.nistP256],web:Vr[F.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[F.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:F.publicKey.ecdsa,hash:F.hash.sha384,cipher:F.symmetric.aes192,node:Zr[F.curve.nistP384],web:Vr[F.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[F.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:F.publicKey.ecdsa,hash:F.hash.sha512,cipher:F.symmetric.aes256,node:Zr[F.curve.nistP521],web:Vr[F.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[F.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[F.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:F.publicKey.eddsaLegacy,hash:F.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[F.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:F.publicKey.ecdh,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[F.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[F.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:F.publicKey.ecdsa,hash:F.hash.sha384,cipher:F.symmetric.aes192,node:Zr[F.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[F.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:F.publicKey.ecdsa,hash:F.hash.sha512,cipher:F.symmetric.aes256,node:Zr[F.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class Xr{constructor(e){try{this.name=e instanceof tt?e.getName():F.write(F.curve,e)}catch(e){throw new ut("Unknown curve")}const t=Jr[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&_.getWebCrypto()?this.type="web":this.node&&_.getNodeCrypto()?this.type="node":this.name===F.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===F.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await qr.generateKey({name:"ECDSA",namedCurve:Vr[e]},!0,["sign","verify"]),n=await qr.exportKey("jwk",r.privateKey);return{publicKey:nn(await qr.exportKey("jwk",r.publicKey),t),privateKey:V(n.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return _.printDebugError("Browser did not support generating ec key "+e.message),rn(this.name)}case"node":return async function(e){const t=jr.createECDH(Zr[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await Tr(F.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:_.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await yt(F.publicKey.ed25519);return{publicKey:_.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return rn(this.name)}}}async function Wr(e){const t=new Xr(e),{oid:r,hash:n,cipher:i}=t,s=await t.genKeyPair();return{oid:r,Q:s.publicKey,secret:_.leftPad(s.privateKey,t.payloadSize),hash:n,cipher:i}}function $r(e){return Jr[e.getName()].hash}async function en(e,t,r,n){const i={[F.curve.nistP256]:!0,[F.curve.nistP384]:!0,[F.curve.nistP521]:!0,[F.curve.secp256k1]:!0,[F.curve.curve25519Legacy]:e===F.publicKey.ecdh,[F.curve.brainpoolP256r1]:!0,[F.curve.brainpoolP384r1]:!0,[F.curve.brainpoolP512r1]:!0},s=t.getName();if(!i[s])return!1;if(s===F.curve.curve25519Legacy){const e=n.slice().reverse();return!(r.length<1||64!==r[0])&&Mr(F.publicKey.x25519,r.subarray(1),e)}const a=(await _.getNobleCurve(F.publicKey.ecdsa,s)).getPublicKey(n,!1);return!!_.equalsUint8Array(a,r)}function tn(e,t){const{payloadSize:r,wireFormatLeadingByte:n,name:i}=e,s=i===F.curve.curve25519Legacy||i===F.curve.ed25519Legacy?r:2*r;if(t[0]!==n||t.length!==s+1)throw Error("Invalid point encoding")}async function rn(e){const t=await _.getNobleCurve(F.publicKey.ecdsa,e),{secretKey:r}=t.keygen();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function nn(e,t){const r=V(e.x),n=V(e.y),i=new Uint8Array(r.length+n.length+1);return i[0]=t,i.set(r,1),i.set(n,r.length+1),i}function sn(e,t,r){const n=e,i=r.slice(1,n+1),s=r.slice(n+1,2*n+1);return{kty:"EC",crv:t,x:Y(i),y:Y(s),ext:!0}}function an(e,t,r,n){const i=sn(e,t,r);return i.d=Y(n),i}const on=_.getWebCrypto(),cn=_.getNodeCrypto();async function un(e,t,r,n,i,s){const a=new Xr(e);if(tn(a,n),r&&!_.isStream(r)){const e={publicKey:n,privateKey:i};switch(a.type){case"web":try{return await async function(e,t,r,n){const i=e.payloadSize,s=an(e.payloadSize,Vr[e.name],n.publicKey,n.privateKey),a=await on.importKey("jwk",s,{name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await on.sign({name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,t)}},a,r));return{r:o.slice(0,i),s:o.slice(i,i<<1)}}(a,t,r,e)}catch(e){if("nistP521"!==a.name&&("DataError"===e.name||"OperationError"===e.name))throw e;_.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,n){const i=_.nodeRequire("eckey-utils"),s=_.getNodeBuffer(),{privateKey:a}=i.generateDer({curveName:Zr[e.name],privateKey:s.from(n)}),o=cn.createSign(F.read(F.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:a,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(a,t,r,i)}}const o=(await _.getNobleCurve(F.publicKey.ecdsa,a.name)).sign(s,i,{lowS:!1});return{r:de(o.r,"be",a.payloadSize),s:de(o.s,"be",a.payloadSize)}}async function hn(e,t,r,n,i,s){const a=new Xr(e);tn(a,i);const o=async()=>0===s[0]&&ln(a,r,s.subarray(1),i);if(n&&!_.isStream(n))switch(a.type){case"web":try{const e=await async function(e,t,{r,s:n},i,s){const a=sn(e.payloadSize,Vr[e.name],s),o=await on.importKey("jwk",a,{name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,e.hash)}},!1,["verify"]),c=_.concatUint8Array([r,n]).buffer;return on.verify({name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,t)}},o,c,i)}(a,t,r,n,i);return e||o()}catch(e){if("nistP521"!==a.name&&("DataError"===e.name||"OperationError"===e.name))throw e;_.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:n},i,s){const a=_.nodeRequire("eckey-utils"),o=_.getNodeBuffer(),{publicKey:c}=a.generateDer({curveName:Zr[e.name],publicKey:o.from(s)}),u=cn.createVerify(F.read(F.hash,t));u.write(i),u.end();const h=_.concatUint8Array([r,n]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(a,t,r,n,i);return e||o()}}return await ln(a,r,s,i)||o()}async function ln(e,t,r,n){return(await _.getNobleCurve(F.publicKey.ecdsa,e.name)).verify(_.concatUint8Array([t.r,t.s]),r,n,{lowS:!1})}var fn=/*#__PURE__*/Object.freeze({__proto__:null,sign:un,validateParams:async function(e,t,r){const n=new Xr(e);if(n.keyType!==F.publicKey.ecdsa)return!1;switch(n.type){case"web":case"node":{const n=we(8),i=F.hash.sha256,s=await Le(i,n);try{const a=await un(e,i,n,t,r,s);return await hn(e,i,a,n,t,s)}catch(e){return!1}}default:return en(F.publicKey.ecdsa,e,t,r)}},verify:hn});async function yn(e,t,r,n,i,s){tn(new Xr(e),n);const{RS:a}=await pt(F.publicKey.ed25519,0,0,n.subarray(1),i,s);return{r:a.subarray(0,32),s:a.subarray(32)}}async function pn(e,t,{r,s:n},i,s,a){tn(new Xr(e),s);const o=_.concatUint8Array([r,n]);return dt(F.publicKey.ed25519,0,{RS:o},0,s.subarray(1),a)}async function dn(e,t,r){return e.getName()===F.curve.ed25519Legacy&&(!(t.length<1||64!==t[0])&&gt(F.publicKey.ed25519,t.subarray(1),r))}var gn=/*#__PURE__*/Object.freeze({__proto__:null,sign:yn,validateParams:dn,verify:pn});function wn(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const n=e.subarray(t-r),i=new Uint8Array(r).fill(r);if(_.equalsUint8Array(n,i))return e.subarray(0,t-r)}}throw Error("Invalid padding")}function An(e,t,r,n){return _.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),_.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||n])}async function mn(e,t,r,n,i=!1,s=!1){let a;if(i){for(a=0;a<t.length&&0===t[a];a++);t=t.subarray(a)}if(s){for(a=t.length-1;a>=0&&0===t[a];a--);t=t.subarray(0,a+1)}return(await Le(e,_.concatUint8Array([new Uint8Array([0,0,0,1]),t,n]))).subarray(0,r)}async function bn(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:n}=await Nr(F.publicKey.x25519,t.subarray(1));return{publicKey:_.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),n]),sharedKey:r}}case"web":if(e.web&&_.getWebCrypto())try{return await async function(e,t){const r=_.getWebCrypto(),n=sn(e.payloadSize,e.web,t);let i=r.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),s=r.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!1,[]);[i,s]=await Promise.all([i,s]);let a=r.deriveBits({name:"ECDH",namedCurve:e.web,public:s},i.privateKey,e.sharedSize),o=r.exportKey("jwk",i.publicKey);[a,o]=await Promise.all([a,o]);const c=new Uint8Array(a),u=new Uint8Array(nn(o,e.wireFormatLeadingByte));return{publicKey:u,sharedKey:c}}(e,t)}catch(r){return _.printDebugError(r),Sn(e,t)}break;case"node":return async function(e,t){const r=_.getNodeCrypto(),n=r.createECDH(e.node);n.generateKeys();const i=new Uint8Array(n.computeSecret(t));return{publicKey:new Uint8Array(n.getPublicKey()),sharedKey:i}}(e,t);default:return Sn(e,t)}}async function kn(e,t,r,n,i){const s=function(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}(r),a=new Xr(e);tn(a,n);const{publicKey:o,sharedKey:c}=await bn(a,n),u=An(F.publicKey.ecdh,e,t,i),{keySize:h}=Ur(t.cipher),l=await mn(t.hash,c,h,u);return{publicKey:o,wrappedKey:await Dr(t.cipher,l,s)}}async function En(e,t,r,n){if(n.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(n,e.payloadSize-n.length),n=t}switch(e.type){case"curve25519Legacy":{const e=n.slice().reverse();return{secretKey:e,sharedKey:await _r(F.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&_.getWebCrypto())try{return await async function(e,t,r,n){const i=_.getWebCrypto(),s=an(e.payloadSize,e.web,r,n);let a=i.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const o=sn(e.payloadSize,e.web,t);let c=i.importKey("jwk",o,{name:"ECDH",namedCurve:e.web},!0,[]);[a,c]=await Promise.all([a,c]);let u=i.deriveBits({name:"ECDH",namedCurve:e.web,public:c},a,e.sharedSize),h=i.exportKey("jwk",a);[u,h]=await Promise.all([u,h]);const l=new Uint8Array(u);return{secretKey:V(h.d),sharedKey:l}}(e,t,r,n)}catch(r){return _.printDebugError(r),Kn(e,t,n)}break;case"node":return async function(e,t,r){const n=_.getNodeCrypto(),i=n.createECDH(e.node);i.setPrivateKey(r);const s=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:s}}(e,t,n);default:return Kn(e,t,n)}}async function vn(e,t,r,n,i,s,a){const o=new Xr(e);tn(o,i),tn(o,r);const{sharedKey:c}=await En(o,r,i,s),u=An(F.publicKey.ecdh,e,t,a),{keySize:h}=Ur(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await mn(t.hash,c,h,u,1===e,2===e);return wn(await xr(t.cipher,r,n))}catch(e){l=e}throw l}async function Kn(e,t,r){return{secretKey:r,sharedKey:(await _.getNobleCurve(F.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Sn(e,t){const r=await _.getNobleCurve(F.publicKey.ecdh,e.name),{publicKey:n,privateKey:i}=await e.genKeyPair();return{publicKey:n,sharedKey:r.getSharedSecret(i,t).subarray(1)}}var In=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:vn,encrypt:kn,validateParams:async function(e,t,r){return en(F.publicKey.ecdh,e,t,r)}}),Bn=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:Xr,ecdh:In,ecdhX:Gr,ecdsa:fn,eddsa:kt,eddsaLegacy:gn,generate:Wr,getPreferredHashAlgo:$r});const Cn=BigInt(0),Un=BigInt(1);const Pn=new Set([F.hash.sha1,F.hash.sha256,F.hash.sha512]),Dn=_.getWebCrypto(),xn=_.getNodeCrypto();async function Qn(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp})),{publicKey:r,secretKey:n}=e.keygen(t);return{mlkemPublicKey:r,mlkemSecretKey:n}}throw Error("Unsupported KEM algorithm")}async function Rn(e){const{eccPublicKey:t,eccSecretKey:r}=await async function(e){if(e===F.publicKey.pqc_mlkem_x25519){const{A:e,k:t}=await Tr(F.publicKey.x25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported KEM algorithm")}(e),{mlkemPublicKey:n,mlkemSeed:i,mlkemSecretKey:s}=await async function(e){if(e===F.publicKey.pqc_mlkem_x25519){const t=we(64),{mlkemSecretKey:r,mlkemPublicKey:n}=await Qn(e,t);return{mlkemSeed:t,mlkemSecretKey:r,mlkemPublicKey:n}}throw Error("Unsupported KEM algorithm")}(e);return{eccPublicKey:t,eccSecretKey:r,mlkemPublicKey:n,mlkemSeed:i,mlkemSecretKey:s}}async function Tn(e,t,r,n){const{eccKeyShare:i,eccCipherText:s}=await async function(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ephemeralPublicKey:e,sharedSecret:r}=await Nr(F.publicKey.x25519,t);return{eccCipherText:e,eccKeyShare:r}}throw Error("Unsupported KEM algorithm")}(e,t),{mlkemKeyShare:a,mlkemCipherText:o}=await async function(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp})),{cipherText:r,sharedSecret:n}=e.encapsulate(t);return{mlkemCipherText:r,mlkemKeyShare:n}}throw Error("Unsupported KEM algorithm")}(e,r),c=await Ln(e,a,i,s,t);return{eccCipherText:s,mlkemCipherText:o,wrappedKey:await Dr(F.symmetric.aes256,c,n)}}async function Mn(e,t,r,n,i,s,a,o){const c=await async function(e,t,r,n){if(e===F.publicKey.pqc_mlkem_x25519)return await _r(F.publicKey.x25519,t,n,r);throw Error("Unsupported KEM algorithm")}(e,t,n,i),u=await async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp}));return e.decapsulate(t,r)}throw Error("Unsupported KEM algorithm")}(e,r,s),h=await Ln(e,u,c,t,i);return await xr(F.symmetric.aes256,h,o)}async function Ln(e,t,r,n,i){const s=_.encodeUTF8("OpenPGPCompositeKDFv1"),a=_.concatUint8Array([t,r,n,i,new Uint8Array([e]),s,new Uint8Array([s.length])]);return await Le(F.hash.sha3_256,a)}async function Fn(e,t,r,n,i){const s=async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519)return Mr(F.publicKey.x25519,t,r);throw Error("Unsupported KEM algorithm")}(e,t,r),a=async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519){const{mlkemPublicKey:n}=await Qn(e,r);return _.equalsUint8Array(t,n)}throw Error("Unsupported KEM algorithm")}(e,n,i);return await s&&await a}async function On(e,t){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp})),{secretKey:r,publicKey:n}=e.keygen(t);return{mldsaSecretKey:r,mldsaPublicKey:n}}throw Error("Unsupported signature algorithm")}async function Nn(e){if(e===F.publicKey.pqc_mldsa_ed25519){const{eccSecretKey:t,eccPublicKey:r}=await async function(e){if(e===F.publicKey.pqc_mldsa_ed25519){const{A:e,seed:t}=await yt(F.publicKey.ed25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported signature algorithm")}(e),{mldsaSeed:n,mldsaSecretKey:i,mldsaPublicKey:s}=await async function(e){if(e===F.publicKey.pqc_mldsa_ed25519){const t=we(32),{mldsaSecretKey:r,mldsaPublicKey:n}=await On(e,t);return{mldsaSeed:t,mldsaSecretKey:r,mldsaPublicKey:n}}throw Error("Unsupported signature algorithm")}(e);return{eccSecretKey:t,eccPublicKey:r,mldsaSeed:n,mldsaSecretKey:i,mldsaPublicKey:s}}throw Error("Unsupported signature algorithm")}async function _n(e,t,r,n,i,s){if(e===F.publicKey.pqc_mldsa_ed25519){const{eccSignature:t}=await async function(e,t,r,n,i){if(e===F.publicKey.pqc_mldsa_ed25519){const{RS:e}=await pt(F.publicKey.ed25519,0,0,n,r,i);return{eccSignature:e}}throw Error("Unsupported signature algorithm")}(e,0,r,n,s),{mldsaSignature:a}=await async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp}));return{mldsaSignature:e.sign(t,r)}}throw Error("Unsupported signature algorithm")}(e,i,s);return{eccSignature:t,mldsaSignature:a}}throw Error("Unsupported signature algorithm")}async function Hn(e,t,r,n,i,{eccSignature:s,mldsaSignature:a}){if(e===F.publicKey.pqc_mldsa_ed25519){const t=async function(e,t,r,n,i){if(e===F.publicKey.pqc_mldsa_ed25519)return dt(F.publicKey.ed25519,0,{RS:i},0,r,n);throw Error("Unsupported signature algorithm")}(e,0,r,i,s),o=async function(e,t,r,n){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp}));return e.verify(t,r,n)}throw Error("Unsupported signature algorithm")}(e,n,i,a);return await t&&await o}throw Error("Unsupported signature algorithm")}function zn(e,t){if(e===F.publicKey.pqc_mldsa_ed25519)return Fe(t)>=32;throw Error("Unsupported signature algorithm")}async function Gn(e,t,r,n,i){const s=async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519)return gt(F.publicKey.ed25519,t,r);throw Error("Unsupported signature algorithm")}(e,t,r),a=async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519){const{mldsaPublicKey:n}=await On(e,r);return _.equalsUint8Array(t,n)}throw Error("Unsupported signature algorithm")}(e,n,i);return await s&&await a}class qn{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return _.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class jn{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!_.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return _.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}class Vn{constructor(e){if(e){const{version:t,hash:r,cipher:n,replacementFingerprint:i}=e;this.version=t||1,this.hash=r,this.cipher=n,this.replacementFingerprint=i}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new ut("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const n=t-r+1;this.replacementFingerprint=e.slice(r,r+n),r+=n}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return _.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const Yn=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=F.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return F.read(e,this.data)}getValue(){return this.data}},Zn=Yn(F.aead),Jn=Yn(F.symmetric),Xn=Yn(F.hash);class Wn{static fromObject({wrappedKey:e,algorithm:t}){const r=new Wn;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=_.readExactSubarray(e,t,t+r),t+=r}write(){return _.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}const $n=_.getWebCrypto(),ei=_.getNodeCrypto(),ti=ei?ei.getCiphers():[],ri={idea:ti.includes("idea-cfb")?"idea-cfb":void 0,tripledes:ti.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:ti.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:ti.includes("bf-cfb")?"bf-cfb":void 0,aes128:ti.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:ti.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:ti.includes("aes-256-cfb")?"aes-256-cfb":void 0};async function ni(e){const{blockSize:t}=Ur(e),r=await we(t),n=new Uint8Array([r[r.length-2],r[r.length-1]]);return _.concat([r,n])}async function ii(e,t,r,n,i){const s=F.read(F.symmetric,e);if(_.getNodeCrypto()&&ri[s])return function(e,t,r,n){const i=F.read(F.symmetric,e),s=new ei.createCipheriv(ri[i],t,n);return S(r,(e=>new Uint8Array(s.update(e))))}(e,t,r,n);if(_.isAES(e))return async function(e,t,r,n){if($n&&await ai.isSupported(e)){const i=new ai(e,t,n);return _.isStream(r)?S(r,(e=>i.encryptChunk(e)),(()=>i.finish())):i.encrypt(r)}if(_.isStream(r)){const i=new oi(!0,e,t,n);return S(r,(e=>i.processChunk(e)),(()=>i.finish()))}return gr(t,n).encrypt(r)}(e,t,r,n);const a=new(await Ir(e))(t),o=a.blockSize,c=n.slice();let u=new Uint8Array;const h=e=>{e&&(u=_.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,n=0;for(;e?u.length>=o:u.length;){const e=a.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[n++]=c[r];u=u.subarray(o)}return t.subarray(0,n)};return S(r,h,h)}async function si(e,t,r,n){const i=F.read(F.symmetric,e);if(ei&&ri[i])return function(e,t,r,n){const i=F.read(F.symmetric,e),s=new ei.createDecipheriv(ri[i],t,n);return S(r,(e=>new Uint8Array(s.update(e))))}(e,t,r,n);if(_.isAES(e))return async function(e,t,r,n){if(_.isStream(r)){const i=new oi(!1,e,t,n);return S(r,(e=>i.processChunk(e)),(()=>i.finish()))}return gr(t,n).decrypt(r)}(e,t,r,n);const s=new(await Ir(e))(t),a=s.blockSize;let o=n,c=new Uint8Array;const u=e=>{e&&(c=_.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,n=0;for(;e?c.length>=a:c.length;){const e=s.encrypt(o);for(o=c.subarray(0,a),r=0;r<a;r++)t[n++]=o[r]^e[r];c=c.subarray(a)}return t.subarray(0,n)};return S(r,u,u)}class ai{constructor(e,t,r){const{blockSize:n}=Ur(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=Ur(e);return $n.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await $n.importKey("raw",this.key,r,!1,["encrypt"]);const n=await $n.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(n).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,n=_.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),i=_.concatUint8Array([this.prevBlock,n.subarray(0,n.length-this.blockSize)]),s=await this._runCBC(i);return ci(s,n),this.prevBlock=s.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,s}let n;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;n=await this._runCBC(this.prevBlock),ci(n,t),this.prevBlock=n.slice(),this.i=0;const i=e.subarray(r.length);this.nextBlock.set(i,this.i),this.i+=i.length}else n=new Uint8Array;return n}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);ci(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(_.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return ci(t,e),this.clearSensitiveData(),t}}class oi{constructor(e,t,r,n){this.forEncryption=e;const{blockSize:i}=Ur(t);this.key=Sr.expandKeyLE(r),n.byteOffset%4!=0&&(n=n.slice()),this.prevBlock=ui(n),this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i}_runCFB(e){const t=ui(e),r=new Uint8Array(e.length),n=ui(r);for(let e=0;e+4<=n.length;e+=4){const{s0:r,s1:i,s2:s,s3:a}=Sr.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);n[e+0]=t[e+0]^r,n[e+1]=t[e+1]^i,n[e+2]=t[e+2]^s,n[e+3]=t[e+3]^a,this.prevBlock=(this.forEncryption?n:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,n=_.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),i=this._runCFB(n);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,i}let n;if(this.i+=r.length,this.i===this.nextBlock.length){n=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else n=new Uint8Array;return n}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function ci(e,t){const r=Math.min(e.length,t.length);for(let n=0;n<r;n++)e[n]=e[n]^t[n]}const ui=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));const hi=_.getWebCrypto(),li=_.getNodeCrypto(),fi=16;function yi(e,t){const r=e.length-fi;for(let n=0;n<fi;n++)e[n+r]^=t[n];return e}const pi=new Uint8Array(fi);async function di(e){const t=await gi(e),r=_.double(await t(pi)),n=_.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%fi==0)return yi(e,t);const n=new Uint8Array(e.length+(fi-e.length%fi));return n.set(e),n[e.length]=128,yi(n,r)}(e,r,n))).subarray(-16)}}async function gi(e){if(_.getNodeCrypto())return async function(t){const r=new li.createCipheriv("aes-"+8*e.length+"-cbc",e,pi).update(t);return new Uint8Array(r)};if(_.getWebCrypto())try{return e=await hi.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await hi.encrypt({name:"AES-CBC",iv:pi,length:128},e,t);return new Uint8Array(r).subarray(0,r.byteLength-fi)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;_.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return dr(e,pi,{disablePadding:!0}).encrypt(t)}}const wi=_.getWebCrypto(),Ai=_.getNodeCrypto(),mi=_.getNodeBuffer(),bi=16,ki=bi,Ei=new Uint8Array(bi),vi=new Uint8Array(bi);vi[15]=1;const Ki=new Uint8Array(bi);async function Si(e){const t=await di(e);return function(e,r){return t(_.concatUint8Array([e,r]))}}async function Ii(e){if(_.getNodeCrypto())return async function(t,r){const n=new Ai.createCipheriv("aes-"+8*e.length+"-ctr",e,r),i=mi.concat([n.update(t),n.final()]);return new Uint8Array(i)};if(_.getWebCrypto())try{const t=await wi.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const n=await wi.encrypt({name:"AES-CTR",counter:r,length:128},t,e);return new Uint8Array(n)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;_.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return pr(e,r).encrypt(t)}}async function Bi(e,t){if(e!==F.symmetric.aes128&&e!==F.symmetric.aes192&&e!==F.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,n]=await Promise.all([Si(t),Ii(t)]);return{encrypt:async function(e,t,i){const[s,a]=await Promise.all([r(Ei,t),r(vi,i)]),o=await n(e,s),c=await r(Ki,o);for(let e=0;e<ki;e++)c[e]^=a[e]^s[e];return _.concatUint8Array([o,c])},decrypt:async function(e,t,i){if(e.length<ki)throw Error("Invalid EAX ciphertext");const s=e.subarray(0,-16),a=e.subarray(-16),[o,c,u]=await Promise.all([r(Ei,t),r(vi,i),r(Ki,s)]),h=u;for(let e=0;e<ki;e++)h[e]^=c[e]^o[e];if(!_.equalsUint8Array(a,h))throw Error("Authentication tag mismatch");return await n(s,o)}}}Ki[15]=2,Bi.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Bi.blockLength=bi,Bi.ivLength=16,Bi.tagLength=ki;const Ci=16,Ui=16;function Pi(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Di(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function xi(e,t){return Di(e.slice(),t)}const Qi=new Uint8Array(Ci),Ri=new Uint8Array([1]);async function Ti(e,t){const{keySize:r}=Ur(e);if(!_.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let n=0;const i=e=>dr(t,Qi,{disablePadding:!0}).encrypt(e),s=e=>dr(t,Qi,{disablePadding:!0}).decrypt(e);let a;function o(e,t,r,s){const o=t.length/Ci|0;!function(e,t){const r=_.nbits(Math.max(e.length,t.length)/Ci|0)-1;for(let e=n+1;e<=r;e++)a[e]=_.double(a[e-1]);n=r}(t,s);const c=_.concatUint8Array([Qi.subarray(0,15-r.length),Ri,r]),u=63&c[15];c[15]&=192;const h=i(c),l=_.concatUint8Array([h,xi(h.subarray(0,8),h.subarray(1,9))]),f=_.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),y=new Uint8Array(Ci),p=new Uint8Array(t.length+Ui);let d,g=0;for(d=0;d<o;d++)Di(f,a[Pi(d+1)]),p.set(Di(e(xi(f,t)),f),g),Di(y,e===i?t:p.subarray(g)),t=t.subarray(Ci),g+=Ci;if(t.length){Di(f,a.x);const r=i(f);p.set(xi(t,r),g);const n=new Uint8Array(Ci);n.set(e===i?t:p.subarray(g,-16),0),n[t.length]=128,Di(y,n),g+=t.length}const w=Di(i(Di(Di(y,f),a.$)),function(e){if(!e.length)return Qi;const t=e.length/Ci|0,r=new Uint8Array(Ci),n=new Uint8Array(Ci);for(let s=0;s<t;s++)Di(r,a[Pi(s+1)]),Di(n,i(xi(r,e))),e=e.subarray(Ci);if(e.length){Di(r,a.x);const t=new Uint8Array(Ci);t.set(e,0),t[e.length]=128,Di(t,r),Di(n,i(t))}return n}(s));return p.set(w,g),p}return function(){const e=i(Qi),t=_.double(e);a=[],a[0]=_.double(t),a.x=e,a.$=t}(),{encrypt:async function(e,t,r){return o(i,e,t,r)},decrypt:async function(e,t,r){if(e.length<Ui)throw Error("Invalid OCB ciphertext");const n=e.subarray(-16);e=e.subarray(0,-16);const i=o(s,e,t,r);if(_.equalsUint8Array(n,i.subarray(-16)))return i.subarray(0,-16);throw Error("Authentication tag mismatch")}}}Ti.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},Ti.blockLength=Ci,Ti.ivLength=15,Ti.tagLength=Ui;const Mi=_.getWebCrypto(),Li=_.getNodeCrypto(),Fi=_.getNodeBuffer(),Oi=16,Ni="AES-GCM";async function _i(e,t){if(e!==F.symmetric.aes128&&e!==F.symmetric.aes192&&e!==F.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(_.getNodeCrypto())return{encrypt:async function(e,r,n=new Uint8Array){const i=new Li.createCipheriv("aes-"+8*t.length+"-gcm",t,r);i.setAAD(n);const s=Fi.concat([i.update(e),i.final(),i.getAuthTag()]);return new Uint8Array(s)},decrypt:async function(e,r,n=new Uint8Array){const i=new Li.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);i.setAAD(n),i.setAuthTag(e.slice(e.length-Oi,e.length));const s=Fi.concat([i.update(e.slice(0,e.length-Oi)),i.final()]);return new Uint8Array(s)}};if(_.getWebCrypto())try{const e=await Mi.importKey("raw",t,{name:Ni},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(n,i,s=new Uint8Array){if(r&&!n.length)return Ar(t,i,s).encrypt(n);const a=await Mi.encrypt({name:Ni,iv:i,additionalData:s,tagLength:128},e,n);return new Uint8Array(a)},decrypt:async function(n,i,s=new Uint8Array){if(r&&n.length===Oi)return Ar(t,i,s).decrypt(n);try{const t=await Mi.decrypt({name:Ni,iv:i,additionalData:s,tagLength:128},e,n);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;_.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,n){return Ar(t,r,n).encrypt(e)},decrypt:async function(e,r,n){return Ar(t,r,n).decrypt(e)}}}function Hi(e,t=!1){switch(e){case F.aead.eax:return Bi;case F.aead.ocb:return Ti;case F.aead.gcm:return _i;case F.aead.experimentalGCM:if(!t)throw Error("Unexpected non-standard `experimentalGCM` AEAD algorithm provided in `config.preferredAEADAlgorithm`: use `gcm` instead");return _i;default:throw Error("Unsupported AEAD mode")}}async function zi(e,t,r,n,i,s){switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ye(i,e,t)}}case F.publicKey.elgamal:{const{p:e,g:t,y:n}=r;return async function(e,t,r,n){t=ae(t),r=ae(r),n=ae(n);const i=ae(Ne(e,pe(t))),s=Ae($e,t-$e);return{c1:de(ce(r,s,t)),c2:de(oe(ce(n,s,t)*i,t))}}(i,e,t,n)}case F.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:n}=r,{publicKey:a,wrappedKey:o}=await kn(e,n,i,t,s);return{V:a,C:new qn(o)}}case F.publicKey.x25519:case F.publicKey.x448:{if(t&&!_.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:n}=r,{ephemeralPublicKey:s,wrappedKey:a}=await Lr(e,i,n);return{ephemeralPublicKey:s,C:Wn.fromObject({algorithm:t,wrappedKey:a})}}case F.publicKey.aead:{if(!n)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:s}=n,a=O.preferredAEADAlgorithm,o=Hi(O.preferredAEADAlgorithm),{ivLength:c}=o,u=we(c),h=await o(t,s),l=await h.encrypt(i,u,new Uint8Array);return{aeadMode:new Zn(a),iv:u,c:new jn(l)}}case F.publicKey.pqc_mlkem_x25519:{const{eccPublicKey:n,mlkemPublicKey:s}=r,{eccCipherText:a,mlkemCipherText:o,wrappedKey:c}=await Tn(e,n,s,i);return{eccCipherText:a,mlkemCipherText:o,C:Wn.fromObject({algorithm:t,wrappedKey:c})}}default:return[]}}async function Gi(e,t,r,n,i,s){switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:{const{c:e}=n,{n:i,e:a}=t,{d:o,p:c,q:u,u:h}=r;return Ze(e,i,a,o,c,u,h,s)}case F.publicKey.elgamal:{const{c1:e,c2:i}=n;return async function(e,t,r,n,i){return e=ae(e),t=ae(t),r=ae(r),_e(de(oe(he(ce(e,n=ae(n),r),r)*t,r),"be",pe(r)),i)}(e,i,t.p,r.x,s)}case F.publicKey.ecdh:{const{oid:e,Q:s,kdfParams:a}=t,{d:o}=r,{V:c,C:u}=n;return vn(e,a,c,u.data,s,o,i)}case F.publicKey.x25519:case F.publicKey.x448:{const{A:i}=t,{k:s}=r,{ephemeralPublicKey:a,C:o}=n;if(null!==o.algorithm&&!_.isAES(o.algorithm))throw Error("AES session key expected");return Fr(e,a,o.wrappedKey,i,s)}case F.publicKey.aead:{const{cipher:e}=t,i=e.getValue(),{keyMaterial:s}=r,{aeadMode:a,iv:o,c}=n,u=Hi(a.getValue());return(await u(i,s)).decrypt(c.data,o,new Uint8Array)}case F.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:i,mlkemSecretKey:s}=r,{eccPublicKey:a,mlkemPublicKey:o}=t,{eccCipherText:c,mlkemCipherText:u,C:h}=n;return Mn(e,c,u,i,a,s,0,h.wrappedKey)}default:throw Error("Unknown public key encryption algorithm.")}}async function qi(e,t,r){let n=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(n));n+=e.length+2;const r=_.readMPI(t.subarray(n));n+=r.length+2;const i=_.readMPI(t.subarray(n));n+=i.length+2;const s=_.readMPI(t.subarray(n));return n+=s.length+2,{read:n,privateParams:{d:e,p:r,q:i,u:s}}}case F.publicKey.dsa:case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(n));return n+=e.length+2,{read:n,privateParams:{x:e}}}case F.publicKey.ecdsa:case F.publicKey.ecdh:{const i=Wi(e,r.oid);let s=_.readMPI(t.subarray(n));return n+=s.length+2,s=_.leftPad(s,i),{read:n,privateParams:{d:s}}}case F.publicKey.eddsaLegacy:{const i=Wi(e,r.oid);if(r.oid.getName()!==F.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let s=_.readMPI(t.subarray(n));return n+=s.length+2,s=_.leftPad(s,i),{read:n,privateParams:{seed:s}}}case F.publicKey.ed25519:case F.publicKey.ed448:{const r=Wi(e),i=_.readExactSubarray(t,n,n+r);return n+=i.length,{read:n,privateParams:{seed:i}}}case F.publicKey.x25519:case F.publicKey.x448:{const r=Wi(e),i=_.readExactSubarray(t,n,n+r);return n+=i.length,{read:n,privateParams:{k:i}}}case F.publicKey.hmac:{const{cipher:e}=r,i=Fe(e.getValue()),s=t.subarray(n,n+32);n+=32;const a=t.subarray(n,n+i);return n+=i,{read:n,privateParams:{hashSeed:s,keyMaterial:a}}}case F.publicKey.aead:{const{cipher:e}=r,i=t.subarray(n,n+32);n+=32;const{keySize:s}=Ur(e.getValue()),a=t.subarray(n,n+s);return n+=s,{read:n,privateParams:{hashSeed:i,keyMaterial:a}}}case F.publicKey.pqc_mlkem_x25519:{const r=_.readExactSubarray(t,n,n+Wi(F.publicKey.x25519));n+=r.length;const i=_.readExactSubarray(t,n,n+64);n+=i.length;const{mlkemSecretKey:s}=await Qn(e,i);return{read:n,privateParams:{eccSecretKey:r,mlkemSecretKey:s,mlkemSeed:i}}}case F.publicKey.pqc_mldsa_ed25519:{const r=_.readExactSubarray(t,n,n+Wi(F.publicKey.ed25519));n+=r.length;const i=_.readExactSubarray(t,n,n+32);n+=i.length;const{mldsaSecretKey:s}=await On(e,i);return{read:n,privateParams:{eccSecretKey:r,mldsaSecretKey:s,mldsaSeed:i}}}default:throw new ut("Unknown public key encryption algorithm.")}}function ji(e,t){const r=new Set([F.publicKey.ed25519,F.publicKey.x25519,F.publicKey.ed448,F.publicKey.x448,F.publicKey.aead,F.publicKey.hmac,F.publicKey.pqc_mlkem_x25519,F.publicKey.pqc_mldsa_ed25519]),n={[F.publicKey.pqc_mlkem_x25519]:new Set(["mlkemSecretKey"]),[F.publicKey.pqc_mldsa_ed25519]:new Set(["mldsaSecretKey"])},i=Object.keys(t).map((i=>{if(n[e]?.has(i))return new Uint8Array;const s=t[i];return _.isUint8Array(s)?r.has(e)?s:_.uint8ArrayToMPI(s):s.write()}));return _.concatUint8Array(i)}async function Vi(e,t,r,n){switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:return async function(e,t){if(t=BigInt(t),_.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:de(t),hash:{name:"SHA-1"}},n=await ze.generateKey(r,!0,["sign","verify"]);return We(await ze.exportKey("jwk",n.privateKey),t)}if(_.getNodeCrypto()){const r={modulusLength:e,publicExponent:le(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},n=await new Promise(((e,t)=>{Ge.generateKeyPair("rsa",r,((r,n,i)=>{r?t(r):e(i)}))}));return We(n,t)}let r,n,i;do{n=be(e-(e>>1),t,40),r=be(e>>1,t,40),i=r*n}while(ye(i)!==e);const s=(r-qe)*(n-qe);return n<r&&([r,n]=[n,r]),{n:de(i),e:de(t),d:de(he(t,s)),p:de(r),q:de(n),u:de(he(r,n))}}(t,65537).then((({n:e,e:t,d:r,p:n,q:i,u:s})=>({privateParams:{d:r,p:n,q:i,u:s},publicParams:{n:e,e:t}})));case F.publicKey.ecdsa:return Wr(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new tt(e),Q:t}})));case F.publicKey.eddsaLegacy:return Wr(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new tt(e),Q:t}})));case F.publicKey.ecdh:return Wr(r).then((({oid:e,Q:t,secret:r,hash:n,cipher:i})=>({privateParams:{d:r},publicParams:{oid:new tt(e),Q:t,kdfParams:new Vn({hash:n,cipher:i})}})));case F.publicKey.ed25519:case F.publicKey.ed448:return yt(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case F.publicKey.x25519:case F.publicKey.x448:return Tr(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case F.publicKey.hmac:return Yi(await async function(e){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const t=F.read(F.webHash,e),r=Dn||xn.webcrypto.subtle,n=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),i=await r.exportKey("raw",n);return new Uint8Array(i)}(n),new Xn(n));case F.publicKey.aead:return Yi(Ji(n),new Jn(n));case F.publicKey.pqc_mlkem_x25519:return Rn(e).then((({eccSecretKey:e,eccPublicKey:t,mlkemSeed:r,mlkemSecretKey:n,mlkemPublicKey:i})=>({privateParams:{eccSecretKey:e,mlkemSeed:r,mlkemSecretKey:n},publicParams:{eccPublicKey:t,mlkemPublicKey:i}})));case F.publicKey.pqc_mldsa_ed25519:return Nn(e).then((({eccSecretKey:e,eccPublicKey:t,mldsaSeed:r,mldsaSecretKey:n,mldsaPublicKey:i})=>({privateParams:{eccSecretKey:e,mldsaSeed:r,mldsaSecretKey:n},publicParams:{eccPublicKey:t,mldsaPublicKey:i}})));case F.publicKey.dsa:case F.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}}async function Yi(e,t){const r=we(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await Le(F.hash.sha256,r)}}}async function Zi(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const{n:e,e:n}=t,{d:i,p:s,q:a,u:o}=r;return async function(e,t,r,n,i,s){if(e=ae(e),(n=ae(n))*(i=ae(i))!==e)return!1;const a=BigInt(2);if(oe(n*(s=ae(s)),i)!==BigInt(1))return!1;t=ae(t),r=ae(r);const o=Ae(a,a<<BigInt(Math.floor(ye(e)/3))),c=o*r*t;return!(oe(c,n-qe)!==o||oe(c,i-qe)!==o)}(e,n,i,s,a,o)}case F.publicKey.dsa:{const{p:e,q:n,g:i,y:s}=t,{x:a}=r;return async function(e,t,r,n,i){if(e=ae(e),t=ae(t),r=ae(r),n=ae(n),r<=Un||r>=e)return!1;if(oe(e-Un,t)!==Cn)return!1;if(ce(r,t,e)!==Un)return!1;const s=BigInt(ye(t));if(s<BigInt(150)||!ke(t,null,32))return!1;i=ae(i);const a=BigInt(2);return n===ce(r,t*Ae(a<<s-Un,a<<s)+i,e)}(e,n,i,s,a)}case F.publicKey.elgamal:{const{p:e,g:n,y:i}=t,{x:s}=r;return async function(e,t,r,n){if(e=ae(e),t=ae(t),r=ae(r),t<=$e||t>=e)return!1;const i=BigInt(ye(e));if(i<BigInt(1023))return!1;if(ce(t,e-$e,e)!==$e)return!1;let s=t,a=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;a<c;){if(s=oe(s*t,e),s===$e)return!1;a++}n=ae(n);const u=Ae(o<<i-$e,o<<i);return r===ce(t,(e-$e)*u+n,e)}(e,n,i,s)}case F.publicKey.ecdsa:case F.publicKey.ecdh:{const n=Bn[F.read(F.publicKey,e)],{oid:i,Q:s}=t,{d:a}=r;return n.validateParams(i,s,a)}case F.publicKey.eddsaLegacy:{const{Q:e,oid:n}=t,{seed:i}=r;return dn(n,e,i)}case F.publicKey.ed25519:case F.publicKey.ed448:{const{A:n}=t,{seed:i}=r;return gt(e,n,i)}case F.publicKey.x25519:case F.publicKey.x448:{const{A:n}=t,{k:i}=r;return Mr(e,n,i)}case F.publicKey.hmac:{const{cipher:e,digest:n}=t,{hashSeed:i,keyMaterial:s}=r;return Fe(e.getValue())===s.length&&_.equalsUint8Array(n,await Le(F.hash.sha256,i))}case F.publicKey.aead:{const{cipher:e,digest:n}=t,{hashSeed:i,keyMaterial:s}=r,{keySize:a}=Ur(e.getValue());return a===s.length&&_.equalsUint8Array(n,await Le(F.hash.sha256,i))}case F.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:n,mlkemSeed:i}=r,{eccPublicKey:s,mlkemPublicKey:a}=t;return Fn(e,s,n,a,i)}case F.publicKey.pqc_mldsa_ed25519:{const{eccSecretKey:n,mldsaSeed:i}=r,{eccPublicKey:s,mldsaPublicKey:a}=t;return Gn(e,s,n,a,i)}default:throw Error("Unknown public key algorithm.")}}function Ji(e){const{keySize:t}=Ur(e);return we(t)}function Xi(e){try{e.getName()}catch(e){throw new ut("Unknown curve OID")}}function Wi(e,t){switch(e){case F.publicKey.ecdsa:case F.publicKey.ecdh:case F.publicKey.eddsaLegacy:return new Xr(t).payloadSize;case F.publicKey.ed25519:case F.publicKey.ed448:return wt(e);case F.publicKey.x25519:case F.publicKey.x448:return Or(e);default:throw Error("Unknown elliptic algo")}}async function $i(e,t,r,n,i,s,a){switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const{n:e,e:i}=n;return Ve(t,s,_.leftPad(r.s,e.length),e,i,a)}case F.publicKey.dsa:{const{g:e,p:t,q:i,y:s}=n,{r:o,s:c}=r;return async function(e,t,r,n,i,s,a,o){if(t=ae(t),r=ae(r),s=ae(s),a=ae(a),i=ae(i),o=ae(o),t<=Cn||t>=a||r<=Cn||r>=a)return _.printDebug("invalid DSA Signature"),!1;const c=oe(ae(n.subarray(0,pe(a))),a),u=he(r,a);if(u===Cn)return _.printDebug("invalid DSA Signature"),!1;i=oe(i,s),o=oe(o,s);const h=oe(c*u,a),l=oe(t*u,a);return oe(oe(ce(i,h,s)*ce(o,l,s),s),a)===t}(0,o,c,a,e,t,i,s)}case F.publicKey.ecdsa:{const{oid:e,Q:i}=n,o=new Xr(e).payloadSize;return hn(e,t,{r:_.leftPad(r.r,o),s:_.leftPad(r.s,o)},s,i,a)}case F.publicKey.eddsaLegacy:{if(Fe(t)<Fe(F.hash.sha256))throw Error("Hash algorithm too weak for EdDSALegacy.");const{oid:e,Q:i}=n,s=new Xr(e).payloadSize;return pn(e,0,{r:_.leftPad(r.r,s),s:_.leftPad(r.s,s)},0,i,a)}case F.publicKey.ed25519:case F.publicKey.ed448:{if(Fe(t)<Fe(At(e)))throw Error("Hash algorithm too weak for EdDSA.");const{A:i}=n;return dt(e,0,r,0,i,a)}case F.publicKey.hmac:{if(!i)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=n,{keyMaterial:t}=i;return async function(e,t,r,n){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const i=F.read(F.webHash,e),s=Dn||xn.webcrypto.subtle,a=await s.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["verify"]);return s.verify("HMAC",a,r,n)}(e.getValue(),t,r.mac.data,a)}case F.publicKey.pqc_mldsa_ed25519:{if(!zn(e,t))throw Error("Unexpected hash algorithm for PQC signature: digest size too short");const{eccPublicKey:i,mldsaPublicKey:s}=n;return Hn(e,0,i,s,a,r)}default:throw Error("Unknown signature algorithm.")}}async function es(e,t,r,n,i,s){if(!r||!n)throw Error("Missing key parameters");switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const{n:e,e:a}=r,{d:o,p:c,q:u,u:h}=n;return{s:await je(t,i,e,a,o,c,u,h,s)}}case F.publicKey.dsa:{const{g:e,p:t,q:i}=r,{x:a}=n;return async function(e,t,r,n,i,s){const a=BigInt(0);let o,c,u,h;n=ae(n),i=ae(i),r=ae(r),s=ae(s),r=oe(r,n),s=oe(s,i);const l=oe(ae(t.subarray(0,pe(i))),i);for(;;){if(o=Ae(Un,i),c=oe(ce(r,o,n),i),c===a)continue;const e=oe(s*c,i);if(h=oe(l+e,i),u=oe(he(o,i)*h,i),u!==a)break}return{r:de(c,"be",pe(n)),s:de(u,"be",pe(n))}}(0,s,e,t,i,a)}case F.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case F.publicKey.ecdsa:{const{oid:e,Q:a}=r,{d:o}=n;return un(e,t,i,a,o,s)}case F.publicKey.eddsaLegacy:{if(Fe(t)<Fe(F.hash.sha256))throw Error("Hash algorithm too weak for EdDSALegacy.");const{oid:e,Q:i}=r,{seed:a}=n;return yn(e,0,0,i,a,s)}case F.publicKey.ed25519:case F.publicKey.ed448:{if(Fe(t)<Fe(At(e)))throw Error("Hash algorithm too weak for EdDSA.");const{A:i}=r,{seed:a}=n;return pt(e,0,0,i,a,s)}case F.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=n,i=await async function(e,t,r){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const n=F.read(F.webHash,e),i=Dn||xn.webcrypto.subtle,s=await i.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["sign"]),a=await i.sign("HMAC",s,r);return new Uint8Array(a)}(e.getValue(),t,s);return{mac:new jn(i)}}case F.publicKey.pqc_mldsa_ed25519:{if(!zn(e,t))throw Error("Unexpected hash algorithm for PQC signature: digest size too short");const{eccPublicKey:i}=r,{eccSecretKey:a,mldsaSecretKey:o}=n;return _n(e,0,a,i,o,s)}default:throw Error("Unknown signature algorithm.")}}_i.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},_i.blockLength=16,_i.ivLength=12,_i.tagLength=Oi;class ts extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ts),this.name="Argon2OutOfMemoryError"}}let rs,ns,is=2<<19;class ss{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return is}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){is=e}static reloadWasmModule(){rs&&(ns=rs(),ns.catch((()=>{})))}constructor(e=O){const{passes:t,parallelism:r,memoryExponent:n}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=n}generateSalt(){this.salt=we(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([F.write(F.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return _.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{rs=rs||(await Promise.resolve().then((function(){return Sd}))).default,ns=ns||rs();const n=await ns,i=n({version:19,type:2,password:_.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ss.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ss.reloadWasmModule(),i}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new ts("Could not allocate required memory for Argon2"):e}}}class as{constructor(e,t=O){this.algorithm=F.hash.sha256,this.type=F.read(F.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=we(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==_.uint8ArrayToString(e.subarray(t,t+3)))throw new ut("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new ut("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new ut("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,..._.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([F.write(F.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return _.concatUint8Array(e)}async produceKey(e,t){e=_.encodeUTF8(e);const r=[];let n=0,i=0;for(;n<t;){let t;switch(this.type){case"simple":t=_.concatUint8Array([new Uint8Array(i),e]);break;case"salted":t=_.concatUint8Array([new Uint8Array(i),this.salt,e]);break;case"iterated":{const r=_.concatUint8Array([this.salt,e]);let n=r.length;const s=Math.max(this.getCount(),n);t=new Uint8Array(i+s),t.set(r,i);for(let e=i+n;e<s;e+=n,n*=2)t.copyWithin(e,i,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const s=await Le(this.algorithm,t);r.push(s),n+=s.length,i++}return _.concatUint8Array(r).subarray(0,t)}}const os=new Set([F.s2k.argon2,F.s2k.iterated]);function cs(e,t=O){switch(e){case F.s2k.argon2:return new ss(t);case F.s2k.iterated:case F.s2k.gnu:case F.s2k.salted:case F.s2k.simple:return new as(e,t);default:throw new ut("Unsupported S2K type")}}function us(e){const{s2kType:t}=e;if(!os.has(t))throw Error("The provided `config.s2kType` value is not allowed");return cs(t,e)}var hs=t.createRequire("/");try{hs("worker_threads").Worker}catch(e){}var ls=Uint8Array,fs=Uint16Array,ys=Int32Array,ps=new ls([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),ds=new ls([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),gs=new ls([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),ws=function(e,t){for(var r=new fs(31),n=0;n<31;++n)r[n]=t+=1<<e[n-1];var i=new ys(r[30]);for(n=1;n<30;++n)for(var s=r[n];s<r[n+1];++s)i[s]=s-r[n]<<5|n;return{b:r,r:i}},As=ws(ps,2),ms=As.b,bs=As.r;ms[28]=258,bs[258]=28;for(var ks=ws(ds,0),Es=ks.b,vs=ks.r,Ks=new fs(32768),Ss=0;Ss<32768;++Ss){var Is=(43690&Ss)>>1|(21845&Ss)<<1;Is=(61680&(Is=(52428&Is)>>2|(13107&Is)<<2))>>4|(3855&Is)<<4,Ks[Ss]=((65280&Is)>>8|(255&Is)<<8)>>1}var Bs=function(e,t,r){for(var n=e.length,i=0,s=new fs(t);i<n;++i)e[i]&&++s[e[i]-1];var a,o=new fs(t);for(i=1;i<t;++i)o[i]=o[i-1]+s[i-1]<<1;if(r){a=new fs(1<<t);var c=15-t;for(i=0;i<n;++i)if(e[i])for(var u=i<<4|e[i],h=t-e[i],l=o[e[i]-1]++<<h,f=l|(1<<h)-1;l<=f;++l)a[Ks[l]>>c]=u}else for(a=new fs(n),i=0;i<n;++i)e[i]&&(a[i]=Ks[o[e[i]-1]++]>>15-e[i]);return a},Cs=new ls(288);for(Ss=0;Ss<144;++Ss)Cs[Ss]=8;for(Ss=144;Ss<256;++Ss)Cs[Ss]=9;for(Ss=256;Ss<280;++Ss)Cs[Ss]=7;for(Ss=280;Ss<288;++Ss)Cs[Ss]=8;var Us=new ls(32);for(Ss=0;Ss<32;++Ss)Us[Ss]=5;var Ps=/*#__PURE__*/Bs(Cs,9,0),Ds=/*#__PURE__*/Bs(Cs,9,1),xs=/*#__PURE__*/Bs(Us,5,0),Qs=/*#__PURE__*/Bs(Us,5,1),Rs=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Ts=function(e,t,r){var n=t/8|0;return(e[n]|e[n+1]<<8)>>(7&t)&r},Ms=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},Ls=function(e){return(e+7)/8|0},Fs=function(e,t,r){return(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length),new ls(e.subarray(t,r))},Os=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],Ns=function(e,t,r){var n=Error(t||Os[e]);if(n.code=e,Error.captureStackTrace&&Error.captureStackTrace(n,Ns),!r)throw n;return n},_s=function(e,t,r){r<<=7&t;var n=t/8|0;e[n]|=r,e[n+1]|=r>>8},Hs=function(e,t,r){r<<=7&t;var n=t/8|0;e[n]|=r,e[n+1]|=r>>8,e[n+2]|=r>>16},zs=function(e,t){for(var r=[],n=0;n<e.length;++n)e[n]&&r.push({s:n,f:e[n]});var i=r.length,s=r.slice();if(!i)return{t:Js,l:0};if(1==i){var a=new ls(r[0].s+1);return a[r[0].s]=1,{t:a,l:1}}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=i-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var f=s[0].s;for(n=1;n<i;++n)s[n].s>f&&(f=s[n].s);var y=new fs(f+1),p=Gs(r[h-1],y,0);if(p>t){n=0;var d=0,g=p-t,w=1<<g;for(s.sort((function(e,t){return y[t.s]-y[e.s]||e.f-t.f}));n<i;++n){var A=s[n].s;if(!(y[A]>t))break;d+=w-(1<<p-y[A]),y[A]=t}for(d>>=g;d>0;){var m=s[n].s;y[m]<t?d-=1<<t-y[m]++-1:++n}for(;n>=0&&d;--n){var b=s[n].s;y[b]==t&&(--y[b],++d)}p=t}return{t:new ls(y),l:p}},Gs=function(e,t,r){return-1==e.s?Math.max(Gs(e.l,t,r+1),Gs(e.r,t,r+1)):t[e.s]=r},qs=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new fs(++t),n=0,i=e[0],s=1,a=function(e){r[n++]=e},o=1;o<=t;++o)if(e[o]==i&&o!=t)++s;else{if(!i&&s>2){for(;s>138;s-=138)a(32754);s>2&&(a(s>10?s-11<<5|28690:s-3<<5|12305),s=0)}else if(s>3){for(a(i),--s;s>6;s-=6)a(8304);s>2&&(a(s-3<<5|8208),s=0)}for(;s--;)a(i);s=1,i=e[o]}return{c:r.subarray(0,n),n:t}},js=function(e,t){for(var r=0,n=0;n<t.length;++n)r+=e[n]*t[n];return r},Vs=function(e,t,r){var n=r.length,i=Ls(t+2);e[i]=255&n,e[i+1]=n>>8,e[i+2]=255^e[i],e[i+3]=255^e[i+1];for(var s=0;s<n;++s)e[i+s+4]=r[s];return 8*(i+4+n)},Ys=function(e,t,r,n,i,s,a,o,c,u,h){_s(t,h++,r),++i[256];for(var l=zs(i,15),f=l.t,y=l.l,p=zs(s,15),d=p.t,g=p.l,w=qs(f),A=w.c,m=w.n,b=qs(d),k=b.c,E=b.n,v=new fs(19),K=0;K<A.length;++K)++v[31&A[K]];for(K=0;K<k.length;++K)++v[31&k[K]];for(var S=zs(v,7),I=S.t,B=S.l,C=19;C>4&&!I[gs[C-1]];--C);var U,P,D,x,Q=u+5<<3,R=js(i,Cs)+js(s,Us)+a,T=js(i,f)+js(s,d)+a+14+3*C+js(v,I)+2*v[16]+3*v[17]+7*v[18];if(c>=0&&Q<=R&&Q<=T)return Vs(t,h,e.subarray(c,c+u));if(_s(t,h,1+(T<R)),h+=2,T<R){U=Bs(f,y,0),P=f,D=Bs(d,g,0),x=d;var M=Bs(I,B,0);_s(t,h,m-257),_s(t,h+5,E-1),_s(t,h+10,C-4),h+=14;for(K=0;K<C;++K)_s(t,h+3*K,I[gs[K]]);h+=3*C;for(var L=[A,k],F=0;F<2;++F){var O=L[F];for(K=0;K<O.length;++K){var N=31&O[K];_s(t,h,M[N]),h+=I[N],N>15&&(_s(t,h,O[K]>>5&127),h+=O[K]>>12)}}}else U=Ps,P=Cs,D=xs,x=Us;for(K=0;K<o;++K){var _=n[K];if(_>255){Hs(t,h,U[(N=_>>18&31)+257]),h+=P[N+257],N>7&&(_s(t,h,_>>23&31),h+=ps[N]);var H=31&_;Hs(t,h,D[H]),h+=x[H],H>3&&(Hs(t,h,_>>5&8191),h+=ds[H])}else Hs(t,h,U[_]),h+=P[_]}return Hs(t,h,U[256]),h+P[256]},Zs=/*#__PURE__*/new ys([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),Js=/*#__PURE__*/new ls(0),Xs=function(){var e=1,t=0;return{p:function(r){for(var n=e,i=t,s=0|r.length,a=0;a!=s;){for(var o=Math.min(a+2655,s);a<o;++a)i+=n+=r[a];n=(65535&n)+15*(n>>16),i=(65535&i)+15*(i>>16)}e=n,t=i},d:function(){return(255&(e%=65521))<<24|(65280&e)<<8|(255&(t%=65521))<<8|t>>8}}},Ws=function(e,t,r,n,i){if(!i&&(i={l:1},t.dictionary)){var s=t.dictionary.subarray(-32768),a=new ls(s.length+e.length);a.set(s),a.set(e,s.length),e=a,i.w=s.length}return function(e,t,r,n,i,s){var a=s.z||e.length,o=new ls(n+a+5*(1+Math.ceil(a/7e3))+i),c=o.subarray(n,o.length-i),u=s.l,h=7&(s.r||0);if(t){h&&(c[0]=s.r>>3);for(var l=Zs[t-1],f=l>>13,y=8191&l,p=(1<<r)-1,d=s.p||new fs(32768),g=s.h||new fs(p+1),w=Math.ceil(r/3),A=2*w,m=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<A)&p},b=new ys(25e3),k=new fs(288),E=new fs(32),v=0,K=0,S=s.i||0,I=0,B=s.w||0,C=0;S+2<a;++S){var U=m(S),P=32767&S,D=g[U];if(d[P]=D,g[U]=P,B<=S){var x=a-S;if((v>7e3||I>24576)&&(x>423||!u)){h=Ys(e,c,0,b,k,E,K,I,C,S-C,h),I=v=K=0,C=S;for(var Q=0;Q<286;++Q)k[Q]=0;for(Q=0;Q<30;++Q)E[Q]=0}var R=2,T=0,M=y,L=P-D&32767;if(x>2&&U==m(S-L))for(var F=Math.min(f,x)-1,O=Math.min(32767,S),N=Math.min(258,x);L<=O&&--M&&P!=D;){if(e[S+R]==e[S+R-L]){for(var _=0;_<N&&e[S+_]==e[S+_-L];++_);if(_>R){if(R=_,T=L,_>F)break;var H=Math.min(L,_-2),z=0;for(Q=0;Q<H;++Q){var G=S-L+Q&32767,q=G-d[G]&32767;q>z&&(z=q,D=G)}}}L+=(P=D)-(D=d[P])&32767}if(T){b[I++]=268435456|bs[R]<<18|vs[T];var j=31&bs[R],V=31&vs[T];K+=ps[j]+ds[V],++k[257+j],++E[V],B=S+R,++v}else b[I++]=e[S],++k[e[S]]}}for(S=Math.max(S,B);S<a;++S)b[I++]=e[S],++k[e[S]];h=Ys(e,c,u,b,k,E,K,I,C,S-C,h),u||(s.r=7&h|c[h/8|0]<<3,h-=7,s.h=g,s.p=d,s.i=S,s.w=B)}else{for(S=s.w||0;S<a+u;S+=65535){var Y=S+65535;Y>=a&&(c[h/8|0]=u,Y=a),h=Vs(c,h+1,e.subarray(S,Y))}s.i=a}return Fs(o,0,n+Ls(h)+i)}(e,null==t.level?6:t.level,null==t.mem?i.l?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):20:12+t.mem,r,n,i)},$s=function(e,t,r){for(;r;++t)e[t]=r,r>>>=8},ea=/*#__PURE__*/function(){function e(e,t){if("function"==typeof e&&(t=e,e={}),this.ondata=t,this.o=e||{},this.s={l:0,i:32768,w:32768,z:32768},this.b=new ls(98304),this.o.dictionary){var r=this.o.dictionary.subarray(-32768);this.b.set(r,32768-r.length),this.s.i=32768-r.length}}return e.prototype.p=function(e,t){this.ondata(Ws(e,this.o,0,0,this.s),t)},e.prototype.push=function(e,t){this.ondata||Ns(5),this.s.l&&Ns(4);var r=e.length+this.s.z;if(r>this.b.length){if(r>2*this.b.length-32768){var n=new ls(-32768&r);n.set(this.b.subarray(0,this.s.z)),this.b=n}var i=this.b.length-this.s.z;this.b.set(e.subarray(0,i),this.s.z),this.s.z=this.b.length,this.p(this.b,!1),this.b.set(this.b.subarray(-32768)),this.b.set(e.subarray(i),32768),this.s.z=e.length-i+32768,this.s.i=32766,this.s.w=32768}else this.b.set(e,this.s.z),this.s.z+=e.length;this.s.l=1&t,(this.s.z>this.s.w+8191||t)&&(this.p(this.b,t||!1),this.s.w=this.s.i,this.s.i-=2)},e.prototype.flush=function(){this.ondata||Ns(5),this.s.l&&Ns(4),this.p(this.b,!1),this.s.w=this.s.i,this.s.i-=2},e}(),ta=/*#__PURE__*/function(){function e(e,t){"function"==typeof e&&(t=e,e={}),this.ondata=t;var r=e&&e.dictionary&&e.dictionary.subarray(-32768);this.s={i:0,b:r?r.length:0},this.o=new ls(32768),this.p=new ls(0),r&&this.o.set(r)}return e.prototype.e=function(e){if(this.ondata||Ns(5),this.d&&Ns(4),this.p.length){if(e.length){var t=new ls(this.p.length+e.length);t.set(this.p),t.set(e,this.p.length),this.p=t}}else this.p=e},e.prototype.c=function(e){this.s.i=+(this.d=e||!1);var t=this.s.b,r=function(e,t,r,n){var i=e.length;if(!i||t.f&&!t.l)return r||new ls(0);var s=!r,a=s||2!=t.i,o=t.i;s&&(r=new ls(3*i));var c=function(e){var t=r.length;if(e>t){var n=new ls(Math.max(2*t,e));n.set(r),r=n}},u=t.f||0,h=t.p||0,l=t.b||0,f=t.l,y=t.d,p=t.m,d=t.n,g=8*i;do{if(!f){u=Ts(e,h,1);var w=Ts(e,h+1,3);if(h+=3,!w){var A=e[(U=Ls(h)+4)-4]|e[U-3]<<8,m=U+A;if(m>i){o&&Ns(0);break}a&&c(l+A),r.set(e.subarray(U,m),l),t.b=l+=A,t.p=h=8*m,t.f=u;continue}if(1==w)f=Ds,y=Qs,p=9,d=5;else if(2==w){var b=Ts(e,h,31)+257,k=Ts(e,h+10,15)+4,E=b+Ts(e,h+5,31)+1;h+=14;for(var v=new ls(E),K=new ls(19),S=0;S<k;++S)K[gs[S]]=Ts(e,h+3*S,7);h+=3*k;var I=Rs(K),B=(1<<I)-1,C=Bs(K,I,1);for(S=0;S<E;){var U,P=C[Ts(e,h,B)];if(h+=15&P,(U=P>>4)<16)v[S++]=U;else{var D=0,x=0;for(16==U?(x=3+Ts(e,h,3),h+=2,D=v[S-1]):17==U?(x=3+Ts(e,h,7),h+=3):18==U&&(x=11+Ts(e,h,127),h+=7);x--;)v[S++]=D}}var Q=v.subarray(0,b),R=v.subarray(b);p=Rs(Q),d=Rs(R),f=Bs(Q,p,1),y=Bs(R,d,1)}else Ns(1);if(h>g){o&&Ns(0);break}}a&&c(l+131072);for(var T=(1<<p)-1,M=(1<<d)-1,L=h;;L=h){var F=(D=f[Ms(e,h)&T])>>4;if((h+=15&D)>g){o&&Ns(0);break}if(D||Ns(2),F<256)r[l++]=F;else{if(256==F){L=h,f=null;break}var O=F-254;if(F>264){var N=ps[S=F-257];O=Ts(e,h,(1<<N)-1)+ms[S],h+=N}var _=y[Ms(e,h)&M],H=_>>4;if(_||Ns(3),h+=15&_,R=Es[H],H>3&&(N=ds[H],R+=Ms(e,h)&(1<<N)-1,h+=N),h>g){o&&Ns(0);break}a&&c(l+131072);var z=l+O;if(l<R){var G=0-R,q=Math.min(R,z);for(G+l<0&&Ns(3);l<q;++l)r[l]=n[G+l]}for(;l<z;++l)r[l]=r[l-R]}}t.l=f,t.p=L,t.b=l,t.f=u,f&&(u=1,t.m=p,t.d=y,t.n=d)}while(!u);return l!=r.length&&s?Fs(r,0,l):r.subarray(0,l)}(this.p,this.s,this.o);this.ondata(Fs(r,t,this.s.b),this.d),this.o=Fs(r,this.s.b-32768),this.s.b=this.o.length,this.p=Fs(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),ra=/*#__PURE__*/function(){function e(e,t){this.c=Xs(),this.v=1,ea.call(this,e,t)}return e.prototype.push=function(e,t){this.c.p(e),ea.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){var r=Ws(e,this.o,this.v&&(this.o.dictionary?6:2),t&&4,this.s);this.v&&(function(e,t){var r=t.level,n=0==r?0:r<6?1:9==r?3:2;if(e[0]=120,e[1]=n<<6|(t.dictionary&&32),e[1]|=31-(e[0]<<8|e[1])%31,t.dictionary){var i=Xs();i.p(t.dictionary),$s(e,2,i.d())}}(r,this.o),this.v=0),t&&$s(r,r.length-4,this.c.d()),this.ondata(r,t)},e.prototype.flush=function(){ea.prototype.flush.call(this)},e}(),na=/*#__PURE__*/function(){function e(e,t){ta.call(this,e,t),this.v=e&&e.dictionary?2:1}return e.prototype.push=function(e,t){if(ta.prototype.e.call(this,e),this.v){if(this.p.length<6&&!t)return;this.p=this.p.subarray((r=this.p,n=this.v-1,(8!=(15&r[0])||r[0]>>4>7||(r[0]<<8|r[1])%31)&&Ns(6,"invalid zlib data"),(r[1]>>5&1)==+!n&&Ns(6,"invalid zlib data: "+(32&r[1]?"need":"unexpected")+" dictionary"),2+(r[1]>>3&4))),this.v=0}var r,n;t&&(this.p.length<4&&Ns(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),ta.prototype.c.call(this,t)},e}(),ia="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{ia.decode(Js,{stream:!0})}catch(e){}class sa{static get tag(){return F.packet.literalData}constructor(e=new Date){this.format=F.literal.utf8,this.date=_.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=F.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||_.isStream(this.text))&&(this.text=_.decodeUTF8(_.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=_.canonicalizeEOL(_.encodeUTF8(this.text))),e?U(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await B(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=_.decodeUTF8(await e.readBytes(r)),this.date=_.readDate(await e.readBytes(4));let n=e.remainder();l(n)&&(n=await x(n)),this.setBytes(n,t)}))}writeHeader(){const e=_.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),n=_.writeDate(this.date);return _.concatUint8Array([r,t,e,n])}write(){const e=this.writeHeader(),t=this.getBytes();return _.concat([e,t])}}class aa{constructor(){this.bytes=""}read(e){return this.bytes=_.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return _.stringToUint8Array(this.bytes)}toHex(){return _.uint8ArrayToHex(_.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new aa;return t.read(_.hexToUint8Array(e)),t}static wildcard(){const e=new aa;return e.read(new Uint8Array(8)),e}}const oa=Symbol("verified"),ca="salt@notations.openpgpjs.org",ua=new Set([F.signatureSubpacket.issuerKeyID,F.signatureSubpacket.issuerFingerprint,F.signatureSubpacket.embeddedSignature]);class ha{static get tag(){return F.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new aa,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[oa]=null}read(e,t=O){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new ut("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const n=e.subarray(r,e.length),{read:i,signatureParams:s}=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case F.publicKey.dsa:case F.publicKey.ecdsa:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,signatureParams:{r:e,s:n}}}case F.publicKey.eddsaLegacy:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,signatureParams:{r:e,s:n}}}case F.publicKey.ed25519:case F.publicKey.ed448:{const n=2*wt(e),i=_.readExactSubarray(t,r,r+n);return r+=i.length,{read:r,signatureParams:{RS:i}}}case F.publicKey.hmac:{const e=new jn;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}case F.publicKey.pqc_mldsa_ed25519:{const e=2*wt(F.publicKey.ed25519),n=_.readExactSubarray(t,r,r+e);r+=n.length;const i=_.readExactSubarray(t,r,r+3309);return r+=i.length,{read:r,signatureParams:{eccSignature:n,mldsaSignature:i}}}default:throw new ut("Unknown signature algorithm.")}}(this.publicKeyAlgorithm,n);if(i<n.length)throw Error("Error reading MPIs");this.params=s}writeParams(){return this.params instanceof Promise?R((async()=>ji(this.publicKeyAlgorithm,await this.params))):ji(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),_.concat(e)}async sign(e,t,r=new Date,n=!1,i){this.version=e.version,this.created=_.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const s=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=fa(this.hashAlgorithm);if(null===this.salt)this.salt=we(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(i.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===ca)).length)throw Error("Unexpected existing salt notation");{const e=we(fa(this.hashAlgorithm));this.rawNotations.push({name:ca,value:e,humanReadable:!1,critical:!1})}}s.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=_.concat(s);const a=this.toHash(this.signatureType,t,n),o=await this.hash(this.signatureType,t,a,n);this.signedHashValue=D(C(o),0,2);const c=async()=>es(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,a,await x(o));_.isStream(o)?this.params=c():(this.params=await c(),this[oa]=!0)}writeHashedSubPackets(){const e=F.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(la(e.signatureCreationTime,!0,_.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(la(e.signatureExpirationTime,!0,_.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(la(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(la(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(la(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(la(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(la(e.keyExpirationTime,!0,_.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(la(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=_.concat([r,this.revocationKeyFingerprint]),t.push(la(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(la(e.issuerKeyID,!1,this.issuerKeyID.write())),this.rawNotations.forEach((({name:n,value:i,humanReadable:s,critical:a})=>{r=[new Uint8Array([s?128:0,0,0,0])];const o=_.encodeUTF8(n);r.push(_.writeNumber(o.length,2)),r.push(_.writeNumber(i.length,2)),r.push(o),r.push(i),r=_.concat(r),t.push(la(e.notationData,a,r))})),null!==this.preferredHashAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(la(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(la(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.keyServerPreferences)),t.push(la(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(la(e.preferredKeyServer,!1,_.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(la(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(la(e.policyURI,!1,_.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.keyFlags)),t.push(la(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(la(e.signersUserID,!1,_.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=_.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(la(e.reasonForRevocation,!0,r))),null!==this.features&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.features)),t.push(la(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(_.stringToUint8Array(this.signatureTargetHash)),r=_.concat(r),t.push(la(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(la(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=_.concat(r),t.push(la(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(la(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(la(e.preferredCipherSuites,!1,r)));const n=_.concat(t),i=_.writeNumber(n.length,6===this.version?4:2);return _.concat([i,n])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>la(e,t,r))),t=_.concat(e),r=_.writeNumber(t.length,6===this.version?4:2);return _.concat([r,t])}readSubPacket(e,t=!0){let r=0;const n=!!(128&e[r]),i=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:i,critical:n,body:e.subarray(r,e.length)}),ua.has(i)))switch(i){case F.signatureSubpacket.signatureCreationTime:this.created=_.readDate(e.subarray(r,e.length));break;case F.signatureSubpacket.signatureExpirationTime:{const t=_.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case F.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case F.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case F.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case F.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case F.signatureSubpacket.keyExpirationTime:{const t=_.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case F.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case F.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case F.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const i=_.readNumber(e.subarray(r,r+2));r+=2;const s=_.readNumber(e.subarray(r,r+2));r+=2;const a=_.decodeUTF8(e.subarray(r,r+i)),o=e.subarray(r+i,r+i+s);this.rawNotations.push({name:a,humanReadable:t,value:o,critical:n}),t&&(this.notations[a]=_.decodeUTF8(o));break}case F.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case F.signatureSubpacket.policyURI:this.policyURI=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.signersUserID:this.signersUserID=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=Fe(this.signatureTargetHashAlgorithm);this.signatureTargetHash=_.uint8ArrayToString(e.subarray(r,r+t));break}case F.signatureSubpacket.embeddedSignature:this.embeddedSignature=new ha,this.embeddedSignature.read(e.subarray(r,e.length));break;case F.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case F.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:i,critical:n,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const n=6===this.version?4:2,i=_.readNumber(e.subarray(0,n));let s=n;for(;s<2+i;){const n=rt(e.subarray(s,e.length));s+=n.offset,this.readSubPacket(e.subarray(s,s+n.len),t,r),s+=n.len}return s}toSign(e,t){const r=F.signature;switch(e){case r.binary:return null!==t.text?_.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return _.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,n;if(t.userID)n=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");n=209,e=t.userAttribute}const i=e.write();return _.concat([this.toSign(r.key,t),new Uint8Array([n]),_.writeNumber(i.length,4),i])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return _.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return S(C(this.signatureData),(e=>{r+=e.length}),(()=>{const n=[];return 5!==this.version||this.signatureType!==F.signature.binary&&this.signatureType!==F.signature.text||(t?n.push(new Uint8Array(6)):n.push(e.writeHeader())),n.push(new Uint8Array([this.version,255])),5===this.version&&n.push(new Uint8Array(4)),n.push(_.writeNumber(r,4)),_.concat(n)}))}toHash(e,t,r=!1){const n=this.toSign(e,t);return _.concat([this.salt||new Uint8Array,n,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,n=!1){if(6===this.version&&this.salt.length!==fa(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,n)),Le(this.hashAlgorithm,r)}async verify(e,t,r,n=new Date,i=!1,s=O){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const a=t===F.signature.binary||t===F.signature.text;if(!(this[oa]&&!a)){let n,s;if(this.hashed?s=await this.hashed:(n=this.toHash(t,r,i),s=await this.hash(t,r,n)),s=await x(s),this.signedHashValue[0]!==s[0]||this.signedHashValue[1]!==s[1])throw Error("Signed digest did not match");this.params=await this.params;const a=this.publicKeyAlgorithm===F.publicKey.hmac?e.privateParams:null;if(this[oa]=await $i(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,a,n,s),!this[oa])throw Error("Signature verification failed")}const o=_.normalizeDate(n);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(s.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+F.read(F.hash,this.hashAlgorithm).toUpperCase());if(s.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[F.signature.binary,F.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+F.read(F.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&s.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=_.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function la(e,t,r){const n=[];return n.push(nt(r.length+1)),n.push(new Uint8Array([(t?128:0)|e])),n.push(r),_.concat(n)}function fa(e){switch(e){case F.hash.sha256:return 16;case F.hash.sha384:return 24;case F.hash.sha512:return 32;case F.hash.sha224:case F.hash.sha3_256:return 16;case F.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class ya{static get tag(){return F.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new ya;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new aa,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new aa,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),_.concatUint8Array(e)}calculateTrailer(...e){return R((async()=>ha.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==F.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!_.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!_.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function pa(e,t){if(!t[e]){let t;try{t=F.read(F.packet,e)}catch(t){throw new ht("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}ya.prototype.hash=ha.prototype.hash,ya.prototype.toHash=ha.prototype.toHash,ya.prototype.toSign=ha.prototype.toSign;class da extends Array{static async fromBinary(e,t,r=O,n=null,i=!1){const s=new da;return await s.read(e,t,r,n,i),s}async read(e,t,r=O,n=null,i=!1){let s;r.additionalAllowedPackets.length&&(s=_.constructAllowedPackets(r.additionalAllowedPackets),t={...t,...s}),this.stream=I(e,(async(e,a)=>{const o=T(e),c=M(a);try{let a=_.isStream(e);for(;;){let e,u;if(await c.ready,await ct(o,a,(async a=>{try{if(a.tag===F.packet.marker||a.tag===F.packet.trust||a.tag===F.packet.padding)return;const e=pa(a.tag,t);try{n?.recordPacket(a.tag,s)}catch(e){if(r.enforceGrammar)throw e;_.printDebugError(e)}e.packets=new da,e.fromStream=_.isStream(a.packet),u=e.fromStream;try{await e.read(a.packet,r)}catch(t){if(!(t instanceof ut))throw _.wrapError(new lt(`Parsing ${e.constructor.name} failed`),t);throw t}await c.write(e)}catch(t){const n=t instanceof ht&&a.tag<=39,s=t instanceof ut&&!(t instanceof ht)&&!r.ignoreUnsupportedPackets,o=t instanceof lt&&!r.ignoreMalformedPackets,u=ot(a.tag);if(n||s||o||u||!(t instanceof ht||t instanceof ut||t instanceof lt))i?e=t:await c.abort(t);else{const e=new ft(a.tag,a.packet);await c.write(e)}_.printDebugError(t)}})),u&&(a=null),e)throw await o.readToEnd(),e;const h=await o.peekBytes(2);if(!h||!h.length){try{n?.recordEnd()}catch(e){if(r.enforceGrammar)throw e;_.printDebugError(e)}return await c.ready,void await c.close()}}}catch(e){await c.abort(e)}}));const a=T(this.stream);for(;;){const{done:e,value:t}=await a.read();if(e?this.stream=null:this.push(t),e||ot(t.constructor.tag))break}a.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof ft?this[t].tag:this[t].constructor.tag,n=this[t].write();if(_.isStream(n)&&ot(this[t].constructor.tag)){let t=[],i=0;const s=512;e.push(st(r)),e.push(S(n,(e=>{if(t.push(e),i+=e.length,i>=s){const e=Math.min(Math.log(i)/Math.LN2|0,30),r=2**e,n=_.concat([it(e)].concat(t));return t=[n.subarray(1+r)],i=t[0].length,n.subarray(0,1+r)}}),(()=>_.concat([nt(i)].concat(t)))))}else{if(_.isStream(n)){let t=0;e.push(S(C(n),(e=>{t+=e.length}),(()=>at(r,t))))}else e.push(at(r,n.length));e.push(n)}}return _.concat(e)}filterByTag(...e){const t=new da,r=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(r(this[n].constructor.tag))&&t.push(this[n]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,n=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(n(r[i].constructor.tag))&&t.push(i);return t}}class ga extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ga),this.name="GrammarError"}}var wa;!function(e){e[e.EmptyMessage=0]="EmptyMessage",e[e.PlaintextOrEncryptedData=1]="PlaintextOrEncryptedData",e[e.EncryptedSessionKeys=2]="EncryptedSessionKeys",e[e.StandaloneAdditionalAllowedData=3]="StandaloneAdditionalAllowedData"}(wa||(wa={}));class Aa{constructor(){this.state=wa.EmptyMessage,this.leadingOnePassSignatureCounter=0}recordPacket(e,t){switch(this.state){case wa.EmptyMessage:case wa.StandaloneAdditionalAllowedData:switch(e){case F.packet.literalData:case F.packet.compressedData:case F.packet.aeadEncryptedData:case F.packet.symEncryptedIntegrityProtectedData:case F.packet.symmetricallyEncryptedData:return void(this.state=wa.PlaintextOrEncryptedData);case F.packet.signature:if(this.state===wa.StandaloneAdditionalAllowedData&&--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return;case F.packet.onePassSignature:if(this.state===wa.StandaloneAdditionalAllowedData)throw new ga("OPS following StandaloneAdditionalAllowedData");return void this.leadingOnePassSignatureCounter++;case F.packet.publicKeyEncryptedSessionKey:case F.packet.symEncryptedSessionKey:return void(this.state=wa.EncryptedSessionKeys);default:if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);return void(this.state=wa.StandaloneAdditionalAllowedData)}case wa.PlaintextOrEncryptedData:if(e===F.packet.signature){if(--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return void(this.state=wa.PlaintextOrEncryptedData)}if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);return void(this.state=wa.PlaintextOrEncryptedData);case wa.EncryptedSessionKeys:switch(e){case F.packet.publicKeyEncryptedSessionKey:case F.packet.symEncryptedSessionKey:return void(this.state=wa.EncryptedSessionKeys);case F.packet.symEncryptedIntegrityProtectedData:case F.packet.aeadEncryptedData:case F.packet.symmetricallyEncryptedData:return void(this.state=wa.PlaintextOrEncryptedData);case F.packet.signature:if(--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return void(this.state=wa.PlaintextOrEncryptedData);default:if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);this.state=wa.EncryptedSessionKeys}}}recordEnd(){switch(this.state){case wa.EmptyMessage:case wa.PlaintextOrEncryptedData:case wa.EncryptedSessionKeys:case wa.StandaloneAdditionalAllowedData:if(this.leadingOnePassSignatureCounter>0)throw new ga("Missing trailing signature packets")}}}const ma=/*#__PURE__*/_.constructAllowedPackets([sa,ya,ha]);class ba{static get tag(){return F.packet.compressedData}constructor(e=O){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=O){await B(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),_.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=O){const t=F.read(F.compression,this.algorithm),r=Sa[t];if(!r)throw Error(t+" decompression not supported");this.packets=await da.fromBinary(await r(this.compressed),ma,e,new Aa)}compress(){const e=F.read(F.compression,this.algorithm),t=Ka[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function ka(e,t){return r=>{if(!_.isStream(r)||l(r))return R((()=>x(r).then((e=>new Promise(((r,n)=>{const i=new t;i.ondata=e=>{r(e)};try{i.push(e,!0)}catch(e){n(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const n=r.getReader(),i=new t;return new ReadableStream({async start(e){for(i.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await n.read();if(e)return void i.push(new Uint8Array,!0);t.length&&i.push(t)}}})}}function Ea(){return async function(e){const{decode:t}=await Promise.resolve().then((function(){return Cd}));return R((async()=>t(await x(e))))}}const va=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),Ka={zip:/*#__PURE__*/ka(va("deflate-raw").compressor,ea),zlib:/*#__PURE__*/ka(va("deflate").compressor,ra)},Sa={uncompressed:e=>e,zip:/*#__PURE__*/ka(va("deflate-raw").decompressor,ta),zlib:/*#__PURE__*/ka(va("deflate").decompressor,na),bzip2:/*#__PURE__*/Ea()},Ia=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class Ba{static get tag(){return F.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Ba;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await B(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new ut(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?_.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):_.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=O){const{blockSize:n,keySize:i}=Ur(e);if(t.length!==i)throw Error("Unexpected session key size");let s=this.packets.write();if(l(s)&&(s=await x(s)),2===this.version)this.cipherAlgorithm=e,this.salt=we(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Ca(this,"encrypt",t,s);else{const r=await ni(e),i=new Uint8Array([211,20]),a=_.concat([r,s,i]),o=await Le(F.hash.sha1,U(a)),c=_.concat([a,o]);this.encrypted=await ii(e,t,c,new Uint8Array(n))}return!0}async decrypt(e,t,r=O){if(t.length!==Ur(e).keySize)throw Error("Unexpected session key size");let n,i=C(this.encrypted);l(i)&&(i=await x(i));let s=!1;if(2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");n=await Ca(this,"decrypt",t,i)}else{const{blockSize:a}=Ur(e),o=await si(e,t,i,new Uint8Array(a)),c=D(U(o),-20),u=D(o,0,-20),h=Promise.all([x(await Le(F.hash.sha1,U(u))),x(c)]).then((([e,t])=>{if(!_.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),l=D(u,a+2);n=D(l,0,-2),n=k([n,R((()=>h))]),_.isStream(i)&&r.allowUnauthenticatedStream?s=!0:n=await x(n)}return this.packets=await da.fromBinary(n,Ia,r,new Aa,s),!0}}async function Ca(e,t,r,n){const i=e instanceof Ba&&2===e.version,s=!i&&e.constructor.tag===F.packet.aeadEncryptedData;if(!i&&!s)throw Error("Unexpected packet type");const a=Hi(e.aeadAlgorithm,s),o="decrypt"===t?a.tagLength:0,c="encrypt"===t?a.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=s?8:0,l=new ArrayBuffer(13+h),f=new Uint8Array(l,0,5+h),y=new Uint8Array(l),p=new DataView(l),d=new Uint8Array(l,5,8);f.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let g,w,A=0,m=Promise.resolve(),b=0,k=0;if(i){const{keySize:t}=Ur(e.cipherAlgorithm),{ivLength:n}=a,i=new Uint8Array(l,0,5),s=await Qr(F.hash.sha256,r,e.salt,i,t+n);r=s.subarray(0,t),g=s.subarray(t),g.fill(0,g.length-8),w=new DataView(g.buffer,g.byteOffset,g.byteLength)}else g=e.iv;const v=await a(e.cipherAlgorithm,r);return I(n,(async(r,n)=>{if("array"!==_.isStream(r)){const t=new TransformStream({},{highWaterMark:_.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});E(t.readable,n),n=t.writable}const s=T(r),a=M(n);try{for(;;){let e=await s.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let n,l,E;if(e=e.subarray(0,e.length-o),i)E=g;else{E=g.slice();for(let e=0;e<8;e++)E[g.length-8+e]^=d[e]}if(!A||e.length?(s.unshift(r),n=v[t](e,E,f),n.catch((()=>{})),k+=e.length-o+c):(p.setInt32(5+h+4,b),n=v[t](r,E,y),n.catch((()=>{})),k+=c,l=!0),b+=e.length-o,m=m.then((()=>n)).then((async e=>{await a.ready,await a.write(e),k-=e.length})).catch((e=>a.abort(e))),(l||k>a.desiredSize)&&await m,l){await a.close();break}i?w.setInt32(g.length-4,++A):p.setInt32(9,++A)}}catch(e){await a.ready.catch((()=>{})),await a.abort(e)}}))}const Ua=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class Pa{static get tag(){return F.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=F.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await B(e,(async e=>{const t=await e.readByte();if(1!==t)throw new ut(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=Hi(this.aeadAlgorithm,!0);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return _.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=O){this.packets=await da.fromBinary(await Ca(this,"decrypt",t,C(this.encrypted)),Ua,r,new Aa)}async encrypt(e,t,r=O){this.cipherAlgorithm=e;const{ivLength:n}=Hi(this.aeadAlgorithm,!0);this.iv=we(n),this.chunkSizeByte=r.aeadChunkSizeByte;const i=this.packets.write();this.encrypted=await Ca(this,"encrypt",t,i)}}const Da=new Set([F.publicKey.x25519,F.publicKey.x448,F.publicKey.pqc_mlkem_x25519]);class xa{static get tag(){return F.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new aa,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:n,sessionKeyAlgorithm:i}){const s=new xa;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return s.version=e,6===e&&(s.publicKeyVersion=r?null:t.version,s.publicKeyFingerprint=r?null:t.getFingerprintBytes()),s.publicKeyID=r?aa.wildcard():t.getKeyID(),s.publicKeyAlgorithm=t.algorithm,s.sessionKey=n,s.sessionKeyAlgorithm=i,s}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const n=r-1;this.publicKeyFingerprint=e.subarray(t,t+n),t+=n,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=aa.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:return{c:_.readMPI(t.subarray(r))};case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(r));return r+=e.length+2,{c1:e,c2:_.readMPI(t.subarray(r))}}case F.publicKey.ecdh:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=new qn;return n.read(t.subarray(r)),{V:e,C:n}}case F.publicKey.x25519:case F.publicKey.x448:{const n=Wi(e),i=_.readExactSubarray(t,r,r+n);r+=i.length;const s=new Wn;return s.read(t.subarray(r)),{ephemeralPublicKey:i,C:s}}case F.publicKey.aead:{const e=new Zn;r+=e.read(t.subarray(r));const{ivLength:n}=Hi(e.getValue()),i=t.subarray(r,r+n);r+=n;const s=new jn;return r+=s.read(t.subarray(r)),{aeadMode:e,iv:i,c:s}}case F.publicKey.pqc_mlkem_x25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.x25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1088);r+=n.length;const i=new Wn;return i.read(t.subarray(r)),{eccCipherText:e,mlkemCipherText:n,C:i}}default:throw new ut("Unknown public key encryption algorithm.")}}(this.publicKeyAlgorithm,e.subarray(t)),Da.has(this.publicKeyAlgorithm))if(3===this.version)this.sessionKeyAlgorithm=F.write(F.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),ji(this.publicKeyAlgorithm,this.encrypted)),_.concatUint8Array(e)}async encrypt(e){const t=F.write(F.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,n=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),i=Qa(this.version,t,r,this.sessionKey),s=t===F.publicKey.aead?e.privateParams:null;this.encrypted=await zi(t,r,e.publicParams,s,i,n)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?Qa(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,n=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),i=await Gi(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,n,r),{sessionKey:s,sessionKeyAlgorithm:a}=function(e,t,r,n){switch(t){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.aead:{const t=r.subarray(0,r.length-2),i=r.subarray(r.length-2),s=_.writeChecksum(t.subarray(t.length%8)),a=s[0]===i[0]&s[1]===i[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(n){const t=a&o.sessionKeyAlgorithm===n.sessionKeyAlgorithm&o.sessionKey.length===n.sessionKey.length;return{sessionKey:_.selectUint8Array(t,o.sessionKey,n.sessionKey),sessionKeyAlgorithm:6===e?null:_.selectUint8(t,o.sessionKeyAlgorithm,n.sessionKeyAlgorithm)}}if(a&&(6===e||F.read(F.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,i,t);if(3===this.version){const e=!Da.has(this.publicKeyAlgorithm);if(this.sessionKeyAlgorithm=e?a:this.sessionKeyAlgorithm,s.length!==Ur(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=s}}function Qa(e,t,r,n){switch(t){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.aead:return _.concatUint8Array([new Uint8Array(6===e?[]:[r]),n,_.writeChecksum(n.subarray(n.length%8))]);case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return n;default:throw Error("Unsupported public key algorithm")}}class Ra{static get tag(){return F.packet.symEncryptedSessionKey}constructor(e=O){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=F.write(F.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const n=e[t++];if(this.s2k=cs(n),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=Hi(this.aeadAlgorithm,!0);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const n=r.length,i=3+n+this.iv.length;t=_.concatUint8Array([new Uint8Array([this.version,i,e,this.aeadAlgorithm,n]),r,this.iv,this.encrypted])}else 5===this.version?t=_.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=_.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=_.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:n}=Ur(t),i=await this.s2k.produceKey(e,n);if(this.version>=5){const e=Hi(this.aeadAlgorithm,!0),r=new Uint8Array([192|Ra.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),s=6===this.version?await Qr(F.hash.sha256,i,new Uint8Array,r,n):i,a=await e(t,s);this.sessionKey=await a.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await si(t,i,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=F.write(F.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==Ur(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=i}async encrypt(e,t=O){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=us(t),this.s2k.generateSalt();const{blockSize:n,keySize:i}=Ur(r),s=await this.s2k.produceKey(e,i);if(null===this.sessionKey&&(this.sessionKey=Ji(this.sessionKeyAlgorithm)),this.version>=5){const e=Hi(this.aeadAlgorithm);this.iv=we(e.ivLength);const t=new Uint8Array([192|Ra.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),n=6===this.version?await Qr(F.hash.sha256,s,new Uint8Array,t,i):s,a=await e(r,n);this.encrypted=await a.encrypt(this.sessionKey,this.iv,t)}else{const e=_.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await ii(r,s,e,new Uint8Array(n))}}}class Ta{static get tag(){return F.packet.publicKey}constructor(e=new Date,t=O){this.version=t.v6Keys?6:4,this.created=_.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Ta,{version:r,created:n,algorithm:i,publicParams:s,keyID:a,fingerprint:o}=e;return t.version=r,t.created=n,t.algorithm=i,t.publicParams=s,t.keyID=a,t.fingerprint=o,t}async read(e,t=O){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new ut("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=_.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:n}=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{n:e,e:n}}}case F.publicKey.dsa:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=_.readMPI(t.subarray(r));r+=i.length+2;const s=_.readMPI(t.subarray(r));return r+=s.length+2,{read:r,publicParams:{p:e,q:n,g:i,y:s}}}case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=_.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{p:e,g:n,y:i}}}case F.publicKey.ecdsa:{const e=new tt;r+=e.read(t),Xi(e);const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{oid:e,Q:n}}}case F.publicKey.eddsaLegacy:{const e=new tt;if(r+=e.read(t),Xi(e),e.getName()!==F.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let n=_.readMPI(t.subarray(r));return r+=n.length+2,n=_.leftPad(n,33),{read:r,publicParams:{oid:e,Q:n}}}case F.publicKey.ecdh:{const e=new tt;r+=e.read(t),Xi(e);const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=new Vn;return r+=i.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:n,kdfParams:i}}}case F.publicKey.ed25519:case F.publicKey.ed448:case F.publicKey.x25519:case F.publicKey.x448:{const n=_.readExactSubarray(t,r,r+Wi(e));return r+=n.length,{read:r,publicParams:{A:n}}}case F.publicKey.hmac:case F.publicKey.aead:{const e=new Jn;r+=e.read(t);const n=Fe(F.hash.sha256),i=t.subarray(r,r+n);return r+=n,{read:r,publicParams:{cipher:e,digest:i}}}case F.publicKey.pqc_mlkem_x25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.x25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1184);return r+=n.length,{read:r,publicParams:{eccPublicKey:e,mlkemPublicKey:n}}}case F.publicKey.pqc_mldsa_ed25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.ed25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1952);return r+=n.length,{read:r,publicParams:{eccPublicKey:e,mldsaPublicKey:n}}}default:throw new ut("Unknown public key encryption algorithm.")}}(this.algorithm,e.subarray(r));if(6===this.version&&n.oid&&(n.oid.getName()===F.curve.curve25519Legacy||n.oid.getName()===F.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");if(6!==this.version&&this.algorithm===F.publicKey.pqc_mldsa_ed25519)throw Error("Unexpected key version: ML-DSA algorithms can only be used with v6 keys");return this.publicParams=n,r+=t,await this.computeFingerprintAndKeyID(),r}throw new ut(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(_.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=ji(this.algorithm,this.publicParams);return this.version>=5&&e.push(_.writeNumber(t.length,4)),e.push(t),_.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,n=e>=5?4:2;return _.concatUint8Array([new Uint8Array([r]),_.writeNumber(t.length,n),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new aa,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await Le(F.hash.sha256,e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await Le(F.hash.sha1,e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return _.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&_.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=F.read(F.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=_.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Ta.prototype.readPublicKey=Ta.prototype.read,Ta.prototype.writePublicKey=Ta.prototype.write;const Ma=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class La{static get tag(){return F.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=O){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:n}=Ur(e),i=await x(C(this.encrypted)),s=await si(e,t,i.subarray(n+2),i.subarray(2,n+2));this.packets=await da.fromBinary(s,Ma,r)}async encrypt(e,t,r=O){const n=this.packets.write(),{blockSize:i}=Ur(e),s=await ni(e),a=await ii(e,t,s,new Uint8Array(i)),o=await ii(e,t,n,a.subarray(2));this.encrypted=_.concat([a,o])}}class Fa extends Ta{static get tag(){return F.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new Fa,{version:r,created:n,algorithm:i,publicParams:s,keyID:a,fingerprint:o}=e;return t.version=r,t.created=n,t.algorithm=i,t.publicParams=s,t.keyID=a,t.fingerprint=o,t}}class Oa{static get tag(){return F.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=rt(e.subarray(t,e.length));t+=r.offset,this.attributes.push(_.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(nt(this.attributes[t].length)),e.push(_.stringToUint8Array(this.attributes[t]));return _.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Oa)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Na extends Ta{static get tag(){return F.packet.secretKey}constructor(e=new Date,t=O){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=O){let r=await this.readPublicKey(e,t);const n=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=cs(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+Ur(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+Hi(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(n),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!_.equalsUint8Array(_.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=await qi(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof ut)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return _.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=ji(this.algorithm,this.privateParams)),5===this.version&&t.push(_.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(_.writeChecksum(this.keyMaterial))),_.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=O){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=cs(F.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=F.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=O){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=us(t),this.s2k.generateSalt();const r=ji(this.algorithm,this.privateParams);this.symmetric=F.symmetric.aes256;const{blockSize:n}=Ur(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const i=Hi(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const s=st(this.constructor.tag),a=await _a(this.version,this.s2k,e,this.symmetric,this.aead,s,this.isLegacyAEAD),o=await i(this.symmetric,a);this.iv=this.isLegacyAEAD?we(n):we(i.ivLength);const c=this.isLegacyAEAD?new Uint8Array:_.concatUint8Array([s,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,i.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const t=await _a(this.version,this.s2k,e,this.symmetric);this.iv=we(n),this.keyMaterial=await ii(this.symmetric,t,_.concatUint8Array([r,await Le(F.hash.sha1,r)]),this.iv)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=st(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let n;if(t=await _a(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=Hi(this.aead,!0),i=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:_.concatUint8Array([r,this.writePublicKey()]);n=await i.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await si(this.symmetric,t,this.keyMaterial,this.iv);n=e.subarray(0,-20);const r=await Le(F.hash.sha1,n);if(!_.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=await qi(this.algorithm,n,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await Zi(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===F.publicKey.ecdh&&t===F.curve.curve25519Legacy||this.algorithm===F.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);if(6!==this.version&&this.algorithm===F.publicKey.pqc_mldsa_ed25519)throw Error(`Cannot generate v${this.version} signing keys of type 'pqc'. Generate a v6 key instead`);const{privateParams:n,publicParams:i}=await Vi(this.algorithm,e,t,r);this.privateParams=n,this.publicParams=i,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function _a(e,t,r,n,i,s,a){if("argon2"===t.type&&!i)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=Ur(n),c=await t.produceKey(r,o);if(!i||5===e||a)return c;const u=_.concatUint8Array([s,new Uint8Array([e,n,i])]);return Qr(F.hash.sha256,c,new Uint8Array,u,o)}class Ha{static get tag(){return F.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(_.isString(e)||e.name&&!_.isString(e.name)||e.email&&!_.isEmailAddress(e.email)||e.comment&&!_.isString(e.comment))throw Error("Invalid user ID format");const t=new Ha;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=O){const r=_.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const n=e=>/^[^\s@]+@[^\s@]+$/.test(e),i=r.indexOf("<"),s=r.lastIndexOf(">");if(-1!==i&&-1!==s&&s>i){const e=r.substring(i+1,s);if(n(e)){this.email=e;const t=r.substring(0,i).trim(),n=t.indexOf("("),s=t.lastIndexOf(")");-1!==n&&-1!==s&&s>n?(this.comment=t.substring(n+1,s).trim(),this.name=t.substring(0,n).trim()):(this.name=t,this.comment="")}}else n(r.trim())&&(this.email=r.trim(),this.name="",this.comment="");this.userID=r}write(){return _.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class za extends Na{static get tag(){return F.packet.secretSubkey}constructor(e=new Date,t=O){super(e,t)}}const Ga=/*#__PURE__*/_.constructAllowedPackets([ha]);class qa{constructor(e){this.packets=e||new da}write(){return this.packets.write()}armor(e=O){const t=this.packets.some((e=>e.constructor.tag===ha.tag&&6!==e.version));return ne(F.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function ja(e,t){const r=new za(e.date,t);return r.packets=null,r.algorithm=F.write(F.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Va(e,t){const r=new Na(e.date,t);return r.packets=null,r.algorithm=F.write(F.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Ya(e,t,r,n,i=new Date,s){let a,o;for(let c=e.length-1;c>=0;c--)try{(!a||e[c].created>=a.created)&&(await e[c].verify(t,r,n,i,void 0,s),a=e[c])}catch(e){o=e}if(!a)throw _.wrapError(`Could not find valid ${F.read(F.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return a}function Za(e,t,r=new Date){const n=_.normalizeDate(r);if(null!==n){const r=to(e,t);return!(e.created<=n&&n<r)}return!1}async function Ja(e,t,r,n){const i={};i.key=t,i.bind=e;const s={signatureType:F.signature.subkeyBinding};r.sign?(s.keyFlags=[F.keyFlags.signData],s.embeddedSignature=await Wa(i,[],e,{signatureType:F.signature.keyBinding},r.date,void 0,void 0,void 0,n)):s.keyFlags=r.forwarding?[F.keyFlags.forwardedCommunication]:[F.keyFlags.encryptCommunication|F.keyFlags.encryptStorage],r.keyExpirationTime>0&&(s.keyExpirationTime=r.keyExpirationTime,s.keyNeverExpires=!1);return await Wa(i,[],t,s,r.date,void 0,void 0,void 0,n)}async function Xa(e,t,r=new Date,n=[],i){const s=F.hash.sha256,a=i.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,n[t],i)).preferredHashAlgorithms||[]))),c=new Map;for(const e of o)for(const t of e)try{const e=F.write(F.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===s,h=()=>{if(0===c.size)return s;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>Fe(e)-Fe(t)))[0];return Fe(e)>=Fe(s)?e:s},l=new Set([F.publicKey.ecdsa,F.publicKey.eddsaLegacy,F.publicKey.ed25519,F.publicKey.ed448]),f=new Set([F.publicKey.pqc_mldsa_ed25519]);if(l.has(t.algorithm)){const e=function(e,t){switch(e){case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:return $r(t);case F.publicKey.ed25519:case F.publicKey.ed448:return At(e);default:throw Error("Unknown elliptic signing algo")}}(t.algorithm,t.publicParams.oid),r=u(a),n=Fe(a)>=Fe(e);if(r&&n)return a;{const t=h();return Fe(t)>=Fe(e)?t:e}}if(f.has(t.algorithm)){if(u(a)&&zn(t.algorithm,a))return a;{const e=h();return zn(t.algorithm,e)?e:s}}return u(a)?a:h()}async function Wa(e,t,r,n,i,s,a=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new ha;return Object.assign(u,n),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await Xa(t,r,i,s,c),u.rawNotations=[...a],await u.sign(r,e,i,o,c),u}async function $a(e,t,r,n=new Date,i){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(n)||i&&!await i(e)||t[r].some((function(t){return _.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function eo(e,t,r,n,i,s,a=new Date,o){s=s||e;const c=[];return await Promise.all(n.map((async function(e){try{if(!i||e.issuerKeyID.equals(i.issuerKeyID)){const n=![F.reasonForRevocation.keyRetired,F.reasonForRevocation.keySuperseded,F.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(s,t,r,n?null:a,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),i?(i.revoked=!!c.some((e=>e.equals(i.issuerKeyID)))||(i.revoked||!1),i.revoked):c.length>0}function to(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function ro(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=_.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"pqc":e.sign?e.algorithm=F.publicKey.pqc_mldsa_ed25519:e.algorithm=F.publicKey.pqc_mlkem_x25519;break;case"ecc":try{e.curve=F.write(F.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==F.curve.ed25519Legacy&&e.curve!==F.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?F.curve.ed25519Legacy:F.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===F.curve.ed25519Legacy?F.publicKey.eddsaLegacy:F.publicKey.ecdsa:e.algorithm=F.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?F.publicKey.ed25519:F.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?F.publicKey.ed448:F.publicKey.x448;break;case"rsa":e.algorithm=F.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=F.publicKey.hmac;try{e.symmetric=F.write(F.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=F.publicKey.aead;try{e.symmetric=F.write(F.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function no(e,t,r){switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.dsa:case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:case F.publicKey.ed25519:case F.publicKey.ed448:case F.publicKey.hmac:case F.publicKey.pqc_mldsa_ed25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.signData);default:return!1}}function io(e,t,r){switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.aead:case F.publicKey.pqc_mlkem_x25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&F.keyFlags.encryptStorage);default:return!1}}function so(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return!(!(!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&F.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&F.keyFlags.forwardedCommunication));default:return!1}}function ao(e,t){const r=F.write(F.publicKey,e.algorithm),n=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(n.algorithm+" keys are considered too weak.");switch(r){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.rsaEncrypt:if(n.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:case F.publicKey.ecdh:if(t.rejectCurves.has(n.curve))throw Error(`Support for ${n.algorithm} keys using curve ${n.curve} is disabled.`)}}class oo{constructor(e,t){this.userID=e.constructor.tag===F.packet.userID?e:null,this.userAttribute=e.constructor.tag===F.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new da;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new oo(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n},s=new oo(i.userID||i.userAttribute,this.mainKey);return s.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(n))throw Error("The user's own key can only be used for self-certifications");const s=await e.getSigningKey(void 0,t,void 0,r);return Wa(i,[e],s.keyPacket,{signatureType:F.signature.certGeneric,keyFlags:[F.keyFlags.certifyKeys|F.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await s.update(this,t,r),s}async isRevoked(e,t,r=new Date,n=O){const i=this.mainKey.keyPacket;return eo(i,F.signature.certRevocation,{key:i,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,n)}async verifyCertificate(e,t,r=new Date,n){const i=this,s=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:s},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const s=await t.getSigningKey(o,e.created,void 0,n);if(e.revoked||await i.isRevoked(e,s.keyPacket,r,n))throw Error("User certificate is revoked");try{await e.verify(s.keyPacket,F.signature.certGeneric,a,r,void 0,n)}catch(e){throw _.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const n=this,i=this.selfCertifications.concat(this.otherCertifications);return Promise.all(i.map((async i=>({keyID:i.issuerKeyID,valid:await n.verifyCertificate(i,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n};let s;for(let a=this.selfCertifications.length-1;a>=0;a--)try{const s=this.selfCertifications[a];if(s.revoked||await r.isRevoked(s,void 0,e,t))throw Error("Self-certification is revoked");try{await s.verify(n,F.signature.certGeneric,i,e,void 0,t)}catch(e){throw _.wrapError("Self-certification is invalid",e)}return!0}catch(e){s=e}throw s}async update(e,t,r){const n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n};await $a(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(n,F.signature.certGeneric,i,t,!1,r),!0}catch(e){return!1}})),await $a(e,this,"otherCertifications",t),await $a(e,this,"revocationSignatures",t,(function(e){return eo(n,F.signature.certRevocation,i,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=F.reasonForRevocation.noReason,string:r=""}={},n=new Date,i=O){const s={userID:this.userID,userAttribute:this.userAttribute,key:e},a=new oo(s.userID||s.userAttribute,this.mainKey);return a.revocationSignatures.push(await Wa(s,[],e,{signatureType:F.signature.certRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,t),reasonForRevocationString:r},n,void 0,void 0,!1,i)),await a.update(this),a}}class co{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new da;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new co(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,n=O){const i=this.mainKey.keyPacket;return eo(i,F.signature.subkeyRevocation,{key:i,bind:this.keyPacket},this.revocationSignatures,e,t,r,n)}async verify(e=new Date,t=O){const r=this.mainKey.keyPacket,n={key:r,bind:this.keyPacket},i=await Ya(this.bindingSignatures,r,F.signature.subkeyBinding,n,e,t);if(i.revoked||await this.isRevoked(i,null,e,t))throw Error("Subkey is revoked");if(Za(this.keyPacket,i,e))throw Error("Subkey is expired");return i}async getExpirationTime(e=new Date,t=O){const r=this.mainKey.keyPacket,n={key:r,bind:this.keyPacket};let i;try{i=await Ya(this.bindingSignatures,r,F.signature.subkeyBinding,n,e,t)}catch(e){return null}const s=to(this.keyPacket,i),a=i.getExpirationTime();return s<a?s:a}async update(e,t=new Date,r=O){const n=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===F.packet.publicSubkey&&e.keyPacket.constructor.tag===F.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const i=this,s={key:n,bind:i.keyPacket};await $a(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<i.bindingSignatures.length;t++)if(i.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>i.bindingSignatures[t].created&&(i.bindingSignatures[t]=e),!1;try{return await e.verify(n,F.signature.subkeyBinding,s,t,void 0,r),!0}catch(e){return!1}})),await $a(e,this,"revocationSignatures",t,(function(e){return eo(n,F.signature.subkeyRevocation,s,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=F.reasonForRevocation.noReason,string:r=""}={},n=new Date,i=O){const s={key:e,bind:this.keyPacket},a=new co(this.keyPacket,this.mainKey);return a.revocationSignatures.push(await Wa(s,[],e,{signatureType:F.signature.subkeyRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,t),reasonForRevocationString:r},n,void 0,void 0,!1,i)),await a.update(this),a}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{co.prototype[e]=function(){return this.keyPacket[e]()}}));const uo=/*#__PURE__*/_.constructAllowedPackets([ha]),ho=new Set([F.packet.publicKey,F.packet.privateKey]),lo=new Set([F.packet.publicKey,F.packet.privateKey,F.packet.publicSubkey,F.packet.privateSubkey]);class fo{packetListToStructure(e,t=new Set){let r,n,i,s;for(const a of e){if(a instanceof ft){lo.has(a.tag)&&!s&&(s=ho.has(a.tag)?ho:lo);continue}const e=a.constructor.tag;if(s){if(!s.has(e))continue;s=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case F.packet.publicKey:case F.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=a,n=this.getKeyID(),!n)throw Error("Missing Key ID");break;case F.packet.userID:case F.packet.userAttribute:r=new oo(a,this),this.users.push(r);break;case F.packet.publicSubkey:case F.packet.secretSubkey:r=null,i=new co(a,this),this.subkeys.push(i);break;case F.packet.signature:switch(a.signatureType){case F.signature.certGeneric:case F.signature.certPersona:case F.signature.certCasual:case F.signature.certPositive:if(!r){_.printDebug("Dropping certification signatures without preceding user packet");continue}a.issuerKeyID.equals(n)?r.selfCertifications.push(a):r.otherCertifications.push(a);break;case F.signature.certRevocation:r?r.revocationSignatures.push(a):this.directSignatures.push(a);break;case F.signature.key:this.directSignatures.push(a);break;case F.signature.subkeyBinding:if(!i){_.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}i.bindingSignatures.push(a);break;case F.signature.keyRevocation:this.revocationSignatures.push(a);break;case F.signature.subkeyRevocation:if(!i){_.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}i.revocationSignatures.push(a)}}}}toPacketList(){const e=new da;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},n=O){await this.verifyPrimaryKey(t,r,n);const i=this.keyPacket;try{ao(i,n)}catch(e){throw _.wrapError("Could not verify primary key",e)}const s=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created||t.keyPacket.algorithm-e.keyPacket.algorithm));let a;for(const r of s)if(!e||r.getKeyID().equals(e))try{await r.verify(t,n);const e={key:i,bind:r.keyPacket},s=await Ya(r.bindingSignatures,i,F.signature.subkeyBinding,e,t,n);if(!no(r.keyPacket,s,n))continue;if(!s.embeddedSignature)throw Error("Missing embedded signature");return await Ya([s.embeddedSignature],r.keyPacket,F.signature.keyBinding,e,t,n),ao(r.keyPacket,n),r}catch(e){a=e}try{const s=await this.getPrimarySelfSignature(t,r,n);if((!e||i.getKeyID().equals(e))&&no(i,s,n))return ao(i,n),this}catch(e){a=e}throw _.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),a)}async getEncryptionKey(e,t=new Date,r={},n=O){await this.verifyPrimaryKey(t,r,n);const i=this.keyPacket;try{ao(i,n)}catch(e){throw _.wrapError("Could not verify primary key",e)}const s=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created||t.keyPacket.algorithm-e.keyPacket.algorithm));let a;for(const r of s)if(!e||r.getKeyID().equals(e))try{await r.verify(t,n);const e={key:i,bind:r.keyPacket},s=await Ya(r.bindingSignatures,i,F.signature.subkeyBinding,e,t,n);if(io(r.keyPacket,s,n))return ao(r.keyPacket,n),r}catch(e){a=e}try{const s=await this.getPrimarySelfSignature(t,r,n);if((!e||i.getKeyID().equals(e))&&io(i,s,n))return ao(i,n),this}catch(e){a=e}throw _.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),a)}async isRevoked(e,t,r=new Date,n=O){return eo(this.keyPacket,F.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,n)}async verifyPrimaryKey(e=new Date,t={},r=O){const n=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(Za(n,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==n.version){const t=await Ya(this.directSignatures,n,F.signature.key,{key:n},e,r).catch((()=>{}));if(t&&Za(n,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=O){let r;try{const n=await this.getPrimarySelfSignature(null,e,t),i=to(this.keyPacket,n),s=n.getExpirationTime(),a=6!==this.keyPacket.version&&await Ya(this.directSignatures,this.keyPacket,F.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(a){const e=to(this.keyPacket,a);r=Math.min(i,s,e)}else r=i<s?i:s}catch(e){r=null}return _.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=O){const n=this.keyPacket;if(6===n.version)return Ya(this.directSignatures,n,F.signature.key,{key:n},e,r);const{selfCertification:i}=await this.getPrimaryUser(e,t,r);return i}async getPrimaryUser(e=new Date,t={},r=O){const n=this.keyPacket,i=[];let s;for(let a=0;a<this.users.length;a++)try{const s=this.users[a];if(!s.userID)continue;if(void 0!==t.name&&s.userID.name!==t.name||void 0!==t.email&&s.userID.email!==t.email||void 0!==t.comment&&s.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:s.userID,key:n},c=await Ya(s.selfCertifications,n,F.signature.certGeneric,o,e,r);i.push({index:a,user:s,selfCertification:c})}catch(e){s=e}if(!i.length)throw s||Error("Could not find primary user");await Promise.all(i.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const a=i.sort((function(e,t){const r=e.selfCertification,n=t.selfCertification;return n.revoked-r.revoked||r.isPrimaryUserID-n.isPrimaryUserID||r.created-n.created})).pop(),{user:o,selfCertification:c}=a;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return a}async update(e,t=new Date,r=O){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const n=this.clone();return await $a(e,n,"revocationSignatures",t,(i=>eo(n.keyPacket,F.signature.keyRevocation,n,[i],null,e.keyPacket,t,r))),await $a(e,n,"directSignatures",t),await Promise.all(e.users.map((async e=>{const i=n.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(i.length>0)await Promise.all(i.map((n=>n.update(e,t,r))));else{const t=e.clone();t.mainKey=n,n.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const i=n.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(i.length>0)await Promise.all(i.map((n=>n.update(e,t,r))));else{const t=e.clone();t.mainKey=n,n.subkeys.push(t)}}))),n}async getRevocationCertificate(e=new Date,t=O){const r={key:this.keyPacket},n=await Ya(this.revocationSignatures,this.keyPacket,F.signature.keyRevocation,r,e,t),i=new da;i.push(n);const s=6!==this.keyPacket.version;return ne(F.armor.publicKey,i.write(),null,null,"This is a revocation certificate",s,t)}async applyRevocationCertificate(e,t=new Date,r=O){const n=await re(e),i=(await da.fromBinary(n.data,uo,r)).findPacket(F.packet.signature);if(!i||i.signatureType!==F.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!i.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await i.verify(this.keyPacket,F.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw _.wrapError("Could not verify revocation signature",e)}const s=this.clone();return s.revocationSignatures.push(i),s}async signPrimaryUser(e,t,r,n=O){const{index:i,user:s}=await this.getPrimaryUser(t,r,n),a=await s.certify(e,t,n),o=this.clone();return o.users[i]=a,o}async signAllUsers(e,t=new Date,r=O){const n=this.clone();return n.users=await Promise.all(this.users.map((function(n){return n.certify(e,t,r)}))),n}async verifyPrimaryUser(e,t=new Date,r,n=O){const i=this.keyPacket,{user:s}=await this.getPrimaryUser(t,r,n);return e?await s.verifyAllCertifications(e,t,n):[{keyID:i.getKeyID(),valid:await s.verify(t,n).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=O){const n=this.keyPacket,i=[];return await Promise.all(this.users.map((async s=>{const a=e?await s.verifyAllCertifications(e,t,r):[{keyID:n.getKeyID(),valid:await s.verify(t,r).catch((()=>!1))}];i.push(...a.map((e=>({userID:s.userID?s.userID.userID:null,userAttribute:s.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),i}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{fo.prototype[e]=co.prototype[e]}));class yo extends fo{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([F.packet.secretKey,F.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=O){const t=6!==this.keyPacket.version;return ne(F.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class po extends yo{constructor(e){if(super(),this.packetListToStructure(e,new Set([F.packet.publicKey,F.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new da,t=this.toPacketList();let r=!1;for(const n of t)if(!r||n.constructor.tag!==F.packet.Signature)switch(r&&(r=!1),n.constructor.tag){case F.packet.secretKey:{if(n.algorithm===F.publicKey.aead||n.algorithm===F.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Ta.fromSecretKeyPacket(n);e.push(t);break}case F.packet.secretSubkey:{if(n.algorithm===F.publicKey.aead||n.algorithm===F.publicKey.hmac){r=!0;break}const t=Fa.fromSecretSubkeyPacket(n);e.push(t);break}default:e.push(n)}return new yo(e)}armor(e=O){const t=6!==this.keyPacket.version;return ne(F.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},n=O){const i=this.keyPacket,s=[];let a=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){a=a||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:i,bind:this.subkeys[r].keyPacket},a=await Ya(this.subkeys[r].bindingSignatures,i,F.signature.subkeyBinding,e,t,n);so(this.subkeys[r].keyPacket,a,n)&&s.push(this.subkeys[r])}catch(e){a=e}}const o=await this.getPrimarySelfSignature(t,r,n);if(e&&!i.getKeyID().equals(e,!0)||!so(i,o,n)||(i.isDummy()?a=a||Error("Gnu-dummy key packets cannot be used for decryption"):s.push(this)),0===s.length)throw a||Error("No decryption key packets found");return s}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=O){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=F.reasonForRevocation.noReason,string:t=""}={},r=new Date,n=O){if(!this.isPrivate())throw Error("Need private key for revoking");const i={key:this.keyPacket},s=this.clone();return s.revocationSignatures.push(await Wa(i,[],this.keyPacket,{signatureType:F.signature.keyRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,n)),s}async addSubkey(e={}){const t={...O,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const n=r.getAlgorithmInfo();n.type=function(e){switch(F.write(F.publicKey,e)){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.dsa:return"rsa";case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:return"ecc";case F.publicKey.ed25519:return"curve25519";case F.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(n.algorithm),n.rsaBits=n.bits||4096,n.curve=n.curve||"curve25519Legacy",e=ro(e,n);const i=await ja(e,{...t,v6Keys:6===this.keyPacket.version});ao(i,t);const s=await Ja(i,r,e,t),a=this.toPacketList();return a.push(i,s),new po(a)}}const go=/*#__PURE__*/_.constructAllowedPackets([Ta,Fa,Na,za,Ha,Oa,ha]);function wo(e){for(const t of e)switch(t.constructor.tag){case F.packet.secretKey:return new po(e);case F.packet.publicKey:return new yo(e)}throw Error("No key packet found")}async function Ao(e,t,r,n){r.passphrase&&await e.encrypt(r.passphrase,n),await Promise.all(t.map((async function(e,t){const i=r.subkeys[t].passphrase;i&&await e.encrypt(i,n)})));const i=new da;function s(e,t){return[t,...e.filter((e=>e!==t))]}function a(){const t={};t.keyFlags=[F.keyFlags.certifyKeys|F.keyFlags.signData];const i=s([F.symmetric.aes256,F.symmetric.aes128],n.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=i,n.aeadProtect){const e=s([F.aead.gcm,F.aead.eax,F.aead.ocb],n.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>i.map((t=>[t,e]))))}return t.preferredHashAlgorithms=s([F.hash.sha512,F.hash.sha256,...6===e.version?[F.hash.sha3_512,F.hash.sha3_256]:[]],n.preferredHashAlgorithm),t.preferredCompressionAlgorithms=s([F.compression.uncompressed,F.compression.zlib,F.compression.zip],n.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=F.features.modificationDetection,n.aeadProtect&&(t.features[0]|=F.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(i.push(e),6===e.version){const t={key:e},s=a();s.signatureType=F.signature.key;const o=await Wa(t,[],e,s,r.date,void 0,void 0,void 0,n);i.push(o)}await Promise.all(r.userIDs.map((async function(t,i){const s=Ha.fromObject(t),o={userID:s,key:e},c=6!==e.version?a():{};c.signatureType=F.signature.certPositive,0===i&&(c.isPrimaryUserID=!0);return{userIDPacket:s,signaturePacket:await Wa(o,[],e,c,r.date,void 0,void 0,void 0,n)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{i.push(e),i.push(t)}))})),await Promise.all(t.map((async function(t,i){const s=r.subkeys[i];return{secretSubkeyPacket:t,subkeySignaturePacket:await Ja(t,e,s,n)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{i.push(e),i.push(t)}))}));const o={key:e};return i.push(await Wa(o,[],e,{signatureType:F.signature.keyRevocation,reasonForRevocationFlag:F.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,n)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new po(i)}const mo=/*#__PURE__*/_.constructAllowedPackets([sa,ba,Pa,Ba,La,xa,Ra,ya,ha]),bo=/*#__PURE__*/_.constructAllowedPackets([Ra]),ko=/*#__PURE__*/_.constructAllowedPackets([ha]);class Eo{constructor(e){this.packets=e||new da}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(F.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(F.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(F.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,n=new Date,i=O){const s=this.packets.filterByTag(F.packet.symmetricallyEncryptedData,F.packet.symEncryptedIntegrityProtectedData,F.packet.aeadEncryptedData);if(0===s.length)throw Error("No encrypted data found");const a=s[0],o=a.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,n,i);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!_.isUint8Array(t)||!a.cipherAlgorithm&&!_.isString(e))throw Error("Invalid session key for decryption.");try{const r=a.cipherAlgorithm||F.write(F.symmetric,e);await a.decrypt(r,t,i)}catch(e){_.printDebugError(e),u=e}})));if(Q(a.encrypted),a.encrypted=null,await h,!a.packets||!a.packets.length)throw u||Error("Decryption failed.");const l=new Eo(a.packets);return a.packets=new da,l}async decryptSessionKeys(e,t,r,n=new Date,i=O){let s,a=[];if(t){const e=this.packets.filterByTag(F.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let n;n=r?await da.fromBinary(e.write(),bo,i):e,await Promise.all(n.map((async function(e){try{await e.decrypt(t),a.push(e)}catch(e){_.printDebugError(e),e instanceof ts&&(s=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(F.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,i)).map((e=>e.keyPacket))}catch(e){return void(s=e)}let c=[F.symmetric.aes256,F.symmetric.aes128,F.symmetric.tripledes,F.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(n,void 0,i);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(i.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===F.publicKey.rsaEncrypt||t.publicKeyAlgorithm===F.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===F.publicKey.rsaSign||t.publicKeyAlgorithm===F.publicKey.elgamal)){const n=t.write();await Promise.all((r?[r]:Array.from(i.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new xa;r.read(n);const i={sessionKeyAlgorithm:t,sessionKey:Ji(t)};try{await r.decrypt(e,i),a.push(r)}catch(e){_.printDebugError(e),s=e}})))}else try{await t.decrypt(e);const n=r||t.sessionKeyAlgorithm;if(n&&!c.includes(F.write(F.symmetric,n)))throw Error("A non-preferred symmetric algorithm was used.");a.push(t)}catch(e){_.printDebugError(e),s=e}})))}))),Q(t.encrypted),t.encrypted=null})))}}if(a.length>0){if(a.length>1){const e=new Set;a=a.filter((t=>{const r=t.sessionKeyAlgorithm+_.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return a.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&F.read(F.symmetric,e.sessionKeyAlgorithm)})))}throw s||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],n=O){const{symmetricAlgo:i,aeadAlgo:s}=await async function(e=[],t=new Date,r=[],n=O){const i=await Promise.all(e.map(((e,i)=>e.getPrimarySelfSignature(t,r[i],n))));if(e.length?!n.ignoreSEIPDv2FeatureFlag&&i.every((e=>e.features&&e.features[0]&F.features.seipdv2)):n.aeadProtect){const e={symmetricAlgo:F.symmetric.aes128,aeadAlgo:F.aead.ocb},t=[{symmetricAlgo:n.preferredSymmetricAlgorithm,aeadAlgo:n.preferredAEADAlgorithm},{symmetricAlgo:n.preferredSymmetricAlgorithm,aeadAlgo:F.aead.ocb},{symmetricAlgo:F.symmetric.aes128,aeadAlgo:n.preferredAEADAlgorithm}];for(const e of t)if(i.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const s=F.symmetric.aes128,a=n.preferredSymmetricAlgorithm;return{symmetricAlgo:i.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(a)))?a:s,aeadAlgo:void 0}}(e,t,r,n),a=F.read(F.symmetric,i),o=s?F.read(F.aead,s):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===F.publicKey.x25519||e.keyPacket.algorithm===F.publicKey.x448)&&!o&&!_.isAES(i))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:Ji(i),algorithm:a,aeadAlgorithm:o}}async encrypt(e,t,r,n=!1,i=[],s=new Date,a=[],o=O){if(r){if(!_.isUint8Array(r.data)||!_.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Eo.generateSessionKey(e,s,a,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Eo.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Eo.encryptSessionKey(c,u,h,e,t,n,i,s,a,o),f=Ba.fromObject({version:h?2:1,aeadAlgorithm:h?F.write(F.aead,h):null});f.packets=this.packets;const y=F.write(F.symmetric,u);return await f.encrypt(y,c,o),l.packets.push(f),f.packets=new da,l}static async encryptSessionKey(e,t,r,n,i,s=!1,a=[],o=new Date,c=[],u=O){const h=new da,l=F.write(F.symmetric,t),f=r&&F.write(F.aead,r);if(n){const t=await Promise.all(n.map((async function(t,r){const n=await t.getEncryptionKey(a[r],o,c,u),i=xa.fromObject({version:f?6:3,encryptionKeyPacket:n.keyPacket,anonymousRecipient:s,sessionKey:e,sessionKeyAlgorithm:l});return await i.encrypt(n.keyPacket),delete i.sessionKey,i})));h.push(...t)}if(i){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,n=async function(e,s,a,o){const c=new Ra(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=s,a&&(c.aeadAlgorithm=a),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(i.map((e=>t(c,e))))).reduce(r))return n(e,s,o)}return delete c.sessionKey,c},s=await Promise.all(i.map((t=>n(e,l,f,t))));h.push(...s)}return new Eo(h)}async sign(e=[],t=[],r=null,n=[],i=new Date,s=[],a=[],o=[],c=O){const u=new da,h=this.packets.findPacket(F.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await vo(h,e,t,r,n,i,s,a,o,!1,c),f=l.map(((e,t)=>ya.fromSignaturePacket(e,0===t))).reverse();return u.push(...f),u.push(h),u.push(...l),new Eo(u)}compress(e,t=O){if(e===F.compression.uncompressed)return this;const r=new ba(t);r.algorithm=e,r.packets=this.packets;const n=new da;return n.push(r),new Eo(n)}async signDetached(e=[],t=[],r=null,n=[],i=[],s=new Date,a=[],o=[],c=O){const u=this.packets.findPacket(F.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new qa(await vo(u,e,t,r,n,i,s,a,o,!0,c))}async verify(e,t=new Date,r=O){const n=this.unwrapCompressed(),i=n.packets.filterByTag(F.packet.literalData);if(1!==i.length)throw Error("Can only verify message with one literal data packet.");let s=n.packets;l(s.stream)&&(s=s.concat(await x(s.stream,(e=>e||[]))));const a=s.filterByTag(F.packet.onePassSignature).reverse(),o=s.filterByTag(F.packet.signature);return a.length&&!o.length&&_.isStream(s.stream)&&!l(s.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=R((async()=>(await e.correspondingSig).signatureData)),e.hashed=x(await e.hash(e.signatureType,i[0],void 0,!1)),e.hashed.catch((()=>{}))}))),s.stream=I(s.stream,(async(e,t)=>{const r=T(e),n=M(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await n.ready,await n.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await n.abort(e)}})),Ko(a,i,e,t,!1,r)):Ko(o,i,e,t,!1,r)}verifyDetached(e,t,r=new Date,n=O){const i=this.unwrapCompressed().packets.filterByTag(F.packet.literalData);if(1!==i.length)throw Error("Can only verify message with one literal data packet.");return Ko(e.packets.filterByTag(F.packet.signature),i,t,r,!0,n)}unwrapCompressed(){const e=this.packets.filterByTag(F.packet.compressedData);return e.length?new Eo(e[0].packets):this}async appendSignature(e,t=O){await this.packets.read(_.isUint8Array(e)?e:(await re(e)).data,ko,t)}write(){return this.packets.write()}armor(e=O){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Ba.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===ha.tag&&6!==e.version));return ne(F.armor.message,this.write(),null,null,null,r,e)}}async function vo(e,t,r=[],n=null,i=[],s=new Date,a=[],o=[],c=[],u=!1,h=O){const l=new da,f=null===e.text?F.signature.binary:F.signature.text;if(await Promise.all(t.map((async(t,n)=>{const l=a[n];if(!t.isPrivate())throw Error("Need private key for signing");const y=await t.getSigningKey(i[n],s,l,h);return Wa(e,r.length?r:[t],y.keyPacket,{signatureType:f},s,o,c,u,h)}))).then((e=>{l.push(...e)})),n){const e=n.packets.filterByTag(F.packet.signature);l.push(...e)}return l}async function Ko(e,t,r,n=new Date,i=!1,s=O){return Promise.all(e.filter((function(e){return["text","binary"].includes(F.read(F.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,n=new Date,i=!1,s=O){let a,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){a=t,o=r[0];break}}const c=e instanceof ya?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],n,i,s);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await a.getSigningKey(o.getKeyID(),r.created,void 0,s)}catch(e){if(!s.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await a.getSigningKey(o.getKeyID(),n,void 0,s)}return!0})(),signature:(async()=>{const e=await c,t=new da;return e&&t.push(e),new qa(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,n,i,s)})))}const So=/*#__PURE__*/_.constructAllowedPackets([ha]);class Io{constructor(e,t){if(this.text=_.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof qa))throw Error("Invalid signature input");this.signature=t||new qa(new da)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,n=[],i=new Date,s=[],a=[],o=[],c=O){const u=new sa;u.setText(this.text);const h=new qa(await vo(u,e,t,r,n,i,s,a,o,!0,c));return new Io(this.text,h)}verify(e,t=new Date,r=O){const n=this.signature.packets.filterByTag(F.packet.signature),i=new sa;return i.setText(this.text),Ko(n,[i],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=O){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>F.read(F.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return ne(F.armor.signed,r,void 0,void 0,void 0,t,e)}}function Bo(e){if(!(e instanceof Eo))throw Error("Parameter [message] needs to be of type Message")}function Co(e){if(!(e instanceof Io||e instanceof Eo))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function Uo(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const Po=Object.keys(O).length;function Do(e){const t=Object.keys(e);if(t.length!==Po)for(const e of t)if(void 0===O[e])throw Error("Unknown config property: "+e)}function xo(e){return e&&!_.isArray(e)&&(e=[e]),e}async function Qo(e){return"array"===_.isStream(e)?x(e):e}function Ro(e,t,...r){e.data=I(t.packets.stream,(async(t,n)=>{await E(e.data,n,{preventClose:!0});const i=M(n);try{await x(t,(e=>e)),await Promise.all(r.map((e=>x(e.packets.stream,(e=>e))))),await i.close()}catch(e){await i.abort(e)}}))}function To(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}const Mo=a&&"object"==typeof a&&"webcrypto"in a?a.webcrypto:a&&"object"==typeof a&&"randomBytes"in a?a:void 0;
+/*! OpenPGP.js v6.2.2 - 2025-09-02 - this is LGPL licensed code, see LICENSE/our website https://openpgpjs.org/ for more information. */
+"use strict";const e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};var t=require("module"),r=require("node:crypto"),n="undefined"!=typeof document?document.currentScript:null;function i(e){var t=Object.create(null);return e&&Object.keys(e).forEach((function(r){if("default"!==r){var n=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,n.get?n:{enumerable:!0,get:function(){return e[r]}})}})),t.default=e,Object.freeze(t)}function s(e,t){return t.forEach((function(t){t&&"string"!=typeof t&&!Array.isArray(t)&&Object.keys(t).forEach((function(r){if("default"!==r&&!(r in e)){var n=Object.getOwnPropertyDescriptor(t,r);Object.defineProperty(e,r,n.get?n:{enumerable:!0,get:function(){return t[r]}})}}))})),Object.freeze(e)}var a=/*#__PURE__*/i(r);const o=Symbol("doneWritingPromise"),c=Symbol("doneWritingResolve"),u=Symbol("doneWritingReject"),h=Symbol("readingIndex");class ArrayStream extends Array{constructor(){super(),Object.setPrototypeOf(this,ArrayStream.prototype),this[o]=new Promise(((e,t)=>{this[c]=e,this[u]=t})),this[o].catch((()=>{}))}}function l(e){return e&&e.getReader&&Array.isArray(e)}function f(e){if(!l(e)){const t=e.getWriter(),r=t.releaseLock;return t.releaseLock=()=>{t.closed.catch((function(){})),r.call(t)},t}this.stream=e}function y(t){if(l(t))return"array";if(e.ReadableStream&&e.ReadableStream.prototype.isPrototypeOf(t))return"web";if(t&&!(e.ReadableStream&&t instanceof e.ReadableStream)&&"function"==typeof t._read&&"object"==typeof t._readableState)throw Error("Native Node streams are no longer supported: please manually convert the stream to a WebStream, using e.g. `stream.Readable.toWeb`");return!(!t||!t.getReader)&&"web-like"}function p(e){return Uint8Array.prototype.isPrototypeOf(e)}function d(e){if(1===e.length)return e[0];let t=0;for(let r=0;r<e.length;r++){if(!p(e[r]))throw Error("concatUint8Array: Data must be in the form of a Uint8Array");t+=e[r].length}const r=new Uint8Array(t);let n=0;return e.forEach((function(e){r.set(e,n),n+=e.length})),r}ArrayStream.prototype.getReader=function(){return void 0===this[h]&&(this[h]=0),{read:async()=>(await this[o],this[h]===this.length?{value:void 0,done:!0}:{value:this[this[h]++],done:!1})}},ArrayStream.prototype.readToEnd=async function(e){await this[o];const t=e(this.slice(this[h]));return this.length=0,t},ArrayStream.prototype.clone=function(){const e=new ArrayStream;return e[o]=this[o].then((()=>{e.push(...this)})),e},f.prototype.write=async function(e){this.stream.push(e)},f.prototype.close=async function(){this.stream[c]()},f.prototype.abort=async function(e){return this.stream[u](e),e},f.prototype.releaseLock=function(){},"object"==typeof e.process&&e.process.versions;const g=new WeakSet,w=Symbol("externalBuffer");function A(e){if(this.stream=e,e[w]&&(this[w]=e[w].slice()),l(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{},void(this._cancel=()=>{})}if(y(e)){const t=e.getReader();return this._read=t.read.bind(t),this._releaseLock=()=>{t.closed.catch((function(){})),t.releaseLock()},void(this._cancel=t.cancel.bind(t))}let t=!1;this._read=async()=>t||g.has(e)?{value:void 0,done:!0}:(t=!0,{value:e,done:!1}),this._releaseLock=()=>{if(t)try{g.add(e)}catch(e){}}}function m(e){return y(e)?e:new ReadableStream({start(t){t.enqueue(e),t.close()}})}function b(e){if(y(e))return e;const t=new ArrayStream;return(async()=>{const r=M(t);await r.write(e),await r.close()})(),t}function k(e){return e.some((e=>y(e)&&!l(e)))?function(e){e=e.map(m);const t=K((async function(e){await Promise.all(n.map((t=>Q(t,e))))}));let r=Promise.resolve();const n=e.map(((n,i)=>I(n,((n,s)=>(r=r.then((()=>E(n,t.writable,{preventClose:i!==e.length-1}))),r)))));return t.readable}(e):e.some((e=>l(e)))?function(e){const t=new ArrayStream;let r=Promise.resolve();return e.forEach(((n,i)=>(r=r.then((()=>E(n,t,{preventClose:i!==e.length-1}))),r))),t}(e):"string"==typeof e[0]?e.join(""):d(e)}async function E(e,t,{preventClose:r=!1,preventAbort:n=!1,preventCancel:i=!1}={}){if(y(e)&&!l(e)){e=m(e);try{if(e[w]){const r=M(t);for(let t=0;t<e[w].length;t++)await r.ready,await r.write(e[w][t]);r.releaseLock()}await e.pipeTo(t,{preventClose:r,preventAbort:n,preventCancel:i})}catch(e){}return}const s=T(e=b(e)),a=M(t);try{for(;;){await a.ready;const{done:e,value:t}=await s.read();if(e){r||await a.close();break}await a.write(t)}}catch(e){n||await a.abort(e)}finally{s.releaseLock(),a.releaseLock()}}function v(e,t){const r=new TransformStream(t);return E(e,r.writable),r.readable}function K(e){let t,r,n,i=!1,s=!1;return{readable:new ReadableStream({start(e){n=e},pull(){t?t():i=!0},async cancel(t){s=!0,e&&await e(t),r&&r(t)}},{highWaterMark:0}),writable:new WritableStream({write:async function(e){if(s)throw Error("Stream is cancelled");n.enqueue(e),i?i=!1:(await new Promise(((e,n)=>{t=e,r=n})),t=null,r=null)},close:n.close.bind(n),abort:n.error.bind(n)})}}function S(e,t=()=>{},r=()=>{}){if(l(e)){const n=new ArrayStream;return(async()=>{const i=M(n);try{const n=await x(e),s=t(n),a=r();let o;o=void 0!==s&&void 0!==a?k([s,a]):void 0!==s?s:a,await i.write(o),await i.close()}catch(e){await i.abort(e)}})(),n}if(y(e))return v(e,{async transform(e,r){try{const n=await t(e);void 0!==n&&r.enqueue(n)}catch(e){r.error(e)}},async flush(e){try{const t=await r();void 0!==t&&e.enqueue(t)}catch(t){e.error(t)}}});const n=t(e),i=r();return void 0!==n&&void 0!==i?k([n,i]):void 0!==n?n:i}function I(e,t){if(y(e)&&!l(e)){let r;const n=new TransformStream({start(e){r=e}}),i=E(e,n.writable),s=K((async function(e){r.error(e),await i,await new Promise(setTimeout)}));return t(n.readable,s.writable),s.readable}e=b(e);const r=new ArrayStream;return t(e,r),r}function B(e,t){let r;const n=I(e,((e,i)=>{const s=T(e);s.remainder=()=>(s.releaseLock(),E(e,i),n),r=t(s)}));return r}function C(e){if(l(e))return e.clone();if(y(e)){const t=function(e){if(l(e))throw Error("ArrayStream cannot be tee()d, use clone() instead");if(y(e)){const t=m(e).tee();return t[0][w]=t[1][w]=e[w],t}return[D(e),D(e)]}(e);return P(e,t[0]),t[1]}return D(e)}function U(e){return l(e)?C(e):y(e)?new ReadableStream({start(t){const r=I(e,(async(e,r)=>{const n=T(e),i=M(r);try{for(;;){await i.ready;const{done:e,value:r}=await n.read();if(e){try{t.close()}catch(e){}return void await i.close()}try{t.enqueue(r)}catch(e){}await i.write(r)}}catch(e){t.error(e),await i.abort(e)}}));P(e,r)}}):D(e)}function P(e,t){Object.entries(Object.getOwnPropertyDescriptors(e.constructor.prototype)).forEach((([r,n])=>{"constructor"!==r&&(n.value?n.value=n.value.bind(t):n.get=n.get.bind(t),Object.defineProperty(e,r,n))}))}function D(e,t=0,r=1/0){if(l(e))throw Error("Not implemented");if(y(e)){if(t>=0&&r>=0){let n=0;return v(e,{transform(e,i){n<r?(n+e.length>=t&&i.enqueue(D(e,Math.max(t-n,0),r-n)),n+=e.length):i.terminate()}})}if(t<0&&(r<0||r===1/0)){let n=[];return S(e,(e=>{e.length>=-t?n=[e]:n.push(e)}),(()=>D(k(n),t,r)))}if(0===t&&r<0){let n;return S(e,(e=>{const i=n?k([n,e]):e;if(i.length>=-r)return n=D(i,r),D(i,t,r);n=i}))}return console.warn(`stream.slice(input, ${t}, ${r}) not implemented efficiently.`),R((async()=>D(await x(e),t,r)))}return e[w]&&(e=k(e[w].concat([e]))),p(e)?e.subarray(t,r===1/0?e.length:r):e.slice(t,r)}async function x(e,t=k){return l(e)?e.readToEnd(t):y(e)?T(e).readToEnd(t):e}async function Q(e,t){if(y(e)){if(e.cancel){const r=await e.cancel(t);return await new Promise(setTimeout),r}if(e.destroy)return e.destroy(t),await new Promise(setTimeout),t}}function R(e){const t=new ArrayStream;return(async()=>{const r=M(t);try{await r.write(await e()),await r.close()}catch(e){await r.abort(e)}})(),t}function T(e){return new A(e)}function M(e){return new f(e)}A.prototype.read=async function(){if(this[w]&&this[w].length){return{done:!1,value:this[w].shift()}}return this._read()},A.prototype.releaseLock=function(){this[w]&&(this.stream[w]=this[w]),this._releaseLock()},A.prototype.cancel=function(e){return this._cancel(e)},A.prototype.readLine=async function(){let e,t=[];for(;!e;){let{done:r,value:n}=await this.read();if(n+="",r)return t.length?k(t):void 0;const i=n.indexOf("\n")+1;i&&(e=k(t.concat(n.substr(0,i))),t=[]),i!==n.length&&t.push(n.substr(i))}return this.unshift(...t),e},A.prototype.readByte=async function(){const{done:e,value:t}=await this.read();if(e)return;const r=t[0];return this.unshift(D(t,1)),r},A.prototype.readBytes=async function(e){const t=[];let r=0;for(;;){const{done:n,value:i}=await this.read();if(n)return t.length?k(t):void 0;if(t.push(i),r+=i.length,r>=e){const r=k(t);return this.unshift(D(r,e)),D(r,0,e)}}},A.prototype.peekBytes=async function(e){const t=await this.readBytes(e);return this.unshift(t),t},A.prototype.unshift=function(...e){this[w]||(this[w]=[]),1===e.length&&p(e[0])&&this[w].length&&e[0].length&&this[w][0].byteOffset>=e[0].length?this[w][0]=new Uint8Array(this[w][0].buffer,this[w][0].byteOffset-e[0].length,this[w][0].byteLength+e[0].length):this[w].unshift(...e.filter((e=>e&&e.length)))},A.prototype.readToEnd=async function(e=k){const t=[];for(;;){const{done:e,value:r}=await this.read();if(e)break;t.push(r)}return e(t)};const L=Symbol("byValue");var F={curve:{nistP256:"nistP256",p256:"nistP256",nistP384:"nistP384",p384:"nistP384",nistP521:"nistP521",p521:"nistP521",secp256k1:"secp256k1",ed25519Legacy:"ed25519Legacy",ed25519:"ed25519Legacy",curve25519Legacy:"curve25519Legacy",curve25519:"curve25519Legacy",brainpoolP256r1:"brainpoolP256r1",brainpoolP384r1:"brainpoolP384r1",brainpoolP512r1:"brainpoolP512r1"},kdfFlags:{replace_fingerprint:1,replace_kdf_params:2},s2k:{simple:0,salted:1,iterated:3,argon2:4,gnu:101},publicKey:{rsaEncryptSign:1,rsaEncrypt:2,rsaSign:3,elgamal:16,dsa:17,ecdh:18,ecdsa:19,eddsaLegacy:22,aedh:23,aedsa:24,x25519:25,x448:26,ed25519:27,ed448:28,pqc_mldsa_ed25519:30,pqc_mlkem_x25519:35,aead:100,hmac:101},symmetric:{idea:1,tripledes:2,cast5:3,blowfish:4,aes128:7,aes192:8,aes256:9,twofish:10},compression:{uncompressed:0,zip:1,zlib:2,bzip2:3},hash:{md5:1,sha1:2,ripemd:3,sha256:8,sha384:9,sha512:10,sha224:11,sha3_256:12,sha3_512:14},webHash:{"SHA-1":2,"SHA-256":8,"SHA-384":9,"SHA-512":10},aead:{eax:1,ocb:2,gcm:3,experimentalGCM:100},packet:{publicKeyEncryptedSessionKey:1,signature:2,symEncryptedSessionKey:3,onePassSignature:4,secretKey:5,publicKey:6,secretSubkey:7,compressedData:8,symmetricallyEncryptedData:9,marker:10,literalData:11,trust:12,userID:13,publicSubkey:14,userAttribute:17,symEncryptedIntegrityProtectedData:18,modificationDetectionCode:19,aeadEncryptedData:20,padding:21},literal:{binary:98,text:116,utf8:117,mime:109},signature:{binary:0,text:1,standalone:2,certGeneric:16,certPersona:17,certCasual:18,certPositive:19,certRevocation:48,subkeyBinding:24,keyBinding:25,key:31,keyRevocation:32,subkeyRevocation:40,timestamp:64,thirdParty:80},signatureSubpacket:{signatureCreationTime:2,signatureExpirationTime:3,exportableCertification:4,trustSignature:5,regularExpression:6,revocable:7,keyExpirationTime:9,placeholderBackwardsCompatibility:10,preferredSymmetricAlgorithms:11,revocationKey:12,issuerKeyID:16,notationData:20,preferredHashAlgorithms:21,preferredCompressionAlgorithms:22,keyServerPreferences:23,preferredKeyServer:24,primaryUserID:25,policyURI:26,keyFlags:27,signersUserID:28,reasonForRevocation:29,features:30,signatureTarget:31,embeddedSignature:32,issuerFingerprint:33,preferredAEADAlgorithms:34,preferredCipherSuites:39},keyFlags:{certifyKeys:1,signData:2,encryptCommunication:4,encryptStorage:8,splitPrivateKey:16,authentication:32,forwardedCommunication:64,sharedPrivateKey:128},armor:{multipartSection:0,multipartLast:1,signed:2,message:3,publicKey:4,privateKey:5,signature:6},reasonForRevocation:{noReason:0,keySuperseded:1,keyCompromised:2,keyRetired:3,userIDInvalid:32},features:{modificationDetection:1,aead:2,v5Keys:4,seipdv2:8},write:function(e,t){if("number"==typeof t&&(t=this.read(e,t)),void 0!==e[t])return e[t];throw Error("Invalid enum value.")},read:function(e,t){if(e[L]||(e[L]=[],Object.entries(e).forEach((([t,r])=>{e[L][r]=t}))),void 0!==e[L][t])return e[L][t];throw Error("Invalid enum value.")}},O={preferredHashAlgorithm:F.hash.sha512,preferredSymmetricAlgorithm:F.symmetric.aes256,preferredCompressionAlgorithm:F.compression.uncompressed,aeadProtect:!1,ignoreSEIPDv2FeatureFlag:!1,parseAEADEncryptedV4KeysAsLegacy:!1,preferredAEADAlgorithm:F.aead.gcm,aeadChunkSizeByte:12,v6Keys:!1,enableParsingV5Entities:!1,s2kType:F.s2k.iterated,s2kIterationCountByte:224,s2kArgon2Params:{passes:3,parallelism:4,memoryExponent:16},allowUnauthenticatedMessages:!1,allowUnauthenticatedStream:!1,allowForwardedMessages:!1,minRSABits:2047,passwordCollisionCheck:!1,allowInsecureDecryptionWithSigningKeys:!1,allowInsecureVerificationWithReformattedKeys:!1,allowMissingKeyFlags:!1,constantTimePKCS1Decryption:!1,constantTimePKCS1DecryptionSupportedSymmetricAlgorithms:new Set([F.symmetric.aes128,F.symmetric.aes192,F.symmetric.aes256]),ignoreUnsupportedPackets:!0,ignoreMalformedPackets:!1,enforceGrammar:!0,additionalAllowedPackets:[],showVersion:!1,showComment:!1,versionString:"OpenPGP.js 6.2.2",commentString:"https://openpgpjs.org",maxUserIDLength:5120,knownNotations:[],nonDeterministicSignaturesViaNotation:!0,useEllipticFallback:!0,rejectHashAlgorithms:new Set([F.hash.md5,F.hash.ripemd]),rejectMessageHashAlgorithms:new Set([F.hash.md5,F.hash.ripemd,F.hash.sha1]),rejectPublicKeyAlgorithms:new Set([F.publicKey.elgamal,F.publicKey.dsa]),rejectCurves:new Set([F.curve.secp256k1])};const N=(()=>{try{return"development"===process.env.NODE_ENV}catch(e){}return!1})(),_={isString:function(e){return"string"==typeof e||e instanceof String},nodeRequire:t.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:n&&"SCRIPT"===n.tagName.toUpperCase()&&n.src||new URL("openpgp.min.cjs",document.baseURI).href),isArray:function(e){return e instanceof Array},isUint8Array:p,isStream:y,getNobleCurve:async(e,t)=>{if(!O.useEllipticFallback)throw Error("This curve is only supported in the full build of OpenPGP.js");const{nobleCurves:r}=await Promise.resolve().then((function(){return Nl}));switch(e){case F.publicKey.ecdh:case F.publicKey.ecdsa:{const e=r.get(t);if(!e)throw Error("Unsupported curve");return e}case F.publicKey.x448:return r.get("x448");case F.publicKey.ed448:return r.get("ed448");default:throw Error("Unsupported curve")}},readNumber:function(e){let t=0;for(let r=0;r<e.length;r++)t+=256**r*e[e.length-1-r];return t},writeNumber:function(e,t){const r=new Uint8Array(t);for(let n=0;n<t;n++)r[n]=e>>8*(t-n-1)&255;return r},readDate:function(e){const t=_.readNumber(e);return new Date(1e3*t)},writeDate:function(e){const t=Math.floor(e.getTime()/1e3);return _.writeNumber(t,4)},normalizeDate:function(e=Date.now()){return null===e||e===1/0?e:new Date(1e3*Math.floor(+e/1e3))},readMPI:function(e){const t=(e[0]<<8|e[1])+7>>>3;return _.readExactSubarray(e,2,2+t)},readExactSubarray:function(e,t,r){if(e.length<r-t)throw Error("Input array too short");return e.subarray(t,r)},leftPad(e,t){if(e.length>t)throw Error("Input array too long");const r=new Uint8Array(t),n=t-e.length;return r.set(e,n),r},uint8ArrayToMPI:function(e){const t=_.uint8ArrayBitLength(e);if(0===t)throw Error("Zero MPI");const r=e.subarray(e.length-Math.ceil(t/8)),n=new Uint8Array([(65280&t)>>8,255&t]);return _.concatUint8Array([n,r])},uint8ArrayBitLength:function(e){let t;for(t=0;t<e.length&&0===e[t];t++);if(t===e.length)return 0;const r=e.subarray(t);return 8*(r.length-1)+_.nbits(r[0])},hexToUint8Array:function(e){const t=new Uint8Array(e.length>>1);for(let r=0;r<e.length>>1;r++)t[r]=parseInt(e.substr(r<<1,2),16);return t},uint8ArrayToHex:function(e){const t="0123456789abcdef";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),r},stringToUint8Array:function(e){return S(e,(e=>{if(!_.isString(e))throw Error("stringToUint8Array: Data must be in the form of a string");const t=new Uint8Array(e.length);for(let r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}))},uint8ArrayToString:function(e){const t=[],r=16384,n=(e=new Uint8Array(e)).length;for(let i=0;i<n;i+=r)t.push(String.fromCharCode.apply(String,e.subarray(i,i+r<n?i+r:n)));return t.join("")},encodeUTF8:function(e){const t=new TextEncoder("utf-8");function r(e,r=!1){return t.encode(e,{stream:!r})}return S(e,r,(()=>r("",!0)))},decodeUTF8:function(e){const t=new TextDecoder("utf-8");function r(e,r=!1){return t.decode(e,{stream:!r})}return S(e,r,(()=>r(new Uint8Array,!0)))},concat:k,concatUint8Array:d,equalsUint8Array:function(e,t){if(!_.isUint8Array(e)||!_.isUint8Array(t))throw Error("Data must be in the form of a Uint8Array");if(e.length!==t.length)return!1;for(let r=0;r<e.length;r++)if(e[r]!==t[r])return!1;return!0},findLastIndex:function(e,t){for(let r=e.length;r>=0;r--)if(t(e[r],r,e))return r;return-1},writeChecksum:function(e){let t=0;for(let r=0;r<e.length;r++)t=t+e[r]&65535;return _.writeNumber(t,2)},printDebug:function(e){N&&console.log("[OpenPGP.js debug]",e)},printDebugError:function(e){N&&console.error("[OpenPGP.js debug]",e)},nbits:function(e){let t=1,r=e>>>16;return 0!==r&&(e=r,t+=16),r=e>>8,0!==r&&(e=r,t+=8),r=e>>4,0!==r&&(e=r,t+=4),r=e>>2,0!==r&&(e=r,t+=2),r=e>>1,0!==r&&(e=r,t+=1),t},double:function(e){const t=new Uint8Array(e.length),r=e.length-1;for(let n=0;n<r;n++)t[n]=e[n]<<1^e[n+1]>>7;return t[r]=e[r]<<1^135*(e[0]>>7),t},shiftRight:function(e,t){if(t)for(let r=e.length-1;r>=0;r--)e[r]>>=t,r>0&&(e[r]|=e[r-1]<<8-t);return e},getWebCrypto:function(){const t=void 0!==e&&e.crypto&&e.crypto.subtle||this.getNodeCrypto()?.webcrypto.subtle;if(!t)throw Error("The WebCrypto API is not available");return t},getNodeCrypto:function(){return this.nodeRequire("crypto")},getNodeZlib:function(){return this.nodeRequire("zlib")},getNodeBuffer:function(){return(this.nodeRequire("buffer")||{}).Buffer},getHardwareConcurrency:function(){if("undefined"!=typeof navigator)return navigator.hardwareConcurrency||1;return this.nodeRequire("os").cpus().length},isEmailAddress:function(e){if(!_.isString(e))return!1;return/^[^\p{C}\p{Z}@<>\\]+@[^\p{C}\p{Z}@<>\\]+[^\p{C}\p{Z}\p{P}]$/u.test(e)},canonicalizeEOL:function(e){let t=!1;return S(e,(e=>{let r;t&&(e=_.concatUint8Array([new Uint8Array([13]),e])),13===e[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;const n=[];for(let t=0;r=e.indexOf(10,t)+1,r;t=r)13!==e[r-2]&&n.push(r);if(!n.length)return e;const i=new Uint8Array(e.length+n.length);let s=0;for(let t=0;t<n.length;t++){const r=e.subarray(n[t-1]||0,n[t]);i.set(r,s),s+=r.length,i[s-1]=13,i[s]=10,s++}return i.set(e.subarray(n[n.length-1]||0),s),i}),(()=>t?new Uint8Array([13]):void 0))},nativeEOL:function(e){let t=!1;return S(e,(e=>{let r;13===(e=t&&10!==e[0]?_.concatUint8Array([new Uint8Array([13]),e]):new Uint8Array(e))[e.length-1]?(t=!0,e=e.subarray(0,-1)):t=!1;let n=0;for(let t=0;t!==e.length;t=r){r=e.indexOf(13,t)+1,r||(r=e.length);const i=r-(10===e[r]?1:0);t&&e.copyWithin(n,t,i),n+=i-t}return e.subarray(0,n)}),(()=>t?new Uint8Array([13]):void 0))},removeTrailingSpaces:function(e){return e.split("\n").map((e=>{let t=e.length-1;for(;t>=0&&(" "===e[t]||"\t"===e[t]||"\r"===e[t]);t--);return e.substr(0,t+1)})).join("\n")},wrapError:function(e,t){if(!t)return e instanceof Error?e:Error(e);if(e instanceof Error){try{e.message+=": "+t.message,e.cause=t}catch(e){}return e}return Error(e+": "+t.message,{cause:t})},constructAllowedPackets:function(e){const t={};return e.forEach((e=>{if(!e.tag)throw Error("Invalid input: expected a packet class");t[e.tag]=e})),t},anyPromise:function(e){return new Promise((async(t,r)=>{let n;await Promise.all(e.map((async e=>{try{t(await e)}catch(e){n=e}}))),r(n)}))},selectUint8Array:function(e,t,r){const n=Math.max(t.length,r.length),i=new Uint8Array(n);let s=0;for(let n=0;n<i.length;n++)i[n]=t[n]&256-e|r[n]&255+e,s+=e&n<t.length|1-e&n<r.length;return i.subarray(0,s)},selectUint8:function(e,t,r){return t&256-e|r&255+e},isAES:function(e){return e===F.symmetric.aes128||e===F.symmetric.aes192||e===F.symmetric.aes256}},H=_.getNodeBuffer();let z,G;function q(e){let t=new Uint8Array;return S(e,(e=>{t=_.concatUint8Array([t,e]);const r=[],n=Math.floor(t.length/45),i=45*n,s=z(t.subarray(0,i));for(let e=0;e<n;e++)r.push(s.substr(60*e,60)),r.push("\n");return t=t.subarray(i),r.join("")}),(()=>t.length?z(t)+"\n":""))}function j(e){let t="";return S(e,(e=>{t+=e;let r=0;const n=[" ","\t","\r","\n"];for(let e=0;e<n.length;e++){const i=n[e];for(let e=t.indexOf(i);-1!==e;e=t.indexOf(i,e+1))r++}let i=t.length;for(;i>0&&(i-r)%4!=0;i--)n.includes(t[i])&&r--;const s=G(t.substr(0,i));return t=t.substr(i),s}),(()=>G(t)))}function V(e){return j(e.replace(/-/g,"+").replace(/_/g,"/"))}function Y(e,t){let r=q(e).replace(/[\r\n]/g,"");return r=r.replace(/[+]/g,"-").replace(/[/]/g,"_").replace(/[=]/g,""),r}function Z(e){const t=e.match(/^-----BEGIN PGP (MESSAGE, PART \d+\/\d+|MESSAGE, PART \d+|SIGNED MESSAGE|MESSAGE|PUBLIC KEY BLOCK|PRIVATE KEY BLOCK|SIGNATURE)-----$/m);if(!t)throw Error("Unknown ASCII armor type");return/MESSAGE, PART \d+\/\d+/.test(t[1])?F.armor.multipartSection:/MESSAGE, PART \d+/.test(t[1])?F.armor.multipartLast:/SIGNED MESSAGE/.test(t[1])?F.armor.signed:/MESSAGE/.test(t[1])?F.armor.message:/PUBLIC KEY BLOCK/.test(t[1])?F.armor.publicKey:/PRIVATE KEY BLOCK/.test(t[1])?F.armor.privateKey:/SIGNATURE/.test(t[1])?F.armor.signature:void 0}function J(e,t){let r="";return t.showVersion&&(r+="Version: "+t.versionString+"\n"),t.showComment&&(r+="Comment: "+t.commentString+"\n"),e&&(r+="Comment: "+e+"\n"),r+="\n",r}function X(e){const t=function(e){let t=13501623;return S(e,(e=>{const r=$?Math.floor(e.length/4):0,n=new Uint32Array(e.buffer,e.byteOffset,r);for(let e=0;e<r;e++)t^=n[e],t=W[0][t>>24&255]^W[1][t>>16&255]^W[2][t>>8&255]^W[3][255&t];for(let n=4*r;n<e.length;n++)t=t>>8^W[0][255&t^e[n]]}),(()=>new Uint8Array([t,t>>8,t>>16])))}(e);return q(t)}H?(z=e=>H.from(e).toString("base64"),G=e=>{const t=H.from(e,"base64");return new Uint8Array(t.buffer,t.byteOffset,t.byteLength)}):(z=e=>btoa(_.uint8ArrayToString(e)),G=e=>_.stringToUint8Array(atob(e)));const W=[Array(255),Array(255),Array(255),Array(255)];for(let e=0;e<=255;e++){let t=e<<16;for(let e=0;e<8;e++)t=t<<1^(8388608&t?8801531:0);W[0][e]=(16711680&t)>>16|65280&t|(255&t)<<16}for(let e=0;e<=255;e++)W[1][e]=W[0][e]>>8^W[0][255&W[0][e]];for(let e=0;e<=255;e++)W[2][e]=W[1][e]>>8^W[0][255&W[1][e]];for(let e=0;e<=255;e++)W[3][e]=W[2][e]>>8^W[0][255&W[2][e]];const $=function(){const e=new ArrayBuffer(2);return new DataView(e).setInt16(0,255,!0),255===new Int16Array(e)[0]}();function ee(e){for(let t=0;t<e.length;t++)/^([^\s:]|[^\s:][^:]*[^\s:]): .+$/.test(e[t])||_.printDebugError(Error("Improperly formatted armor header: "+e[t])),/^(Version|Comment|MessageID|Hash|Charset): .+$/.test(e[t])||_.printDebugError(Error("Unknown header: "+e[t]))}function te(e){let t=e;const r=e.lastIndexOf("=");return r>=0&&r!==e.length-1&&(t=e.slice(0,r)),t}function re(e){return new Promise((async(t,r)=>{try{const n=/^-----[^-]+-----$/m,i=/^[ \f\r\t\u00a0\u2000-\u200a\u202f\u205f\u3000]*$/;let s;const a=[];let o,c,u=a,h=[];const l=j(I(e,(async(e,f)=>{const y=T(e);try{for(;;){let e=await y.readLine();if(void 0===e)throw Error("Misformed armored text");if(e=_.removeTrailingSpaces(e.replace(/[\r\n]/g,"")),s)if(o)c||s!==F.armor.signed||(n.test(e)?(h=h.join("\r\n"),c=!0,ee(u),u=[],o=!1):h.push(e.replace(/^- /,"")));else if(n.test(e)&&r(Error("Mandatory blank line missing between armor headers and armor data")),i.test(e)){if(ee(u),o=!0,c||s!==F.armor.signed){t({text:h,data:l,headers:a,type:s});break}}else u.push(e);else n.test(e)&&(s=Z(e))}}catch(e){return void r(e)}const p=M(f);try{for(;;){await p.ready;const{done:e,value:t}=await y.read();if(e)throw Error("Misformed armored text");const r=t+"";if(-1!==r.indexOf("=")||-1!==r.indexOf("-")){let e=await y.readToEnd();e.length||(e=""),e=r+e,e=_.removeTrailingSpaces(e.replace(/\r/g,""));const t=e.split(n);if(1===t.length)throw Error("Misformed armored text");const i=te(t[0].slice(0,-1));await p.write(i);break}await p.write(r)}await p.ready,await p.close()}catch(e){await p.abort(e)}})))}catch(e){r(e)}})).then((async e=>(l(e.data)&&(e.data=await x(e.data)),e)))}function ne(e,t,r,n,i,s=!1,a=O){let o,c;e===F.armor.signed&&(o=t.text,c=t.hash,t=t.data);const u=s&&U(t),h=[];switch(e){case F.armor.multipartSection:h.push("-----BEGIN PGP MESSAGE, PART "+r+"/"+n+"-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE, PART "+r+"/"+n+"-----\n");break;case F.armor.multipartLast:h.push("-----BEGIN PGP MESSAGE, PART "+r+"-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE, PART "+r+"-----\n");break;case F.armor.signed:h.push("-----BEGIN PGP SIGNED MESSAGE-----\n"),h.push(c?`Hash: ${c}\n\n`:"\n"),h.push(o.replace(/^-/gm,"- -")),h.push("\n-----BEGIN PGP SIGNATURE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP SIGNATURE-----\n");break;case F.armor.message:h.push("-----BEGIN PGP MESSAGE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP MESSAGE-----\n");break;case F.armor.publicKey:h.push("-----BEGIN PGP PUBLIC KEY BLOCK-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP PUBLIC KEY BLOCK-----\n");break;case F.armor.privateKey:h.push("-----BEGIN PGP PRIVATE KEY BLOCK-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP PRIVATE KEY BLOCK-----\n");break;case F.armor.signature:h.push("-----BEGIN PGP SIGNATURE-----\n"),h.push(J(i,a)),h.push(q(t)),u&&h.push("=",X(u)),h.push("-----END PGP SIGNATURE-----\n")}return _.concat(h)}const ie=BigInt(0),se=BigInt(1);function ae(e){const t="0123456789ABCDEF";let r="";return e.forEach((e=>{r+=t[e>>4]+t[15&e]})),BigInt("0x0"+r)}function oe(e,t){const r=e%t;return r<ie?r+t:r}function ce(e,t,r){if(r===ie)throw Error("Modulo cannot be zero");if(r===se)return BigInt(0);if(t<ie)throw Error("Unsopported negative exponent");let n=t,i=e;i%=r;let s=BigInt(1);for(;n>ie;){const e=n&se;n>>=se;s=e?s*i%r:s,i=i*i%r}return s}function ue(e){return e>=ie?e:-e}function he(e,t){const{gcd:r,x:n}=function(e,t){let r=BigInt(0),n=BigInt(1),i=BigInt(1),s=BigInt(0),a=ue(e),o=ue(t);const c=e<ie,u=t<ie;for(;o!==ie;){const e=a/o;let t=r;r=i-e*r,i=t,t=n,n=s-e*n,s=t,t=o,o=a%o,a=t}return{x:c?-i:i,y:u?-s:s,gcd:a}}(e,t);if(r!==se)throw Error("Inverse does not exist");return oe(n+t,t)}function le(e){const t=Number(e);if(t>Number.MAX_SAFE_INTEGER)throw Error("Number can only safely store up to 53 bits");return t}function fe(e,t){return(e>>BigInt(t)&se)===ie?0:1}function ye(e){const t=e<ie?BigInt(-1):ie;let r=1,n=e;for(;(n>>=se)!==t;)r++;return r}function pe(e){const t=e<ie?BigInt(-1):ie,r=BigInt(8);let n=1,i=e;for(;(i>>=r)!==t;)n++;return n}function de(e,t="be",r){let n=e.toString(16);n.length%2==1&&(n="0"+n);const i=n.length/2,s=new Uint8Array(r||i),a=r?r-i:0;let o=0;for(;o<i;)s[o+a]=parseInt(n.slice(2*o,2*o+2),16),o++;return"be"!==t&&s.reverse(),s}const ge=_.getNodeCrypto();function we(e){const t="undefined"!=typeof crypto?crypto:ge?.webcrypto;if(t?.getRandomValues){const r=new Uint8Array(e);return t.getRandomValues(r)}throw Error("No secure random number generator available.")}function Ae(e,t){if(t<e)throw Error("Illegal parameter value: max <= min");const r=t-e;return oe(ae(we(pe(r)+8)),r)+e}const me=BigInt(1);function be(e,t,r){const n=BigInt(30),i=me<<BigInt(e-1),s=[1,6,5,4,3,2,1,4,3,2,1,2,1,4,3,2,1,2,1,4,3,2,1,6,5,4,3,2,1,2];let a=Ae(i,i<<me),o=le(oe(a,n));do{a+=BigInt(s[o]),o=(o+s[o])%s.length,ye(a)>e&&(a=oe(a,i<<me),a+=i,o=le(oe(a,n)))}while(!ke(a,t,r));return a}function ke(e,t,r){return(!t||function(e,t){let r=e,n=t;for(;n!==ie;){const e=n;n=r%n,r=e}return r}(e-me,t)===me)&&(!!function(e){const t=BigInt(0);return Ee.every((r=>oe(e,r)!==t))}(e)&&(!!function(e,t=BigInt(2)){return ce(t,e-me,e)===me}(e)&&!!function(e,t){const r=ye(e);t||(t=Math.max(1,r/48|0));const n=e-me;let i=0;for(;!fe(n,i);)i++;const s=e>>BigInt(i);for(;t>0;t--){let t,r=ce(Ae(BigInt(2),n),s,e);if(r!==me&&r!==n){for(t=1;t<i;t++){if(r=oe(r*r,e),r===me)return!1;if(r===n)break}if(t===i)return!1}}return!0}(e,r)))}const Ee=[7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997,1009,1013,1019,1021,1031,1033,1039,1049,1051,1061,1063,1069,1087,1091,1093,1097,1103,1109,1117,1123,1129,1151,1153,1163,1171,1181,1187,1193,1201,1213,1217,1223,1229,1231,1237,1249,1259,1277,1279,1283,1289,1291,1297,1301,1303,1307,1319,1321,1327,1361,1367,1373,1381,1399,1409,1423,1427,1429,1433,1439,1447,1451,1453,1459,1471,1481,1483,1487,1489,1493,1499,1511,1523,1531,1543,1549,1553,1559,1567,1571,1579,1583,1597,1601,1607,1609,1613,1619,1621,1627,1637,1657,1663,1667,1669,1693,1697,1699,1709,1721,1723,1733,1741,1747,1753,1759,1777,1783,1787,1789,1801,1811,1823,1831,1847,1861,1867,1871,1873,1877,1879,1889,1901,1907,1913,1931,1933,1949,1951,1973,1979,1987,1993,1997,1999,2003,2011,2017,2027,2029,2039,2053,2063,2069,2081,2083,2087,2089,2099,2111,2113,2129,2131,2137,2141,2143,2153,2161,2179,2203,2207,2213,2221,2237,2239,2243,2251,2267,2269,2273,2281,2287,2293,2297,2309,2311,2333,2339,2341,2347,2351,2357,2371,2377,2381,2383,2389,2393,2399,2411,2417,2423,2437,2441,2447,2459,2467,2473,2477,2503,2521,2531,2539,2543,2549,2551,2557,2579,2591,2593,2609,2617,2621,2633,2647,2657,2659,2663,2671,2677,2683,2687,2689,2693,2699,2707,2711,2713,2719,2729,2731,2741,2749,2753,2767,2777,2789,2791,2797,2801,2803,2819,2833,2837,2843,2851,2857,2861,2879,2887,2897,2903,2909,2917,2927,2939,2953,2957,2963,2969,2971,2999,3001,3011,3019,3023,3037,3041,3049,3061,3067,3079,3083,3089,3109,3119,3121,3137,3163,3167,3169,3181,3187,3191,3203,3209,3217,3221,3229,3251,3253,3257,3259,3271,3299,3301,3307,3313,3319,3323,3329,3331,3343,3347,3359,3361,3371,3373,3389,3391,3407,3413,3433,3449,3457,3461,3463,3467,3469,3491,3499,3511,3517,3527,3529,3533,3539,3541,3547,3557,3559,3571,3581,3583,3593,3607,3613,3617,3623,3631,3637,3643,3659,3671,3673,3677,3691,3697,3701,3709,3719,3727,3733,3739,3761,3767,3769,3779,3793,3797,3803,3821,3823,3833,3847,3851,3853,3863,3877,3881,3889,3907,3911,3917,3919,3923,3929,3931,3943,3947,3967,3989,4001,4003,4007,4013,4019,4021,4027,4049,4051,4057,4073,4079,4091,4093,4099,4111,4127,4129,4133,4139,4153,4157,4159,4177,4201,4211,4217,4219,4229,4231,4241,4243,4253,4259,4261,4271,4273,4283,4289,4297,4327,4337,4339,4349,4357,4363,4373,4391,4397,4409,4421,4423,4441,4447,4451,4457,4463,4481,4483,4493,4507,4513,4517,4519,4523,4547,4549,4561,4567,4583,4591,4597,4603,4621,4637,4639,4643,4649,4651,4657,4663,4673,4679,4691,4703,4721,4723,4729,4733,4751,4759,4783,4787,4789,4793,4799,4801,4813,4817,4831,4861,4871,4877,4889,4903,4909,4919,4931,4933,4937,4943,4951,4957,4967,4969,4973,4987,4993,4999].map((e=>BigInt(e)));const ve=_.getWebCrypto(),Ke=_.getNodeCrypto(),Se=Ke&&Ke.getHashes();function Ie(e){if(Ke&&Se.includes(e))return async function(t){const r=Ke.createHash(e);return S(t,(e=>{r.update(e)}),(()=>new Uint8Array(r.digest())))}}function Be(e,t){const r=async()=>{const{nobleHashes:t}=await Promise.resolve().then((function(){return pf})),r=t.get(e);if(!r)throw Error("Unsupported hash");return r};return async function(e){if(l(e)&&(e=await x(e)),_.isStream(e)){const t=(await r()).create();return S(e,(e=>{t.update(e)}),(()=>t.digest()))}if(ve&&t)return new Uint8Array(await ve.digest(t,e));return(await r())(e)}}const Ce=Ie("md5")||Be("md5"),Ue=Ie("sha1")||Be("sha1","SHA-1"),Pe=Ie("sha224")||Be("sha224"),De=Ie("sha256")||Be("sha256","SHA-256"),xe=Ie("sha384")||Be("sha384","SHA-384"),Qe=Ie("sha512")||Be("sha512","SHA-512"),Re=Ie("ripemd160")||Be("ripemd160"),Te=Ie("sha3-256")||Be("sha3_256"),Me=Ie("sha3-512")||Be("sha3_512");function Le(e,t){switch(e){case F.hash.md5:return Ce(t);case F.hash.sha1:return Ue(t);case F.hash.ripemd:return Re(t);case F.hash.sha256:return De(t);case F.hash.sha384:return xe(t);case F.hash.sha512:return Qe(t);case F.hash.sha224:return Pe(t);case F.hash.sha3_256:return Te(t);case F.hash.sha3_512:return Me(t);default:throw Error("Unsupported hash function")}}function Fe(e){switch(e){case F.hash.md5:return 16;case F.hash.sha1:case F.hash.ripemd:return 20;case F.hash.sha256:return 32;case F.hash.sha384:return 48;case F.hash.sha512:return 64;case F.hash.sha224:return 28;case F.hash.sha3_256:return 32;case F.hash.sha3_512:return 64;default:throw Error("Invalid hash algorithm.")}}const Oe=[];function Ne(e,t){const r=e.length;if(r>t-11)throw Error("Message too long");const n=function(e){const t=new Uint8Array(e);let r=0;for(;r<e;){const n=we(e-r);for(let e=0;e<n.length;e++)0!==n[e]&&(t[r++]=n[e])}return t}(t-r-3),i=new Uint8Array(t);return i[1]=2,i.set(n,2),i.set(e,t-r),i}function _e(e,t){let r=2,n=1;for(let t=r;t<e.length;t++)n&=0!==e[t],r+=n;const i=r-2,s=e.subarray(r+1),a=0===e[0]&2===e[1]&i>=8&!n;if(t)return _.selectUint8Array(a,s,t);if(a)return s;throw Error("Decryption error")}function He(e,t,r){let n;if(t.length!==Fe(e))throw Error("Invalid hash length");const i=new Uint8Array(Oe[e].length);for(n=0;n<Oe[e].length;n++)i[n]=Oe[e][n];const s=i.length+t.length;if(r<s+11)throw Error("Intended encoded message length too short");const a=new Uint8Array(r-s-3).fill(255),o=new Uint8Array(r);return o[1]=1,o.set(a,2),o.set(i,r-s),o.set(t,r-t.length),o}Oe[1]=[48,32,48,12,6,8,42,134,72,134,247,13,2,5,5,0,4,16],Oe[2]=[48,33,48,9,6,5,43,14,3,2,26,5,0,4,20],Oe[3]=[48,33,48,9,6,5,43,36,3,2,1,5,0,4,20],Oe[8]=[48,49,48,13,6,9,96,134,72,1,101,3,4,2,1,5,0,4,32],Oe[9]=[48,65,48,13,6,9,96,134,72,1,101,3,4,2,2,5,0,4,48],Oe[10]=[48,81,48,13,6,9,96,134,72,1,101,3,4,2,3,5,0,4,64],Oe[11]=[48,45,48,13,6,9,96,134,72,1,101,3,4,2,4,5,0,4,28];const ze=_.getWebCrypto(),Ge=_.getNodeCrypto(),qe=BigInt(1);async function je(e,t,r,n,i,s,a,o,c){if(Fe(e)>=r.length)throw Error("Digest size cannot exceed key modulus size");if(t&&!_.isStream(t))if(_.getWebCrypto())try{return await async function(e,t,r,n,i,s,a,o){const c=await Je(r,n,i,s,a,o),u={name:"RSASSA-PKCS1-v1_5",hash:{name:e}},h=await ze.importKey("jwk",c,u,!1,["sign"]);return new Uint8Array(await ze.sign("RSASSA-PKCS1-v1_5",h,t))}(F.read(F.webHash,e),t,r,n,i,s,a,o)}catch(e){_.printDebugError(e)}else if(_.getNodeCrypto())return async function(e,t,r,n,i,s,a,o){const c=Ge.createSign(F.read(F.hash,e));c.write(t),c.end();const u=await Je(r,n,i,s,a,o);return new Uint8Array(c.sign({key:u,format:"jwk",type:"pkcs1"}))}(e,t,r,n,i,s,a,o);return async function(e,t,r,n){t=ae(t);const i=ae(He(e,n,pe(t)));return r=ae(r),de(ce(i,r,t),"be",pe(t))}(e,r,i,c)}async function Ve(e,t,r,n,i,s){if(t&&!_.isStream(t))if(_.getWebCrypto())try{return await async function(e,t,r,n,i){const s=Xe(n,i),a=await ze.importKey("jwk",s,{name:"RSASSA-PKCS1-v1_5",hash:{name:e}},!1,["verify"]);return ze.verify("RSASSA-PKCS1-v1_5",a,r,t)}(F.read(F.webHash,e),t,r,n,i)}catch(e){_.printDebugError(e)}else if(_.getNodeCrypto())return async function(e,t,r,n,i){const s=Xe(n,i),a={key:s,format:"jwk",type:"pkcs1"},o=Ge.createVerify(F.read(F.hash,e));o.write(t),o.end();try{return o.verify(a,r)}catch(e){return!1}}(e,t,r,n,i);return async function(e,t,r,n,i){if(r=ae(r),t=ae(t),n=ae(n),t>=r)throw Error("Signature size cannot exceed modulus size");const s=de(ce(t,n,r),"be",pe(r)),a=He(e,i,pe(r));return _.equalsUint8Array(s,a)}(e,r,n,i,s)}async function Ye(e,t,r){return _.getNodeCrypto()?async function(e,t,r){const n=Xe(t,r),i={key:n,format:"jwk",type:"pkcs1",padding:Ge.constants.RSA_PKCS1_PADDING};return new Uint8Array(Ge.publicEncrypt(i,e))}(e,t,r):async function(e,t,r){if(t=ae(t),e=ae(Ne(e,pe(t))),r=ae(r),e>=t)throw Error("Message size cannot exceed modulus size");return de(ce(e,r,t),"be",pe(t))}(e,t,r)}async function Ze(e,t,r,n,i,s,a,o){if(_.getNodeCrypto()&&!o)try{return await async function(e,t,r,n,i,s,a){const o=await Je(t,r,n,i,s,a),c={key:o,format:"jwk",type:"pkcs1",padding:Ge.constants.RSA_PKCS1_PADDING};try{return new Uint8Array(Ge.privateDecrypt(c,e))}catch(e){throw Error("Decryption error")}}(e,t,r,n,i,s,a)}catch(e){_.printDebugError(e)}return async function(e,t,r,n,i,s,a,o){if(e=ae(e),t=ae(t),r=ae(r),n=ae(n),i=ae(i),s=ae(s),a=ae(a),e>=t)throw Error("Data too large.");const c=oe(n,s-qe),u=oe(n,i-qe),h=Ae(BigInt(2),t),l=ce(he(h,t),r,t);e=oe(e*l,t);const f=ce(e,u,i),y=ce(e,c,s),p=oe(a*(y-f),s);let d=p*i+f;return d=oe(d*h,t),_e(de(d,"be",pe(t)),o)}(e,t,r,n,i,s,a,o)}async function Je(e,t,r,n,i,s){const a=ae(n),o=ae(i),c=ae(r);let u=oe(c,o-qe),h=oe(c,a-qe);return h=de(h),u=de(u),{kty:"RSA",n:Y(e),e:Y(t),d:Y(r),p:Y(i),q:Y(n),dp:Y(u),dq:Y(h),qi:Y(s),ext:!0}}function Xe(e,t){return{kty:"RSA",n:Y(e),e:Y(t),ext:!0}}function We(e,t){return{n:V(e.n),e:de(t),d:V(e.d),p:V(e.q),q:V(e.p),u:V(e.qi)}}const $e=BigInt(1);const et={"2a8648ce3d030107":F.curve.nistP256,"2b81040022":F.curve.nistP384,"2b81040023":F.curve.nistP521,"2b8104000a":F.curve.secp256k1,"2b06010401da470f01":F.curve.ed25519Legacy,"2b060104019755010501":F.curve.curve25519Legacy,"2b2403030208010107":F.curve.brainpoolP256r1,"2b240303020801010b":F.curve.brainpoolP384r1,"2b240303020801010d":F.curve.brainpoolP512r1};class tt{constructor(e){if(e instanceof tt)this.oid=e.oid;else if(_.isArray(e)||_.isUint8Array(e)){if(6===(e=new Uint8Array(e))[0]){if(e[1]!==e.length-2)throw Error("Length mismatch in DER encoded oid");e=e.subarray(2)}this.oid=e}else this.oid=""}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.oid=e.subarray(1,1+t),1+this.oid.length}throw Error("Invalid oid")}write(){return _.concatUint8Array([new Uint8Array([this.oid.length]),this.oid])}toHex(){return _.uint8ArrayToHex(this.oid)}getName(){const e=et[this.toHex()];if(!e)throw Error("Unknown curve object identifier.");return e}}function rt(e){let t,r=0;const n=e[0];return n<192?([r]=e,t=1):n<255?(r=(e[0]-192<<8)+e[1]+192,t=2):255===n&&(r=_.readNumber(e.subarray(1,5)),t=5),{len:r,offset:t}}function nt(e){return e<192?new Uint8Array([e]):e>191&&e<8384?new Uint8Array([192+(e-192>>8),e-192&255]):_.concatUint8Array([new Uint8Array([255]),_.writeNumber(e,4)])}function it(e){if(e<0||e>30)throw Error("Partial Length power must be between 1 and 30");return new Uint8Array([224+e])}function st(e){return new Uint8Array([192|e])}function at(e,t){return _.concatUint8Array([st(e),nt(t)])}function ot(e){return[F.packet.literalData,F.packet.compressedData,F.packet.symmetricallyEncryptedData,F.packet.symEncryptedIntegrityProtectedData,F.packet.aeadEncryptedData].includes(e)}async function ct(e,t,r){let n,i;try{const s=await e.peekBytes(2);if(!s||s.length<2||!(128&s[0]))throw Error("Error during parsing. This message / key probably does not conform to a valid OpenPGP format.");const a=await e.readByte();let o,c,u=-1,h=-1;h=0,64&a&&(h=1),h?u=63&a:(u=(63&a)>>2,c=3&a);const l=ot(u);let f,y=null;if(t&&l){if("array"===t){const e=new ArrayStream;n=M(e),y=e}else{const e=new TransformStream;n=M(e.writable),y=e.readable}i=r({tag:u,packet:y})}else y=[];do{if(h){const t=await e.readByte();if(f=!1,t<192)o=t;else if(t>=192&&t<224)o=(t-192<<8)+await e.readByte()+192;else if(t>223&&t<255){if(o=1<<(31&t),f=!0,!l)throw new TypeError("This packet type does not support partial lengths.")}else o=await e.readByte()<<24|await e.readByte()<<16|await e.readByte()<<8|await e.readByte()}else switch(c){case 0:o=await e.readByte();break;case 1:o=await e.readByte()<<8|await e.readByte();break;case 2:o=await e.readByte()<<24|await e.readByte()<<16|await e.readByte()<<8|await e.readByte();break;default:o=1/0}if(o>0){let t=0;for(;;){n&&await n.ready;const{done:r,value:i}=await e.read();if(r){if(o===1/0)break;throw Error("Unexpected end of packet")}const s=o===1/0?i:i.subarray(0,o-t);if(n?await n.write(s):y.push(s),t+=i.length,t>=o){e.unshift(i.subarray(o-t+i.length));break}}}}while(f);n?(await n.ready,await n.close()):(y=_.concatUint8Array(y),await r({tag:u,packet:y}))}catch(e){if(n)return await n.abort(e),!0;throw e}finally{n&&await i}}class ut extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="UnsupportedError"}}class ht extends ut{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="UnknownPacketError"}}class lt extends ut{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ut),this.name="MalformedPacketError"}}class ft{constructor(e,t){this.tag=e,this.rawContent=t}write(){return this.rawContent}}async function yt(e){switch(e){case F.publicKey.ed25519:try{const e=_.getWebCrypto(),t=await e.generateKey("Ed25519",!0,["sign","verify"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),r=await e.exportKey("jwk",t.privateKey),n=await e.exportKey("jwk",t.publicKey);return{A:new Uint8Array(V(n.x)),seed:V(r.d)}}catch(t){if("NotSupportedError"!==t.name)throw t;const{default:r}=await Promise.resolve().then((function(){return sy})),n=we(wt(e)),{publicKey:i}=r.sign.keyPair.fromSeed(n);return{A:i,seed:n}}case F.publicKey.ed448:{const e=await _.getNobleCurve(F.publicKey.ed448),{secretKey:t,publicKey:r}=e.keygen();return{A:r,seed:t}}default:throw Error("Unsupported EdDSA algorithm")}}async function pt(e,t,r,n,i,s){switch(e){case F.publicKey.ed25519:try{const t=_.getWebCrypto(),r=bt(e,n,i),a=await t.importKey("jwk",r,"Ed25519",!1,["sign"]);return{RS:new Uint8Array(await t.sign("Ed25519",a,s))}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy})),r=_.concatUint8Array([i,n]);return{RS:t.sign.detached(s,r)}}case F.publicKey.ed448:return{RS:(await _.getNobleCurve(F.publicKey.ed448)).sign(s,i)};default:throw Error("Unsupported EdDSA algorithm")}}async function dt(e,t,{RS:r},n,i,s){switch(e){case F.publicKey.ed25519:try{const t=_.getWebCrypto(),n=mt(e,i),a=await t.importKey("jwk",n,"Ed25519",!1,["verify"]);return await t.verify("Ed25519",a,r,s)}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy}));return t.sign.detached.verify(s,r,i)}case F.publicKey.ed448:return(await _.getNobleCurve(F.publicKey.ed448)).verify(r,s,i);default:throw Error("Unsupported EdDSA algorithm")}}async function gt(e,t,r){switch(e){case F.publicKey.ed25519:try{const n=_.getWebCrypto(),i=bt(e,t,r),s=mt(e,t),a=await n.importKey("jwk",i,"Ed25519",!1,["sign"]),o=await n.importKey("jwk",s,"Ed25519",!1,["verify"]),c=we(8),u=new Uint8Array(await n.sign("Ed25519",a,c));return await n.verify("Ed25519",o,u,c)}catch(e){if("NotSupportedError"!==e.name)return!1;const{default:n}=await Promise.resolve().then((function(){return sy})),{publicKey:i}=n.sign.keyPair.fromSeed(r);return _.equalsUint8Array(t,i)}case F.publicKey.ed448:{const e=(await _.getNobleCurve(F.publicKey.ed448)).getPublicKey(r);return _.equalsUint8Array(t,e)}default:return!1}}function wt(e){switch(e){case F.publicKey.ed25519:return 32;case F.publicKey.ed448:return 57;default:throw Error("Unsupported EdDSA algorithm")}}function At(e){switch(e){case F.publicKey.ed25519:return F.hash.sha256;case F.publicKey.ed448:return F.hash.sha512;default:throw Error("Unknown EdDSA algo")}}const mt=(e,t)=>{if(e===F.publicKey.ed25519){return{kty:"OKP",crv:"Ed25519",x:Y(t),ext:!0}}throw Error("Unsupported EdDSA algorithm")},bt=(e,t,r)=>{if(e===F.publicKey.ed25519){const n=mt(e,t);return n.d=Y(r),n}throw Error("Unsupported EdDSA algorithm")};var kt=/*#__PURE__*/Object.freeze({__proto__:null,generate:yt,getPayloadSize:wt,getPreferredHashAlgo:At,sign:pt,validateParams:gt,verify:dt});
+/*! noble-ciphers - MIT License (c) 2023 Paul Miller (paulmillr.com) */function Et(e){return e instanceof Uint8Array||ArrayBuffer.isView(e)&&"Uint8Array"===e.constructor.name}function vt(e,...t){if(!Et(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error("Uint8Array expected of length "+t+", got length="+e.length)}function Kt(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function St(e,t){vt(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}function It(e){return new Uint8Array(e.buffer,e.byteOffset,e.byteLength)}function Bt(e){return new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4))}function Ct(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}function Ut(e){return new DataView(e.buffer,e.byteOffset,e.byteLength)}const Pt=/* @__PURE__ */(()=>68===new Uint8Array(new Uint32Array([287454020]).buffer)[0])();function Dt(e){if("string"==typeof e)e=function(e){if("string"!=typeof e)throw Error("string expected");return new Uint8Array((new TextEncoder).encode(e))}(e);else{if(!Et(e))throw Error("Uint8Array expected, got "+typeof e);e=Ot(e)}return e}function xt(e,t){return e.buffer===t.buffer&&e.byteOffset<t.byteOffset+t.byteLength&&t.byteOffset<e.byteOffset+e.byteLength}function Qt(e,t){if(xt(e,t)&&e.byteOffset<t.byteOffset)throw Error("complex overlap of input and output is not supported")}function Rt(e,t){if(e.length!==t.length)return!1;let r=0;for(let n=0;n<e.length;n++)r|=e[n]^t[n];return 0===r}const Tt=(e,t)=>{function r(r,...n){if(vt(r),!Pt)throw Error("Non little-endian hardware is not yet supported");if(void 0!==e.nonceLength){const t=n[0];if(!t)throw Error("nonce / iv required");e.varSizeNonce?vt(t):vt(t,e.nonceLength)}const i=e.tagLength;i&&void 0!==n[1]&&vt(n[1]);const s=t(r,...n),a=(e,t)=>{if(void 0!==t){if(2!==e)throw Error("cipher output not supported");vt(t)}};let o=!1;return{encrypt(e,t){if(o)throw Error("cannot encrypt() twice with same key + nonce");return o=!0,vt(e),a(s.encrypt.length,t),s.encrypt(e,t)},decrypt(e,t){if(vt(e),i&&e.length<i)throw Error("invalid ciphertext length: smaller than tagLength="+i);return a(s.decrypt.length,t),s.decrypt(e,t)}}}return Object.assign(r,e),r};function Mt(e,t,r=!0){if(void 0===t)return new Uint8Array(e);if(t.length!==e)throw Error("invalid output length, expected "+e+", got: "+t.length);if(r&&!Ft(t))throw Error("invalid output, must be aligned");return t}function Lt(e,t,r,n){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,n);const i=BigInt(32),s=BigInt(4294967295),a=Number(r>>i&s),o=Number(r&s);e.setUint32(t+0,a,n),e.setUint32(t+4,o,n)}function Ft(e){return e.byteOffset%4==0}function Ot(e){return Uint8Array.from(e)}const Nt=16,_t=/* @__PURE__ */new Uint8Array(16),Ht=Bt(_t),zt=e=>(e>>>0&255)<<24|(e>>>8&255)<<16|(e>>>16&255)<<8|e>>>24&255;class Gt{constructor(e,t){this.blockLen=Nt,this.outputLen=Nt,this.s0=0,this.s1=0,this.s2=0,this.s3=0,this.finished=!1,vt(e=Dt(e),16);const r=Ut(e);let n=r.getUint32(0,!1),i=r.getUint32(4,!1),s=r.getUint32(8,!1),a=r.getUint32(12,!1);const o=[];for(let e=0;e<128;e++)o.push({s0:zt(n),s1:zt(i),s2:zt(s),s3:zt(a)}),({s0:n,s1:i,s2:s,s3:a}={s3:(h=s)<<31|(l=a)>>>1,s2:(u=i)<<31|h>>>1,s1:(c=n)<<31|u>>>1,s0:c>>>1^225<<24&-(1&l)});var c,u,h,l;const f=(y=t||1024)>65536?8:y>1024?4:2;var y;if(![1,2,4,8].includes(f))throw Error("ghash: invalid window size, expected 2, 4 or 8");this.W=f;const p=128/f,d=this.windowSize=2**f,g=[];for(let e=0;e<p;e++)for(let t=0;t<d;t++){let r=0,n=0,i=0,s=0;for(let a=0;a<f;a++){if(!(t>>>f-a-1&1))continue;const{s0:c,s1:u,s2:h,s3:l}=o[f*e+a];r^=c,n^=u,i^=h,s^=l}g.push({s0:r,s1:n,s2:i,s3:s})}this.t=g}_updateBlock(e,t,r,n){e^=this.s0,t^=this.s1,r^=this.s2,n^=this.s3;const{W:i,t:s,windowSize:a}=this;let o=0,c=0,u=0,h=0;const l=(1<<i)-1;let f=0;for(const y of[e,t,r,n])for(let e=0;e<4;e++){const t=y>>>8*e&255;for(let e=8/i-1;e>=0;e--){const r=t>>>i*e&l,{s0:n,s1:y,s2:p,s3:d}=s[f*a+r];o^=n,c^=y,u^=p,h^=d,f+=1}}this.s0=o,this.s1=c,this.s2=u,this.s3=h}update(e){Kt(this),vt(e=Dt(e));const t=Bt(e),r=Math.floor(e.length/Nt),n=e.length%Nt;for(let e=0;e<r;e++)this._updateBlock(t[4*e+0],t[4*e+1],t[4*e+2],t[4*e+3]);return n&&(_t.set(e.subarray(r*Nt)),this._updateBlock(Ht[0],Ht[1],Ht[2],Ht[3]),Ct(Ht)),this}destroy(){const{t:e}=this;for(const t of e)t.s0=0,t.s1=0,t.s2=0,t.s3=0}digestInto(e){Kt(this),St(e,this),this.finished=!0;const{s0:t,s1:r,s2:n,s3:i}=this,s=Bt(e);return s[0]=t,s[1]=r,s[2]=n,s[3]=i,e}digest(){const e=new Uint8Array(Nt);return this.digestInto(e),this.destroy(),e}}class qt extends Gt{constructor(e,t){vt(e=Dt(e));const r=function(e){e.reverse();const t=1&e[15];let r=0;for(let t=0;t<e.length;t++){const n=e[t];e[t]=n>>>1|r,r=(1&n)<<7}return e[0]^=225&-t,e}(Ot(e));super(r,t),Ct(r)}update(e){e=Dt(e),Kt(this);const t=Bt(e),r=e.length%Nt,n=Math.floor(e.length/Nt);for(let e=0;e<n;e++)this._updateBlock(zt(t[4*e+3]),zt(t[4*e+2]),zt(t[4*e+1]),zt(t[4*e+0]));return r&&(_t.set(e.subarray(n*Nt)),this._updateBlock(zt(Ht[3]),zt(Ht[2]),zt(Ht[1]),zt(Ht[0])),Ct(Ht)),this}digestInto(e){Kt(this),St(e,this),this.finished=!0;const{s0:t,s1:r,s2:n,s3:i}=this,s=Bt(e);return s[0]=t,s[1]=r,s[2]=n,s[3]=i,e.reverse()}}function jt(e){const t=(t,r)=>e(r,t.length).update(Dt(t)).digest(),r=e(new Uint8Array(16),0);return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=(t,r)=>e(t,r),t}const Vt=jt(((e,t)=>new Gt(e,t)));jt(((e,t)=>new qt(e,t)));const Yt=16,Zt=/* @__PURE__ */new Uint8Array(Yt);function Jt(e){return e<<1^283&-(e>>7)}function Xt(e,t){let r=0;for(;t>0;t>>=1)r^=e&-(1&t),e=Jt(e);return r}const Wt=/* @__PURE__ */(()=>{const e=new Uint8Array(256);for(let t=0,r=1;t<256;t++,r^=Jt(r))e[t]=r;const t=new Uint8Array(256);t[0]=99;for(let r=0;r<255;r++){let n=e[255-r];n|=n<<8,t[e[r]]=255&(n^n>>4^n>>5^n>>6^n>>7^99)}return Ct(e),t})(),$t=/* @__PURE__ */Wt.map(((e,t)=>Wt.indexOf(t))),er=e=>e<<8|e>>>24,tr=e=>e<<24&4278190080|e<<8&16711680|e>>>8&65280|e>>>24&255;function rr(e,t){if(256!==e.length)throw Error("Wrong sbox length");const r=new Uint32Array(256).map(((r,n)=>t(e[n]))),n=r.map(er),i=n.map(er),s=i.map(er),a=new Uint32Array(65536),o=new Uint32Array(65536),c=new Uint16Array(65536);for(let t=0;t<256;t++)for(let u=0;u<256;u++){const h=256*t+u;a[h]=r[t]^n[u],o[h]=i[t]^s[u],c[h]=e[t]<<8|e[u]}return{sbox:e,sbox2:c,T0:r,T1:n,T2:i,T3:s,T01:a,T23:o}}const nr=/* @__PURE__ */rr(Wt,(e=>Xt(e,3)<<24|e<<16|e<<8|Xt(e,2))),ir=/* @__PURE__ */rr($t,(e=>Xt(e,11)<<24|Xt(e,13)<<16|Xt(e,9)<<8|Xt(e,14))),sr=/* @__PURE__ */(()=>{const e=new Uint8Array(16);for(let t=0,r=1;t<16;t++,r=Jt(r))e[t]=r;return e})();function ar(e){vt(e);const t=e.length;if(![16,24,32].includes(t))throw Error("aes: invalid key size, should be 16, 24 or 32, got "+t);const{sbox2:r}=nr,n=[];Ft(e)||n.push(e=Ot(e));const i=Bt(e),s=i.length,a=e=>ur(r,e,e,e,e),o=new Uint32Array(t+28);o.set(i);for(let e=s;e<o.length;e++){let t=o[e-1];e%s==0?t=a((c=t)<<24|c>>>8)^sr[e/s-1]:s>6&&e%s==4&&(t=a(t)),o[e]=o[e-s]^t}var c;return Ct(...n),o}function or(e){const t=ar(e),r=t.slice(),n=t.length,{sbox2:i}=nr,{T0:s,T1:a,T2:o,T3:c}=ir;for(let e=0;e<n;e+=4)for(let i=0;i<4;i++)r[e+i]=t[n-e-4+i];Ct(t);for(let e=4;e<n-4;e++){const t=r[e],n=ur(i,t,t,t,t);r[e]=s[255&n]^a[n>>>8&255]^o[n>>>16&255]^c[n>>>24]}return r}function cr(e,t,r,n,i,s){return e[r<<8&65280|n>>>8&255]^t[i>>>8&65280|s>>>24&255]}function ur(e,t,r,n,i){return e[255&t|65280&r]|e[n>>>16&255|i>>>16&65280]<<16}function hr(e,t,r,n,i){const{sbox2:s,T01:a,T23:o}=nr;let c=0;t^=e[c++],r^=e[c++],n^=e[c++],i^=e[c++];const u=e.length/4-2;for(let s=0;s<u;s++){const s=e[c++]^cr(a,o,t,r,n,i),u=e[c++]^cr(a,o,r,n,i,t),h=e[c++]^cr(a,o,n,i,t,r),l=e[c++]^cr(a,o,i,t,r,n);t=s,r=u,n=h,i=l}return{s0:e[c++]^ur(s,t,r,n,i),s1:e[c++]^ur(s,r,n,i,t),s2:e[c++]^ur(s,n,i,t,r),s3:e[c++]^ur(s,i,t,r,n)}}function lr(e,t,r,n,i){const{sbox2:s,T01:a,T23:o}=ir;let c=0;t^=e[c++],r^=e[c++],n^=e[c++],i^=e[c++];const u=e.length/4-2;for(let s=0;s<u;s++){const s=e[c++]^cr(a,o,t,i,n,r),u=e[c++]^cr(a,o,r,t,i,n),h=e[c++]^cr(a,o,n,r,t,i),l=e[c++]^cr(a,o,i,n,r,t);t=s,r=u,n=h,i=l}return{s0:e[c++]^ur(s,t,i,n,r),s1:e[c++]^ur(s,r,t,i,n),s2:e[c++]^ur(s,n,r,t,i),s3:e[c++]^ur(s,i,n,r,t)}}function fr(e,t,r,n){vt(t,Yt),vt(r);const i=r.length;Qt(r,n=Mt(i,n));const s=t,a=Bt(s);let{s0:o,s1:c,s2:u,s3:h}=hr(e,a[0],a[1],a[2],a[3]);const l=Bt(r),f=Bt(n);for(let t=0;t+4<=l.length;t+=4){f[t+0]=l[t+0]^o,f[t+1]=l[t+1]^c,f[t+2]=l[t+2]^u,f[t+3]=l[t+3]^h;let r=1;for(let e=s.length-1;e>=0;e--)r=r+(255&s[e])|0,s[e]=255&r,r>>>=8;({s0:o,s1:c,s2:u,s3:h}=hr(e,a[0],a[1],a[2],a[3]))}const y=Yt*Math.floor(l.length/4);if(y<i){const e=new Uint32Array([o,c,u,h]),t=It(e);for(let e=y,s=0;e<i;e++,s++)n[e]=r[e]^t[s];Ct(e)}return n}function yr(e,t,r,n,i){vt(r,Yt),vt(n),i=Mt(n.length,i);const s=r,a=Bt(s),o=Ut(s),c=Bt(n),u=Bt(i),h=t?0:12,l=n.length;let f=o.getUint32(h,t),{s0:y,s1:p,s2:d,s3:g}=hr(e,a[0],a[1],a[2],a[3]);for(let r=0;r+4<=c.length;r+=4)u[r+0]=c[r+0]^y,u[r+1]=c[r+1]^p,u[r+2]=c[r+2]^d,u[r+3]=c[r+3]^g,f=f+1>>>0,o.setUint32(h,f,t),({s0:y,s1:p,s2:d,s3:g}=hr(e,a[0],a[1],a[2],a[3]));const w=Yt*Math.floor(c.length/4);if(w<l){const e=new Uint32Array([y,p,d,g]),t=It(e);for(let e=w,r=0;e<l;e++,r++)i[e]=n[e]^t[r];Ct(e)}return i}const pr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t){function r(r,n){if(vt(r),void 0!==n&&(vt(n),!Ft(n)))throw Error("unaligned destination");const i=ar(e),s=Ot(t),a=[i,s];Ft(r)||a.push(r=Ot(r));const o=fr(i,s,r,n);return Ct(...a),o}return{encrypt:(e,t)=>r(e,t),decrypt:(e,t)=>r(e,t)}}));const dr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t,r={}){const n=!r.disablePadding;return{encrypt(r,i){const s=ar(e),{b:a,o,out:c}=function(e,t,r){vt(e);let n=e.length;const i=n%Yt;if(!t&&0!==i)throw Error("aec/(cbc-ecb): unpadded plaintext with disabled padding");Ft(e)||(e=Ot(e));const s=Bt(e);if(t){let e=Yt-i;e||(e=Yt),n+=e}return Qt(e,r=Mt(n,r)),{b:s,o:Bt(r),out:r}}(r,n,i);let u=t;const h=[s];Ft(u)||h.push(u=Ot(u));const l=Bt(u);let f=l[0],y=l[1],p=l[2],d=l[3],g=0;for(;g+4<=a.length;)f^=a[g+0],y^=a[g+1],p^=a[g+2],d^=a[g+3],({s0:f,s1:y,s2:p,s3:d}=hr(s,f,y,p,d)),o[g++]=f,o[g++]=y,o[g++]=p,o[g++]=d;if(n){const e=function(e){const t=new Uint8Array(16),r=Bt(t);t.set(e);const n=Yt-e.length;for(let e=Yt-n;e<Yt;e++)t[e]=n;return r}(r.subarray(4*g));f^=e[0],y^=e[1],p^=e[2],d^=e[3],({s0:f,s1:y,s2:p,s3:d}=hr(s,f,y,p,d)),o[g++]=f,o[g++]=y,o[g++]=p,o[g++]=d}return Ct(...h),c},decrypt(r,i){!function(e){if(vt(e),e.length%Yt!=0)throw Error("aes-(cbc/ecb).decrypt ciphertext should consist of blocks with size 16")}(r);const s=or(e);let a=t;const o=[s];Ft(a)||o.push(a=Ot(a));const c=Bt(a);i=Mt(r.length,i),Ft(r)||o.push(r=Ot(r)),Qt(r,i);const u=Bt(r),h=Bt(i);let l=c[0],f=c[1],y=c[2],p=c[3];for(let e=0;e+4<=u.length;){const t=l,r=f,n=y,i=p;l=u[e+0],f=u[e+1],y=u[e+2],p=u[e+3];const{s0:a,s1:o,s2:c,s3:d}=lr(s,l,f,y,p);h[e++]=a^t,h[e++]=o^r,h[e++]=c^n,h[e++]=d^i}return Ct(...o),function(e,t){if(!t)return e;const r=e.length;if(!r)throw Error("aes/pcks5: empty ciphertext not allowed");const n=e[r-1];if(n<=0||n>16)throw Error("aes/pcks5: wrong padding");const i=e.subarray(0,-n);for(let t=0;t<n;t++)if(e[r-t-1]!==n)throw Error("aes/pcks5: wrong padding");return i}(i,n)}}})),gr=/* @__PURE__ */Tt({blockSize:16,nonceLength:16},(function(e,t){function r(r,n,i){vt(r);const s=r.length;if(xt(r,i=Mt(s,i)))throw Error("overlapping src and dst not supported.");const a=ar(e);let o=t;const c=[a];Ft(o)||c.push(o=Ot(o)),Ft(r)||c.push(r=Ot(r));const u=Bt(r),h=Bt(i),l=n?h:u,f=Bt(o);let y=f[0],p=f[1],d=f[2],g=f[3];for(let e=0;e+4<=u.length;){const{s0:t,s1:r,s2:n,s3:i}=hr(a,y,p,d,g);h[e+0]=u[e+0]^t,h[e+1]=u[e+1]^r,h[e+2]=u[e+2]^n,h[e+3]=u[e+3]^i,y=l[e++],p=l[e++],d=l[e++],g=l[e++]}const w=Yt*Math.floor(u.length/4);if(w<s){({s0:y,s1:p,s2:d,s3:g}=hr(a,y,p,d,g));const e=It(new Uint32Array([y,p,d,g]));for(let t=w,n=0;t<s;t++,n++)i[t]=r[t]^e[n];Ct(e)}return Ct(...c),i}return{encrypt:(e,t)=>r(e,!0,t),decrypt:(e,t)=>r(e,!1,t)}}));function wr(e,t,r,n,i){const s=i?i.length:0,a=e.create(r,n.length+s);i&&a.update(i);const o=function(e,t,r){const n=new Uint8Array(16),i=Ut(n);return Lt(i,0,BigInt(t),r),Lt(i,8,BigInt(e),r),n}(8*n.length,8*s,t);a.update(n),a.update(o);const c=a.digest();return Ct(o),c}const Ar=/* @__PURE__ */Tt({blockSize:16,nonceLength:12,tagLength:16,varSizeNonce:!0},(function(e,t,r){if(t.length<8)throw Error("aes/gcm: invalid nonce length");function n(e,t,n){const i=wr(Vt,!1,e,n,r);for(let e=0;e<t.length;e++)i[e]^=t[e];return i}function i(){const r=ar(e),n=Zt.slice(),i=Zt.slice();if(yr(r,!1,i,i,n),12===t.length)i.set(t);else{const e=Zt.slice();Lt(Ut(e),8,BigInt(8*t.length),!1);const r=Vt.create(n).update(t).update(e);r.digestInto(i),r.destroy()}return{xk:r,authKey:n,counter:i,tagMask:yr(r,!1,i,Zt)}}return{encrypt(e){const{xk:t,authKey:r,counter:s,tagMask:a}=i(),o=new Uint8Array(e.length+16),c=[t,r,s,a];Ft(e)||c.push(e=Ot(e)),yr(t,!1,s,e,o.subarray(0,e.length));const u=n(r,a,o.subarray(0,o.length-16));return c.push(u),o.set(u,e.length),Ct(...c),o},decrypt(e){const{xk:t,authKey:r,counter:s,tagMask:a}=i(),o=[t,r,a,s];Ft(e)||o.push(e=Ot(e));const c=e.subarray(0,-16),u=e.subarray(-16),h=n(r,a,c);if(o.push(h),!Rt(h,u))throw Error("aes/gcm: invalid ghash tag");const l=yr(t,!1,s,c);return Ct(...o),l}}}));function mr(e){return e instanceof Uint32Array||ArrayBuffer.isView(e)&&"Uint32Array"===e.constructor.name}function br(e,t){if(vt(t,16),!mr(e))throw Error("_encryptBlock accepts result of expandKeyLE");const r=Bt(t);let{s0:n,s1:i,s2:s,s3:a}=hr(e,r[0],r[1],r[2],r[3]);return r[0]=n,r[1]=i,r[2]=s,r[3]=a,t}function kr(e,t){if(vt(t,16),!mr(e))throw Error("_decryptBlock accepts result of expandKeyLE");const r=Bt(t);let{s0:n,s1:i,s2:s,s3:a}=lr(e,r[0],r[1],r[2],r[3]);return r[0]=n,r[1]=i,r[2]=s,r[3]=a,t}const Er={encrypt(e,t){if(t.length>=2**32)throw Error("plaintext should be less than 4gb");const r=ar(e);if(16===t.length)br(r,t);else{const e=Bt(t);let n=e[0],i=e[1];for(let t=0,s=1;t<6;t++)for(let t=2;t<e.length;t+=2,s++){const{s0:a,s1:o,s2:c,s3:u}=hr(r,n,i,e[t],e[t+1]);n=a,i=o^tr(s),e[t]=c,e[t+1]=u}e[0]=n,e[1]=i}r.fill(0)},decrypt(e,t){if(t.length-8>=2**32)throw Error("ciphertext should be less than 4gb");const r=or(e),n=t.length/8-1;if(1===n)kr(r,t);else{const e=Bt(t);let i=e[0],s=e[1];for(let t=0,a=6*n;t<6;t++)for(let t=2*n;t>=1;t-=2,a--){s^=tr(a);const{s0:n,s1:o,s2:c,s3:u}=lr(r,i,s,e[t],e[t+1]);i=n,s=o,e[t]=c,e[t+1]=u}e[0]=i,e[1]=s}r.fill(0)}},vr=/* @__PURE__ */new Uint8Array(8).fill(166),Kr=/* @__PURE__ */Tt({blockSize:8},(e=>({encrypt(t){if(!t.length||t.length%8!=0)throw Error("invalid plaintext length");if(8===t.length)throw Error("8-byte keys not allowed in AESKW, use AESKWP instead");const r=function(...e){let t=0;for(let r=0;r<e.length;r++){const n=e[r];vt(n),t+=n.length}const r=new Uint8Array(t);for(let t=0,n=0;t<e.length;t++){const i=e[t];r.set(i,n),n+=i.length}return r}(vr,t);return Er.encrypt(e,r),r},decrypt(t){if(t.length%8!=0||t.length<24)throw Error("invalid ciphertext length");const r=Ot(t);if(Er.decrypt(e,r),!Rt(r.subarray(0,8),vr))throw Error("integrity check failed");return r.subarray(0,8).fill(0),r.subarray(8)}}))),Sr={expandKeyLE:ar,expandKeyDecLE:or,encrypt:hr,decrypt:lr,encryptBlock:br,decryptBlock:kr,ctrCounter:fr,ctr32:yr};async function Ir(e){switch(e){case F.symmetric.aes128:case F.symmetric.aes192:case F.symmetric.aes256:throw Error("Not a legacy cipher");case F.symmetric.cast5:case F.symmetric.blowfish:case F.symmetric.twofish:case F.symmetric.tripledes:{const{legacyCiphers:t}=await Promise.resolve().then((function(){return by})),r=F.read(F.symmetric,e),n=t.get(r);if(!n)throw Error("Unsupported cipher algorithm");return n}default:throw Error("Unsupported cipher algorithm")}}function Br(e){switch(e){case F.symmetric.aes128:case F.symmetric.aes192:case F.symmetric.aes256:case F.symmetric.twofish:return 16;case F.symmetric.blowfish:case F.symmetric.cast5:case F.symmetric.tripledes:return 8;default:throw Error("Unsupported cipher")}}function Cr(e){switch(e){case F.symmetric.aes128:case F.symmetric.blowfish:case F.symmetric.cast5:return 16;case F.symmetric.aes192:case F.symmetric.tripledes:return 24;case F.symmetric.aes256:case F.symmetric.twofish:return 32;default:throw Error("Unsupported cipher")}}function Ur(e){return{keySize:Cr(e),blockSize:Br(e)}}const Pr=_.getWebCrypto();async function Dr(e,t,r){const{keySize:n}=Ur(e);if(!_.isAES(e)||t.length!==n)throw Error("Unexpected algorithm or key size");try{const e=await Pr.importKey("raw",t,{name:"AES-KW"},!1,["wrapKey"]),n=await Pr.importKey("raw",r,{name:"HMAC",hash:"SHA-256"},!0,["sign"]),i=await Pr.wrapKey("raw",n,e,{name:"AES-KW"});return new Uint8Array(i)}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;_.printDebugError("Browser did not support operation: "+e.message)}return Kr(t).encrypt(r)}async function xr(e,t,r){const{keySize:n}=Ur(e);if(!_.isAES(e)||t.length!==n)throw Error("Unexpected algorithm or key size");let i;try{i=await Pr.importKey("raw",t,{name:"AES-KW"},!1,["unwrapKey"])}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;return _.printDebugError("Browser did not support operation: "+e.message),Kr(t).decrypt(r)}try{const e=await Pr.unwrapKey("raw",r,i,{name:"AES-KW"},{name:"HMAC",hash:"SHA-256"},!0,["sign"]);return new Uint8Array(await Pr.exportKey("raw",e))}catch(e){if("OperationError"===e.name)throw Error("Key Data Integrity failed");throw e}}async function Qr(e,t,r,n,i){const s=_.getWebCrypto(),a=F.read(F.webHash,e);if(!a)throw Error("Hash algo not supported with HKDF");const o=await s.importKey("raw",t,"HKDF",!1,["deriveBits"]),c=await s.deriveBits({name:"HKDF",hash:a,salt:r,info:n},o,8*i);return new Uint8Array(c)}const Rr={x25519:_.encodeUTF8("OpenPGP X25519"),x448:_.encodeUTF8("OpenPGP X448")};async function Tr(e){switch(e){case F.publicKey.x25519:try{const e=_.getWebCrypto(),t=await e.generateKey("X25519",!0,["deriveKey","deriveBits"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),r=await e.exportKey("jwk",t.privateKey),n=await e.exportKey("jwk",t.publicKey);if(r.x!==n.x){const e=Error("Unexpected mismatching public point");throw e.name="NotSupportedError",e}return{A:new Uint8Array(V(n.x)),k:V(r.d)}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:t}=await Promise.resolve().then((function(){return sy})),{secretKey:r,publicKey:n}=t.box.keyPair();return{A:n,k:r}}case F.publicKey.x448:{const e=await _.getNobleCurve(F.publicKey.x448),{secretKey:t,publicKey:r}=e.keygen();return{A:r,k:t}}default:throw Error("Unsupported ECDH algorithm")}}async function Mr(e,t,r){switch(e){case F.publicKey.x25519:try{const{ephemeralPublicKey:n,sharedSecret:i}=await Nr(e,t),s=await _r(e,n,t,r);return _.equalsUint8Array(i,s)}catch(e){return!1}case F.publicKey.x448:{const e=(await _.getNobleCurve(F.publicKey.x448)).getPublicKey(r);return _.equalsUint8Array(t,e)}default:return!1}}async function Lr(e,t,r){const{ephemeralPublicKey:n,sharedSecret:i}=await Nr(e,r),s=_.concatUint8Array([n,r,i]);switch(e){case F.publicKey.x25519:{const e=F.symmetric.aes128,{keySize:r}=Ur(e),i=await Qr(F.hash.sha256,s,new Uint8Array,Rr.x25519,r);return{ephemeralPublicKey:n,wrappedKey:await Dr(e,i,t)}}case F.publicKey.x448:{const e=F.symmetric.aes256,{keySize:r}=Ur(F.symmetric.aes256),i=await Qr(F.hash.sha512,s,new Uint8Array,Rr.x448,r);return{ephemeralPublicKey:n,wrappedKey:await Dr(e,i,t)}}default:throw Error("Unsupported ECDH algorithm")}}async function Fr(e,t,r,n,i){const s=await _r(e,t,n,i),a=_.concatUint8Array([t,n,s]);switch(e){case F.publicKey.x25519:{const e=F.symmetric.aes128,{keySize:t}=Ur(e);return xr(e,await Qr(F.hash.sha256,a,new Uint8Array,Rr.x25519,t),r)}case F.publicKey.x448:{const e=F.symmetric.aes256,{keySize:t}=Ur(F.symmetric.aes256);return xr(e,await Qr(F.hash.sha512,a,new Uint8Array,Rr.x448,t),r)}default:throw Error("Unsupported ECDH algorithm")}}function Or(e){switch(e){case F.publicKey.x25519:return 32;case F.publicKey.x448:return 56;default:throw Error("Unsupported ECDH algorithm")}}async function Nr(e,t){switch(e){case F.publicKey.x25519:try{const r=_.getWebCrypto(),n=await r.generateKey("X25519",!0,["deriveKey","deriveBits"]).catch((e=>{if("OperationError"===e.name){const e=Error("Unexpected key generation issue");throw e.name="NotSupportedError",e}throw e})),i=await r.exportKey("jwk",n.publicKey);if((await r.exportKey("jwk",n.privateKey)).x!==i.x){const e=Error("Unexpected mismatching public point");throw e.name="NotSupportedError",e}const s=zr(e,t),a=await r.importKey("jwk",s,"X25519",!1,[]),o=await r.deriveBits({name:"X25519",public:a},n.privateKey,8*Or(e));return{sharedSecret:new Uint8Array(o),ephemeralPublicKey:new Uint8Array(V(i.x))}}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:r}=await Promise.resolve().then((function(){return sy})),{secretKey:n,publicKey:i}=r.box.keyPair(),s=r.scalarMult(n,t);return Hr(s),{ephemeralPublicKey:i,sharedSecret:s}}case F.publicKey.x448:{const e=await _.getNobleCurve(F.publicKey.x448),{secretKey:r,publicKey:n}=e.keygen(),i=e.getSharedSecret(r,t);return Hr(i),{ephemeralPublicKey:n,sharedSecret:i}}default:throw Error("Unsupported ECDH algorithm")}}async function _r(e,t,r,n){switch(e){case F.publicKey.x25519:try{const i=_.getWebCrypto(),s=function(e,t,r){if(e===F.publicKey.x25519){const n=zr(e,t);return n.d=Y(r),n}throw Error("Unsupported ECDH algorithm")}(e,r,n),a=zr(e,t),o=await i.importKey("jwk",s,"X25519",!1,["deriveKey","deriveBits"]),c=await i.importKey("jwk",a,"X25519",!1,[]),u=await i.deriveBits({name:"X25519",public:c},o,8*Or(e));return new Uint8Array(u)}catch(e){if("NotSupportedError"!==e.name)throw e;const{default:r}=await Promise.resolve().then((function(){return sy})),i=r.scalarMult(n,t);return Hr(i),i}case F.publicKey.x448:{const e=(await _.getNobleCurve(F.publicKey.x448)).getSharedSecret(n,t);return Hr(e),e}default:throw Error("Unsupported ECDH algorithm")}}function Hr(e){let t=0;for(let r=0;r<e.length;r++)t|=e[r];if(0===t)throw Error("Unexpected low order point")}function zr(e,t){if(e===F.publicKey.x25519){return{kty:"OKP",crv:"X25519",x:Y(t),ext:!0}}throw Error("Unsupported ECDH algorithm")}var Gr=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:Fr,encrypt:Lr,generate:Tr,generateEphemeralEncryptionMaterial:Nr,getPayloadSize:Or,recomputeSharedSecret:_r,validateParams:Mr});const qr=_.getWebCrypto(),jr=_.getNodeCrypto(),Vr={[F.curve.nistP256]:"P-256",[F.curve.nistP384]:"P-384",[F.curve.nistP521]:"P-521"},Yr=jr?jr.getCurves():[],Zr=jr?{[F.curve.secp256k1]:Yr.includes("secp256k1")?"secp256k1":void 0,[F.curve.nistP256]:Yr.includes("prime256v1")?"prime256v1":void 0,[F.curve.nistP384]:Yr.includes("secp384r1")?"secp384r1":void 0,[F.curve.nistP521]:Yr.includes("secp521r1")?"secp521r1":void 0,[F.curve.ed25519Legacy]:Yr.includes("ED25519")?"ED25519":void 0,[F.curve.curve25519Legacy]:Yr.includes("X25519")?"X25519":void 0,[F.curve.brainpoolP256r1]:Yr.includes("brainpoolP256r1")?"brainpoolP256r1":void 0,[F.curve.brainpoolP384r1]:Yr.includes("brainpoolP384r1")?"brainpoolP384r1":void 0,[F.curve.brainpoolP512r1]:Yr.includes("brainpoolP512r1")?"brainpoolP512r1":void 0}:{},Jr={[F.curve.nistP256]:{oid:[6,8,42,134,72,206,61,3,1,7],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.nistP256],web:Vr[F.curve.nistP256],payloadSize:32,sharedSize:256,wireFormatLeadingByte:4},[F.curve.nistP384]:{oid:[6,5,43,129,4,0,34],keyType:F.publicKey.ecdsa,hash:F.hash.sha384,cipher:F.symmetric.aes192,node:Zr[F.curve.nistP384],web:Vr[F.curve.nistP384],payloadSize:48,sharedSize:384,wireFormatLeadingByte:4},[F.curve.nistP521]:{oid:[6,5,43,129,4,0,35],keyType:F.publicKey.ecdsa,hash:F.hash.sha512,cipher:F.symmetric.aes256,node:Zr[F.curve.nistP521],web:Vr[F.curve.nistP521],payloadSize:66,sharedSize:528,wireFormatLeadingByte:4},[F.curve.secp256k1]:{oid:[6,5,43,129,4,0,10],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.secp256k1],payloadSize:32,wireFormatLeadingByte:4},[F.curve.ed25519Legacy]:{oid:[6,9,43,6,1,4,1,218,71,15,1],keyType:F.publicKey.eddsaLegacy,hash:F.hash.sha512,node:!1,payloadSize:32,wireFormatLeadingByte:64},[F.curve.curve25519Legacy]:{oid:[6,10,43,6,1,4,1,151,85,1,5,1],keyType:F.publicKey.ecdh,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:!1,payloadSize:32,wireFormatLeadingByte:64},[F.curve.brainpoolP256r1]:{oid:[6,9,43,36,3,3,2,8,1,1,7],keyType:F.publicKey.ecdsa,hash:F.hash.sha256,cipher:F.symmetric.aes128,node:Zr[F.curve.brainpoolP256r1],payloadSize:32,wireFormatLeadingByte:4},[F.curve.brainpoolP384r1]:{oid:[6,9,43,36,3,3,2,8,1,1,11],keyType:F.publicKey.ecdsa,hash:F.hash.sha384,cipher:F.symmetric.aes192,node:Zr[F.curve.brainpoolP384r1],payloadSize:48,wireFormatLeadingByte:4},[F.curve.brainpoolP512r1]:{oid:[6,9,43,36,3,3,2,8,1,1,13],keyType:F.publicKey.ecdsa,hash:F.hash.sha512,cipher:F.symmetric.aes256,node:Zr[F.curve.brainpoolP512r1],payloadSize:64,wireFormatLeadingByte:4}};class Xr{constructor(e){try{this.name=e instanceof tt?e.getName():F.write(F.curve,e)}catch(e){throw new ut("Unknown curve")}const t=Jr[this.name];this.keyType=t.keyType,this.oid=t.oid,this.hash=t.hash,this.cipher=t.cipher,this.node=t.node,this.web=t.web,this.payloadSize=t.payloadSize,this.sharedSize=t.sharedSize,this.wireFormatLeadingByte=t.wireFormatLeadingByte,this.web&&_.getWebCrypto()?this.type="web":this.node&&_.getNodeCrypto()?this.type="node":this.name===F.curve.curve25519Legacy?this.type="curve25519Legacy":this.name===F.curve.ed25519Legacy&&(this.type="ed25519Legacy")}async genKeyPair(){switch(this.type){case"web":try{return await async function(e,t){const r=await qr.generateKey({name:"ECDSA",namedCurve:Vr[e]},!0,["sign","verify"]),n=await qr.exportKey("jwk",r.privateKey);return{publicKey:nn(await qr.exportKey("jwk",r.publicKey),t),privateKey:V(n.d)}}(this.name,this.wireFormatLeadingByte)}catch(e){return _.printDebugError("Browser did not support generating ec key "+e.message),rn(this.name)}case"node":return async function(e){const t=jr.createECDH(Zr[e]);return await t.generateKeys(),{publicKey:new Uint8Array(t.getPublicKey()),privateKey:new Uint8Array(t.getPrivateKey())}}(this.name);case"curve25519Legacy":{const{k:e,A:t}=await Tr(F.publicKey.x25519),r=e.slice().reverse();r[0]=127&r[0]|64,r[31]&=248;return{publicKey:_.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:r}}case"ed25519Legacy":{const{seed:e,A:t}=await yt(F.publicKey.ed25519);return{publicKey:_.concatUint8Array([new Uint8Array([this.wireFormatLeadingByte]),t]),privateKey:e}}default:return rn(this.name)}}}async function Wr(e){const t=new Xr(e),{oid:r,hash:n,cipher:i}=t,s=await t.genKeyPair();return{oid:r,Q:s.publicKey,secret:_.leftPad(s.privateKey,t.payloadSize),hash:n,cipher:i}}function $r(e){return Jr[e.getName()].hash}async function en(e,t,r,n){const i={[F.curve.nistP256]:!0,[F.curve.nistP384]:!0,[F.curve.nistP521]:!0,[F.curve.secp256k1]:!0,[F.curve.curve25519Legacy]:e===F.publicKey.ecdh,[F.curve.brainpoolP256r1]:!0,[F.curve.brainpoolP384r1]:!0,[F.curve.brainpoolP512r1]:!0},s=t.getName();if(!i[s])return!1;if(s===F.curve.curve25519Legacy){const e=n.slice().reverse();return!(r.length<1||64!==r[0])&&Mr(F.publicKey.x25519,r.subarray(1),e)}const a=(await _.getNobleCurve(F.publicKey.ecdsa,s)).getPublicKey(n,!1);return!!_.equalsUint8Array(a,r)}function tn(e,t){const{payloadSize:r,wireFormatLeadingByte:n,name:i}=e,s=i===F.curve.curve25519Legacy||i===F.curve.ed25519Legacy?r:2*r;if(t[0]!==n||t.length!==s+1)throw Error("Invalid point encoding")}async function rn(e){const t=await _.getNobleCurve(F.publicKey.ecdsa,e),{secretKey:r}=t.keygen();return{publicKey:t.getPublicKey(r,!1),privateKey:r}}function nn(e,t){const r=V(e.x),n=V(e.y),i=new Uint8Array(r.length+n.length+1);return i[0]=t,i.set(r,1),i.set(n,r.length+1),i}function sn(e,t,r){const n=e,i=r.slice(1,n+1),s=r.slice(n+1,2*n+1);return{kty:"EC",crv:t,x:Y(i),y:Y(s),ext:!0}}function an(e,t,r,n){const i=sn(e,t,r);return i.d=Y(n),i}const on=_.getWebCrypto(),cn=_.getNodeCrypto();async function un(e,t,r,n,i,s){const a=new Xr(e);if(tn(a,n),r&&!_.isStream(r)){const e={publicKey:n,privateKey:i};switch(a.type){case"web":try{return await async function(e,t,r,n){const i=e.payloadSize,s=an(e.payloadSize,Vr[e.name],n.publicKey,n.privateKey),a=await on.importKey("jwk",s,{name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,e.hash)}},!1,["sign"]),o=new Uint8Array(await on.sign({name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,t)}},a,r));return{r:o.slice(0,i),s:o.slice(i,i<<1)}}(a,t,r,e)}catch(e){if("nistP521"!==a.name&&("DataError"===e.name||"OperationError"===e.name))throw e;_.printDebugError("Browser did not support signing: "+e.message)}break;case"node":return async function(e,t,r,n){const i=_.nodeRequire("eckey-utils"),s=_.getNodeBuffer(),{privateKey:a}=i.generateDer({curveName:Zr[e.name],privateKey:s.from(n)}),o=cn.createSign(F.read(F.hash,t));o.write(r),o.end();const c=new Uint8Array(o.sign({key:a,format:"der",type:"sec1",dsaEncoding:"ieee-p1363"})),u=e.payloadSize;return{r:c.subarray(0,u),s:c.subarray(u,u<<1)}}(a,t,r,i)}}const o=(await _.getNobleCurve(F.publicKey.ecdsa,a.name)).sign(s,i,{lowS:!1});return{r:de(o.r,"be",a.payloadSize),s:de(o.s,"be",a.payloadSize)}}async function hn(e,t,r,n,i,s){const a=new Xr(e);tn(a,i);const o=async()=>0===s[0]&&ln(a,r,s.subarray(1),i);if(n&&!_.isStream(n))switch(a.type){case"web":try{const e=await async function(e,t,{r,s:n},i,s){const a=sn(e.payloadSize,Vr[e.name],s),o=await on.importKey("jwk",a,{name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,e.hash)}},!1,["verify"]),c=_.concatUint8Array([r,n]).buffer;return on.verify({name:"ECDSA",namedCurve:Vr[e.name],hash:{name:F.read(F.webHash,t)}},o,c,i)}(a,t,r,n,i);return e||o()}catch(e){if("nistP521"!==a.name&&("DataError"===e.name||"OperationError"===e.name))throw e;_.printDebugError("Browser did not support verifying: "+e.message)}break;case"node":{const e=await async function(e,t,{r,s:n},i,s){const a=_.nodeRequire("eckey-utils"),o=_.getNodeBuffer(),{publicKey:c}=a.generateDer({curveName:Zr[e.name],publicKey:o.from(s)}),u=cn.createVerify(F.read(F.hash,t));u.write(i),u.end();const h=_.concatUint8Array([r,n]);try{return u.verify({key:c,format:"der",type:"spki",dsaEncoding:"ieee-p1363"},h)}catch(e){return!1}}(a,t,r,n,i);return e||o()}}return await ln(a,r,s,i)||o()}async function ln(e,t,r,n){return(await _.getNobleCurve(F.publicKey.ecdsa,e.name)).verify(_.concatUint8Array([t.r,t.s]),r,n,{lowS:!1})}var fn=/*#__PURE__*/Object.freeze({__proto__:null,sign:un,validateParams:async function(e,t,r){const n=new Xr(e);if(n.keyType!==F.publicKey.ecdsa)return!1;switch(n.type){case"web":case"node":{const n=we(8),i=F.hash.sha256,s=await Le(i,n);try{const a=await un(e,i,n,t,r,s);return await hn(e,i,a,n,t,s)}catch(e){return!1}}default:return en(F.publicKey.ecdsa,e,t,r)}},verify:hn});async function yn(e,t,r,n,i,s){tn(new Xr(e),n);const{RS:a}=await pt(F.publicKey.ed25519,0,0,n.subarray(1),i,s);return{r:a.subarray(0,32),s:a.subarray(32)}}async function pn(e,t,{r,s:n},i,s,a){tn(new Xr(e),s);const o=_.concatUint8Array([r,n]);return dt(F.publicKey.ed25519,0,{RS:o},0,s.subarray(1),a)}async function dn(e,t,r){return e.getName()===F.curve.ed25519Legacy&&(!(t.length<1||64!==t[0])&&gt(F.publicKey.ed25519,t.subarray(1),r))}var gn=/*#__PURE__*/Object.freeze({__proto__:null,sign:yn,validateParams:dn,verify:pn});function wn(e){const t=e.length;if(t>0){const r=e[t-1];if(r>=1){const n=e.subarray(t-r),i=new Uint8Array(r).fill(r);if(_.equalsUint8Array(n,i))return e.subarray(0,t-r)}}throw Error("Invalid padding")}function An(e,t,r,n){return _.concatUint8Array([t.write(),new Uint8Array([e]),r.write(!0),_.stringToUint8Array("Anonymous Sender    "),r.replacementFingerprint||n])}async function mn(e,t,r,n,i=!1,s=!1){let a;if(i){for(a=0;a<t.length&&0===t[a];a++);t=t.subarray(a)}if(s){for(a=t.length-1;a>=0&&0===t[a];a--);t=t.subarray(0,a+1)}return(await Le(e,_.concatUint8Array([new Uint8Array([0,0,0,1]),t,n]))).subarray(0,r)}async function bn(e,t){switch(e.type){case"curve25519Legacy":{const{sharedSecret:r,ephemeralPublicKey:n}=await Nr(F.publicKey.x25519,t.subarray(1));return{publicKey:_.concatUint8Array([new Uint8Array([e.wireFormatLeadingByte]),n]),sharedKey:r}}case"web":if(e.web&&_.getWebCrypto())try{return await async function(e,t){const r=_.getWebCrypto(),n=sn(e.payloadSize,e.web,t);let i=r.generateKey({name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]),s=r.importKey("jwk",n,{name:"ECDH",namedCurve:e.web},!1,[]);[i,s]=await Promise.all([i,s]);let a=r.deriveBits({name:"ECDH",namedCurve:e.web,public:s},i.privateKey,e.sharedSize),o=r.exportKey("jwk",i.publicKey);[a,o]=await Promise.all([a,o]);const c=new Uint8Array(a),u=new Uint8Array(nn(o,e.wireFormatLeadingByte));return{publicKey:u,sharedKey:c}}(e,t)}catch(r){return _.printDebugError(r),Sn(e,t)}break;case"node":return async function(e,t){const r=_.getNodeCrypto(),n=r.createECDH(e.node);n.generateKeys();const i=new Uint8Array(n.computeSecret(t));return{publicKey:new Uint8Array(n.getPublicKey()),sharedKey:i}}(e,t);default:return Sn(e,t)}}async function kn(e,t,r,n,i){const s=function(e){const t=8-e.length%8,r=new Uint8Array(e.length+t).fill(t);return r.set(e),r}(r),a=new Xr(e);tn(a,n);const{publicKey:o,sharedKey:c}=await bn(a,n),u=An(F.publicKey.ecdh,e,t,i),{keySize:h}=Ur(t.cipher),l=await mn(t.hash,c,h,u);return{publicKey:o,wrappedKey:await Dr(t.cipher,l,s)}}async function En(e,t,r,n){if(n.length!==e.payloadSize){const t=new Uint8Array(e.payloadSize);t.set(n,e.payloadSize-n.length),n=t}switch(e.type){case"curve25519Legacy":{const e=n.slice().reverse();return{secretKey:e,sharedKey:await _r(F.publicKey.x25519,t.subarray(1),r.subarray(1),e)}}case"web":if(e.web&&_.getWebCrypto())try{return await async function(e,t,r,n){const i=_.getWebCrypto(),s=an(e.payloadSize,e.web,r,n);let a=i.importKey("jwk",s,{name:"ECDH",namedCurve:e.web},!0,["deriveKey","deriveBits"]);const o=sn(e.payloadSize,e.web,t);let c=i.importKey("jwk",o,{name:"ECDH",namedCurve:e.web},!0,[]);[a,c]=await Promise.all([a,c]);let u=i.deriveBits({name:"ECDH",namedCurve:e.web,public:c},a,e.sharedSize),h=i.exportKey("jwk",a);[u,h]=await Promise.all([u,h]);const l=new Uint8Array(u);return{secretKey:V(h.d),sharedKey:l}}(e,t,r,n)}catch(r){return _.printDebugError(r),Kn(e,t,n)}break;case"node":return async function(e,t,r){const n=_.getNodeCrypto(),i=n.createECDH(e.node);i.setPrivateKey(r);const s=new Uint8Array(i.computeSecret(t));return{secretKey:new Uint8Array(i.getPrivateKey()),sharedKey:s}}(e,t,n);default:return Kn(e,t,n)}}async function vn(e,t,r,n,i,s,a){const o=new Xr(e);tn(o,i),tn(o,r);const{sharedKey:c}=await En(o,r,i,s),u=An(F.publicKey.ecdh,e,t,a),{keySize:h}=Ur(t.cipher);let l;for(let e=0;e<3;e++)try{const r=await mn(t.hash,c,h,u,1===e,2===e);return wn(await xr(t.cipher,r,n))}catch(e){l=e}throw l}async function Kn(e,t,r){return{secretKey:r,sharedKey:(await _.getNobleCurve(F.publicKey.ecdh,e.name)).getSharedSecret(r,t).subarray(1)}}async function Sn(e,t){const r=await _.getNobleCurve(F.publicKey.ecdh,e.name),{publicKey:n,privateKey:i}=await e.genKeyPair();return{publicKey:n,sharedKey:r.getSharedSecret(i,t).subarray(1)}}var In=/*#__PURE__*/Object.freeze({__proto__:null,decrypt:vn,encrypt:kn,validateParams:async function(e,t,r){return en(F.publicKey.ecdh,e,t,r)}}),Bn=/*#__PURE__*/Object.freeze({__proto__:null,CurveWithOID:Xr,ecdh:In,ecdhX:Gr,ecdsa:fn,eddsa:kt,eddsaLegacy:gn,generate:Wr,getPreferredHashAlgo:$r});const Cn=BigInt(0),Un=BigInt(1);const Pn=new Set([F.hash.sha1,F.hash.sha256,F.hash.sha512]),Dn=_.getWebCrypto(),xn=_.getNodeCrypto();async function Qn(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp})),{publicKey:r,secretKey:n}=e.keygen(t);return{mlkemPublicKey:r,mlkemSecretKey:n}}throw Error("Unsupported KEM algorithm")}async function Rn(e){const{eccPublicKey:t,eccSecretKey:r}=await async function(e){if(e===F.publicKey.pqc_mlkem_x25519){const{A:e,k:t}=await Tr(F.publicKey.x25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported KEM algorithm")}(e),{mlkemPublicKey:n,mlkemSeed:i,mlkemSecretKey:s}=await async function(e){if(e===F.publicKey.pqc_mlkem_x25519){const t=we(64),{mlkemSecretKey:r,mlkemPublicKey:n}=await Qn(e,t);return{mlkemSeed:t,mlkemSecretKey:r,mlkemPublicKey:n}}throw Error("Unsupported KEM algorithm")}(e);return{eccPublicKey:t,eccSecretKey:r,mlkemPublicKey:n,mlkemSeed:i,mlkemSecretKey:s}}async function Tn(e,t,r,n){const{eccKeyShare:i,eccCipherText:s}=await async function(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ephemeralPublicKey:e,sharedSecret:r}=await Nr(F.publicKey.x25519,t);return{eccCipherText:e,eccKeyShare:r}}throw Error("Unsupported KEM algorithm")}(e,t),{mlkemKeyShare:a,mlkemCipherText:o}=await async function(e,t){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp})),{cipherText:r,sharedSecret:n}=e.encapsulate(t);return{mlkemCipherText:r,mlkemKeyShare:n}}throw Error("Unsupported KEM algorithm")}(e,r),c=await Ln(e,a,i,s,t);return{eccCipherText:s,mlkemCipherText:o,wrappedKey:await Dr(F.symmetric.aes256,c,n)}}async function Mn(e,t,r,n,i,s,a,o){const c=await async function(e,t,r,n){if(e===F.publicKey.pqc_mlkem_x25519)return await _r(F.publicKey.x25519,t,n,r);throw Error("Unsupported KEM algorithm")}(e,t,n,i),u=await async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519){const{ml_kem768:e}=await Promise.resolve().then((function(){return Vp}));return e.decapsulate(t,r)}throw Error("Unsupported KEM algorithm")}(e,r,s),h=await Ln(e,u,c,t,i);return await xr(F.symmetric.aes256,h,o)}async function Ln(e,t,r,n,i){const s=_.encodeUTF8("OpenPGPCompositeKDFv1"),a=_.concatUint8Array([t,r,n,i,new Uint8Array([e]),s,new Uint8Array([s.length])]);return await Le(F.hash.sha3_256,a)}async function Fn(e,t,r,n,i){const s=async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519)return Mr(F.publicKey.x25519,t,r);throw Error("Unsupported KEM algorithm")}(e,t,r),a=async function(e,t,r){if(e===F.publicKey.pqc_mlkem_x25519){const{mlkemPublicKey:n}=await Qn(e,r);return _.equalsUint8Array(t,n)}throw Error("Unsupported KEM algorithm")}(e,n,i);return await s&&await a}async function On(e,t){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp})),{secretKey:r,publicKey:n}=e.keygen(t);return{mldsaSecretKey:r,mldsaPublicKey:n}}throw Error("Unsupported signature algorithm")}async function Nn(e){if(e===F.publicKey.pqc_mldsa_ed25519){const{eccSecretKey:t,eccPublicKey:r}=await async function(e){if(e===F.publicKey.pqc_mldsa_ed25519){const{A:e,seed:t}=await yt(F.publicKey.ed25519);return{eccPublicKey:e,eccSecretKey:t}}throw Error("Unsupported signature algorithm")}(e),{mldsaSeed:n,mldsaSecretKey:i,mldsaPublicKey:s}=await async function(e){if(e===F.publicKey.pqc_mldsa_ed25519){const t=we(32),{mldsaSecretKey:r,mldsaPublicKey:n}=await On(e,t);return{mldsaSeed:t,mldsaSecretKey:r,mldsaPublicKey:n}}throw Error("Unsupported signature algorithm")}(e);return{eccSecretKey:t,eccPublicKey:r,mldsaSeed:n,mldsaSecretKey:i,mldsaPublicKey:s}}throw Error("Unsupported signature algorithm")}async function _n(e,t,r,n,i,s){if(e===F.publicKey.pqc_mldsa_ed25519){const{eccSignature:t}=await async function(e,t,r,n,i){if(e===F.publicKey.pqc_mldsa_ed25519){const{RS:e}=await pt(F.publicKey.ed25519,0,0,n,r,i);return{eccSignature:e}}throw Error("Unsupported signature algorithm")}(e,0,r,n,s),{mldsaSignature:a}=await async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp}));return{mldsaSignature:e.sign(t,r)}}throw Error("Unsupported signature algorithm")}(e,i,s);return{eccSignature:t,mldsaSignature:a}}throw Error("Unsupported signature algorithm")}async function Hn(e,t,r,n,i,{eccSignature:s,mldsaSignature:a}){if(e===F.publicKey.pqc_mldsa_ed25519){const t=async function(e,t,r,n,i){if(e===F.publicKey.pqc_mldsa_ed25519)return dt(F.publicKey.ed25519,0,{RS:i},0,r,n);throw Error("Unsupported signature algorithm")}(e,0,r,i,s),o=async function(e,t,r,n){if(e===F.publicKey.pqc_mldsa_ed25519){const{ml_dsa65:e}=await Promise.resolve().then((function(){return Vp}));return e.verify(t,r,n)}throw Error("Unsupported signature algorithm")}(e,n,i,a);return await t&&await o}throw Error("Unsupported signature algorithm")}function zn(e,t){if(e===F.publicKey.pqc_mldsa_ed25519)return Fe(t)>=32;throw Error("Unsupported signature algorithm")}async function Gn(e,t,r,n,i){const s=async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519)return gt(F.publicKey.ed25519,t,r);throw Error("Unsupported signature algorithm")}(e,t,r),a=async function(e,t,r){if(e===F.publicKey.pqc_mldsa_ed25519){const{mldsaPublicKey:n}=await On(e,r);return _.equalsUint8Array(t,n)}throw Error("Unsupported signature algorithm")}(e,n,i);return await s&&await a}class qn{constructor(e){e&&(this.data=e)}read(e){if(e.length>=1){const t=e[0];if(e.length>=1+t)return this.data=e.subarray(1,1+t),1+this.data.length}throw Error("Invalid symmetric key")}write(){return _.concatUint8Array([new Uint8Array([this.data.length]),this.data])}}class jn{constructor(e){if(void 0===e&&(e=new Uint8Array([])),!_.isUint8Array(e))throw Error("data must be in the form of a Uint8Array");this.data=e,this.length=this.data.byteLength}write(){return _.concatUint8Array([new Uint8Array([this.length]),this.data])}read(e){if(e.length>=1){const t=e[0];if(e.length>=t+1)return this.data=e.subarray(1,1+t),this.length=t,1+t}throw Error("Invalid octet string")}}class Vn{constructor(e){if(e){const{version:t,hash:r,cipher:n,replacementFingerprint:i}=e;this.version=t||1,this.hash=r,this.cipher=n,this.replacementFingerprint=i}else this.version=null,this.hash=null,this.cipher=null,this.replacementFingerprint=null}read(e){if(e.length<4||1!==e[1]&&255!==e[1])throw new ut("Cannot read KDFParams");const t=e[0];this.version=e[1],this.hash=e[2],this.cipher=e[3];let r=4;if(255===this.version){const n=t-r+1;this.replacementFingerprint=e.slice(r,r+n),r+=n}return r}write(e){if(!this.version||1===this.version||e)return new Uint8Array([3,1,this.hash,this.cipher]);return _.concatUint8Array([new Uint8Array([3+this.replacementFingerprint.length,this.version,this.hash,this.cipher]),this.replacementFingerprint])}}const Yn=e=>class{constructor(e){this.data=void 0===e?null:e}read(t){const r=t[0];return this.data=F.write(e,r),1}write(){return new Uint8Array([this.data])}getName(){return F.read(e,this.data)}getValue(){return this.data}},Zn=Yn(F.aead),Jn=Yn(F.symmetric),Xn=Yn(F.hash);class Wn{static fromObject({wrappedKey:e,algorithm:t}){const r=new Wn;return r.wrappedKey=e,r.algorithm=t,r}read(e){let t=0,r=e[t++];this.algorithm=r%2?e[t++]:null,r-=r%2,this.wrappedKey=_.readExactSubarray(e,t,t+r),t+=r}write(){return _.concatUint8Array([this.algorithm?new Uint8Array([this.wrappedKey.length+1,this.algorithm]):new Uint8Array([this.wrappedKey.length]),this.wrappedKey])}}const $n=_.getWebCrypto(),ei=_.getNodeCrypto(),ti=ei?ei.getCiphers():[],ri={idea:ti.includes("idea-cfb")?"idea-cfb":void 0,tripledes:ti.includes("des-ede3-cfb")?"des-ede3-cfb":void 0,cast5:ti.includes("cast5-cfb")?"cast5-cfb":void 0,blowfish:ti.includes("bf-cfb")?"bf-cfb":void 0,aes128:ti.includes("aes-128-cfb")?"aes-128-cfb":void 0,aes192:ti.includes("aes-192-cfb")?"aes-192-cfb":void 0,aes256:ti.includes("aes-256-cfb")?"aes-256-cfb":void 0};async function ni(e){const{blockSize:t}=Ur(e),r=await we(t),n=new Uint8Array([r[r.length-2],r[r.length-1]]);return _.concat([r,n])}async function ii(e,t,r,n,i){const s=F.read(F.symmetric,e);if(_.getNodeCrypto()&&ri[s])return function(e,t,r,n){const i=F.read(F.symmetric,e),s=new ei.createCipheriv(ri[i],t,n);return S(r,(e=>new Uint8Array(s.update(e))))}(e,t,r,n);if(_.isAES(e))return async function(e,t,r,n){if($n&&await ai.isSupported(e)){const i=new ai(e,t,n);return _.isStream(r)?S(r,(e=>i.encryptChunk(e)),(()=>i.finish())):i.encrypt(r)}if(_.isStream(r)){const i=new oi(!0,e,t,n);return S(r,(e=>i.processChunk(e)),(()=>i.finish()))}return gr(t,n).encrypt(r)}(e,t,r,n);const a=new(await Ir(e))(t),o=a.blockSize,c=n.slice();let u=new Uint8Array;const h=e=>{e&&(u=_.concatUint8Array([u,e]));const t=new Uint8Array(u.length);let r,n=0;for(;e?u.length>=o:u.length;){const e=a.encrypt(c);for(r=0;r<o;r++)c[r]=u[r]^e[r],t[n++]=c[r];u=u.subarray(o)}return t.subarray(0,n)};return S(r,h,h)}async function si(e,t,r,n){const i=F.read(F.symmetric,e);if(ei&&ri[i])return function(e,t,r,n){const i=F.read(F.symmetric,e),s=new ei.createDecipheriv(ri[i],t,n);return S(r,(e=>new Uint8Array(s.update(e))))}(e,t,r,n);if(_.isAES(e))return async function(e,t,r,n){if(_.isStream(r)){const i=new oi(!1,e,t,n);return S(r,(e=>i.processChunk(e)),(()=>i.finish()))}return gr(t,n).decrypt(r)}(e,t,r,n);const s=new(await Ir(e))(t),a=s.blockSize;let o=n,c=new Uint8Array;const u=e=>{e&&(c=_.concatUint8Array([c,e]));const t=new Uint8Array(c.length);let r,n=0;for(;e?c.length>=a:c.length;){const e=s.encrypt(o);for(o=c.subarray(0,a),r=0;r<a;r++)t[n++]=o[r]^e[r];c=c.subarray(a)}return t.subarray(0,n)};return S(r,u,u)}class ai{constructor(e,t,r){const{blockSize:n}=Ur(e);this.key=t,this.prevBlock=r,this.nextBlock=new Uint8Array(n),this.i=0,this.blockSize=n,this.zeroBlock=new Uint8Array(this.blockSize)}static async isSupported(e){const{keySize:t}=Ur(e);return $n.importKey("raw",new Uint8Array(t),"aes-cbc",!1,["encrypt"]).then((()=>!0),(()=>!1))}async _runCBC(e,t){const r="AES-CBC";this.keyRef=this.keyRef||await $n.importKey("raw",this.key,r,!1,["encrypt"]);const n=await $n.encrypt({name:r,iv:t||this.zeroBlock},this.keyRef,e);return new Uint8Array(n).subarray(0,e.length)}async encryptChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,n=_.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),i=_.concatUint8Array([this.prevBlock,n.subarray(0,n.length-this.blockSize)]),s=await this._runCBC(i);return ci(s,n),this.prevBlock=s.slice(-this.blockSize),r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,s}let n;if(this.i+=r.length,this.i===this.nextBlock.length){const t=this.nextBlock;n=await this._runCBC(this.prevBlock),ci(n,t),this.prevBlock=n.slice(),this.i=0;const i=e.subarray(r.length);this.nextBlock.set(i,this.i),this.i+=i.length}else n=new Uint8Array;return n}async finish(){let e;if(0===this.i)e=new Uint8Array;else{this.nextBlock=this.nextBlock.subarray(0,this.i);const t=this.nextBlock,r=await this._runCBC(this.prevBlock);ci(r,t),e=r.subarray(0,t.length)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.keyRef=null,this.key=null}async encrypt(e){const t=(await this._runCBC(_.concatUint8Array([new Uint8Array(this.blockSize),e]),this.iv)).subarray(0,e.length);return ci(t,e),this.clearSensitiveData(),t}}class oi{constructor(e,t,r,n){this.forEncryption=e;const{blockSize:i}=Ur(t);this.key=Sr.expandKeyLE(r),n.byteOffset%4!=0&&(n=n.slice()),this.prevBlock=ui(n),this.nextBlock=new Uint8Array(i),this.i=0,this.blockSize=i}_runCFB(e){const t=ui(e),r=new Uint8Array(e.length),n=ui(r);for(let e=0;e+4<=n.length;e+=4){const{s0:r,s1:i,s2:s,s3:a}=Sr.encrypt(this.key,this.prevBlock[0],this.prevBlock[1],this.prevBlock[2],this.prevBlock[3]);n[e+0]=t[e+0]^r,n[e+1]=t[e+1]^i,n[e+2]=t[e+2]^s,n[e+3]=t[e+3]^a,this.prevBlock=(this.forEncryption?n:t).slice(e,e+4)}return r}async processChunk(e){const t=this.nextBlock.length-this.i,r=e.subarray(0,t);if(this.nextBlock.set(r,this.i),this.i+e.length>=2*this.blockSize){const r=(e.length-t)%this.blockSize,n=_.concatUint8Array([this.nextBlock,e.subarray(t,e.length-r)]),i=this._runCFB(n);return r>0&&this.nextBlock.set(e.subarray(-r)),this.i=r,i}let n;if(this.i+=r.length,this.i===this.nextBlock.length){n=this._runCFB(this.nextBlock),this.i=0;const t=e.subarray(r.length);this.nextBlock.set(t,this.i),this.i+=t.length}else n=new Uint8Array;return n}async finish(){let e;if(0===this.i)e=new Uint8Array;else{e=this._runCFB(this.nextBlock).subarray(0,this.i)}return this.clearSensitiveData(),e}clearSensitiveData(){this.nextBlock.fill(0),this.prevBlock.fill(0),this.key.fill(0)}}function ci(e,t){const r=Math.min(e.length,t.length);for(let n=0;n<r;n++)e[n]=e[n]^t[n]}const ui=e=>new Uint32Array(e.buffer,e.byteOffset,Math.floor(e.byteLength/4));const hi=_.getWebCrypto(),li=_.getNodeCrypto(),fi=16;function yi(e,t){const r=e.length-fi;for(let n=0;n<fi;n++)e[n+r]^=t[n];return e}const pi=new Uint8Array(fi);async function di(e){const t=await gi(e),r=_.double(await t(pi)),n=_.double(r);return async function(e){return(await t(function(e,t,r){if(e.length&&e.length%fi==0)return yi(e,t);const n=new Uint8Array(e.length+(fi-e.length%fi));return n.set(e),n[e.length]=128,yi(n,r)}(e,r,n))).subarray(-16)}}async function gi(e){if(_.getNodeCrypto())return async function(t){const r=new li.createCipheriv("aes-"+8*e.length+"-cbc",e,pi).update(t);return new Uint8Array(r)};if(_.getWebCrypto())try{return e=await hi.importKey("raw",e,{name:"AES-CBC",length:8*e.length},!1,["encrypt"]),async function(t){const r=await hi.encrypt({name:"AES-CBC",iv:pi,length:128},e,t);return new Uint8Array(r).subarray(0,r.byteLength-fi)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;_.printDebugError("Browser did not support operation: "+t.message)}return async function(t){return dr(e,pi,{disablePadding:!0}).encrypt(t)}}const wi=_.getWebCrypto(),Ai=_.getNodeCrypto(),mi=_.getNodeBuffer(),bi=16,ki=bi,Ei=new Uint8Array(bi),vi=new Uint8Array(bi);vi[15]=1;const Ki=new Uint8Array(bi);async function Si(e){const t=await di(e);return function(e,r){return t(_.concatUint8Array([e,r]))}}async function Ii(e){if(_.getNodeCrypto())return async function(t,r){const n=new Ai.createCipheriv("aes-"+8*e.length+"-ctr",e,r),i=mi.concat([n.update(t),n.final()]);return new Uint8Array(i)};if(_.getWebCrypto())try{const t=await wi.importKey("raw",e,{name:"AES-CTR",length:8*e.length},!1,["encrypt"]);return async function(e,r){const n=await wi.encrypt({name:"AES-CTR",counter:r,length:128},t,e);return new Uint8Array(n)}}catch(t){if("NotSupportedError"!==t.name&&(24!==e.length||"OperationError"!==t.name))throw t;_.printDebugError("Browser did not support operation: "+t.message)}return async function(t,r){return pr(e,r).encrypt(t)}}async function Bi(e,t){if(e!==F.symmetric.aes128&&e!==F.symmetric.aes192&&e!==F.symmetric.aes256)throw Error("EAX mode supports only AES cipher");const[r,n]=await Promise.all([Si(t),Ii(t)]);return{encrypt:async function(e,t,i){const[s,a]=await Promise.all([r(Ei,t),r(vi,i)]),o=await n(e,s),c=await r(Ki,o);for(let e=0;e<ki;e++)c[e]^=a[e]^s[e];return _.concatUint8Array([o,c])},decrypt:async function(e,t,i){if(e.length<ki)throw Error("Invalid EAX ciphertext");const s=e.subarray(0,-16),a=e.subarray(-16),[o,c,u]=await Promise.all([r(Ei,t),r(vi,i),r(Ki,s)]),h=u;for(let e=0;e<ki;e++)h[e]^=c[e]^o[e];if(!_.equalsUint8Array(a,h))throw Error("Authentication tag mismatch");return await n(s,o)}}}Ki[15]=2,Bi.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[8+e]^=t[e];return r},Bi.blockLength=bi,Bi.ivLength=16,Bi.tagLength=ki;const Ci=16,Ui=16;function Pi(e){let t=0;for(let r=1;!(e&r);r<<=1)t++;return t}function Di(e,t){for(let r=0;r<e.length;r++)e[r]^=t[r];return e}function xi(e,t){return Di(e.slice(),t)}const Qi=new Uint8Array(Ci),Ri=new Uint8Array([1]);async function Ti(e,t){const{keySize:r}=Ur(e);if(!_.isAES(e)||t.length!==r)throw Error("Unexpected algorithm or key size");let n=0;const i=e=>dr(t,Qi,{disablePadding:!0}).encrypt(e),s=e=>dr(t,Qi,{disablePadding:!0}).decrypt(e);let a;function o(e,t,r,s){const o=t.length/Ci|0;!function(e,t){const r=_.nbits(Math.max(e.length,t.length)/Ci|0)-1;for(let e=n+1;e<=r;e++)a[e]=_.double(a[e-1]);n=r}(t,s);const c=_.concatUint8Array([Qi.subarray(0,15-r.length),Ri,r]),u=63&c[15];c[15]&=192;const h=i(c),l=_.concatUint8Array([h,xi(h.subarray(0,8),h.subarray(1,9))]),f=_.shiftRight(l.subarray(0+(u>>3),17+(u>>3)),8-(7&u)).subarray(1),y=new Uint8Array(Ci),p=new Uint8Array(t.length+Ui);let d,g=0;for(d=0;d<o;d++)Di(f,a[Pi(d+1)]),p.set(Di(e(xi(f,t)),f),g),Di(y,e===i?t:p.subarray(g)),t=t.subarray(Ci),g+=Ci;if(t.length){Di(f,a.x);const r=i(f);p.set(xi(t,r),g);const n=new Uint8Array(Ci);n.set(e===i?t:p.subarray(g,-16),0),n[t.length]=128,Di(y,n),g+=t.length}const w=Di(i(Di(Di(y,f),a.$)),function(e){if(!e.length)return Qi;const t=e.length/Ci|0,r=new Uint8Array(Ci),n=new Uint8Array(Ci);for(let s=0;s<t;s++)Di(r,a[Pi(s+1)]),Di(n,i(xi(r,e))),e=e.subarray(Ci);if(e.length){Di(r,a.x);const t=new Uint8Array(Ci);t.set(e,0),t[e.length]=128,Di(t,r),Di(n,i(t))}return n}(s));return p.set(w,g),p}return function(){const e=i(Qi),t=_.double(e);a=[],a[0]=_.double(t),a.x=e,a.$=t}(),{encrypt:async function(e,t,r){return o(i,e,t,r)},decrypt:async function(e,t,r){if(e.length<Ui)throw Error("Invalid OCB ciphertext");const n=e.subarray(-16);e=e.subarray(0,-16);const i=o(s,e,t,r);if(_.equalsUint8Array(n,i.subarray(-16)))return i.subarray(0,-16);throw Error("Authentication tag mismatch")}}}Ti.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[7+e]^=t[e];return r},Ti.blockLength=Ci,Ti.ivLength=15,Ti.tagLength=Ui;const Mi=_.getWebCrypto(),Li=_.getNodeCrypto(),Fi=_.getNodeBuffer(),Oi=16,Ni="AES-GCM";async function _i(e,t){if(e!==F.symmetric.aes128&&e!==F.symmetric.aes192&&e!==F.symmetric.aes256)throw Error("GCM mode supports only AES cipher");if(_.getNodeCrypto())return{encrypt:async function(e,r,n=new Uint8Array){const i=new Li.createCipheriv("aes-"+8*t.length+"-gcm",t,r);i.setAAD(n);const s=Fi.concat([i.update(e),i.final(),i.getAuthTag()]);return new Uint8Array(s)},decrypt:async function(e,r,n=new Uint8Array){const i=new Li.createDecipheriv("aes-"+8*t.length+"-gcm",t,r);i.setAAD(n),i.setAuthTag(e.slice(e.length-Oi,e.length));const s=Fi.concat([i.update(e.slice(0,e.length-Oi)),i.final()]);return new Uint8Array(s)}};if(_.getWebCrypto())try{const e=await Mi.importKey("raw",t,{name:Ni},!1,["encrypt","decrypt"]),r=navigator.userAgent.match(/Version\/13\.\d(\.\d)* Safari/)||navigator.userAgent.match(/Version\/(13|14)\.\d(\.\d)* Mobile\/\S* Safari/);return{encrypt:async function(n,i,s=new Uint8Array){if(r&&!n.length)return Ar(t,i,s).encrypt(n);const a=await Mi.encrypt({name:Ni,iv:i,additionalData:s,tagLength:128},e,n);return new Uint8Array(a)},decrypt:async function(n,i,s=new Uint8Array){if(r&&n.length===Oi)return Ar(t,i,s).decrypt(n);try{const t=await Mi.decrypt({name:Ni,iv:i,additionalData:s,tagLength:128},e,n);return new Uint8Array(t)}catch(e){if("OperationError"===e.name)throw Error("Authentication tag mismatch")}}}}catch(e){if("NotSupportedError"!==e.name&&(24!==t.length||"OperationError"!==e.name))throw e;_.printDebugError("Browser did not support operation: "+e.message)}return{encrypt:async function(e,r,n){return Ar(t,r,n).encrypt(e)},decrypt:async function(e,r,n){return Ar(t,r,n).decrypt(e)}}}function Hi(e,t=!1){switch(e){case F.aead.eax:return Bi;case F.aead.ocb:return Ti;case F.aead.gcm:return _i;case F.aead.experimentalGCM:if(!t)throw Error("Unexpected non-standard `experimentalGCM` AEAD algorithm provided in `config.preferredAEADAlgorithm`: use `gcm` instead");return _i;default:throw Error("Unsupported AEAD mode")}}async function zi(e,t,r,n,i,s){switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:{const{n:e,e:t}=r;return{c:await Ye(i,e,t)}}case F.publicKey.elgamal:{const{p:e,g:t,y:n}=r;return async function(e,t,r,n){t=ae(t),r=ae(r),n=ae(n);const i=ae(Ne(e,pe(t))),s=Ae($e,t-$e);return{c1:de(ce(r,s,t)),c2:de(oe(ce(n,s,t)*i,t))}}(i,e,t,n)}case F.publicKey.ecdh:{const{oid:e,Q:t,kdfParams:n}=r,{publicKey:a,wrappedKey:o}=await kn(e,n,i,t,s);return{V:a,C:new qn(o)}}case F.publicKey.x25519:case F.publicKey.x448:{if(t&&!_.isAES(t))throw Error("X25519 and X448 keys can only encrypt AES session keys");const{A:n}=r,{ephemeralPublicKey:s,wrappedKey:a}=await Lr(e,i,n);return{ephemeralPublicKey:s,C:Wn.fromObject({algorithm:t,wrappedKey:a})}}case F.publicKey.aead:{if(!n)throw Error("Cannot encrypt with symmetric key missing private parameters");const{cipher:e}=r,t=e.getValue(),{keyMaterial:s}=n,a=O.preferredAEADAlgorithm,o=Hi(O.preferredAEADAlgorithm),{ivLength:c}=o,u=we(c),h=await o(t,s),l=await h.encrypt(i,u,new Uint8Array);return{aeadMode:new Zn(a),iv:u,c:new jn(l)}}case F.publicKey.pqc_mlkem_x25519:{const{eccPublicKey:n,mlkemPublicKey:s}=r,{eccCipherText:a,mlkemCipherText:o,wrappedKey:c}=await Tn(e,n,s,i);return{eccCipherText:a,mlkemCipherText:o,C:Wn.fromObject({algorithm:t,wrappedKey:c})}}default:return[]}}async function Gi(e,t,r,n,i,s){switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:{const{c:e}=n,{n:i,e:a}=t,{d:o,p:c,q:u,u:h}=r;return Ze(e,i,a,o,c,u,h,s)}case F.publicKey.elgamal:{const{c1:e,c2:i}=n;return async function(e,t,r,n,i){return e=ae(e),t=ae(t),r=ae(r),_e(de(oe(he(ce(e,n=ae(n),r),r)*t,r),"be",pe(r)),i)}(e,i,t.p,r.x,s)}case F.publicKey.ecdh:{const{oid:e,Q:s,kdfParams:a}=t,{d:o}=r,{V:c,C:u}=n;return vn(e,a,c,u.data,s,o,i)}case F.publicKey.x25519:case F.publicKey.x448:{const{A:i}=t,{k:s}=r,{ephemeralPublicKey:a,C:o}=n;if(null!==o.algorithm&&!_.isAES(o.algorithm))throw Error("AES session key expected");return Fr(e,a,o.wrappedKey,i,s)}case F.publicKey.aead:{const{cipher:e}=t,i=e.getValue(),{keyMaterial:s}=r,{aeadMode:a,iv:o,c}=n,u=Hi(a.getValue());return(await u(i,s)).decrypt(c.data,o,new Uint8Array)}case F.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:i,mlkemSecretKey:s}=r,{eccPublicKey:a,mlkemPublicKey:o}=t,{eccCipherText:c,mlkemCipherText:u,C:h}=n;return Mn(e,c,u,i,a,s,0,h.wrappedKey)}default:throw Error("Unknown public key encryption algorithm.")}}async function qi(e,t,r){let n=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(n));n+=e.length+2;const r=_.readMPI(t.subarray(n));n+=r.length+2;const i=_.readMPI(t.subarray(n));n+=i.length+2;const s=_.readMPI(t.subarray(n));return n+=s.length+2,{read:n,privateParams:{d:e,p:r,q:i,u:s}}}case F.publicKey.dsa:case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(n));return n+=e.length+2,{read:n,privateParams:{x:e}}}case F.publicKey.ecdsa:case F.publicKey.ecdh:{const i=Wi(e,r.oid);let s=_.readMPI(t.subarray(n));return n+=s.length+2,s=_.leftPad(s,i),{read:n,privateParams:{d:s}}}case F.publicKey.eddsaLegacy:{const i=Wi(e,r.oid);if(r.oid.getName()!==F.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let s=_.readMPI(t.subarray(n));return n+=s.length+2,s=_.leftPad(s,i),{read:n,privateParams:{seed:s}}}case F.publicKey.ed25519:case F.publicKey.ed448:{const r=Wi(e),i=_.readExactSubarray(t,n,n+r);return n+=i.length,{read:n,privateParams:{seed:i}}}case F.publicKey.x25519:case F.publicKey.x448:{const r=Wi(e),i=_.readExactSubarray(t,n,n+r);return n+=i.length,{read:n,privateParams:{k:i}}}case F.publicKey.hmac:{const{cipher:e}=r,i=Fe(e.getValue()),s=t.subarray(n,n+32);n+=32;const a=t.subarray(n,n+i);return n+=i,{read:n,privateParams:{hashSeed:s,keyMaterial:a}}}case F.publicKey.aead:{const{cipher:e}=r,i=t.subarray(n,n+32);n+=32;const{keySize:s}=Ur(e.getValue()),a=t.subarray(n,n+s);return n+=s,{read:n,privateParams:{hashSeed:i,keyMaterial:a}}}case F.publicKey.pqc_mlkem_x25519:{const r=_.readExactSubarray(t,n,n+Wi(F.publicKey.x25519));n+=r.length;const i=_.readExactSubarray(t,n,n+64);n+=i.length;const{mlkemSecretKey:s}=await Qn(e,i);return{read:n,privateParams:{eccSecretKey:r,mlkemSecretKey:s,mlkemSeed:i}}}case F.publicKey.pqc_mldsa_ed25519:{const r=_.readExactSubarray(t,n,n+Wi(F.publicKey.ed25519));n+=r.length;const i=_.readExactSubarray(t,n,n+32);n+=i.length;const{mldsaSecretKey:s}=await On(e,i);return{read:n,privateParams:{eccSecretKey:r,mldsaSecretKey:s,mldsaSeed:i}}}default:throw new ut("Unknown public key encryption algorithm.")}}function ji(e,t){const r=new Set([F.publicKey.ed25519,F.publicKey.x25519,F.publicKey.ed448,F.publicKey.x448,F.publicKey.aead,F.publicKey.hmac,F.publicKey.pqc_mlkem_x25519,F.publicKey.pqc_mldsa_ed25519]),n={[F.publicKey.pqc_mlkem_x25519]:new Set(["mlkemSecretKey"]),[F.publicKey.pqc_mldsa_ed25519]:new Set(["mldsaSecretKey"])},i=Object.keys(t).map((i=>{if(n[e]?.has(i))return new Uint8Array;const s=t[i];return _.isUint8Array(s)?r.has(e)?s:_.uint8ArrayToMPI(s):s.write()}));return _.concatUint8Array(i)}async function Vi(e,t,r,n){switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:return async function(e,t){if(t=BigInt(t),_.getWebCrypto()){const r={name:"RSASSA-PKCS1-v1_5",modulusLength:e,publicExponent:de(t),hash:{name:"SHA-1"}},n=await ze.generateKey(r,!0,["sign","verify"]);return We(await ze.exportKey("jwk",n.privateKey),t)}if(_.getNodeCrypto()){const r={modulusLength:e,publicExponent:le(t),publicKeyEncoding:{type:"pkcs1",format:"jwk"},privateKeyEncoding:{type:"pkcs1",format:"jwk"}},n=await new Promise(((e,t)=>{Ge.generateKeyPair("rsa",r,((r,n,i)=>{r?t(r):e(i)}))}));return We(n,t)}let r,n,i;do{n=be(e-(e>>1),t,40),r=be(e>>1,t,40),i=r*n}while(ye(i)!==e);const s=(r-qe)*(n-qe);return n<r&&([r,n]=[n,r]),{n:de(i),e:de(t),d:de(he(t,s)),p:de(r),q:de(n),u:de(he(r,n))}}(t,65537).then((({n:e,e:t,d:r,p:n,q:i,u:s})=>({privateParams:{d:r,p:n,q:i,u:s},publicParams:{n:e,e:t}})));case F.publicKey.ecdsa:return Wr(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{d:r},publicParams:{oid:new tt(e),Q:t}})));case F.publicKey.eddsaLegacy:return Wr(r).then((({oid:e,Q:t,secret:r})=>({privateParams:{seed:r},publicParams:{oid:new tt(e),Q:t}})));case F.publicKey.ecdh:return Wr(r).then((({oid:e,Q:t,secret:r,hash:n,cipher:i})=>({privateParams:{d:r},publicParams:{oid:new tt(e),Q:t,kdfParams:new Vn({hash:n,cipher:i})}})));case F.publicKey.ed25519:case F.publicKey.ed448:return yt(e).then((({A:e,seed:t})=>({privateParams:{seed:t},publicParams:{A:e}})));case F.publicKey.x25519:case F.publicKey.x448:return Tr(e).then((({A:e,k:t})=>({privateParams:{k:t},publicParams:{A:e}})));case F.publicKey.hmac:return Yi(await async function(e){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const t=F.read(F.webHash,e),r=Dn||xn.webcrypto.subtle,n=await r.generateKey({name:"HMAC",hash:{name:t}},!0,["sign","verify"]),i=await r.exportKey("raw",n);return new Uint8Array(i)}(n),new Xn(n));case F.publicKey.aead:return Yi(Ji(n),new Jn(n));case F.publicKey.pqc_mlkem_x25519:return Rn(e).then((({eccSecretKey:e,eccPublicKey:t,mlkemSeed:r,mlkemSecretKey:n,mlkemPublicKey:i})=>({privateParams:{eccSecretKey:e,mlkemSeed:r,mlkemSecretKey:n},publicParams:{eccPublicKey:t,mlkemPublicKey:i}})));case F.publicKey.pqc_mldsa_ed25519:return Nn(e).then((({eccSecretKey:e,eccPublicKey:t,mldsaSeed:r,mldsaSecretKey:n,mldsaPublicKey:i})=>({privateParams:{eccSecretKey:e,mldsaSeed:r,mldsaSecretKey:n},publicParams:{eccPublicKey:t,mldsaPublicKey:i}})));case F.publicKey.dsa:case F.publicKey.elgamal:throw Error("Unsupported algorithm for key generation.");default:throw Error("Unknown public key algorithm.")}}async function Yi(e,t){const r=we(32);return{privateParams:{hashSeed:r,keyMaterial:e},publicParams:{cipher:t,digest:await Le(F.hash.sha256,r)}}}async function Zi(e,t,r){if(!t||!r)throw Error("Missing key parameters");switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const{n:e,e:n}=t,{d:i,p:s,q:a,u:o}=r;return async function(e,t,r,n,i,s){if(e=ae(e),(n=ae(n))*(i=ae(i))!==e)return!1;const a=BigInt(2);if(oe(n*(s=ae(s)),i)!==BigInt(1))return!1;t=ae(t),r=ae(r);const o=Ae(a,a<<BigInt(Math.floor(ye(e)/3))),c=o*r*t;return!(oe(c,n-qe)!==o||oe(c,i-qe)!==o)}(e,n,i,s,a,o)}case F.publicKey.dsa:{const{p:e,q:n,g:i,y:s}=t,{x:a}=r;return async function(e,t,r,n,i){if(e=ae(e),t=ae(t),r=ae(r),n=ae(n),r<=Un||r>=e)return!1;if(oe(e-Un,t)!==Cn)return!1;if(ce(r,t,e)!==Un)return!1;const s=BigInt(ye(t));if(s<BigInt(150)||!ke(t,null,32))return!1;i=ae(i);const a=BigInt(2);return n===ce(r,t*Ae(a<<s-Un,a<<s)+i,e)}(e,n,i,s,a)}case F.publicKey.elgamal:{const{p:e,g:n,y:i}=t,{x:s}=r;return async function(e,t,r,n){if(e=ae(e),t=ae(t),r=ae(r),t<=$e||t>=e)return!1;const i=BigInt(ye(e));if(i<BigInt(1023))return!1;if(ce(t,e-$e,e)!==$e)return!1;let s=t,a=BigInt(1);const o=BigInt(2),c=o<<BigInt(17);for(;a<c;){if(s=oe(s*t,e),s===$e)return!1;a++}n=ae(n);const u=Ae(o<<i-$e,o<<i);return r===ce(t,(e-$e)*u+n,e)}(e,n,i,s)}case F.publicKey.ecdsa:case F.publicKey.ecdh:{const n=Bn[F.read(F.publicKey,e)],{oid:i,Q:s}=t,{d:a}=r;return n.validateParams(i,s,a)}case F.publicKey.eddsaLegacy:{const{Q:e,oid:n}=t,{seed:i}=r;return dn(n,e,i)}case F.publicKey.ed25519:case F.publicKey.ed448:{const{A:n}=t,{seed:i}=r;return gt(e,n,i)}case F.publicKey.x25519:case F.publicKey.x448:{const{A:n}=t,{k:i}=r;return Mr(e,n,i)}case F.publicKey.hmac:{const{cipher:e,digest:n}=t,{hashSeed:i,keyMaterial:s}=r;return Fe(e.getValue())===s.length&&_.equalsUint8Array(n,await Le(F.hash.sha256,i))}case F.publicKey.aead:{const{cipher:e,digest:n}=t,{hashSeed:i,keyMaterial:s}=r,{keySize:a}=Ur(e.getValue());return a===s.length&&_.equalsUint8Array(n,await Le(F.hash.sha256,i))}case F.publicKey.pqc_mlkem_x25519:{const{eccSecretKey:n,mlkemSeed:i}=r,{eccPublicKey:s,mlkemPublicKey:a}=t;return Fn(e,s,n,a,i)}case F.publicKey.pqc_mldsa_ed25519:{const{eccSecretKey:n,mldsaSeed:i}=r,{eccPublicKey:s,mldsaPublicKey:a}=t;return Gn(e,s,n,a,i)}default:throw Error("Unknown public key algorithm.")}}function Ji(e){const{keySize:t}=Ur(e);return we(t)}function Xi(e){try{e.getName()}catch(e){throw new ut("Unknown curve OID")}}function Wi(e,t){switch(e){case F.publicKey.ecdsa:case F.publicKey.ecdh:case F.publicKey.eddsaLegacy:return new Xr(t).payloadSize;case F.publicKey.ed25519:case F.publicKey.ed448:return wt(e);case F.publicKey.x25519:case F.publicKey.x448:return Or(e);default:throw Error("Unknown elliptic algo")}}async function $i(e,t,r,n,i,s,a){switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const{n:e,e:i}=n;return Ve(t,s,_.leftPad(r.s,e.length),e,i,a)}case F.publicKey.dsa:{const{g:e,p:t,q:i,y:s}=n,{r:o,s:c}=r;return async function(e,t,r,n,i,s,a,o){if(t=ae(t),r=ae(r),s=ae(s),a=ae(a),i=ae(i),o=ae(o),t<=Cn||t>=a||r<=Cn||r>=a)return _.printDebug("invalid DSA Signature"),!1;const c=oe(ae(n.subarray(0,pe(a))),a),u=he(r,a);if(u===Cn)return _.printDebug("invalid DSA Signature"),!1;i=oe(i,s),o=oe(o,s);const h=oe(c*u,a),l=oe(t*u,a);return oe(oe(ce(i,h,s)*ce(o,l,s),s),a)===t}(0,o,c,a,e,t,i,s)}case F.publicKey.ecdsa:{const{oid:e,Q:i}=n,o=new Xr(e).payloadSize;return hn(e,t,{r:_.leftPad(r.r,o),s:_.leftPad(r.s,o)},s,i,a)}case F.publicKey.eddsaLegacy:{if(Fe(t)<Fe(F.hash.sha256))throw Error("Hash algorithm too weak for EdDSALegacy.");const{oid:e,Q:i}=n,s=new Xr(e).payloadSize;return pn(e,0,{r:_.leftPad(r.r,s),s:_.leftPad(r.s,s)},0,i,a)}case F.publicKey.ed25519:case F.publicKey.ed448:{if(Fe(t)<Fe(At(e)))throw Error("Hash algorithm too weak for EdDSA.");const{A:i}=n;return dt(e,0,r,0,i,a)}case F.publicKey.hmac:{if(!i)throw Error("Cannot verify HMAC signature with symmetric key missing private parameters");const{cipher:e}=n,{keyMaterial:t}=i;return async function(e,t,r,n){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const i=F.read(F.webHash,e),s=Dn||xn.webcrypto.subtle,a=await s.importKey("raw",t,{name:"HMAC",hash:{name:i}},!1,["verify"]);return s.verify("HMAC",a,r,n)}(e.getValue(),t,r.mac.data,a)}case F.publicKey.pqc_mldsa_ed25519:{if(!zn(e,t))throw Error("Unexpected hash algorithm for PQC signature: digest size too short");const{eccPublicKey:i,mldsaPublicKey:s}=n;return Hn(e,0,i,s,a,r)}default:throw Error("Unknown signature algorithm.")}}async function es(e,t,r,n,i,s){if(!r||!n)throw Error("Missing key parameters");switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const{n:e,e:a}=r,{d:o,p:c,q:u,u:h}=n;return{s:await je(t,i,e,a,o,c,u,h,s)}}case F.publicKey.dsa:{const{g:e,p:t,q:i}=r,{x:a}=n;return async function(e,t,r,n,i,s){const a=BigInt(0);let o,c,u,h;n=ae(n),i=ae(i),r=ae(r),s=ae(s),r=oe(r,n),s=oe(s,i);const l=oe(ae(t.subarray(0,pe(i))),i);for(;;){if(o=Ae(Un,i),c=oe(ce(r,o,n),i),c===a)continue;const e=oe(s*c,i);if(h=oe(l+e,i),u=oe(he(o,i)*h,i),u!==a)break}return{r:de(c,"be",pe(n)),s:de(u,"be",pe(n))}}(0,s,e,t,i,a)}case F.publicKey.elgamal:throw Error("Signing with Elgamal is not defined in the OpenPGP standard.");case F.publicKey.ecdsa:{const{oid:e,Q:a}=r,{d:o}=n;return un(e,t,i,a,o,s)}case F.publicKey.eddsaLegacy:{if(Fe(t)<Fe(F.hash.sha256))throw Error("Hash algorithm too weak for EdDSALegacy.");const{oid:e,Q:i}=r,{seed:a}=n;return yn(e,0,0,i,a,s)}case F.publicKey.ed25519:case F.publicKey.ed448:{if(Fe(t)<Fe(At(e)))throw Error("Hash algorithm too weak for EdDSA.");const{A:i}=r,{seed:a}=n;return pt(e,0,0,i,a,s)}case F.publicKey.hmac:{const{cipher:e}=r,{keyMaterial:t}=n,i=await async function(e,t,r){if(!Pn.has(e))throw Error("Unsupported hash algorithm.");const n=F.read(F.webHash,e),i=Dn||xn.webcrypto.subtle,s=await i.importKey("raw",t,{name:"HMAC",hash:{name:n}},!1,["sign"]),a=await i.sign("HMAC",s,r);return new Uint8Array(a)}(e.getValue(),t,s);return{mac:new jn(i)}}case F.publicKey.pqc_mldsa_ed25519:{if(!zn(e,t))throw Error("Unexpected hash algorithm for PQC signature: digest size too short");const{eccPublicKey:i}=r,{eccSecretKey:a,mldsaSecretKey:o}=n;return _n(e,0,a,i,o,s)}default:throw Error("Unknown signature algorithm.")}}_i.getNonce=function(e,t){const r=e.slice();for(let e=0;e<t.length;e++)r[4+e]^=t[e];return r},_i.blockLength=16,_i.ivLength=12,_i.tagLength=Oi;class ts extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ts),this.name="Argon2OutOfMemoryError"}}let rs,ns,is=2<<19;class ss{static get ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(){return is}static set ARGON2_WASM_MEMORY_THRESHOLD_RELOAD(e){is=e}static reloadWasmModule(){rs&&(ns=rs(),ns.catch((()=>{})))}constructor(e=O){const{passes:t,parallelism:r,memoryExponent:n}=e.s2kArgon2Params;this.type="argon2",this.salt=null,this.t=t,this.p=r,this.encodedM=n}generateSalt(){this.salt=we(16)}read(e){let t=0;return this.salt=e.subarray(t,t+16),t+=16,this.t=e[t++],this.p=e[t++],this.encodedM=e[t++],t}write(){const e=[new Uint8Array([F.write(F.s2k,this.type)]),this.salt,new Uint8Array([this.t,this.p,this.encodedM])];return _.concatUint8Array(e)}async produceKey(e,t){const r=2<<this.encodedM-1;try{rs=rs||(await Promise.resolve().then((function(){return Sd}))).default,ns=ns||rs();const n=await ns,i=n({version:19,type:2,password:_.encodeUTF8(e),salt:this.salt,tagLength:t,memorySize:r,parallelism:this.p,passes:this.t});return r>ss.ARGON2_WASM_MEMORY_THRESHOLD_RELOAD&&ss.reloadWasmModule(),i}catch(e){throw e.message&&(e.message.includes("Unable to grow instance memory")||e.message.includes("failed to grow memory")||e.message.includes("WebAssembly.Memory.grow")||e.message.includes("Out of memory"))?new ts("Could not allocate required memory for Argon2"):e}}}class as{constructor(e,t=O){this.algorithm=F.hash.sha256,this.type=F.read(F.s2k,e),this.c=t.s2kIterationCountByte,this.salt=null}generateSalt(){switch(this.type){case"salted":case"iterated":this.salt=we(8)}}getCount(){return 16+(15&this.c)<<6+(this.c>>4)}read(e){let t=0;switch(this.algorithm=e[t++],this.type){case"simple":break;case"salted":this.salt=e.subarray(t,t+8),t+=8;break;case"iterated":this.salt=e.subarray(t,t+8),t+=8,this.c=e[t++];break;case"gnu":if("GNU"!==_.uint8ArrayToString(e.subarray(t,t+3)))throw new ut("Unknown s2k type.");t+=3;if(1001!==1e3+e[t++])throw new ut("Unknown s2k gnu protection mode.");this.type="gnu-dummy";break;default:throw new ut("Unknown s2k type.")}return t}write(){if("gnu-dummy"===this.type)return new Uint8Array([101,0,..._.stringToUint8Array("GNU"),1]);const e=[new Uint8Array([F.write(F.s2k,this.type),this.algorithm])];switch(this.type){case"simple":break;case"salted":e.push(this.salt);break;case"iterated":e.push(this.salt),e.push(new Uint8Array([this.c]));break;case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}return _.concatUint8Array(e)}async produceKey(e,t){e=_.encodeUTF8(e);const r=[];let n=0,i=0;for(;n<t;){let t;switch(this.type){case"simple":t=_.concatUint8Array([new Uint8Array(i),e]);break;case"salted":t=_.concatUint8Array([new Uint8Array(i),this.salt,e]);break;case"iterated":{const r=_.concatUint8Array([this.salt,e]);let n=r.length;const s=Math.max(this.getCount(),n);t=new Uint8Array(i+s),t.set(r,i);for(let e=i+n;e<s;e+=n,n*=2)t.copyWithin(e,i,e);break}case"gnu":throw Error("GNU s2k type not supported.");default:throw Error("Unknown s2k type.")}const s=await Le(this.algorithm,t);r.push(s),n+=s.length,i++}return _.concatUint8Array(r).subarray(0,t)}}const os=new Set([F.s2k.argon2,F.s2k.iterated]);function cs(e,t=O){switch(e){case F.s2k.argon2:return new ss(t);case F.s2k.iterated:case F.s2k.gnu:case F.s2k.salted:case F.s2k.simple:return new as(e,t);default:throw new ut("Unsupported S2K type")}}function us(e){const{s2kType:t}=e;if(!os.has(t))throw Error("The provided `config.s2kType` value is not allowed");return cs(t,e)}var hs=t.createRequire("/");try{hs("worker_threads").Worker}catch(e){}var ls=Uint8Array,fs=Uint16Array,ys=Int32Array,ps=new ls([0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0,0,0,0]),ds=new ls([0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13,0,0]),gs=new ls([16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15]),ws=function(e,t){for(var r=new fs(31),n=0;n<31;++n)r[n]=t+=1<<e[n-1];var i=new ys(r[30]);for(n=1;n<30;++n)for(var s=r[n];s<r[n+1];++s)i[s]=s-r[n]<<5|n;return{b:r,r:i}},As=ws(ps,2),ms=As.b,bs=As.r;ms[28]=258,bs[258]=28;for(var ks=ws(ds,0),Es=ks.b,vs=ks.r,Ks=new fs(32768),Ss=0;Ss<32768;++Ss){var Is=(43690&Ss)>>1|(21845&Ss)<<1;Is=(61680&(Is=(52428&Is)>>2|(13107&Is)<<2))>>4|(3855&Is)<<4,Ks[Ss]=((65280&Is)>>8|(255&Is)<<8)>>1}var Bs=function(e,t,r){for(var n=e.length,i=0,s=new fs(t);i<n;++i)e[i]&&++s[e[i]-1];var a,o=new fs(t);for(i=1;i<t;++i)o[i]=o[i-1]+s[i-1]<<1;if(r){a=new fs(1<<t);var c=15-t;for(i=0;i<n;++i)if(e[i])for(var u=i<<4|e[i],h=t-e[i],l=o[e[i]-1]++<<h,f=l|(1<<h)-1;l<=f;++l)a[Ks[l]>>c]=u}else for(a=new fs(n),i=0;i<n;++i)e[i]&&(a[i]=Ks[o[e[i]-1]++]>>15-e[i]);return a},Cs=new ls(288);for(Ss=0;Ss<144;++Ss)Cs[Ss]=8;for(Ss=144;Ss<256;++Ss)Cs[Ss]=9;for(Ss=256;Ss<280;++Ss)Cs[Ss]=7;for(Ss=280;Ss<288;++Ss)Cs[Ss]=8;var Us=new ls(32);for(Ss=0;Ss<32;++Ss)Us[Ss]=5;var Ps=/*#__PURE__*/Bs(Cs,9,0),Ds=/*#__PURE__*/Bs(Cs,9,1),xs=/*#__PURE__*/Bs(Us,5,0),Qs=/*#__PURE__*/Bs(Us,5,1),Rs=function(e){for(var t=e[0],r=1;r<e.length;++r)e[r]>t&&(t=e[r]);return t},Ts=function(e,t,r){var n=t/8|0;return(e[n]|e[n+1]<<8)>>(7&t)&r},Ms=function(e,t){var r=t/8|0;return(e[r]|e[r+1]<<8|e[r+2]<<16)>>(7&t)},Ls=function(e){return(e+7)/8|0},Fs=function(e,t,r){return(null==t||t<0)&&(t=0),(null==r||r>e.length)&&(r=e.length),new ls(e.subarray(t,r))},Os=["unexpected EOF","invalid block type","invalid length/literal","invalid distance","stream finished","no stream handler",,"no callback","invalid UTF-8 data","extra field too long","date not in range 1980-2099","filename too long","stream finishing","invalid zip data"],Ns=function(e,t,r){var n=Error(t||Os[e]);if(n.code=e,Error.captureStackTrace&&Error.captureStackTrace(n,Ns),!r)throw n;return n},_s=function(e,t,r){r<<=7&t;var n=t/8|0;e[n]|=r,e[n+1]|=r>>8},Hs=function(e,t,r){r<<=7&t;var n=t/8|0;e[n]|=r,e[n+1]|=r>>8,e[n+2]|=r>>16},zs=function(e,t){for(var r=[],n=0;n<e.length;++n)e[n]&&r.push({s:n,f:e[n]});var i=r.length,s=r.slice();if(!i)return{t:Js,l:0};if(1==i){var a=new ls(r[0].s+1);return a[r[0].s]=1,{t:a,l:1}}r.sort((function(e,t){return e.f-t.f})),r.push({s:-1,f:25001});var o=r[0],c=r[1],u=0,h=1,l=2;for(r[0]={s:-1,f:o.f+c.f,l:o,r:c};h!=i-1;)o=r[r[u].f<r[l].f?u++:l++],c=r[u!=h&&r[u].f<r[l].f?u++:l++],r[h++]={s:-1,f:o.f+c.f,l:o,r:c};var f=s[0].s;for(n=1;n<i;++n)s[n].s>f&&(f=s[n].s);var y=new fs(f+1),p=Gs(r[h-1],y,0);if(p>t){n=0;var d=0,g=p-t,w=1<<g;for(s.sort((function(e,t){return y[t.s]-y[e.s]||e.f-t.f}));n<i;++n){var A=s[n].s;if(!(y[A]>t))break;d+=w-(1<<p-y[A]),y[A]=t}for(d>>=g;d>0;){var m=s[n].s;y[m]<t?d-=1<<t-y[m]++-1:++n}for(;n>=0&&d;--n){var b=s[n].s;y[b]==t&&(--y[b],++d)}p=t}return{t:new ls(y),l:p}},Gs=function(e,t,r){return-1==e.s?Math.max(Gs(e.l,t,r+1),Gs(e.r,t,r+1)):t[e.s]=r},qs=function(e){for(var t=e.length;t&&!e[--t];);for(var r=new fs(++t),n=0,i=e[0],s=1,a=function(e){r[n++]=e},o=1;o<=t;++o)if(e[o]==i&&o!=t)++s;else{if(!i&&s>2){for(;s>138;s-=138)a(32754);s>2&&(a(s>10?s-11<<5|28690:s-3<<5|12305),s=0)}else if(s>3){for(a(i),--s;s>6;s-=6)a(8304);s>2&&(a(s-3<<5|8208),s=0)}for(;s--;)a(i);s=1,i=e[o]}return{c:r.subarray(0,n),n:t}},js=function(e,t){for(var r=0,n=0;n<t.length;++n)r+=e[n]*t[n];return r},Vs=function(e,t,r){var n=r.length,i=Ls(t+2);e[i]=255&n,e[i+1]=n>>8,e[i+2]=255^e[i],e[i+3]=255^e[i+1];for(var s=0;s<n;++s)e[i+s+4]=r[s];return 8*(i+4+n)},Ys=function(e,t,r,n,i,s,a,o,c,u,h){_s(t,h++,r),++i[256];for(var l=zs(i,15),f=l.t,y=l.l,p=zs(s,15),d=p.t,g=p.l,w=qs(f),A=w.c,m=w.n,b=qs(d),k=b.c,E=b.n,v=new fs(19),K=0;K<A.length;++K)++v[31&A[K]];for(K=0;K<k.length;++K)++v[31&k[K]];for(var S=zs(v,7),I=S.t,B=S.l,C=19;C>4&&!I[gs[C-1]];--C);var U,P,D,x,Q=u+5<<3,R=js(i,Cs)+js(s,Us)+a,T=js(i,f)+js(s,d)+a+14+3*C+js(v,I)+2*v[16]+3*v[17]+7*v[18];if(c>=0&&Q<=R&&Q<=T)return Vs(t,h,e.subarray(c,c+u));if(_s(t,h,1+(T<R)),h+=2,T<R){U=Bs(f,y,0),P=f,D=Bs(d,g,0),x=d;var M=Bs(I,B,0);_s(t,h,m-257),_s(t,h+5,E-1),_s(t,h+10,C-4),h+=14;for(K=0;K<C;++K)_s(t,h+3*K,I[gs[K]]);h+=3*C;for(var L=[A,k],F=0;F<2;++F){var O=L[F];for(K=0;K<O.length;++K){var N=31&O[K];_s(t,h,M[N]),h+=I[N],N>15&&(_s(t,h,O[K]>>5&127),h+=O[K]>>12)}}}else U=Ps,P=Cs,D=xs,x=Us;for(K=0;K<o;++K){var _=n[K];if(_>255){Hs(t,h,U[(N=_>>18&31)+257]),h+=P[N+257],N>7&&(_s(t,h,_>>23&31),h+=ps[N]);var H=31&_;Hs(t,h,D[H]),h+=x[H],H>3&&(Hs(t,h,_>>5&8191),h+=ds[H])}else Hs(t,h,U[_]),h+=P[_]}return Hs(t,h,U[256]),h+P[256]},Zs=/*#__PURE__*/new ys([65540,131080,131088,131104,262176,1048704,1048832,2114560,2117632]),Js=/*#__PURE__*/new ls(0),Xs=function(){var e=1,t=0;return{p:function(r){for(var n=e,i=t,s=0|r.length,a=0;a!=s;){for(var o=Math.min(a+2655,s);a<o;++a)i+=n+=r[a];n=(65535&n)+15*(n>>16),i=(65535&i)+15*(i>>16)}e=n,t=i},d:function(){return(255&(e%=65521))<<24|(65280&e)<<8|(255&(t%=65521))<<8|t>>8}}},Ws=function(e,t,r,n,i){if(!i&&(i={l:1},t.dictionary)){var s=t.dictionary.subarray(-32768),a=new ls(s.length+e.length);a.set(s),a.set(e,s.length),e=a,i.w=s.length}return function(e,t,r,n,i,s){var a=s.z||e.length,o=new ls(n+a+5*(1+Math.ceil(a/7e3))+i),c=o.subarray(n,o.length-i),u=s.l,h=7&(s.r||0);if(t){h&&(c[0]=s.r>>3);for(var l=Zs[t-1],f=l>>13,y=8191&l,p=(1<<r)-1,d=s.p||new fs(32768),g=s.h||new fs(p+1),w=Math.ceil(r/3),A=2*w,m=function(t){return(e[t]^e[t+1]<<w^e[t+2]<<A)&p},b=new ys(25e3),k=new fs(288),E=new fs(32),v=0,K=0,S=s.i||0,I=0,B=s.w||0,C=0;S+2<a;++S){var U=m(S),P=32767&S,D=g[U];if(d[P]=D,g[U]=P,B<=S){var x=a-S;if((v>7e3||I>24576)&&(x>423||!u)){h=Ys(e,c,0,b,k,E,K,I,C,S-C,h),I=v=K=0,C=S;for(var Q=0;Q<286;++Q)k[Q]=0;for(Q=0;Q<30;++Q)E[Q]=0}var R=2,T=0,M=y,L=P-D&32767;if(x>2&&U==m(S-L))for(var F=Math.min(f,x)-1,O=Math.min(32767,S),N=Math.min(258,x);L<=O&&--M&&P!=D;){if(e[S+R]==e[S+R-L]){for(var _=0;_<N&&e[S+_]==e[S+_-L];++_);if(_>R){if(R=_,T=L,_>F)break;var H=Math.min(L,_-2),z=0;for(Q=0;Q<H;++Q){var G=S-L+Q&32767,q=G-d[G]&32767;q>z&&(z=q,D=G)}}}L+=(P=D)-(D=d[P])&32767}if(T){b[I++]=268435456|bs[R]<<18|vs[T];var j=31&bs[R],V=31&vs[T];K+=ps[j]+ds[V],++k[257+j],++E[V],B=S+R,++v}else b[I++]=e[S],++k[e[S]]}}for(S=Math.max(S,B);S<a;++S)b[I++]=e[S],++k[e[S]];h=Ys(e,c,u,b,k,E,K,I,C,S-C,h),u||(s.r=7&h|c[h/8|0]<<3,h-=7,s.h=g,s.p=d,s.i=S,s.w=B)}else{for(S=s.w||0;S<a+u;S+=65535){var Y=S+65535;Y>=a&&(c[h/8|0]=u,Y=a),h=Vs(c,h+1,e.subarray(S,Y))}s.i=a}return Fs(o,0,n+Ls(h)+i)}(e,null==t.level?6:t.level,null==t.mem?i.l?Math.ceil(1.5*Math.max(8,Math.min(13,Math.log(e.length)))):20:12+t.mem,r,n,i)},$s=function(e,t,r){for(;r;++t)e[t]=r,r>>>=8},ea=/*#__PURE__*/function(){function e(e,t){if("function"==typeof e&&(t=e,e={}),this.ondata=t,this.o=e||{},this.s={l:0,i:32768,w:32768,z:32768},this.b=new ls(98304),this.o.dictionary){var r=this.o.dictionary.subarray(-32768);this.b.set(r,32768-r.length),this.s.i=32768-r.length}}return e.prototype.p=function(e,t){this.ondata(Ws(e,this.o,0,0,this.s),t)},e.prototype.push=function(e,t){this.ondata||Ns(5),this.s.l&&Ns(4);var r=e.length+this.s.z;if(r>this.b.length){if(r>2*this.b.length-32768){var n=new ls(-32768&r);n.set(this.b.subarray(0,this.s.z)),this.b=n}var i=this.b.length-this.s.z;this.b.set(e.subarray(0,i),this.s.z),this.s.z=this.b.length,this.p(this.b,!1),this.b.set(this.b.subarray(-32768)),this.b.set(e.subarray(i),32768),this.s.z=e.length-i+32768,this.s.i=32766,this.s.w=32768}else this.b.set(e,this.s.z),this.s.z+=e.length;this.s.l=1&t,(this.s.z>this.s.w+8191||t)&&(this.p(this.b,t||!1),this.s.w=this.s.i,this.s.i-=2)},e.prototype.flush=function(){this.ondata||Ns(5),this.s.l&&Ns(4),this.p(this.b,!1),this.s.w=this.s.i,this.s.i-=2},e}(),ta=/*#__PURE__*/function(){function e(e,t){"function"==typeof e&&(t=e,e={}),this.ondata=t;var r=e&&e.dictionary&&e.dictionary.subarray(-32768);this.s={i:0,b:r?r.length:0},this.o=new ls(32768),this.p=new ls(0),r&&this.o.set(r)}return e.prototype.e=function(e){if(this.ondata||Ns(5),this.d&&Ns(4),this.p.length){if(e.length){var t=new ls(this.p.length+e.length);t.set(this.p),t.set(e,this.p.length),this.p=t}}else this.p=e},e.prototype.c=function(e){this.s.i=+(this.d=e||!1);var t=this.s.b,r=function(e,t,r,n){var i=e.length;if(!i||t.f&&!t.l)return r||new ls(0);var s=!r,a=s||2!=t.i,o=t.i;s&&(r=new ls(3*i));var c=function(e){var t=r.length;if(e>t){var n=new ls(Math.max(2*t,e));n.set(r),r=n}},u=t.f||0,h=t.p||0,l=t.b||0,f=t.l,y=t.d,p=t.m,d=t.n,g=8*i;do{if(!f){u=Ts(e,h,1);var w=Ts(e,h+1,3);if(h+=3,!w){var A=e[(U=Ls(h)+4)-4]|e[U-3]<<8,m=U+A;if(m>i){o&&Ns(0);break}a&&c(l+A),r.set(e.subarray(U,m),l),t.b=l+=A,t.p=h=8*m,t.f=u;continue}if(1==w)f=Ds,y=Qs,p=9,d=5;else if(2==w){var b=Ts(e,h,31)+257,k=Ts(e,h+10,15)+4,E=b+Ts(e,h+5,31)+1;h+=14;for(var v=new ls(E),K=new ls(19),S=0;S<k;++S)K[gs[S]]=Ts(e,h+3*S,7);h+=3*k;var I=Rs(K),B=(1<<I)-1,C=Bs(K,I,1);for(S=0;S<E;){var U,P=C[Ts(e,h,B)];if(h+=15&P,(U=P>>4)<16)v[S++]=U;else{var D=0,x=0;for(16==U?(x=3+Ts(e,h,3),h+=2,D=v[S-1]):17==U?(x=3+Ts(e,h,7),h+=3):18==U&&(x=11+Ts(e,h,127),h+=7);x--;)v[S++]=D}}var Q=v.subarray(0,b),R=v.subarray(b);p=Rs(Q),d=Rs(R),f=Bs(Q,p,1),y=Bs(R,d,1)}else Ns(1);if(h>g){o&&Ns(0);break}}a&&c(l+131072);for(var T=(1<<p)-1,M=(1<<d)-1,L=h;;L=h){var F=(D=f[Ms(e,h)&T])>>4;if((h+=15&D)>g){o&&Ns(0);break}if(D||Ns(2),F<256)r[l++]=F;else{if(256==F){L=h,f=null;break}var O=F-254;if(F>264){var N=ps[S=F-257];O=Ts(e,h,(1<<N)-1)+ms[S],h+=N}var _=y[Ms(e,h)&M],H=_>>4;if(_||Ns(3),h+=15&_,R=Es[H],H>3&&(N=ds[H],R+=Ms(e,h)&(1<<N)-1,h+=N),h>g){o&&Ns(0);break}a&&c(l+131072);var z=l+O;if(l<R){var G=0-R,q=Math.min(R,z);for(G+l<0&&Ns(3);l<q;++l)r[l]=n[G+l]}for(;l<z;++l)r[l]=r[l-R]}}t.l=f,t.p=L,t.b=l,t.f=u,f&&(u=1,t.m=p,t.d=y,t.n=d)}while(!u);return l!=r.length&&s?Fs(r,0,l):r.subarray(0,l)}(this.p,this.s,this.o);this.ondata(Fs(r,t,this.s.b),this.d),this.o=Fs(r,this.s.b-32768),this.s.b=this.o.length,this.p=Fs(this.p,this.s.p/8|0),this.s.p&=7},e.prototype.push=function(e,t){this.e(e),this.c(t)},e}(),ra=/*#__PURE__*/function(){function e(e,t){this.c=Xs(),this.v=1,ea.call(this,e,t)}return e.prototype.push=function(e,t){this.c.p(e),ea.prototype.push.call(this,e,t)},e.prototype.p=function(e,t){var r=Ws(e,this.o,this.v&&(this.o.dictionary?6:2),t&&4,this.s);this.v&&(function(e,t){var r=t.level,n=0==r?0:r<6?1:9==r?3:2;if(e[0]=120,e[1]=n<<6|(t.dictionary&&32),e[1]|=31-(e[0]<<8|e[1])%31,t.dictionary){var i=Xs();i.p(t.dictionary),$s(e,2,i.d())}}(r,this.o),this.v=0),t&&$s(r,r.length-4,this.c.d()),this.ondata(r,t)},e.prototype.flush=function(){ea.prototype.flush.call(this)},e}(),na=/*#__PURE__*/function(){function e(e,t){ta.call(this,e,t),this.v=e&&e.dictionary?2:1}return e.prototype.push=function(e,t){if(ta.prototype.e.call(this,e),this.v){if(this.p.length<6&&!t)return;this.p=this.p.subarray((r=this.p,n=this.v-1,(8!=(15&r[0])||r[0]>>4>7||(r[0]<<8|r[1])%31)&&Ns(6,"invalid zlib data"),(r[1]>>5&1)==+!n&&Ns(6,"invalid zlib data: "+(32&r[1]?"need":"unexpected")+" dictionary"),2+(r[1]>>3&4))),this.v=0}var r,n;t&&(this.p.length<4&&Ns(6,"invalid zlib data"),this.p=this.p.subarray(0,-4)),ta.prototype.c.call(this,t)},e}(),ia="undefined"!=typeof TextDecoder&&/*#__PURE__*/new TextDecoder;try{ia.decode(Js,{stream:!0})}catch(e){}class sa{static get tag(){return F.packet.literalData}constructor(e=new Date){this.format=F.literal.utf8,this.date=_.normalizeDate(e),this.text=null,this.data=null,this.filename=""}setText(e,t=F.literal.utf8){this.format=t,this.text=e,this.data=null}getText(e=!1){return(null===this.text||_.isStream(this.text))&&(this.text=_.decodeUTF8(_.nativeEOL(this.getBytes(e)))),this.text}setBytes(e,t){this.format=t,this.data=e,this.text=null}getBytes(e=!1){return null===this.data&&(this.data=_.canonicalizeEOL(_.encodeUTF8(this.text))),e?U(this.data):this.data}setFilename(e){this.filename=e}getFilename(){return this.filename}async read(e){await B(e,(async e=>{const t=await e.readByte(),r=await e.readByte();this.filename=_.decodeUTF8(await e.readBytes(r)),this.date=_.readDate(await e.readBytes(4));let n=e.remainder();l(n)&&(n=await x(n)),this.setBytes(n,t)}))}writeHeader(){const e=_.encodeUTF8(this.filename),t=new Uint8Array([e.length]),r=new Uint8Array([this.format]),n=_.writeDate(this.date);return _.concatUint8Array([r,t,e,n])}write(){const e=this.writeHeader(),t=this.getBytes();return _.concat([e,t])}}class aa{constructor(){this.bytes=""}read(e){return this.bytes=_.uint8ArrayToString(e.subarray(0,8)),this.bytes.length}write(){return _.stringToUint8Array(this.bytes)}toHex(){return _.uint8ArrayToHex(_.stringToUint8Array(this.bytes))}equals(e,t=!1){return t&&(e.isWildcard()||this.isWildcard())||this.bytes===e.bytes}isNull(){return""===this.bytes}isWildcard(){return/^0+$/.test(this.toHex())}static mapToHex(e){return e.toHex()}static fromID(e){const t=new aa;return t.read(_.hexToUint8Array(e)),t}static wildcard(){const e=new aa;return e.read(new Uint8Array(8)),e}}const oa=Symbol("verified"),ca="salt@notations.openpgpjs.org",ua=new Set([F.signatureSubpacket.issuerKeyID,F.signatureSubpacket.issuerFingerprint,F.signatureSubpacket.embeddedSignature]);class ha{static get tag(){return F.packet.signature}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.signatureData=null,this.unhashedSubpackets=[],this.unknownSubpackets=[],this.signedHashValue=null,this.salt=null,this.created=null,this.signatureExpirationTime=null,this.signatureNeverExpires=!0,this.exportable=null,this.trustLevel=null,this.trustAmount=null,this.regularExpression=null,this.revocable=null,this.keyExpirationTime=null,this.keyNeverExpires=null,this.preferredSymmetricAlgorithms=null,this.revocationKeyClass=null,this.revocationKeyAlgorithm=null,this.revocationKeyFingerprint=null,this.issuerKeyID=new aa,this.rawNotations=[],this.notations={},this.preferredHashAlgorithms=null,this.preferredCompressionAlgorithms=null,this.keyServerPreferences=null,this.preferredKeyServer=null,this.isPrimaryUserID=null,this.policyURI=null,this.keyFlags=null,this.signersUserID=null,this.reasonForRevocationFlag=null,this.reasonForRevocationString=null,this.features=null,this.signatureTargetPublicKeyAlgorithm=null,this.signatureTargetHashAlgorithm=null,this.signatureTargetHash=null,this.embeddedSignature=null,this.issuerKeyVersion=null,this.issuerFingerprint=null,this.preferredAEADAlgorithms=null,this.preferredCipherSuites=null,this.revoked=null,this[oa]=null}read(e,t=O){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new ut("Support for v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4!==this.version&&5!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the signature packet is unsupported.`);if(this.signatureType=e[r++],this.publicKeyAlgorithm=e[r++],this.hashAlgorithm=e[r++],r+=this.readSubPackets(e.subarray(r,e.length),!0),!this.created)throw Error("Missing signature creation time subpacket.");if(this.signatureData=e.subarray(0,r),r+=this.readSubPackets(e.subarray(r,e.length),!1),this.signedHashValue=e.subarray(r,r+2),r+=2,6===this.version){const t=e[r++];this.salt=e.subarray(r,r+t),r+=t}const n=e.subarray(r,e.length),{read:i,signatureParams:s}=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(r));return r+=e.length+2,{read:r,signatureParams:{s:e}}}case F.publicKey.dsa:case F.publicKey.ecdsa:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,signatureParams:{r:e,s:n}}}case F.publicKey.eddsaLegacy:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,signatureParams:{r:e,s:n}}}case F.publicKey.ed25519:case F.publicKey.ed448:{const n=2*wt(e),i=_.readExactSubarray(t,r,r+n);return r+=i.length,{read:r,signatureParams:{RS:i}}}case F.publicKey.hmac:{const e=new jn;return r+=e.read(t.subarray(r)),{read:r,signatureParams:{mac:e}}}case F.publicKey.pqc_mldsa_ed25519:{const e=2*wt(F.publicKey.ed25519),n=_.readExactSubarray(t,r,r+e);r+=n.length;const i=_.readExactSubarray(t,r,r+3309);return r+=i.length,{read:r,signatureParams:{eccSignature:n,mldsaSignature:i}}}default:throw new ut("Unknown signature algorithm.")}}(this.publicKeyAlgorithm,n);if(i<n.length)throw Error("Error reading MPIs");this.params=s}writeParams(){return this.params instanceof Promise?R((async()=>ji(this.publicKeyAlgorithm,await this.params))):ji(this.publicKeyAlgorithm,this.params)}write(){const e=[];return e.push(this.signatureData),e.push(this.writeUnhashedSubPackets()),e.push(this.signedHashValue),6===this.version&&(e.push(new Uint8Array([this.salt.length])),e.push(this.salt)),e.push(this.writeParams()),_.concat(e)}async sign(e,t,r=new Date,n=!1,i){this.version=e.version,this.created=_.normalizeDate(r),this.issuerKeyVersion=e.version,this.issuerFingerprint=e.getFingerprintBytes(),this.issuerKeyID=e.getKeyID();const s=[new Uint8Array([this.version,this.signatureType,this.publicKeyAlgorithm,this.hashAlgorithm])];if(6===this.version){const e=fa(this.hashAlgorithm);if(null===this.salt)this.salt=we(e);else if(e!==this.salt.length)throw Error("Provided salt does not have the required length")}else if(i.nonDeterministicSignaturesViaNotation){if(0!==this.rawNotations.filter((({name:e})=>e===ca)).length)throw Error("Unexpected existing salt notation");{const e=we(fa(this.hashAlgorithm));this.rawNotations.push({name:ca,value:e,humanReadable:!1,critical:!1})}}s.push(this.writeHashedSubPackets()),this.unhashedSubpackets=[],this.signatureData=_.concat(s);const a=this.toHash(this.signatureType,t,n),o=await this.hash(this.signatureType,t,a,n);this.signedHashValue=D(C(o),0,2);const c=async()=>es(this.publicKeyAlgorithm,this.hashAlgorithm,e.publicParams,e.privateParams,a,await x(o));_.isStream(o)?this.params=c():(this.params=await c(),this[oa]=!0)}writeHashedSubPackets(){const e=F.signatureSubpacket,t=[];let r;if(null===this.created)throw Error("Missing signature creation time");t.push(la(e.signatureCreationTime,!0,_.writeDate(this.created))),null!==this.signatureExpirationTime&&t.push(la(e.signatureExpirationTime,!0,_.writeNumber(this.signatureExpirationTime,4))),null!==this.exportable&&t.push(la(e.exportableCertification,!0,new Uint8Array([this.exportable?1:0]))),null!==this.trustLevel&&(r=new Uint8Array([this.trustLevel,this.trustAmount]),t.push(la(e.trustSignature,!0,r))),null!==this.regularExpression&&t.push(la(e.regularExpression,!0,this.regularExpression)),null!==this.revocable&&t.push(la(e.revocable,!0,new Uint8Array([this.revocable?1:0]))),null!==this.keyExpirationTime&&t.push(la(e.keyExpirationTime,!0,_.writeNumber(this.keyExpirationTime,4))),null!==this.preferredSymmetricAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredSymmetricAlgorithms)),t.push(la(e.preferredSymmetricAlgorithms,!1,r))),null!==this.revocationKeyClass&&(r=new Uint8Array([this.revocationKeyClass,this.revocationKeyAlgorithm]),r=_.concat([r,this.revocationKeyFingerprint]),t.push(la(e.revocationKey,!1,r))),!this.issuerKeyID.isNull()&&this.issuerKeyVersion<5&&t.push(la(e.issuerKeyID,!1,this.issuerKeyID.write())),this.rawNotations.forEach((({name:n,value:i,humanReadable:s,critical:a})=>{r=[new Uint8Array([s?128:0,0,0,0])];const o=_.encodeUTF8(n);r.push(_.writeNumber(o.length,2)),r.push(_.writeNumber(i.length,2)),r.push(o),r.push(i),r=_.concat(r),t.push(la(e.notationData,a,r))})),null!==this.preferredHashAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredHashAlgorithms)),t.push(la(e.preferredHashAlgorithms,!1,r))),null!==this.preferredCompressionAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredCompressionAlgorithms)),t.push(la(e.preferredCompressionAlgorithms,!1,r))),null!==this.keyServerPreferences&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.keyServerPreferences)),t.push(la(e.keyServerPreferences,!1,r))),null!==this.preferredKeyServer&&t.push(la(e.preferredKeyServer,!1,_.encodeUTF8(this.preferredKeyServer))),null!==this.isPrimaryUserID&&t.push(la(e.primaryUserID,!1,new Uint8Array([this.isPrimaryUserID?1:0]))),null!==this.policyURI&&t.push(la(e.policyURI,!1,_.encodeUTF8(this.policyURI))),null!==this.keyFlags&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.keyFlags)),t.push(la(e.keyFlags,!0,r))),null!==this.signersUserID&&t.push(la(e.signersUserID,!1,_.encodeUTF8(this.signersUserID))),null!==this.reasonForRevocationFlag&&(r=_.stringToUint8Array(String.fromCharCode(this.reasonForRevocationFlag)+this.reasonForRevocationString),t.push(la(e.reasonForRevocation,!0,r))),null!==this.features&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.features)),t.push(la(e.features,!1,r))),null!==this.signatureTargetPublicKeyAlgorithm&&(r=[new Uint8Array([this.signatureTargetPublicKeyAlgorithm,this.signatureTargetHashAlgorithm])],r.push(_.stringToUint8Array(this.signatureTargetHash)),r=_.concat(r),t.push(la(e.signatureTarget,!0,r))),null!==this.embeddedSignature&&t.push(la(e.embeddedSignature,!0,this.embeddedSignature.write())),null!==this.issuerFingerprint&&(r=[new Uint8Array([this.issuerKeyVersion]),this.issuerFingerprint],r=_.concat(r),t.push(la(e.issuerFingerprint,this.version>=5,r))),null!==this.preferredAEADAlgorithms&&(r=_.stringToUint8Array(_.uint8ArrayToString(this.preferredAEADAlgorithms)),t.push(la(e.preferredAEADAlgorithms,!1,r))),null!==this.preferredCipherSuites&&(r=new Uint8Array([].concat(...this.preferredCipherSuites)),t.push(la(e.preferredCipherSuites,!1,r)));const n=_.concat(t),i=_.writeNumber(n.length,6===this.version?4:2);return _.concat([i,n])}writeUnhashedSubPackets(){const e=this.unhashedSubpackets.map((({type:e,critical:t,body:r})=>la(e,t,r))),t=_.concat(e),r=_.writeNumber(t.length,6===this.version?4:2);return _.concat([r,t])}readSubPacket(e,t=!0){let r=0;const n=!!(128&e[r]),i=127&e[r];if(r++,t||(this.unhashedSubpackets.push({type:i,critical:n,body:e.subarray(r,e.length)}),ua.has(i)))switch(i){case F.signatureSubpacket.signatureCreationTime:this.created=_.readDate(e.subarray(r,e.length));break;case F.signatureSubpacket.signatureExpirationTime:{const t=_.readNumber(e.subarray(r,e.length));this.signatureNeverExpires=0===t,this.signatureExpirationTime=t;break}case F.signatureSubpacket.exportableCertification:this.exportable=1===e[r++];break;case F.signatureSubpacket.trustSignature:this.trustLevel=e[r++],this.trustAmount=e[r++];break;case F.signatureSubpacket.regularExpression:this.regularExpression=e[r];break;case F.signatureSubpacket.revocable:this.revocable=1===e[r++];break;case F.signatureSubpacket.keyExpirationTime:{const t=_.readNumber(e.subarray(r,e.length));this.keyExpirationTime=t,this.keyNeverExpires=0===t;break}case F.signatureSubpacket.preferredSymmetricAlgorithms:this.preferredSymmetricAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.revocationKey:this.revocationKeyClass=e[r++],this.revocationKeyAlgorithm=e[r++],this.revocationKeyFingerprint=e.subarray(r,r+20);break;case F.signatureSubpacket.issuerKeyID:if(4===this.version)this.issuerKeyID.read(e.subarray(r,e.length));else if(t)throw Error("Unexpected Issuer Key ID subpacket");break;case F.signatureSubpacket.notationData:{const t=!!(128&e[r]);r+=4;const i=_.readNumber(e.subarray(r,r+2));r+=2;const s=_.readNumber(e.subarray(r,r+2));r+=2;const a=_.decodeUTF8(e.subarray(r,r+i)),o=e.subarray(r+i,r+i+s);this.rawNotations.push({name:a,humanReadable:t,value:o,critical:n}),t&&(this.notations[a]=_.decodeUTF8(o));break}case F.signatureSubpacket.preferredHashAlgorithms:this.preferredHashAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredCompressionAlgorithms:this.preferredCompressionAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.keyServerPreferences:this.keyServerPreferences=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredKeyServer:this.preferredKeyServer=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.primaryUserID:this.isPrimaryUserID=0!==e[r++];break;case F.signatureSubpacket.policyURI:this.policyURI=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.keyFlags:this.keyFlags=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.signersUserID:this.signersUserID=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.reasonForRevocation:this.reasonForRevocationFlag=e[r++],this.reasonForRevocationString=_.decodeUTF8(e.subarray(r,e.length));break;case F.signatureSubpacket.features:this.features=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.signatureTarget:{this.signatureTargetPublicKeyAlgorithm=e[r++],this.signatureTargetHashAlgorithm=e[r++];const t=Fe(this.signatureTargetHashAlgorithm);this.signatureTargetHash=_.uint8ArrayToString(e.subarray(r,r+t));break}case F.signatureSubpacket.embeddedSignature:this.embeddedSignature=new ha,this.embeddedSignature.read(e.subarray(r,e.length));break;case F.signatureSubpacket.issuerFingerprint:this.issuerKeyVersion=e[r++],this.issuerFingerprint=e.subarray(r,e.length),this.issuerKeyVersion>=5?this.issuerKeyID.read(this.issuerFingerprint):this.issuerKeyID.read(this.issuerFingerprint.subarray(-8));break;case F.signatureSubpacket.preferredAEADAlgorithms:this.preferredAEADAlgorithms=[...e.subarray(r,e.length)];break;case F.signatureSubpacket.preferredCipherSuites:this.preferredCipherSuites=[];for(let t=r;t<e.length;t+=2)this.preferredCipherSuites.push([e[t],e[t+1]]);break;default:this.unknownSubpackets.push({type:i,critical:n,body:e.subarray(r,e.length)})}}readSubPackets(e,t=!0,r){const n=6===this.version?4:2,i=_.readNumber(e.subarray(0,n));let s=n;for(;s<2+i;){const n=rt(e.subarray(s,e.length));s+=n.offset,this.readSubPacket(e.subarray(s,s+n.len),t,r),s+=n.len}return s}toSign(e,t){const r=F.signature;switch(e){case r.binary:return null!==t.text?_.encodeUTF8(t.getText(!0)):t.getBytes(!0);case r.text:{const e=t.getBytes(!0);return _.canonicalizeEOL(e)}case r.standalone:return new Uint8Array(0);case r.certGeneric:case r.certPersona:case r.certCasual:case r.certPositive:case r.certRevocation:{let e,n;if(t.userID)n=180,e=t.userID;else{if(!t.userAttribute)throw Error("Either a userID or userAttribute packet needs to be supplied for certification.");n=209,e=t.userAttribute}const i=e.write();return _.concat([this.toSign(r.key,t),new Uint8Array([n]),_.writeNumber(i.length,4),i])}case r.subkeyBinding:case r.subkeyRevocation:case r.keyBinding:return _.concat([this.toSign(r.key,t),this.toSign(r.key,{key:t.bind})]);case r.key:if(void 0===t.key)throw Error("Key packet is required for this signature.");return t.key.writeForHash(this.version);case r.keyRevocation:return this.toSign(r.key,t);case r.timestamp:return new Uint8Array(0);case r.thirdParty:throw Error("Not implemented");default:throw Error("Unknown signature type.")}}calculateTrailer(e,t){let r=0;return S(C(this.signatureData),(e=>{r+=e.length}),(()=>{const n=[];return 5!==this.version||this.signatureType!==F.signature.binary&&this.signatureType!==F.signature.text||(t?n.push(new Uint8Array(6)):n.push(e.writeHeader())),n.push(new Uint8Array([this.version,255])),5===this.version&&n.push(new Uint8Array(4)),n.push(_.writeNumber(r,4)),_.concat(n)}))}toHash(e,t,r=!1){const n=this.toSign(e,t);return _.concat([this.salt||new Uint8Array,n,this.signatureData,this.calculateTrailer(t,r)])}async hash(e,t,r,n=!1){if(6===this.version&&this.salt.length!==fa(this.hashAlgorithm))throw Error("Signature salt does not have the expected length");return r||(r=this.toHash(e,t,n)),Le(this.hashAlgorithm,r)}async verify(e,t,r,n=new Date,i=!1,s=O){if(!this.issuerKeyID.equals(e.getKeyID()))throw Error("Signature was not issued by the given public key");if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Public key algorithm used to sign signature does not match issuer key algorithm.");const a=t===F.signature.binary||t===F.signature.text;if(!(this[oa]&&!a)){let n,s;if(this.hashed?s=await this.hashed:(n=this.toHash(t,r,i),s=await this.hash(t,r,n)),s=await x(s),this.signedHashValue[0]!==s[0]||this.signedHashValue[1]!==s[1])throw Error("Signed digest did not match");this.params=await this.params;const a=this.publicKeyAlgorithm===F.publicKey.hmac?e.privateParams:null;if(this[oa]=await $i(this.publicKeyAlgorithm,this.hashAlgorithm,this.params,e.publicParams,a,n,s),!this[oa])throw Error("Signature verification failed")}const o=_.normalizeDate(n);if(o&&this.created>o)throw Error("Signature creation time is in the future");if(o&&o>=this.getExpirationTime())throw Error("Signature is expired");if(s.rejectHashAlgorithms.has(this.hashAlgorithm))throw Error("Insecure hash algorithm: "+F.read(F.hash,this.hashAlgorithm).toUpperCase());if(s.rejectMessageHashAlgorithms.has(this.hashAlgorithm)&&[F.signature.binary,F.signature.text].includes(this.signatureType))throw Error("Insecure message hash algorithm: "+F.read(F.hash,this.hashAlgorithm).toUpperCase());if(this.unknownSubpackets.forEach((({type:e,critical:t})=>{if(t)throw Error("Unknown critical signature subpacket type "+e)})),this.rawNotations.forEach((({name:e,critical:t})=>{if(t&&s.knownNotations.indexOf(e)<0)throw Error("Unknown critical notation: "+e)})),null!==this.revocationKeyClass)throw Error("This key is intended to be revoked with an authorized key, which OpenPGP.js does not support.")}isExpired(e=new Date){const t=_.normalizeDate(e);return null!==t&&!(this.created<=t&&t<this.getExpirationTime())}getExpirationTime(){return this.signatureNeverExpires?1/0:new Date(this.created.getTime()+1e3*this.signatureExpirationTime)}}function la(e,t,r){const n=[];return n.push(nt(r.length+1)),n.push(new Uint8Array([(t?128:0)|e])),n.push(r),_.concat(n)}function fa(e){switch(e){case F.hash.sha256:return 16;case F.hash.sha384:return 24;case F.hash.sha512:return 32;case F.hash.sha224:case F.hash.sha3_256:return 16;case F.hash.sha3_512:return 32;default:throw Error("Unsupported hash function")}}class ya{static get tag(){return F.packet.onePassSignature}static fromSignaturePacket(e,t){const r=new ya;return r.version=6===e.version?6:3,r.signatureType=e.signatureType,r.hashAlgorithm=e.hashAlgorithm,r.publicKeyAlgorithm=e.publicKeyAlgorithm,r.issuerKeyID=e.issuerKeyID,r.salt=e.salt,r.issuerFingerprint=e.issuerFingerprint,r.flags=t?1:0,r}constructor(){this.version=null,this.signatureType=null,this.hashAlgorithm=null,this.publicKeyAlgorithm=null,this.salt=null,this.issuerKeyID=null,this.issuerFingerprint=null,this.flags=null}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the one-pass signature packet is unsupported.`);if(this.signatureType=e[t++],this.hashAlgorithm=e[t++],this.publicKeyAlgorithm=e[t++],6===this.version){const r=e[t++];this.salt=e.subarray(t,t+r),t+=r,this.issuerFingerprint=e.subarray(t,t+32),t+=32,this.issuerKeyID=new aa,this.issuerKeyID.read(this.issuerFingerprint)}else this.issuerKeyID=new aa,this.issuerKeyID.read(e.subarray(t,t+8)),t+=8;return this.flags=e[t++],this}write(){const e=[new Uint8Array([this.version,this.signatureType,this.hashAlgorithm,this.publicKeyAlgorithm])];return 6===this.version?e.push(new Uint8Array([this.salt.length]),this.salt,this.issuerFingerprint):e.push(this.issuerKeyID.write()),e.push(new Uint8Array([this.flags])),_.concatUint8Array(e)}calculateTrailer(...e){return R((async()=>ha.prototype.calculateTrailer.apply(await this.correspondingSig,e)))}async verify(){const e=await this.correspondingSig;if(!e||e.constructor.tag!==F.packet.signature)throw Error("Corresponding signature packet missing");if(e.signatureType!==this.signatureType||e.hashAlgorithm!==this.hashAlgorithm||e.publicKeyAlgorithm!==this.publicKeyAlgorithm||!e.issuerKeyID.equals(this.issuerKeyID)||3===this.version&&6===e.version||6===this.version&&6!==e.version||6===this.version&&!_.equalsUint8Array(e.issuerFingerprint,this.issuerFingerprint)||6===this.version&&!_.equalsUint8Array(e.salt,this.salt))throw Error("Corresponding signature packet does not match one-pass signature packet");return e.hashed=this.hashed,e.verify.apply(e,arguments)}}function pa(e,t){if(!t[e]){let t;try{t=F.read(F.packet,e)}catch(t){throw new ht("Unknown packet type with tag: "+e)}throw Error("Packet not allowed in this context: "+t)}return new t[e]}ya.prototype.hash=ha.prototype.hash,ya.prototype.toHash=ha.prototype.toHash,ya.prototype.toSign=ha.prototype.toSign;class da extends Array{static async fromBinary(e,t,r=O,n=null,i=!1){const s=new da;return await s.read(e,t,r,n,i),s}async read(e,t,r=O,n=null,i=!1){let s;r.additionalAllowedPackets.length&&(s=_.constructAllowedPackets(r.additionalAllowedPackets),t={...t,...s}),this.stream=I(e,(async(e,a)=>{const o=T(e),c=M(a);try{let a=_.isStream(e);for(;;){let e,u;if(await c.ready,await ct(o,a,(async a=>{try{if(a.tag===F.packet.marker||a.tag===F.packet.trust||a.tag===F.packet.padding)return;const e=pa(a.tag,t);try{n?.recordPacket(a.tag,s)}catch(e){if(r.enforceGrammar)throw e;_.printDebugError(e)}e.packets=new da,e.fromStream=_.isStream(a.packet),u=e.fromStream;try{await e.read(a.packet,r)}catch(t){if(!(t instanceof ut))throw _.wrapError(new lt(`Parsing ${e.constructor.name} failed`),t);throw t}await c.write(e)}catch(t){const n=t instanceof ht&&a.tag<=39,s=t instanceof ut&&!(t instanceof ht)&&!r.ignoreUnsupportedPackets,o=t instanceof lt&&!r.ignoreMalformedPackets,u=ot(a.tag);if(n||s||o||u||!(t instanceof ht||t instanceof ut||t instanceof lt))i?e=t:await c.abort(t);else{const e=new ft(a.tag,a.packet);await c.write(e)}_.printDebugError(t)}})),u&&(a=null),e)throw await o.readToEnd(),e;const h=await o.peekBytes(2);if(!h||!h.length){try{n?.recordEnd()}catch(e){if(r.enforceGrammar)throw e;_.printDebugError(e)}return await c.ready,void await c.close()}}}catch(e){await c.abort(e)}}));const a=T(this.stream);for(;;){const{done:e,value:t}=await a.read();if(e?this.stream=null:this.push(t),e||ot(t.constructor.tag))break}a.releaseLock()}write(){const e=[];for(let t=0;t<this.length;t++){const r=this[t]instanceof ft?this[t].tag:this[t].constructor.tag,n=this[t].write();if(_.isStream(n)&&ot(this[t].constructor.tag)){let t=[],i=0;const s=512;e.push(st(r)),e.push(S(n,(e=>{if(t.push(e),i+=e.length,i>=s){const e=Math.min(Math.log(i)/Math.LN2|0,30),r=2**e,n=_.concat([it(e)].concat(t));return t=[n.subarray(1+r)],i=t[0].length,n.subarray(0,1+r)}}),(()=>_.concat([nt(i)].concat(t)))))}else{if(_.isStream(n)){let t=0;e.push(S(C(n),(e=>{t+=e.length}),(()=>at(r,t))))}else e.push(at(r,n.length));e.push(n)}}return _.concat(e)}filterByTag(...e){const t=new da,r=e=>t=>e===t;for(let n=0;n<this.length;n++)e.some(r(this[n].constructor.tag))&&t.push(this[n]);return t}findPacket(e){return this.find((t=>t.constructor.tag===e))}indexOfTag(...e){const t=[],r=this,n=e=>t=>e===t;for(let i=0;i<this.length;i++)e.some(n(r[i].constructor.tag))&&t.push(i);return t}}class ga extends Error{constructor(...e){super(...e),Error.captureStackTrace&&Error.captureStackTrace(this,ga),this.name="GrammarError"}}var wa;!function(e){e[e.EmptyMessage=0]="EmptyMessage",e[e.PlaintextOrEncryptedData=1]="PlaintextOrEncryptedData",e[e.EncryptedSessionKeys=2]="EncryptedSessionKeys",e[e.StandaloneAdditionalAllowedData=3]="StandaloneAdditionalAllowedData"}(wa||(wa={}));class Aa{constructor(){this.state=wa.EmptyMessage,this.leadingOnePassSignatureCounter=0}recordPacket(e,t){switch(this.state){case wa.EmptyMessage:case wa.StandaloneAdditionalAllowedData:switch(e){case F.packet.literalData:case F.packet.compressedData:case F.packet.aeadEncryptedData:case F.packet.symEncryptedIntegrityProtectedData:case F.packet.symmetricallyEncryptedData:return void(this.state=wa.PlaintextOrEncryptedData);case F.packet.signature:if(this.state===wa.StandaloneAdditionalAllowedData&&--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return;case F.packet.onePassSignature:if(this.state===wa.StandaloneAdditionalAllowedData)throw new ga("OPS following StandaloneAdditionalAllowedData");return void this.leadingOnePassSignatureCounter++;case F.packet.publicKeyEncryptedSessionKey:case F.packet.symEncryptedSessionKey:return void(this.state=wa.EncryptedSessionKeys);default:if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);return void(this.state=wa.StandaloneAdditionalAllowedData)}case wa.PlaintextOrEncryptedData:if(e===F.packet.signature){if(--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return void(this.state=wa.PlaintextOrEncryptedData)}if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);return void(this.state=wa.PlaintextOrEncryptedData);case wa.EncryptedSessionKeys:switch(e){case F.packet.publicKeyEncryptedSessionKey:case F.packet.symEncryptedSessionKey:return void(this.state=wa.EncryptedSessionKeys);case F.packet.symEncryptedIntegrityProtectedData:case F.packet.aeadEncryptedData:case F.packet.symmetricallyEncryptedData:return void(this.state=wa.PlaintextOrEncryptedData);case F.packet.signature:if(--this.leadingOnePassSignatureCounter<0)throw new ga("Trailing signature packet without OPS");return void(this.state=wa.PlaintextOrEncryptedData);default:if(!t?.[e])throw new ga(`Unexpected packet ${e} in state ${this.state}`);this.state=wa.EncryptedSessionKeys}}}recordEnd(){switch(this.state){case wa.EmptyMessage:case wa.PlaintextOrEncryptedData:case wa.EncryptedSessionKeys:case wa.StandaloneAdditionalAllowedData:if(this.leadingOnePassSignatureCounter>0)throw new ga("Missing trailing signature packets")}}}const ma=/*#__PURE__*/_.constructAllowedPackets([sa,ya,ha]);class ba{static get tag(){return F.packet.compressedData}constructor(e=O){this.packets=null,this.algorithm=e.preferredCompressionAlgorithm,this.compressed=null}async read(e,t=O){await B(e,(async e=>{this.algorithm=await e.readByte(),this.compressed=e.remainder(),await this.decompress(t)}))}write(){return null===this.compressed&&this.compress(),_.concat([new Uint8Array([this.algorithm]),this.compressed])}async decompress(e=O){const t=F.read(F.compression,this.algorithm),r=Sa[t];if(!r)throw Error(t+" decompression not supported");this.packets=await da.fromBinary(await r(this.compressed),ma,e,new Aa)}compress(){const e=F.read(F.compression,this.algorithm),t=Ka[e];if(!t)throw Error(e+" compression not supported");this.compressed=t(this.packets.write())}}function ka(e,t){return r=>{if(!_.isStream(r)||l(r))return R((()=>x(r).then((e=>new Promise(((r,n)=>{const i=new t,s=[];i.ondata=(e,t)=>{s.push(e),t&&r(_.concatUint8Array(s))};try{i.push(e,!0)}catch(e){n(e)}}))))));if(e)try{const t=e();return r.pipeThrough(t)}catch(e){if("TypeError"!==e.name)throw e}const n=r.getReader(),i=new t;return new ReadableStream({async start(e){for(i.ondata=async(t,r)=>{e.enqueue(t),r&&e.close()};;){const{done:e,value:t}=await n.read();if(e)return void i.push(new Uint8Array,!0);t.length&&i.push(t)}}})}}function Ea(){return async function(e){const{decode:t}=await Promise.resolve().then((function(){return Cd}));return R((async()=>t(await x(e))))}}const va=e=>({compressor:"undefined"!=typeof CompressionStream&&(()=>new CompressionStream(e)),decompressor:"undefined"!=typeof DecompressionStream&&(()=>new DecompressionStream(e))}),Ka={zip:/*#__PURE__*/ka(va("deflate-raw").compressor,ea),zlib:/*#__PURE__*/ka(va("deflate").compressor,ra)},Sa={uncompressed:e=>e,zip:/*#__PURE__*/ka(va("deflate-raw").decompressor,ta),zlib:/*#__PURE__*/ka(va("deflate").decompressor,na),bzip2:/*#__PURE__*/Ea()},Ia=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class Ba{static get tag(){return F.packet.symEncryptedIntegrityProtectedData}static fromObject({version:e,aeadAlgorithm:t}){if(1!==e&&2!==e)throw Error("Unsupported SEIPD version");const r=new Ba;return r.version=e,2===e&&(r.aeadAlgorithm=t),r}constructor(){this.version=null,this.cipherAlgorithm=null,this.aeadAlgorithm=null,this.chunkSizeByte=null,this.salt=null,this.encrypted=null,this.packets=null}async read(e){await B(e,(async e=>{if(this.version=await e.readByte(),1!==this.version&&2!==this.version)throw new ut(`Version ${this.version} of the SEIP packet is unsupported.`);2===this.version&&(this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte(),this.salt=await e.readBytes(32)),this.encrypted=e.remainder()}))}write(){return 2===this.version?_.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.salt,this.encrypted]):_.concat([new Uint8Array([this.version]),this.encrypted])}async encrypt(e,t,r=O){const{blockSize:n,keySize:i}=Ur(e);if(t.length!==i)throw Error("Unexpected session key size");let s=this.packets.write();if(l(s)&&(s=await x(s)),2===this.version)this.cipherAlgorithm=e,this.salt=we(32),this.chunkSizeByte=r.aeadChunkSizeByte,this.encrypted=await Ca(this,"encrypt",t,s);else{const r=await ni(e),i=new Uint8Array([211,20]),a=_.concat([r,s,i]),o=await Le(F.hash.sha1,U(a)),c=_.concat([a,o]);this.encrypted=await ii(e,t,c,new Uint8Array(n))}return!0}async decrypt(e,t,r=O){if(t.length!==Ur(e).keySize)throw Error("Unexpected session key size");let n,i=C(this.encrypted);l(i)&&(i=await x(i));let s=!1;if(2===this.version){if(this.cipherAlgorithm!==e)throw Error("Unexpected session key algorithm");n=await Ca(this,"decrypt",t,i)}else{const{blockSize:a}=Ur(e),o=await si(e,t,i,new Uint8Array(a)),c=D(U(o),-20),u=D(o,0,-20),h=Promise.all([x(await Le(F.hash.sha1,U(u))),x(c)]).then((([e,t])=>{if(!_.equalsUint8Array(e,t))throw Error("Modification detected.");return new Uint8Array})),l=D(u,a+2);n=D(l,0,-2),n=k([n,R((()=>h))]),_.isStream(i)&&r.allowUnauthenticatedStream?s=!0:n=await x(n)}return this.packets=await da.fromBinary(n,Ia,r,new Aa,s),!0}}async function Ca(e,t,r,n){const i=e instanceof Ba&&2===e.version,s=!i&&e.constructor.tag===F.packet.aeadEncryptedData;if(!i&&!s)throw Error("Unexpected packet type");const a=Hi(e.aeadAlgorithm,s),o="decrypt"===t?a.tagLength:0,c="encrypt"===t?a.tagLength:0,u=2**(e.chunkSizeByte+6)+o,h=s?8:0,l=new ArrayBuffer(13+h),f=new Uint8Array(l,0,5+h),y=new Uint8Array(l),p=new DataView(l),d=new Uint8Array(l,5,8);f.set([192|e.constructor.tag,e.version,e.cipherAlgorithm,e.aeadAlgorithm,e.chunkSizeByte],0);let g,w,A=0,m=Promise.resolve(),b=0,k=0;if(i){const{keySize:t}=Ur(e.cipherAlgorithm),{ivLength:n}=a,i=new Uint8Array(l,0,5),s=await Qr(F.hash.sha256,r,e.salt,i,t+n);r=s.subarray(0,t),g=s.subarray(t),g.fill(0,g.length-8),w=new DataView(g.buffer,g.byteOffset,g.byteLength)}else g=e.iv;const v=await a(e.cipherAlgorithm,r);return I(n,(async(r,n)=>{if("array"!==_.isStream(r)){const t=new TransformStream({},{highWaterMark:_.getHardwareConcurrency()*2**(e.chunkSizeByte+6),size:e=>e.length});E(t.readable,n),n=t.writable}const s=T(r),a=M(n);try{for(;;){let e=await s.readBytes(u+o)||new Uint8Array;const r=e.subarray(e.length-o);let n,l,E;if(e=e.subarray(0,e.length-o),i)E=g;else{E=g.slice();for(let e=0;e<8;e++)E[g.length-8+e]^=d[e]}if(!A||e.length?(s.unshift(r),n=v[t](e,E,f),n.catch((()=>{})),k+=e.length-o+c):(p.setInt32(5+h+4,b),n=v[t](r,E,y),n.catch((()=>{})),k+=c,l=!0),b+=e.length-o,m=m.then((()=>n)).then((async e=>{await a.ready,await a.write(e),k-=e.length})).catch((e=>a.abort(e))),(l||k>a.desiredSize)&&await m,l){await a.close();break}i?w.setInt32(g.length-4,++A):p.setInt32(9,++A)}}catch(e){await a.ready.catch((()=>{})),await a.abort(e)}}))}const Ua=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class Pa{static get tag(){return F.packet.aeadEncryptedData}constructor(){this.version=1,this.cipherAlgorithm=null,this.aeadAlgorithm=F.aead.eax,this.chunkSizeByte=null,this.iv=null,this.encrypted=null,this.packets=null}async read(e){await B(e,(async e=>{const t=await e.readByte();if(1!==t)throw new ut(`Version ${t} of the AEAD-encrypted data packet is not supported.`);this.cipherAlgorithm=await e.readByte(),this.aeadAlgorithm=await e.readByte(),this.chunkSizeByte=await e.readByte();const r=Hi(this.aeadAlgorithm,!0);this.iv=await e.readBytes(r.ivLength),this.encrypted=e.remainder()}))}write(){return _.concat([new Uint8Array([this.version,this.cipherAlgorithm,this.aeadAlgorithm,this.chunkSizeByte]),this.iv,this.encrypted])}async decrypt(e,t,r=O){this.packets=await da.fromBinary(await Ca(this,"decrypt",t,C(this.encrypted)),Ua,r,new Aa)}async encrypt(e,t,r=O){this.cipherAlgorithm=e;const{ivLength:n}=Hi(this.aeadAlgorithm,!0);this.iv=we(n),this.chunkSizeByte=r.aeadChunkSizeByte;const i=this.packets.write();this.encrypted=await Ca(this,"encrypt",t,i)}}const Da=new Set([F.publicKey.x25519,F.publicKey.x448,F.publicKey.pqc_mlkem_x25519]);class xa{static get tag(){return F.packet.publicKeyEncryptedSessionKey}constructor(){this.version=null,this.publicKeyID=new aa,this.publicKeyVersion=null,this.publicKeyFingerprint=null,this.publicKeyAlgorithm=null,this.sessionKey=null,this.sessionKeyAlgorithm=null,this.encrypted={}}static fromObject({version:e,encryptionKeyPacket:t,anonymousRecipient:r,sessionKey:n,sessionKeyAlgorithm:i}){const s=new xa;if(3!==e&&6!==e)throw Error("Unsupported PKESK version");return s.version=e,6===e&&(s.publicKeyVersion=r?null:t.version,s.publicKeyFingerprint=r?null:t.getFingerprintBytes()),s.publicKeyID=r?aa.wildcard():t.getKeyID(),s.publicKeyAlgorithm=t.algorithm,s.sessionKey=n,s.sessionKeyAlgorithm=i,s}read(e){let t=0;if(this.version=e[t++],3!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the PKESK packet is unsupported.`);if(6===this.version){const r=e[t++];if(r){this.publicKeyVersion=e[t++];const n=r-1;this.publicKeyFingerprint=e.subarray(t,t+n),t+=n,this.publicKeyVersion>=5?this.publicKeyID.read(this.publicKeyFingerprint):this.publicKeyID.read(this.publicKeyFingerprint.subarray(-8))}else this.publicKeyID=aa.wildcard()}else t+=this.publicKeyID.read(e.subarray(t,t+8));if(this.publicKeyAlgorithm=e[t++],this.encrypted=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:return{c:_.readMPI(t.subarray(r))};case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(r));return r+=e.length+2,{c1:e,c2:_.readMPI(t.subarray(r))}}case F.publicKey.ecdh:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=new qn;return n.read(t.subarray(r)),{V:e,C:n}}case F.publicKey.x25519:case F.publicKey.x448:{const n=Wi(e),i=_.readExactSubarray(t,r,r+n);r+=i.length;const s=new Wn;return s.read(t.subarray(r)),{ephemeralPublicKey:i,C:s}}case F.publicKey.aead:{const e=new Zn;r+=e.read(t.subarray(r));const{ivLength:n}=Hi(e.getValue()),i=t.subarray(r,r+n);r+=n;const s=new jn;return r+=s.read(t.subarray(r)),{aeadMode:e,iv:i,c:s}}case F.publicKey.pqc_mlkem_x25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.x25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1088);r+=n.length;const i=new Wn;return i.read(t.subarray(r)),{eccCipherText:e,mlkemCipherText:n,C:i}}default:throw new ut("Unknown public key encryption algorithm.")}}(this.publicKeyAlgorithm,e.subarray(t)),Da.has(this.publicKeyAlgorithm))if(3===this.version)this.sessionKeyAlgorithm=F.write(F.symmetric,this.encrypted.C.algorithm);else if(null!==this.encrypted.C.algorithm)throw Error("Unexpected cleartext symmetric algorithm")}write(){const e=[new Uint8Array([this.version])];return 6===this.version?null!==this.publicKeyFingerprint?(e.push(new Uint8Array([this.publicKeyFingerprint.length+1,this.publicKeyVersion])),e.push(this.publicKeyFingerprint)):e.push(new Uint8Array([0])):e.push(this.publicKeyID.write()),e.push(new Uint8Array([this.publicKeyAlgorithm]),ji(this.publicKeyAlgorithm,this.encrypted)),_.concatUint8Array(e)}async encrypt(e){const t=F.write(F.publicKey,this.publicKeyAlgorithm),r=3===this.version?this.sessionKeyAlgorithm:null,n=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),i=Qa(this.version,t,r,this.sessionKey),s=t===F.publicKey.aead?e.privateParams:null;this.encrypted=await zi(t,r,e.publicParams,s,i,n)}async decrypt(e,t){if(this.publicKeyAlgorithm!==e.algorithm)throw Error("Decryption error");const r=t?Qa(this.version,this.publicKeyAlgorithm,t.sessionKeyAlgorithm,t.sessionKey):null,n=5===e.version?e.getFingerprintBytes().subarray(0,20):e.getFingerprintBytes(),i=await Gi(this.publicKeyAlgorithm,e.publicParams,e.privateParams,this.encrypted,n,r),{sessionKey:s,sessionKeyAlgorithm:a}=function(e,t,r,n){switch(t){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.aead:{const t=r.subarray(0,r.length-2),i=r.subarray(r.length-2),s=_.writeChecksum(t.subarray(t.length%8)),a=s[0]===i[0]&s[1]===i[1],o=6===e?{sessionKeyAlgorithm:null,sessionKey:t}:{sessionKeyAlgorithm:t[0],sessionKey:t.subarray(1)};if(n){const t=a&o.sessionKeyAlgorithm===n.sessionKeyAlgorithm&o.sessionKey.length===n.sessionKey.length;return{sessionKey:_.selectUint8Array(t,o.sessionKey,n.sessionKey),sessionKeyAlgorithm:6===e?null:_.selectUint8(t,o.sessionKeyAlgorithm,n.sessionKeyAlgorithm)}}if(a&&(6===e||F.read(F.symmetric,o.sessionKeyAlgorithm)))return o;throw Error("Decryption error")}case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return{sessionKeyAlgorithm:null,sessionKey:r};default:throw Error("Unsupported public key algorithm")}}(this.version,this.publicKeyAlgorithm,i,t);if(3===this.version){const e=!Da.has(this.publicKeyAlgorithm);if(this.sessionKeyAlgorithm=e?a:this.sessionKeyAlgorithm,s.length!==Ur(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}this.sessionKey=s}}function Qa(e,t,r,n){switch(t){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.aead:return _.concatUint8Array([new Uint8Array(6===e?[]:[r]),n,_.writeChecksum(n.subarray(n.length%8))]);case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return n;default:throw Error("Unsupported public key algorithm")}}class Ra{static get tag(){return F.packet.symEncryptedSessionKey}constructor(e=O){this.version=e.aeadProtect?6:4,this.sessionKey=null,this.sessionKeyEncryptionAlgorithm=null,this.sessionKeyAlgorithm=null,this.aeadAlgorithm=F.write(F.aead,e.preferredAEADAlgorithm),this.encrypted=null,this.s2k=null,this.iv=null}read(e){let t=0;if(this.version=e[t++],4!==this.version&&5!==this.version&&6!==this.version)throw new ut(`Version ${this.version} of the SKESK packet is unsupported.`);6===this.version&&t++;const r=e[t++];this.version>=5&&(this.aeadAlgorithm=e[t++],6===this.version&&t++);const n=e[t++];if(this.s2k=cs(n),t+=this.s2k.read(e.subarray(t,e.length)),this.version>=5){const r=Hi(this.aeadAlgorithm,!0);this.iv=e.subarray(t,t+=r.ivLength)}this.version>=5||t<e.length?(this.encrypted=e.subarray(t,e.length),this.sessionKeyEncryptionAlgorithm=r):this.sessionKeyAlgorithm=r}write(){const e=null===this.encrypted?this.sessionKeyAlgorithm:this.sessionKeyEncryptionAlgorithm;let t;const r=this.s2k.write();if(6===this.version){const n=r.length,i=3+n+this.iv.length;t=_.concatUint8Array([new Uint8Array([this.version,i,e,this.aeadAlgorithm,n]),r,this.iv,this.encrypted])}else 5===this.version?t=_.concatUint8Array([new Uint8Array([this.version,e,this.aeadAlgorithm]),r,this.iv,this.encrypted]):(t=_.concatUint8Array([new Uint8Array([this.version,e]),r]),null!==this.encrypted&&(t=_.concatUint8Array([t,this.encrypted])));return t}async decrypt(e){const t=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm,{blockSize:r,keySize:n}=Ur(t),i=await this.s2k.produceKey(e,n);if(this.version>=5){const e=Hi(this.aeadAlgorithm,!0),r=new Uint8Array([192|Ra.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),s=6===this.version?await Qr(F.hash.sha256,i,new Uint8Array,r,n):i,a=await e(t,s);this.sessionKey=await a.decrypt(this.encrypted,this.iv,r)}else if(null!==this.encrypted){const e=await si(t,i,this.encrypted,new Uint8Array(r));if(this.sessionKeyAlgorithm=F.write(F.symmetric,e[0]),this.sessionKey=e.subarray(1,e.length),this.sessionKey.length!==Ur(this.sessionKeyAlgorithm).keySize)throw Error("Unexpected session key size")}else this.sessionKey=i}async encrypt(e,t=O){const r=null!==this.sessionKeyEncryptionAlgorithm?this.sessionKeyEncryptionAlgorithm:this.sessionKeyAlgorithm;this.sessionKeyEncryptionAlgorithm=r,this.s2k=us(t),this.s2k.generateSalt();const{blockSize:n,keySize:i}=Ur(r),s=await this.s2k.produceKey(e,i);if(null===this.sessionKey&&(this.sessionKey=Ji(this.sessionKeyAlgorithm)),this.version>=5){const e=Hi(this.aeadAlgorithm);this.iv=we(e.ivLength);const t=new Uint8Array([192|Ra.tag,this.version,this.sessionKeyEncryptionAlgorithm,this.aeadAlgorithm]),n=6===this.version?await Qr(F.hash.sha256,s,new Uint8Array,t,i):s,a=await e(r,n);this.encrypted=await a.encrypt(this.sessionKey,this.iv,t)}else{const e=_.concatUint8Array([new Uint8Array([this.sessionKeyAlgorithm]),this.sessionKey]);this.encrypted=await ii(r,s,e,new Uint8Array(n))}}}class Ta{static get tag(){return F.packet.publicKey}constructor(e=new Date,t=O){this.version=t.v6Keys?6:4,this.created=_.normalizeDate(e),this.algorithm=null,this.publicParams=null,this.expirationTimeV3=0,this.fingerprint=null,this.keyID=null}static fromSecretKeyPacket(e){const t=new Ta,{version:r,created:n,algorithm:i,publicParams:s,keyID:a,fingerprint:o}=e;return t.version=r,t.created=n,t.algorithm=i,t.publicParams=s,t.keyID=a,t.fingerprint=o,t}async read(e,t=O){let r=0;if(this.version=e[r++],5===this.version&&!t.enableParsingV5Entities)throw new ut("Support for parsing v5 entities is disabled; turn on `config.enableParsingV5Entities` if needed");if(4===this.version||5===this.version||6===this.version){this.created=_.readDate(e.subarray(r,r+4)),r+=4,this.algorithm=e[r++],this.version>=5&&(r+=4);const{read:t,publicParams:n}=function(e,t){let r=0;switch(e){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{n:e,e:n}}}case F.publicKey.dsa:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=_.readMPI(t.subarray(r));r+=i.length+2;const s=_.readMPI(t.subarray(r));return r+=s.length+2,{read:r,publicParams:{p:e,q:n,g:i,y:s}}}case F.publicKey.elgamal:{const e=_.readMPI(t.subarray(r));r+=e.length+2;const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=_.readMPI(t.subarray(r));return r+=i.length+2,{read:r,publicParams:{p:e,g:n,y:i}}}case F.publicKey.ecdsa:{const e=new tt;r+=e.read(t),Xi(e);const n=_.readMPI(t.subarray(r));return r+=n.length+2,{read:r,publicParams:{oid:e,Q:n}}}case F.publicKey.eddsaLegacy:{const e=new tt;if(r+=e.read(t),Xi(e),e.getName()!==F.curve.ed25519Legacy)throw Error("Unexpected OID for eddsaLegacy");let n=_.readMPI(t.subarray(r));return r+=n.length+2,n=_.leftPad(n,33),{read:r,publicParams:{oid:e,Q:n}}}case F.publicKey.ecdh:{const e=new tt;r+=e.read(t),Xi(e);const n=_.readMPI(t.subarray(r));r+=n.length+2;const i=new Vn;return r+=i.read(t.subarray(r)),{read:r,publicParams:{oid:e,Q:n,kdfParams:i}}}case F.publicKey.ed25519:case F.publicKey.ed448:case F.publicKey.x25519:case F.publicKey.x448:{const n=_.readExactSubarray(t,r,r+Wi(e));return r+=n.length,{read:r,publicParams:{A:n}}}case F.publicKey.hmac:case F.publicKey.aead:{const e=new Jn;r+=e.read(t);const n=Fe(F.hash.sha256),i=t.subarray(r,r+n);return r+=n,{read:r,publicParams:{cipher:e,digest:i}}}case F.publicKey.pqc_mlkem_x25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.x25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1184);return r+=n.length,{read:r,publicParams:{eccPublicKey:e,mlkemPublicKey:n}}}case F.publicKey.pqc_mldsa_ed25519:{const e=_.readExactSubarray(t,r,r+Wi(F.publicKey.ed25519));r+=e.length;const n=_.readExactSubarray(t,r,r+1952);return r+=n.length,{read:r,publicParams:{eccPublicKey:e,mldsaPublicKey:n}}}default:throw new ut("Unknown public key encryption algorithm.")}}(this.algorithm,e.subarray(r));if(6===this.version&&n.oid&&(n.oid.getName()===F.curve.curve25519Legacy||n.oid.getName()===F.curve.ed25519Legacy))throw Error("Legacy curve25519 cannot be used with v6 keys");if(6!==this.version&&this.algorithm===F.publicKey.pqc_mldsa_ed25519)throw Error("Unexpected key version: ML-DSA algorithms can only be used with v6 keys");return this.publicParams=n,r+=t,await this.computeFingerprintAndKeyID(),r}throw new ut(`Version ${this.version} of the key packet is unsupported.`)}write(){const e=[];e.push(new Uint8Array([this.version])),e.push(_.writeDate(this.created)),e.push(new Uint8Array([this.algorithm]));const t=ji(this.algorithm,this.publicParams);return this.version>=5&&e.push(_.writeNumber(t.length,4)),e.push(t),_.concatUint8Array(e)}writeForHash(e){const t=this.writePublicKey(),r=149+e,n=e>=5?4:2;return _.concatUint8Array([new Uint8Array([r]),_.writeNumber(t.length,n),t])}isDecrypted(){return null}getCreationTime(){return this.created}getKeyID(){return this.keyID}async computeFingerprintAndKeyID(){if(await this.computeFingerprint(),this.keyID=new aa,this.version>=5)this.keyID.read(this.fingerprint.subarray(0,8));else{if(4!==this.version)throw Error("Unsupported key version");this.keyID.read(this.fingerprint.subarray(12,20))}}async computeFingerprint(){const e=this.writeForHash(this.version);if(this.version>=5)this.fingerprint=await Le(F.hash.sha256,e);else{if(4!==this.version)throw Error("Unsupported key version");this.fingerprint=await Le(F.hash.sha1,e)}}getFingerprintBytes(){return this.fingerprint}getFingerprint(){return _.uint8ArrayToHex(this.getFingerprintBytes())}hasSameFingerprintAs(e){return this.version===e.version&&_.equalsUint8Array(this.writePublicKey(),e.writePublicKey())}getAlgorithmInfo(){const e={};e.algorithm=F.read(F.publicKey,this.algorithm);const t=this.publicParams.n||this.publicParams.p;return t?e.bits=_.uint8ArrayBitLength(t):this.publicParams.oid?e.curve=this.publicParams.oid.getName():this.publicParams.cipher&&(e.symmetric=this.publicParams.cipher.getName()),e}}Ta.prototype.readPublicKey=Ta.prototype.read,Ta.prototype.writePublicKey=Ta.prototype.write;const Ma=/*#__PURE__*/_.constructAllowedPackets([sa,ba,ya,ha]);class La{static get tag(){return F.packet.symmetricallyEncryptedData}constructor(){this.encrypted=null,this.packets=null}read(e){this.encrypted=e}write(){return this.encrypted}async decrypt(e,t,r=O){if(!r.allowUnauthenticatedMessages)throw Error("Message is not authenticated.");const{blockSize:n}=Ur(e),i=await x(C(this.encrypted)),s=await si(e,t,i.subarray(n+2),i.subarray(2,n+2));this.packets=await da.fromBinary(s,Ma,r)}async encrypt(e,t,r=O){const n=this.packets.write(),{blockSize:i}=Ur(e),s=await ni(e),a=await ii(e,t,s,new Uint8Array(i)),o=await ii(e,t,n,a.subarray(2));this.encrypted=_.concat([a,o])}}class Fa extends Ta{static get tag(){return F.packet.publicSubkey}constructor(e,t){super(e,t)}static fromSecretSubkeyPacket(e){const t=new Fa,{version:r,created:n,algorithm:i,publicParams:s,keyID:a,fingerprint:o}=e;return t.version=r,t.created=n,t.algorithm=i,t.publicParams=s,t.keyID=a,t.fingerprint=o,t}}class Oa{static get tag(){return F.packet.userAttribute}constructor(){this.attributes=[]}read(e){let t=0;for(;t<e.length;){const r=rt(e.subarray(t,e.length));t+=r.offset,this.attributes.push(_.uint8ArrayToString(e.subarray(t,t+r.len))),t+=r.len}}write(){const e=[];for(let t=0;t<this.attributes.length;t++)e.push(nt(this.attributes[t].length)),e.push(_.stringToUint8Array(this.attributes[t]));return _.concatUint8Array(e)}equals(e){return!!(e&&e instanceof Oa)&&this.attributes.every((function(t,r){return t===e.attributes[r]}))}}class Na extends Ta{static get tag(){return F.packet.secretKey}constructor(e=new Date,t=O){super(e,t),this.keyMaterial=null,this.isEncrypted=null,this.s2kUsage=0,this.s2k=null,this.symmetric=null,this.aead=null,this.isLegacyAEAD=null,this.privateParams=null,this.usedModernAEAD=null}async read(e,t=O){let r=await this.readPublicKey(e,t);const n=r;this.s2kUsage=e[r++],5===this.version&&r++,6===this.version&&this.s2kUsage&&r++;try{if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){this.symmetric=e[r++],253===this.s2kUsage&&(this.aead=e[r++]),6===this.version&&r++;const t=e[r++];if(this.s2k=cs(t),r+=this.s2k.read(e.subarray(r,e.length)),"gnu-dummy"===this.s2k.type)return}else this.s2kUsage&&(this.symmetric=this.s2kUsage);this.s2kUsage&&(this.isLegacyAEAD=253===this.s2kUsage&&(5===this.version||4===this.version&&t.parseAEADEncryptedV4KeysAsLegacy),253!==this.s2kUsage||this.isLegacyAEAD?(this.iv=e.subarray(r,r+Ur(this.symmetric).blockSize),this.usedModernAEAD=!1):(this.iv=e.subarray(r,r+Hi(this.aead).ivLength),this.usedModernAEAD=!0),r+=this.iv.length)}catch(t){if(!this.s2kUsage)throw t;this.unparseableKeyMaterial=e.subarray(n),this.isEncrypted=!0}if(5===this.version&&(r+=4),this.keyMaterial=e.subarray(r),this.isEncrypted=!!this.s2kUsage,!this.isEncrypted){let e;if(6===this.version)e=this.keyMaterial;else if(e=this.keyMaterial.subarray(0,-2),!_.equalsUint8Array(_.writeChecksum(e),this.keyMaterial.subarray(-2)))throw Error("Key checksum mismatch");try{const{read:t,privateParams:r}=await qi(this.algorithm,e,this.publicParams);if(t<e.length)throw Error("Error reading MPIs");this.privateParams=r}catch(e){if(e instanceof ut)throw e;throw Error("Error reading MPIs")}}}write(){const e=this.writePublicKey();if(this.unparseableKeyMaterial)return _.concatUint8Array([e,this.unparseableKeyMaterial]);const t=[e];t.push(new Uint8Array([this.s2kUsage]));const r=[];if(255===this.s2kUsage||254===this.s2kUsage||253===this.s2kUsage){r.push(this.symmetric),253===this.s2kUsage&&r.push(this.aead);const e=this.s2k.write();6===this.version&&r.push(e.length),r.push(...e)}return this.s2kUsage&&"gnu-dummy"!==this.s2k.type&&r.push(...this.iv),(5===this.version||6===this.version&&this.s2kUsage)&&t.push(new Uint8Array([r.length])),t.push(new Uint8Array(r)),this.isDummy()||(this.s2kUsage||(this.keyMaterial=ji(this.algorithm,this.privateParams)),5===this.version&&t.push(_.writeNumber(this.keyMaterial.length,4)),t.push(this.keyMaterial),this.s2kUsage||6===this.version||t.push(_.writeChecksum(this.keyMaterial))),_.concatUint8Array(t)}isDecrypted(){return!1===this.isEncrypted}isMissingSecretKeyMaterial(){return void 0!==this.unparseableKeyMaterial||this.isDummy()}isDummy(){return!(!this.s2k||"gnu-dummy"!==this.s2k.type)}makeDummy(e=O){this.isDummy()||(this.isDecrypted()&&this.clearPrivateParams(),delete this.unparseableKeyMaterial,this.isEncrypted=null,this.keyMaterial=null,this.s2k=cs(F.s2k.gnu,e),this.s2k.algorithm=0,this.s2k.c=0,this.s2k.type="gnu-dummy",this.s2kUsage=254,this.symmetric=F.symmetric.aes256,this.isLegacyAEAD=null,this.usedModernAEAD=null)}async encrypt(e,t=O){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key packet is already encrypted");if(!e)throw Error("A non-empty passphrase is required for key encryption.");this.s2k=us(t),this.s2k.generateSalt();const r=ji(this.algorithm,this.privateParams);this.symmetric=F.symmetric.aes256;const{blockSize:n}=Ur(this.symmetric);if(t.aeadProtect){this.s2kUsage=253,this.aead=t.preferredAEADAlgorithm;const i=Hi(this.aead);this.isLegacyAEAD=5===this.version,this.usedModernAEAD=!this.isLegacyAEAD;const s=st(this.constructor.tag),a=await _a(this.version,this.s2k,e,this.symmetric,this.aead,s,this.isLegacyAEAD),o=await i(this.symmetric,a);this.iv=this.isLegacyAEAD?we(n):we(i.ivLength);const c=this.isLegacyAEAD?new Uint8Array:_.concatUint8Array([s,this.writePublicKey()]);this.keyMaterial=await o.encrypt(r,this.iv.subarray(0,i.ivLength),c)}else{this.s2kUsage=254,this.usedModernAEAD=!1;const t=await _a(this.version,this.s2k,e,this.symmetric);this.iv=we(n),this.keyMaterial=await ii(this.symmetric,t,_.concatUint8Array([r,await Le(F.hash.sha1,r)]),this.iv)}}async decrypt(e){if(this.isDummy())return!1;if(this.unparseableKeyMaterial)throw Error("Key packet cannot be decrypted: unsupported S2K or cipher algo");if(this.isDecrypted())throw Error("Key packet is already decrypted.");let t;const r=st(this.constructor.tag);if(254!==this.s2kUsage&&253!==this.s2kUsage)throw 255===this.s2kUsage?Error("Encrypted private key is authenticated using an insecure two-byte hash"):Error("Private key is encrypted using an insecure S2K function: unsalted MD5");let n;if(t=await _a(this.version,this.s2k,e,this.symmetric,this.aead,r,this.isLegacyAEAD),253===this.s2kUsage){const e=Hi(this.aead,!0),i=await e(this.symmetric,t);try{const t=this.isLegacyAEAD?new Uint8Array:_.concatUint8Array([r,this.writePublicKey()]);n=await i.decrypt(this.keyMaterial,this.iv.subarray(0,e.ivLength),t)}catch(e){if("Authentication tag mismatch"===e.message)throw Error("Incorrect key passphrase: "+e.message);throw e}}else{const e=await si(this.symmetric,t,this.keyMaterial,this.iv);n=e.subarray(0,-20);const r=await Le(F.hash.sha1,n);if(!_.equalsUint8Array(r,e.subarray(-20)))throw Error("Incorrect key passphrase")}try{const{privateParams:e}=await qi(this.algorithm,n,this.publicParams);this.privateParams=e}catch(e){throw Error("Error reading MPIs")}this.isEncrypted=!1,this.keyMaterial=null,this.s2kUsage=0,this.aead=null,this.symmetric=null,this.isLegacyAEAD=null}async validate(){if(this.isDummy())return;if(!this.isDecrypted())throw Error("Key is not decrypted");if(this.usedModernAEAD)return;let e;try{e=await Zi(this.algorithm,this.publicParams,this.privateParams)}catch(t){e=!1}if(!e)throw Error("Key is invalid")}async generate(e,t,r){if(6===this.version&&(this.algorithm===F.publicKey.ecdh&&t===F.curve.curve25519Legacy||this.algorithm===F.publicKey.eddsaLegacy))throw Error(`Cannot generate v6 keys of type 'ecc' with curve ${t}. Generate a key of type 'curve25519' instead`);if(6!==this.version&&this.algorithm===F.publicKey.pqc_mldsa_ed25519)throw Error(`Cannot generate v${this.version} signing keys of type 'pqc'. Generate a v6 key instead`);const{privateParams:n,publicParams:i}=await Vi(this.algorithm,e,t,r);this.privateParams=n,this.publicParams=i,this.isEncrypted=!1}clearPrivateParams(){this.isMissingSecretKeyMaterial()||(Object.keys(this.privateParams).forEach((e=>{this.privateParams[e].fill(0),delete this.privateParams[e]})),this.privateParams=null,this.isEncrypted=!0)}}async function _a(e,t,r,n,i,s,a){if("argon2"===t.type&&!i)throw Error("Using Argon2 S2K without AEAD is not allowed");if("simple"===t.type&&6===e)throw Error("Using Simple S2K with version 6 keys is not allowed");const{keySize:o}=Ur(n),c=await t.produceKey(r,o);if(!i||5===e||a)return c;const u=_.concatUint8Array([s,new Uint8Array([e,n,i])]);return Qr(F.hash.sha256,c,new Uint8Array,u,o)}class Ha{static get tag(){return F.packet.userID}constructor(){this.userID="",this.name="",this.email="",this.comment=""}static fromObject(e){if(_.isString(e)||e.name&&!_.isString(e.name)||e.email&&!_.isEmailAddress(e.email)||e.comment&&!_.isString(e.comment))throw Error("Invalid user ID format");const t=new Ha;Object.assign(t,e);const r=[];return t.name&&r.push(t.name),t.comment&&r.push(`(${t.comment})`),t.email&&r.push(`<${t.email}>`),t.userID=r.join(" "),t}read(e,t=O){const r=_.decodeUTF8(e);if(r.length>t.maxUserIDLength)throw Error("User ID string is too long");const n=e=>/^[^\s@]+@[^\s@]+$/.test(e),i=r.indexOf("<"),s=r.lastIndexOf(">");if(-1!==i&&-1!==s&&s>i){const e=r.substring(i+1,s);if(n(e)){this.email=e;const t=r.substring(0,i).trim(),n=t.indexOf("("),s=t.lastIndexOf(")");-1!==n&&-1!==s&&s>n?(this.comment=t.substring(n+1,s).trim(),this.name=t.substring(0,n).trim()):(this.name=t,this.comment="")}}else n(r.trim())&&(this.email=r.trim(),this.name="",this.comment="");this.userID=r}write(){return _.encodeUTF8(this.userID)}equals(e){return e&&e.userID===this.userID}}class za extends Na{static get tag(){return F.packet.secretSubkey}constructor(e=new Date,t=O){super(e,t)}}const Ga=/*#__PURE__*/_.constructAllowedPackets([ha]);class qa{constructor(e){this.packets=e||new da}write(){return this.packets.write()}armor(e=O){const t=this.packets.some((e=>e.constructor.tag===ha.tag&&6!==e.version));return ne(F.armor.signature,this.write(),void 0,void 0,void 0,t,e)}getSigningKeyIDs(){return this.packets.map((e=>e.issuerKeyID))}}async function ja(e,t){const r=new za(e.date,t);return r.packets=null,r.algorithm=F.write(F.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Va(e,t){const r=new Na(e.date,t);return r.packets=null,r.algorithm=F.write(F.publicKey,e.algorithm),await r.generate(e.rsaBits,e.curve,e.symmetric),await r.computeFingerprintAndKeyID(),r}async function Ya(e,t,r,n,i=new Date,s){let a,o;for(let c=e.length-1;c>=0;c--)try{(!a||e[c].created>=a.created)&&(await e[c].verify(t,r,n,i,void 0,s),a=e[c])}catch(e){o=e}if(!a)throw _.wrapError(`Could not find valid ${F.read(F.signature,r)} signature in key ${t.getKeyID().toHex()}`.replace("certGeneric ","self-").replace(/([a-z])([A-Z])/g,((e,t,r)=>t+" "+r.toLowerCase())),o);return a}function Za(e,t,r=new Date){const n=_.normalizeDate(r);if(null!==n){const r=to(e,t);return!(e.created<=n&&n<r)}return!1}async function Ja(e,t,r,n){const i={};i.key=t,i.bind=e;const s={signatureType:F.signature.subkeyBinding};r.sign?(s.keyFlags=[F.keyFlags.signData],s.embeddedSignature=await Wa(i,[],e,{signatureType:F.signature.keyBinding},r.date,void 0,void 0,void 0,n)):s.keyFlags=r.forwarding?[F.keyFlags.forwardedCommunication]:[F.keyFlags.encryptCommunication|F.keyFlags.encryptStorage],r.keyExpirationTime>0&&(s.keyExpirationTime=r.keyExpirationTime,s.keyNeverExpires=!1);return await Wa(i,[],t,s,r.date,void 0,void 0,void 0,n)}async function Xa(e,t,r=new Date,n=[],i){const s=F.hash.sha256,a=i.preferredHashAlgorithm,o=await Promise.all(e.map((async(e,t)=>(await e.getPrimarySelfSignature(r,n[t],i)).preferredHashAlgorithms||[]))),c=new Map;for(const e of o)for(const t of e)try{const e=F.write(F.hash,t);c.set(e,c.has(e)?c.get(e)+1:1)}catch{}const u=t=>0===e.length||c.get(t)===e.length||t===s,h=()=>{if(0===c.size)return s;const e=Array.from(c.keys()).filter((e=>u(e))).sort(((e,t)=>Fe(e)-Fe(t)))[0];return Fe(e)>=Fe(s)?e:s},l=new Set([F.publicKey.ecdsa,F.publicKey.eddsaLegacy,F.publicKey.ed25519,F.publicKey.ed448]),f=new Set([F.publicKey.pqc_mldsa_ed25519]);if(l.has(t.algorithm)){const e=function(e,t){switch(e){case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:return $r(t);case F.publicKey.ed25519:case F.publicKey.ed448:return At(e);default:throw Error("Unknown elliptic signing algo")}}(t.algorithm,t.publicParams.oid),r=u(a),n=Fe(a)>=Fe(e);if(r&&n)return a;{const t=h();return Fe(t)>=Fe(e)?t:e}}if(f.has(t.algorithm)){if(u(a)&&zn(t.algorithm,a))return a;{const e=h();return zn(t.algorithm,e)?e:s}}return u(a)?a:h()}async function Wa(e,t,r,n,i,s,a=[],o=!1,c){if(r.isDummy())throw Error("Cannot sign with a gnu-dummy key.");if(!r.isDecrypted())throw Error("Signing key is not decrypted.");const u=new ha;return Object.assign(u,n),u.publicKeyAlgorithm=r.algorithm,u.hashAlgorithm=await Xa(t,r,i,s,c),u.rawNotations=[...a],await u.sign(r,e,i,o,c),u}async function $a(e,t,r,n=new Date,i){(e=e[r])&&(t[r].length?await Promise.all(e.map((async function(e){e.isExpired(n)||i&&!await i(e)||t[r].some((function(t){return _.equalsUint8Array(t.writeParams(),e.writeParams())}))||t[r].push(e)}))):t[r]=e)}async function eo(e,t,r,n,i,s,a=new Date,o){s=s||e;const c=[];return await Promise.all(n.map((async function(e){try{if(!i||e.issuerKeyID.equals(i.issuerKeyID)){const n=![F.reasonForRevocation.keyRetired,F.reasonForRevocation.keySuperseded,F.reasonForRevocation.userIDInvalid].includes(e.reasonForRevocationFlag);await e.verify(s,t,r,n?null:a,!1,o),c.push(e.issuerKeyID)}}catch(e){}}))),i?(i.revoked=!!c.some((e=>e.equals(i.issuerKeyID)))||(i.revoked||!1),i.revoked):c.length>0}function to(e,t){let r;return!1===t.keyNeverExpires&&(r=e.created.getTime()+1e3*t.keyExpirationTime),r?new Date(r):1/0}function ro(e,t={}){if(e.type=e.type||t.type,e.curve=e.curve||t.curve,e.rsaBits=e.rsaBits||t.rsaBits,e.symmetricHash=e.symmetricHash||t.symmetricHash,e.symmetricCipher=e.symmetricCipher||t.symmetricCipher,e.keyExpirationTime=void 0!==e.keyExpirationTime?e.keyExpirationTime:t.keyExpirationTime,e.passphrase=_.isString(e.passphrase)?e.passphrase:t.passphrase,e.date=e.date||t.date,e.sign=e.sign||!1,e.forwarding=e.forwarding||!1,e.sign&&e.forwarding)throw Error('Incompatible options: "sign" and "forwarding" cannot be set together');switch(e.type){case"pqc":e.sign?e.algorithm=F.publicKey.pqc_mldsa_ed25519:e.algorithm=F.publicKey.pqc_mlkem_x25519;break;case"ecc":try{e.curve=F.write(F.curve,e.curve)}catch(e){throw Error("Unknown curve")}e.curve!==F.curve.ed25519Legacy&&e.curve!==F.curve.curve25519Legacy&&"ed25519"!==e.curve&&"curve25519"!==e.curve||(e.curve=e.sign?F.curve.ed25519Legacy:F.curve.curve25519Legacy),e.sign?e.algorithm=e.curve===F.curve.ed25519Legacy?F.publicKey.eddsaLegacy:F.publicKey.ecdsa:e.algorithm=F.publicKey.ecdh;break;case"curve25519":e.algorithm=e.sign?F.publicKey.ed25519:F.publicKey.x25519;break;case"curve448":e.algorithm=e.sign?F.publicKey.ed448:F.publicKey.x448;break;case"rsa":e.algorithm=F.publicKey.rsaEncryptSign;break;case"symmetric":if(e.sign){e.algorithm=F.publicKey.hmac;try{e.symmetric=F.write(F.hash,e.symmetricHash)}catch(e){throw Error("Unknown hash algorithm")}}else{e.algorithm=F.publicKey.aead;try{e.symmetric=F.write(F.symmetric,e.symmetricCipher)}catch(e){throw Error("Unknown symmetric algorithm")}}break;default:throw Error("Unsupported key type "+e.type)}return e}function no(e,t,r){switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.dsa:case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:case F.publicKey.ed25519:case F.publicKey.ed448:case F.publicKey.hmac:case F.publicKey.pqc_mldsa_ed25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.signData);default:return!1}}function io(e,t,r){switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.aead:case F.publicKey.pqc_mlkem_x25519:if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");return!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&F.keyFlags.encryptStorage);default:return!1}}function so(e,t,r){if(!t.keyFlags&&!r.allowMissingKeyFlags)throw Error("None of the key flags is set: consider passing `config.allowMissingKeyFlags`");switch(e.algorithm){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaEncrypt:case F.publicKey.elgamal:case F.publicKey.ecdh:case F.publicKey.x25519:case F.publicKey.x448:case F.publicKey.pqc_mlkem_x25519:return!(!(!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.signData))||!r.allowInsecureDecryptionWithSigningKeys)||(!t.keyFlags||!!(t.keyFlags[0]&F.keyFlags.encryptCommunication)||!!(t.keyFlags[0]&F.keyFlags.encryptStorage)||r.allowForwardedMessages&&!!(t.keyFlags[0]&F.keyFlags.forwardedCommunication));default:return!1}}function ao(e,t){const r=F.write(F.publicKey,e.algorithm),n=e.getAlgorithmInfo();if(t.rejectPublicKeyAlgorithms.has(r))throw Error(n.algorithm+" keys are considered too weak.");switch(r){case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.rsaEncrypt:if(n.bits<t.minRSABits)throw Error(`RSA keys shorter than ${t.minRSABits} bits are considered too weak.`);break;case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:case F.publicKey.ecdh:if(t.rejectCurves.has(n.curve))throw Error(`Support for ${n.algorithm} keys using curve ${n.curve} is disabled.`)}}class oo{constructor(e,t){this.userID=e.constructor.tag===F.packet.userID?e:null,this.userAttribute=e.constructor.tag===F.packet.userAttribute?e:null,this.selfCertifications=[],this.otherCertifications=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new da;return e.push(this.userID||this.userAttribute),e.push(...this.revocationSignatures),e.push(...this.selfCertifications),e.push(...this.otherCertifications),e}clone(){const e=new oo(this.userID||this.userAttribute,this.mainKey);return e.selfCertifications=[...this.selfCertifications],e.otherCertifications=[...this.otherCertifications],e.revocationSignatures=[...this.revocationSignatures],e}async certify(e,t,r){const n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n},s=new oo(i.userID||i.userAttribute,this.mainKey);return s.otherCertifications=await Promise.all(e.map((async function(e){if(!e.isPrivate())throw Error("Need private key for signing");if(e.hasSameFingerprintAs(n))throw Error("The user's own key can only be used for self-certifications");const s=await e.getSigningKey(void 0,t,void 0,r);return Wa(i,[e],s.keyPacket,{signatureType:F.signature.certGeneric,keyFlags:[F.keyFlags.certifyKeys|F.keyFlags.signData]},t,void 0,void 0,void 0,r)}))),await s.update(this,t,r),s}async isRevoked(e,t,r=new Date,n=O){const i=this.mainKey.keyPacket;return eo(i,F.signature.certRevocation,{key:i,userID:this.userID,userAttribute:this.userAttribute},this.revocationSignatures,e,t,r,n)}async verifyCertificate(e,t,r=new Date,n){const i=this,s=this.mainKey.keyPacket,a={userID:this.userID,userAttribute:this.userAttribute,key:s},{issuerKeyID:o}=e,c=t.filter((e=>e.getKeys(o).length>0));return 0===c.length?null:(await Promise.all(c.map((async t=>{const s=await t.getSigningKey(o,e.created,void 0,n);if(e.revoked||await i.isRevoked(e,s.keyPacket,r,n))throw Error("User certificate is revoked");try{await e.verify(s.keyPacket,F.signature.certGeneric,a,r,void 0,n)}catch(e){throw _.wrapError("User certificate is invalid",e)}}))),!0)}async verifyAllCertifications(e,t=new Date,r){const n=this,i=this.selfCertifications.concat(this.otherCertifications);return Promise.all(i.map((async i=>({keyID:i.issuerKeyID,valid:await n.verifyCertificate(i,e,t,r).catch((()=>!1))}))))}async verify(e=new Date,t){if(!this.selfCertifications.length)throw Error("No self-certifications found");const r=this,n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n};let s;for(let a=this.selfCertifications.length-1;a>=0;a--)try{const s=this.selfCertifications[a];if(s.revoked||await r.isRevoked(s,void 0,e,t))throw Error("Self-certification is revoked");try{await s.verify(n,F.signature.certGeneric,i,e,void 0,t)}catch(e){throw _.wrapError("Self-certification is invalid",e)}return!0}catch(e){s=e}throw s}async update(e,t,r){const n=this.mainKey.keyPacket,i={userID:this.userID,userAttribute:this.userAttribute,key:n};await $a(e,this,"selfCertifications",t,(async function(e){try{return await e.verify(n,F.signature.certGeneric,i,t,!1,r),!0}catch(e){return!1}})),await $a(e,this,"otherCertifications",t),await $a(e,this,"revocationSignatures",t,(function(e){return eo(n,F.signature.certRevocation,i,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=F.reasonForRevocation.noReason,string:r=""}={},n=new Date,i=O){const s={userID:this.userID,userAttribute:this.userAttribute,key:e},a=new oo(s.userID||s.userAttribute,this.mainKey);return a.revocationSignatures.push(await Wa(s,[],e,{signatureType:F.signature.certRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,t),reasonForRevocationString:r},n,void 0,void 0,!1,i)),await a.update(this),a}}class co{constructor(e,t){this.keyPacket=e,this.bindingSignatures=[],this.revocationSignatures=[],this.mainKey=t}toPacketList(){const e=new da;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.bindingSignatures),e}clone(){const e=new co(this.keyPacket,this.mainKey);return e.bindingSignatures=[...this.bindingSignatures],e.revocationSignatures=[...this.revocationSignatures],e}async isRevoked(e,t,r=new Date,n=O){const i=this.mainKey.keyPacket;return eo(i,F.signature.subkeyRevocation,{key:i,bind:this.keyPacket},this.revocationSignatures,e,t,r,n)}async verify(e=new Date,t=O){const r=this.mainKey.keyPacket,n={key:r,bind:this.keyPacket},i=await Ya(this.bindingSignatures,r,F.signature.subkeyBinding,n,e,t);if(i.revoked||await this.isRevoked(i,null,e,t))throw Error("Subkey is revoked");if(Za(this.keyPacket,i,e))throw Error("Subkey is expired");return i}async getExpirationTime(e=new Date,t=O){const r=this.mainKey.keyPacket,n={key:r,bind:this.keyPacket};let i;try{i=await Ya(this.bindingSignatures,r,F.signature.subkeyBinding,n,e,t)}catch(e){return null}const s=to(this.keyPacket,i),a=i.getExpirationTime();return s<a?s:a}async update(e,t=new Date,r=O){const n=this.mainKey.keyPacket;if(!this.hasSameFingerprintAs(e))throw Error("Subkey update method: fingerprints of subkeys not equal");this.keyPacket.constructor.tag===F.packet.publicSubkey&&e.keyPacket.constructor.tag===F.packet.secretSubkey&&(this.keyPacket=e.keyPacket);const i=this,s={key:n,bind:i.keyPacket};await $a(e,this,"bindingSignatures",t,(async function(e){for(let t=0;t<i.bindingSignatures.length;t++)if(i.bindingSignatures[t].issuerKeyID.equals(e.issuerKeyID))return e.created>i.bindingSignatures[t].created&&(i.bindingSignatures[t]=e),!1;try{return await e.verify(n,F.signature.subkeyBinding,s,t,void 0,r),!0}catch(e){return!1}})),await $a(e,this,"revocationSignatures",t,(function(e){return eo(n,F.signature.subkeyRevocation,s,[e],void 0,void 0,t,r)}))}async revoke(e,{flag:t=F.reasonForRevocation.noReason,string:r=""}={},n=new Date,i=O){const s={key:e,bind:this.keyPacket},a=new co(this.keyPacket,this.mainKey);return a.revocationSignatures.push(await Wa(s,[],e,{signatureType:F.signature.subkeyRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,t),reasonForRevocationString:r},n,void 0,void 0,!1,i)),await a.update(this),a}hasSameFingerprintAs(e){return this.keyPacket.hasSameFingerprintAs(e.keyPacket||e)}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","isDecrypted"].forEach((e=>{co.prototype[e]=function(){return this.keyPacket[e]()}}));const uo=/*#__PURE__*/_.constructAllowedPackets([ha]),ho=new Set([F.packet.publicKey,F.packet.privateKey]),lo=new Set([F.packet.publicKey,F.packet.privateKey,F.packet.publicSubkey,F.packet.privateSubkey]);class fo{packetListToStructure(e,t=new Set){let r,n,i,s;for(const a of e){if(a instanceof ft){lo.has(a.tag)&&!s&&(s=ho.has(a.tag)?ho:lo);continue}const e=a.constructor.tag;if(s){if(!s.has(e))continue;s=null}if(t.has(e))throw Error("Unexpected packet type: "+e);switch(e){case F.packet.publicKey:case F.packet.secretKey:if(this.keyPacket)throw Error("Key block contains multiple keys");if(this.keyPacket=a,n=this.getKeyID(),!n)throw Error("Missing Key ID");break;case F.packet.userID:case F.packet.userAttribute:r=new oo(a,this),this.users.push(r);break;case F.packet.publicSubkey:case F.packet.secretSubkey:r=null,i=new co(a,this),this.subkeys.push(i);break;case F.packet.signature:switch(a.signatureType){case F.signature.certGeneric:case F.signature.certPersona:case F.signature.certCasual:case F.signature.certPositive:if(!r){_.printDebug("Dropping certification signatures without preceding user packet");continue}a.issuerKeyID.equals(n)?r.selfCertifications.push(a):r.otherCertifications.push(a);break;case F.signature.certRevocation:r?r.revocationSignatures.push(a):this.directSignatures.push(a);break;case F.signature.key:this.directSignatures.push(a);break;case F.signature.subkeyBinding:if(!i){_.printDebug("Dropping subkey binding signature without preceding subkey packet");continue}i.bindingSignatures.push(a);break;case F.signature.keyRevocation:this.revocationSignatures.push(a);break;case F.signature.subkeyRevocation:if(!i){_.printDebug("Dropping subkey revocation signature without preceding subkey packet");continue}i.revocationSignatures.push(a)}}}}toPacketList(){const e=new da;return e.push(this.keyPacket),e.push(...this.revocationSignatures),e.push(...this.directSignatures),this.users.map((t=>e.push(...t.toPacketList()))),this.subkeys.map((t=>e.push(...t.toPacketList()))),e}clone(e=!1){const t=new this.constructor(this.toPacketList());return e&&t.getKeys().forEach((e=>{if(e.keyPacket=Object.create(Object.getPrototypeOf(e.keyPacket),Object.getOwnPropertyDescriptors(e.keyPacket)),!e.keyPacket.isDecrypted())return;const t={};Object.keys(e.keyPacket.privateParams).forEach((r=>{t[r]=new Uint8Array(e.keyPacket.privateParams[r])})),e.keyPacket.privateParams=t})),t}getSubkeys(e=null){return this.subkeys.filter((t=>!e||t.getKeyID().equals(e,!0)))}getKeys(e=null){const t=[];return e&&!this.getKeyID().equals(e,!0)||t.push(this),t.concat(this.getSubkeys(e))}getKeyIDs(){return this.getKeys().map((e=>e.getKeyID()))}getUserIDs(){return this.users.map((e=>e.userID?e.userID.userID:null)).filter((e=>null!==e))}write(){return this.toPacketList().write()}async getSigningKey(e=null,t=new Date,r={},n=O){await this.verifyPrimaryKey(t,r,n);const i=this.keyPacket;try{ao(i,n)}catch(e){throw _.wrapError("Could not verify primary key",e)}const s=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created||t.keyPacket.algorithm-e.keyPacket.algorithm));let a;for(const r of s)if(!e||r.getKeyID().equals(e))try{await r.verify(t,n);const e={key:i,bind:r.keyPacket},s=await Ya(r.bindingSignatures,i,F.signature.subkeyBinding,e,t,n);if(!no(r.keyPacket,s,n))continue;if(!s.embeddedSignature)throw Error("Missing embedded signature");return await Ya([s.embeddedSignature],r.keyPacket,F.signature.keyBinding,e,t,n),ao(r.keyPacket,n),r}catch(e){a=e}try{const s=await this.getPrimarySelfSignature(t,r,n);if((!e||i.getKeyID().equals(e))&&no(i,s,n))return ao(i,n),this}catch(e){a=e}throw _.wrapError("Could not find valid signing key packet in key "+this.getKeyID().toHex(),a)}async getEncryptionKey(e,t=new Date,r={},n=O){await this.verifyPrimaryKey(t,r,n);const i=this.keyPacket;try{ao(i,n)}catch(e){throw _.wrapError("Could not verify primary key",e)}const s=this.subkeys.slice().sort(((e,t)=>t.keyPacket.created-e.keyPacket.created||t.keyPacket.algorithm-e.keyPacket.algorithm));let a;for(const r of s)if(!e||r.getKeyID().equals(e))try{await r.verify(t,n);const e={key:i,bind:r.keyPacket},s=await Ya(r.bindingSignatures,i,F.signature.subkeyBinding,e,t,n);if(io(r.keyPacket,s,n))return ao(r.keyPacket,n),r}catch(e){a=e}try{const s=await this.getPrimarySelfSignature(t,r,n);if((!e||i.getKeyID().equals(e))&&io(i,s,n))return ao(i,n),this}catch(e){a=e}throw _.wrapError("Could not find valid encryption key packet in key "+this.getKeyID().toHex(),a)}async isRevoked(e,t,r=new Date,n=O){return eo(this.keyPacket,F.signature.keyRevocation,{key:this.keyPacket},this.revocationSignatures,e,t,r,n)}async verifyPrimaryKey(e=new Date,t={},r=O){const n=this.keyPacket;if(await this.isRevoked(null,null,e,r))throw Error("Primary key is revoked");if(Za(n,await this.getPrimarySelfSignature(e,t,r),e))throw Error("Primary key is expired");if(6!==n.version){const t=await Ya(this.directSignatures,n,F.signature.key,{key:n},e,r).catch((()=>{}));if(t&&Za(n,t,e))throw Error("Primary key is expired")}}async getExpirationTime(e,t=O){let r;try{const n=await this.getPrimarySelfSignature(null,e,t),i=to(this.keyPacket,n),s=n.getExpirationTime(),a=6!==this.keyPacket.version&&await Ya(this.directSignatures,this.keyPacket,F.signature.key,{key:this.keyPacket},null,t).catch((()=>{}));if(a){const e=to(this.keyPacket,a);r=Math.min(i,s,e)}else r=i<s?i:s}catch(e){r=null}return _.normalizeDate(r)}async getPrimarySelfSignature(e=new Date,t={},r=O){const n=this.keyPacket;if(6===n.version)return Ya(this.directSignatures,n,F.signature.key,{key:n},e,r);const{selfCertification:i}=await this.getPrimaryUser(e,t,r);return i}async getPrimaryUser(e=new Date,t={},r=O){const n=this.keyPacket,i=[];let s;for(let a=0;a<this.users.length;a++)try{const s=this.users[a];if(!s.userID)continue;if(void 0!==t.name&&s.userID.name!==t.name||void 0!==t.email&&s.userID.email!==t.email||void 0!==t.comment&&s.userID.comment!==t.comment)throw Error("Could not find user that matches that user ID");const o={userID:s.userID,key:n},c=await Ya(s.selfCertifications,n,F.signature.certGeneric,o,e,r);i.push({index:a,user:s,selfCertification:c})}catch(e){s=e}if(!i.length)throw s||Error("Could not find primary user");await Promise.all(i.map((async function(t){return t.selfCertification.revoked||t.user.isRevoked(t.selfCertification,null,e,r)})));const a=i.sort((function(e,t){const r=e.selfCertification,n=t.selfCertification;return n.revoked-r.revoked||r.isPrimaryUserID-n.isPrimaryUserID||r.created-n.created})).pop(),{user:o,selfCertification:c}=a;if(c.revoked||await o.isRevoked(c,null,e,r))throw Error("Primary user is revoked");return a}async update(e,t=new Date,r=O){if(!this.hasSameFingerprintAs(e))throw Error("Primary key fingerprints must be equal to update the key");if(!this.isPrivate()&&e.isPrivate()){if(!(this.subkeys.length===e.subkeys.length&&this.subkeys.every((t=>e.subkeys.some((e=>t.hasSameFingerprintAs(e)))))))throw Error("Cannot update public key with private key if subkeys mismatch");return e.update(this,r)}const n=this.clone();return await $a(e,n,"revocationSignatures",t,(i=>eo(n.keyPacket,F.signature.keyRevocation,n,[i],null,e.keyPacket,t,r))),await $a(e,n,"directSignatures",t),await Promise.all(e.users.map((async e=>{const i=n.users.filter((t=>e.userID&&e.userID.equals(t.userID)||e.userAttribute&&e.userAttribute.equals(t.userAttribute)));if(i.length>0)await Promise.all(i.map((n=>n.update(e,t,r))));else{const t=e.clone();t.mainKey=n,n.users.push(t)}}))),await Promise.all(e.subkeys.map((async e=>{const i=n.subkeys.filter((t=>t.hasSameFingerprintAs(e)));if(i.length>0)await Promise.all(i.map((n=>n.update(e,t,r))));else{const t=e.clone();t.mainKey=n,n.subkeys.push(t)}}))),n}async getRevocationCertificate(e=new Date,t=O){const r={key:this.keyPacket},n=await Ya(this.revocationSignatures,this.keyPacket,F.signature.keyRevocation,r,e,t),i=new da;i.push(n);const s=6!==this.keyPacket.version;return ne(F.armor.publicKey,i.write(),null,null,"This is a revocation certificate",s,t)}async applyRevocationCertificate(e,t=new Date,r=O){const n=await re(e),i=(await da.fromBinary(n.data,uo,r)).findPacket(F.packet.signature);if(!i||i.signatureType!==F.signature.keyRevocation)throw Error("Could not find revocation signature packet");if(!i.issuerKeyID.equals(this.getKeyID()))throw Error("Revocation signature does not match key");try{await i.verify(this.keyPacket,F.signature.keyRevocation,{key:this.keyPacket},t,void 0,r)}catch(e){throw _.wrapError("Could not verify revocation signature",e)}const s=this.clone();return s.revocationSignatures.push(i),s}async signPrimaryUser(e,t,r,n=O){const{index:i,user:s}=await this.getPrimaryUser(t,r,n),a=await s.certify(e,t,n),o=this.clone();return o.users[i]=a,o}async signAllUsers(e,t=new Date,r=O){const n=this.clone();return n.users=await Promise.all(this.users.map((function(n){return n.certify(e,t,r)}))),n}async verifyPrimaryUser(e,t=new Date,r,n=O){const i=this.keyPacket,{user:s}=await this.getPrimaryUser(t,r,n);return e?await s.verifyAllCertifications(e,t,n):[{keyID:i.getKeyID(),valid:await s.verify(t,n).catch((()=>!1))}]}async verifyAllUsers(e,t=new Date,r=O){const n=this.keyPacket,i=[];return await Promise.all(this.users.map((async s=>{const a=e?await s.verifyAllCertifications(e,t,r):[{keyID:n.getKeyID(),valid:await s.verify(t,r).catch((()=>!1))}];i.push(...a.map((e=>({userID:s.userID?s.userID.userID:null,userAttribute:s.userAttribute,keyID:e.keyID,valid:e.valid}))))}))),i}}["getKeyID","getFingerprint","getAlgorithmInfo","getCreationTime","hasSameFingerprintAs"].forEach((e=>{fo.prototype[e]=co.prototype[e]}));class yo extends fo{constructor(e){if(super(),this.keyPacket=null,this.revocationSignatures=[],this.directSignatures=[],this.users=[],this.subkeys=[],e&&(this.packetListToStructure(e,new Set([F.packet.secretKey,F.packet.secretSubkey])),!this.keyPacket))throw Error("Invalid key: missing public-key packet")}isPrivate(){return!1}toPublic(){return this}armor(e=O){const t=6!==this.keyPacket.version;return ne(F.armor.publicKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}}class po extends yo{constructor(e){if(super(),this.packetListToStructure(e,new Set([F.packet.publicKey,F.packet.publicSubkey])),!this.keyPacket)throw Error("Invalid key: missing private-key packet")}isPrivate(){return!0}toPublic(){const e=new da,t=this.toPacketList();let r=!1;for(const n of t)if(!r||n.constructor.tag!==F.packet.Signature)switch(r&&(r=!1),n.constructor.tag){case F.packet.secretKey:{if(n.algorithm===F.publicKey.aead||n.algorithm===F.publicKey.hmac)throw Error("Cannot create public key from symmetric private");const t=Ta.fromSecretKeyPacket(n);e.push(t);break}case F.packet.secretSubkey:{if(n.algorithm===F.publicKey.aead||n.algorithm===F.publicKey.hmac){r=!0;break}const t=Fa.fromSecretSubkeyPacket(n);e.push(t);break}default:e.push(n)}return new yo(e)}armor(e=O){const t=6!==this.keyPacket.version;return ne(F.armor.privateKey,this.toPacketList().write(),void 0,void 0,void 0,t,e)}async getDecryptionKeys(e,t=new Date,r={},n=O){const i=this.keyPacket,s=[];let a=null;for(let r=0;r<this.subkeys.length;r++)if(!e||this.subkeys[r].getKeyID().equals(e,!0)){if(this.subkeys[r].keyPacket.isDummy()){a=a||Error("Gnu-dummy key packets cannot be used for decryption");continue}try{const e={key:i,bind:this.subkeys[r].keyPacket},a=await Ya(this.subkeys[r].bindingSignatures,i,F.signature.subkeyBinding,e,t,n);so(this.subkeys[r].keyPacket,a,n)&&s.push(this.subkeys[r])}catch(e){a=e}}const o=await this.getPrimarySelfSignature(t,r,n);if(e&&!i.getKeyID().equals(e,!0)||!so(i,o,n)||(i.isDummy()?a=a||Error("Gnu-dummy key packets cannot be used for decryption"):s.push(this)),0===s.length)throw a||Error("No decryption key packets found");return s}isDecrypted(){return this.getKeys().some((({keyPacket:e})=>e.isDecrypted()))}async validate(e=O){if(!this.isPrivate())throw Error("Cannot validate a public key");let t;if(this.keyPacket.isDummy()){const r=await this.getSigningKey(null,null,void 0,{...e,rejectPublicKeyAlgorithms:new Set,minRSABits:0});r&&!r.keyPacket.isDummy()&&(t=r.keyPacket)}else t=this.keyPacket;if(t)return t.validate();{const e=this.getKeys();if(e.map((e=>e.keyPacket.isDummy())).every(Boolean))throw Error("Cannot validate an all-gnu-dummy key");return Promise.all(e.map((async e=>e.keyPacket.validate())))}}clearPrivateParams(){this.getKeys().forEach((({keyPacket:e})=>{e.isDecrypted()&&e.clearPrivateParams()}))}async revoke({flag:e=F.reasonForRevocation.noReason,string:t=""}={},r=new Date,n=O){if(!this.isPrivate())throw Error("Need private key for revoking");const i={key:this.keyPacket},s=this.clone();return s.revocationSignatures.push(await Wa(i,[],this.keyPacket,{signatureType:F.signature.keyRevocation,reasonForRevocationFlag:F.write(F.reasonForRevocation,e),reasonForRevocationString:t},r,void 0,void 0,void 0,n)),s}async addSubkey(e={}){const t={...O,...e.config};if(e.passphrase)throw Error("Subkey could not be encrypted here, please encrypt whole key");if(e.rsaBits<t.minRSABits)throw Error(`rsaBits should be at least ${t.minRSABits}, got: ${e.rsaBits}`);const r=this.keyPacket;if(r.isDummy())throw Error("Cannot add subkey to gnu-dummy primary key");if(!r.isDecrypted())throw Error("Key is not decrypted");const n=r.getAlgorithmInfo();n.type=function(e){switch(F.write(F.publicKey,e)){case F.publicKey.rsaEncrypt:case F.publicKey.rsaEncryptSign:case F.publicKey.rsaSign:case F.publicKey.dsa:return"rsa";case F.publicKey.ecdsa:case F.publicKey.eddsaLegacy:return"ecc";case F.publicKey.ed25519:return"curve25519";case F.publicKey.ed448:return"curve448";default:throw Error("Unsupported algorithm")}}(n.algorithm),n.rsaBits=n.bits||4096,n.curve=n.curve||"curve25519Legacy",e=ro(e,n);const i=await ja(e,{...t,v6Keys:6===this.keyPacket.version});ao(i,t);const s=await Ja(i,r,e,t),a=this.toPacketList();return a.push(i,s),new po(a)}}const go=/*#__PURE__*/_.constructAllowedPackets([Ta,Fa,Na,za,Ha,Oa,ha]);function wo(e){for(const t of e)switch(t.constructor.tag){case F.packet.secretKey:return new po(e);case F.packet.publicKey:return new yo(e)}throw Error("No key packet found")}async function Ao(e,t,r,n){r.passphrase&&await e.encrypt(r.passphrase,n),await Promise.all(t.map((async function(e,t){const i=r.subkeys[t].passphrase;i&&await e.encrypt(i,n)})));const i=new da;function s(e,t){return[t,...e.filter((e=>e!==t))]}function a(){const t={};t.keyFlags=[F.keyFlags.certifyKeys|F.keyFlags.signData];const i=s([F.symmetric.aes256,F.symmetric.aes128],n.preferredSymmetricAlgorithm);if(t.preferredSymmetricAlgorithms=i,n.aeadProtect){const e=s([F.aead.gcm,F.aead.eax,F.aead.ocb],n.preferredAEADAlgorithm);t.preferredCipherSuites=e.flatMap((e=>i.map((t=>[t,e]))))}return t.preferredHashAlgorithms=s([F.hash.sha512,F.hash.sha256,...6===e.version?[F.hash.sha3_512,F.hash.sha3_256]:[]],n.preferredHashAlgorithm),t.preferredCompressionAlgorithms=s([F.compression.uncompressed,F.compression.zlib,F.compression.zip],n.preferredCompressionAlgorithm),t.features=[0],t.features[0]|=F.features.modificationDetection,n.aeadProtect&&(t.features[0]|=F.features.seipdv2),r.keyExpirationTime>0&&(t.keyExpirationTime=r.keyExpirationTime,t.keyNeverExpires=!1),t}if(i.push(e),6===e.version){const t={key:e},s=a();s.signatureType=F.signature.key;const o=await Wa(t,[],e,s,r.date,void 0,void 0,void 0,n);i.push(o)}await Promise.all(r.userIDs.map((async function(t,i){const s=Ha.fromObject(t),o={userID:s,key:e},c=6!==e.version?a():{};c.signatureType=F.signature.certPositive,0===i&&(c.isPrimaryUserID=!0);return{userIDPacket:s,signaturePacket:await Wa(o,[],e,c,r.date,void 0,void 0,void 0,n)}}))).then((e=>{e.forEach((({userIDPacket:e,signaturePacket:t})=>{i.push(e),i.push(t)}))})),await Promise.all(t.map((async function(t,i){const s=r.subkeys[i];return{secretSubkeyPacket:t,subkeySignaturePacket:await Ja(t,e,s,n)}}))).then((e=>{e.forEach((({secretSubkeyPacket:e,subkeySignaturePacket:t})=>{i.push(e),i.push(t)}))}));const o={key:e};return i.push(await Wa(o,[],e,{signatureType:F.signature.keyRevocation,reasonForRevocationFlag:F.reasonForRevocation.noReason,reasonForRevocationString:""},r.date,void 0,void 0,void 0,n)),r.passphrase&&e.clearPrivateParams(),await Promise.all(t.map((async function(e,t){r.subkeys[t].passphrase&&e.clearPrivateParams()}))),new po(i)}const mo=/*#__PURE__*/_.constructAllowedPackets([sa,ba,Pa,Ba,La,xa,Ra,ya,ha]),bo=/*#__PURE__*/_.constructAllowedPackets([Ra]),ko=/*#__PURE__*/_.constructAllowedPackets([ha]);class Eo{constructor(e){this.packets=e||new da}getEncryptionKeyIDs(){const e=[];return this.packets.filterByTag(F.packet.publicKeyEncryptedSessionKey).forEach((function(t){e.push(t.publicKeyID)})),e}getSigningKeyIDs(){const e=this.unwrapCompressed(),t=e.packets.filterByTag(F.packet.onePassSignature);if(t.length>0)return t.map((e=>e.issuerKeyID));return e.packets.filterByTag(F.packet.signature).map((e=>e.issuerKeyID))}async decrypt(e,t,r,n=new Date,i=O){const s=this.packets.filterByTag(F.packet.symmetricallyEncryptedData,F.packet.symEncryptedIntegrityProtectedData,F.packet.aeadEncryptedData);if(0===s.length)throw Error("No encrypted data found");const a=s[0],o=a.cipherAlgorithm,c=r||await this.decryptSessionKeys(e,t,o,n,i);let u=null;const h=Promise.all(c.map((async({algorithm:e,data:t})=>{if(!_.isUint8Array(t)||!a.cipherAlgorithm&&!_.isString(e))throw Error("Invalid session key for decryption.");try{const r=a.cipherAlgorithm||F.write(F.symmetric,e);await a.decrypt(r,t,i)}catch(e){_.printDebugError(e),u=e}})));if(Q(a.encrypted),a.encrypted=null,await h,!a.packets||!a.packets.length)throw u||Error("Decryption failed.");const l=new Eo(a.packets);return a.packets=new da,l}async decryptSessionKeys(e,t,r,n=new Date,i=O){let s,a=[];if(t){const e=this.packets.filterByTag(F.packet.symEncryptedSessionKey);if(0===e.length)throw Error("No symmetrically encrypted session key packet found.");await Promise.all(t.map((async function(t,r){let n;n=r?await da.fromBinary(e.write(),bo,i):e,await Promise.all(n.map((async function(e){try{await e.decrypt(t),a.push(e)}catch(e){_.printDebugError(e),e instanceof ts&&(s=e)}})))})))}else{if(!e)throw Error("No key or password specified.");{const t=this.packets.filterByTag(F.packet.publicKeyEncryptedSessionKey);if(0===t.length)throw Error("No public key encrypted session key packet found.");await Promise.all(t.map((async function(t){await Promise.all(e.map((async function(e){let o;try{o=(await e.getDecryptionKeys(t.publicKeyID,null,void 0,i)).map((e=>e.keyPacket))}catch(e){return void(s=e)}let c=[F.symmetric.aes256,F.symmetric.aes128,F.symmetric.tripledes,F.symmetric.cast5];try{const t=await e.getPrimarySelfSignature(n,void 0,i);t.preferredSymmetricAlgorithms&&(c=c.concat(t.preferredSymmetricAlgorithms))}catch(e){}await Promise.all(o.map((async function(e){if(!e.isDecrypted())throw Error("Decryption key is not decrypted.");if(i.constantTimePKCS1Decryption&&(t.publicKeyAlgorithm===F.publicKey.rsaEncrypt||t.publicKeyAlgorithm===F.publicKey.rsaEncryptSign||t.publicKeyAlgorithm===F.publicKey.rsaSign||t.publicKeyAlgorithm===F.publicKey.elgamal)){const n=t.write();await Promise.all((r?[r]:Array.from(i.constantTimePKCS1DecryptionSupportedSymmetricAlgorithms)).map((async t=>{const r=new xa;r.read(n);const i={sessionKeyAlgorithm:t,sessionKey:Ji(t)};try{await r.decrypt(e,i),a.push(r)}catch(e){_.printDebugError(e),s=e}})))}else try{await t.decrypt(e);const n=r||t.sessionKeyAlgorithm;if(n&&!c.includes(F.write(F.symmetric,n)))throw Error("A non-preferred symmetric algorithm was used.");a.push(t)}catch(e){_.printDebugError(e),s=e}})))}))),Q(t.encrypted),t.encrypted=null})))}}if(a.length>0){if(a.length>1){const e=new Set;a=a.filter((t=>{const r=t.sessionKeyAlgorithm+_.uint8ArrayToString(t.sessionKey);return!e.has(r)&&(e.add(r),!0)}))}return a.map((e=>({data:e.sessionKey,algorithm:e.sessionKeyAlgorithm&&F.read(F.symmetric,e.sessionKeyAlgorithm)})))}throw s||Error("Session key decryption failed.")}getLiteralData(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e&&e.getBytes()||null}getFilename(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e&&e.getFilename()||null}getText(){const e=this.unwrapCompressed().packets.findPacket(F.packet.literalData);return e?e.getText():null}static async generateSessionKey(e=[],t=new Date,r=[],n=O){const{symmetricAlgo:i,aeadAlgo:s}=await async function(e=[],t=new Date,r=[],n=O){const i=await Promise.all(e.map(((e,i)=>e.getPrimarySelfSignature(t,r[i],n))));if(e.length?!n.ignoreSEIPDv2FeatureFlag&&i.every((e=>e.features&&e.features[0]&F.features.seipdv2)):n.aeadProtect){const e={symmetricAlgo:F.symmetric.aes128,aeadAlgo:F.aead.ocb},t=[{symmetricAlgo:n.preferredSymmetricAlgorithm,aeadAlgo:n.preferredAEADAlgorithm},{symmetricAlgo:n.preferredSymmetricAlgorithm,aeadAlgo:F.aead.ocb},{symmetricAlgo:F.symmetric.aes128,aeadAlgo:n.preferredAEADAlgorithm}];for(const e of t)if(i.every((t=>t.preferredCipherSuites&&t.preferredCipherSuites.some((t=>t[0]===e.symmetricAlgo&&t[1]===e.aeadAlgo)))))return e;return e}const s=F.symmetric.aes128,a=n.preferredSymmetricAlgorithm;return{symmetricAlgo:i.every((e=>e.preferredSymmetricAlgorithms&&e.preferredSymmetricAlgorithms.includes(a)))?a:s,aeadAlgo:void 0}}(e,t,r,n),a=F.read(F.symmetric,i),o=s?F.read(F.aead,s):void 0;await Promise.all(e.map((e=>e.getEncryptionKey().catch((()=>null)).then((e=>{if(e&&(e.keyPacket.algorithm===F.publicKey.x25519||e.keyPacket.algorithm===F.publicKey.x448)&&!o&&!_.isAES(i))throw Error("Could not generate a session key compatible with the given `encryptionKeys`: X22519 and X448 keys can only be used to encrypt AES session keys; change `config.preferredSymmetricAlgorithm` accordingly.")})))));return{data:Ji(i),algorithm:a,aeadAlgorithm:o}}async encrypt(e,t,r,n=!1,i=[],s=new Date,a=[],o=O){if(r){if(!_.isUint8Array(r.data)||!_.isString(r.algorithm))throw Error("Invalid session key for encryption.")}else if(e&&e.length)r=await Eo.generateSessionKey(e,s,a,o);else{if(!t||!t.length)throw Error("No keys, passwords, or session key provided.");r=await Eo.generateSessionKey(void 0,void 0,void 0,o)}const{data:c,algorithm:u,aeadAlgorithm:h}=r,l=await Eo.encryptSessionKey(c,u,h,e,t,n,i,s,a,o),f=Ba.fromObject({version:h?2:1,aeadAlgorithm:h?F.write(F.aead,h):null});f.packets=this.packets;const y=F.write(F.symmetric,u);return await f.encrypt(y,c,o),l.packets.push(f),f.packets=new da,l}static async encryptSessionKey(e,t,r,n,i,s=!1,a=[],o=new Date,c=[],u=O){const h=new da,l=F.write(F.symmetric,t),f=r&&F.write(F.aead,r);if(n){const t=await Promise.all(n.map((async function(t,r){const n=await t.getEncryptionKey(a[r],o,c,u),i=xa.fromObject({version:f?6:3,encryptionKeyPacket:n.keyPacket,anonymousRecipient:s,sessionKey:e,sessionKeyAlgorithm:l});return await i.encrypt(n.keyPacket),delete i.sessionKey,i})));h.push(...t)}if(i){const t=async function(e,t){try{return await e.decrypt(t),1}catch(e){return 0}},r=(e,t)=>e+t,n=async function(e,s,a,o){const c=new Ra(u);if(c.sessionKey=e,c.sessionKeyAlgorithm=s,a&&(c.aeadAlgorithm=a),await c.encrypt(o,u),u.passwordCollisionCheck){if(1!==(await Promise.all(i.map((e=>t(c,e))))).reduce(r))return n(e,s,o)}return delete c.sessionKey,c},s=await Promise.all(i.map((t=>n(e,l,f,t))));h.push(...s)}return new Eo(h)}async sign(e=[],t=[],r=null,n=[],i=new Date,s=[],a=[],o=[],c=O){const u=new da,h=this.packets.findPacket(F.packet.literalData);if(!h)throw Error("No literal data packet to sign.");const l=await vo(h,e,t,r,n,i,s,a,o,!1,c),f=l.map(((e,t)=>ya.fromSignaturePacket(e,0===t))).reverse();return u.push(...f),u.push(h),u.push(...l),new Eo(u)}compress(e,t=O){if(e===F.compression.uncompressed)return this;const r=new ba(t);r.algorithm=e,r.packets=this.packets;const n=new da;return n.push(r),new Eo(n)}async signDetached(e=[],t=[],r=null,n=[],i=[],s=new Date,a=[],o=[],c=O){const u=this.packets.findPacket(F.packet.literalData);if(!u)throw Error("No literal data packet to sign.");return new qa(await vo(u,e,t,r,n,i,s,a,o,!0,c))}async verify(e,t=new Date,r=O){const n=this.unwrapCompressed(),i=n.packets.filterByTag(F.packet.literalData);if(1!==i.length)throw Error("Can only verify message with one literal data packet.");let s=n.packets;l(s.stream)&&(s=s.concat(await x(s.stream,(e=>e||[]))));const a=s.filterByTag(F.packet.onePassSignature).reverse(),o=s.filterByTag(F.packet.signature);return a.length&&!o.length&&_.isStream(s.stream)&&!l(s.stream)?(await Promise.all(a.map((async e=>{e.correspondingSig=new Promise(((t,r)=>{e.correspondingSigResolve=t,e.correspondingSigReject=r})),e.signatureData=R((async()=>(await e.correspondingSig).signatureData)),e.hashed=x(await e.hash(e.signatureType,i[0],void 0,!1)),e.hashed.catch((()=>{}))}))),s.stream=I(s.stream,(async(e,t)=>{const r=T(e),n=M(t);try{for(let e=0;e<a.length;e++){const{value:t}=await r.read();a[e].correspondingSigResolve(t)}await r.readToEnd(),await n.ready,await n.close()}catch(e){a.forEach((t=>{t.correspondingSigReject(e)})),await n.abort(e)}})),Ko(a,i,e,t,!1,r)):Ko(o,i,e,t,!1,r)}verifyDetached(e,t,r=new Date,n=O){const i=this.unwrapCompressed().packets.filterByTag(F.packet.literalData);if(1!==i.length)throw Error("Can only verify message with one literal data packet.");return Ko(e.packets.filterByTag(F.packet.signature),i,t,r,!0,n)}unwrapCompressed(){const e=this.packets.filterByTag(F.packet.compressedData);return e.length?new Eo(e[0].packets):this}async appendSignature(e,t=O){await this.packets.read(_.isUint8Array(e)?e:(await re(e)).data,ko,t)}write(){return this.packets.write()}armor(e=O){const t=this.packets[this.packets.length-1],r=t.constructor.tag===Ba.tag?2!==t.version:this.packets.some((e=>e.constructor.tag===ha.tag&&6!==e.version));return ne(F.armor.message,this.write(),null,null,null,r,e)}}async function vo(e,t,r=[],n=null,i=[],s=new Date,a=[],o=[],c=[],u=!1,h=O){const l=new da,f=null===e.text?F.signature.binary:F.signature.text;if(await Promise.all(t.map((async(t,n)=>{const l=a[n];if(!t.isPrivate())throw Error("Need private key for signing");const y=await t.getSigningKey(i[n],s,l,h);return Wa(e,r.length?r:[t],y.keyPacket,{signatureType:f},s,o,c,u,h)}))).then((e=>{l.push(...e)})),n){const e=n.packets.filterByTag(F.packet.signature);l.push(...e)}return l}async function Ko(e,t,r,n=new Date,i=!1,s=O){return Promise.all(e.filter((function(e){return["text","binary"].includes(F.read(F.signature,e.signatureType))})).map((async function(e){return async function(e,t,r,n=new Date,i=!1,s=O){let a,o;for(const t of r){const r=t.getKeys(e.issuerKeyID);if(r.length>0){a=t,o=r[0];break}}const c=e instanceof ya?e.correspondingSig:e,u={keyID:e.issuerKeyID,verified:(async()=>{if(!o)throw Error("Could not find signing key with key ID "+e.issuerKeyID.toHex());await e.verify(o.keyPacket,e.signatureType,t[0],n,i,s);const r=await c;if(o.getCreationTime()>r.created)throw Error("Key is newer than the signature");try{await a.getSigningKey(o.getKeyID(),r.created,void 0,s)}catch(e){if(!s.allowInsecureVerificationWithReformattedKeys||!e.message.match(/Signature creation time is in the future/))throw e;await a.getSigningKey(o.getKeyID(),n,void 0,s)}return!0})(),signature:(async()=>{const e=await c,t=new da;return e&&t.push(e),new qa(t)})()};return u.signature.catch((()=>{})),u.verified.catch((()=>{})),u}(e,t,r,n,i,s)})))}const So=/*#__PURE__*/_.constructAllowedPackets([ha]);class Io{constructor(e,t){if(this.text=_.removeTrailingSpaces(e).replace(/\r?\n/g,"\r\n"),t&&!(t instanceof qa))throw Error("Invalid signature input");this.signature=t||new qa(new da)}getSigningKeyIDs(){const e=[];return this.signature.packets.forEach((function(t){e.push(t.issuerKeyID)})),e}async sign(e,t=[],r=null,n=[],i=new Date,s=[],a=[],o=[],c=O){const u=new sa;u.setText(this.text);const h=new qa(await vo(u,e,t,r,n,i,s,a,o,!0,c));return new Io(this.text,h)}verify(e,t=new Date,r=O){const n=this.signature.packets.filterByTag(F.packet.signature),i=new sa;return i.setText(this.text),Ko(n,[i],e,t,!0,r)}getText(){return this.text.replace(/\r\n/g,"\n")}armor(e=O){const t=this.signature.packets.some((e=>6!==e.version)),r={hash:t?Array.from(new Set(this.signature.packets.map((e=>F.read(F.hash,e.hashAlgorithm).toUpperCase())))).join():null,text:this.text,data:this.signature.packets.write()};return ne(F.armor.signed,r,void 0,void 0,void 0,t,e)}}function Bo(e){if(!(e instanceof Eo))throw Error("Parameter [message] needs to be of type Message")}function Co(e){if(!(e instanceof Io||e instanceof Eo))throw Error("Parameter [message] needs to be of type Message or CleartextMessage")}function Uo(e){if("armored"!==e&&"binary"!==e&&"object"!==e)throw Error("Unsupported format "+e)}const Po=Object.keys(O).length;function Do(e){const t=Object.keys(e);if(t.length!==Po)for(const e of t)if(void 0===O[e])throw Error("Unknown config property: "+e)}function xo(e){return e&&!_.isArray(e)&&(e=[e]),e}async function Qo(e){return"array"===_.isStream(e)?x(e):e}function Ro(e,t,...r){e.data=I(t.packets.stream,(async(t,n)=>{await E(e.data,n,{preventClose:!0});const i=M(n);try{await x(t,(e=>e)),await Promise.all(r.map((e=>x(e.packets.stream,(e=>e))))),await i.close()}catch(e){await i.abort(e)}}))}function To(e,t,r){switch(t){case"object":return e;case"armored":return e.armor(r);case"binary":return e.write();default:throw Error("Unsupported format "+t)}}const Mo=a&&"object"==typeof a&&"webcrypto"in a?a.webcrypto:a&&"object"==typeof a&&"randomBytes"in a?a:void 0;
 /*! noble-hashes - MIT License (c) 2022 Paul Miller (paulmillr.com) */function Lo(e){return e instanceof Uint8Array||ArrayBuffer.isView(e)&&"Uint8Array"===e.constructor.name}function Fo(e){if(!Number.isSafeInteger(e)||e<0)throw Error("positive integer expected, got "+e)}function Oo(e,...t){if(!Lo(e))throw Error("Uint8Array expected");if(t.length>0&&!t.includes(e.length))throw Error("Uint8Array expected of length "+t+", got length="+e.length)}function No(e){if("function"!=typeof e||"function"!=typeof e.create)throw Error("Hash should be wrapped by utils.createHasher");Fo(e.outputLen),Fo(e.blockLen)}function _o(e,t=!0){if(e.destroyed)throw Error("Hash instance has been destroyed");if(t&&e.finished)throw Error("Hash#digest() has already been called")}function Ho(e,t){Oo(e);const r=t.outputLen;if(e.length<r)throw Error("digestInto() expects output buffer of length at least "+r)}function zo(...e){for(let t=0;t<e.length;t++)e[t].fill(0)}function Go(e){return new DataView(e.buffer,e.byteOffset,e.byteLength)}function qo(e,t){return e<<32-t|e>>>t}function jo(e,t){return e<<t|e>>>32-t>>>0}const Vo=/* @__PURE__ */(()=>68===new Uint8Array(new Uint32Array([287454020]).buffer)[0])()?e=>e:function(e){for(let r=0;r<e.length;r++)e[r]=(t=e[r])<<24&4278190080|t<<8&16711680|t>>>8&65280|t>>>24&255;var t;return e},Yo=/* @__PURE__ */(()=>"function"==typeof Uint8Array.from([]).toHex&&"function"==typeof Uint8Array.fromHex)(),Zo=/* @__PURE__ */Array.from({length:256},((e,t)=>t.toString(16).padStart(2,"0")));function Jo(e){if(Oo(e),Yo)return e.toHex();let t="";for(let r=0;r<e.length;r++)t+=Zo[e[r]];return t}const Xo=48,Wo=57,$o=65,ec=70,tc=97,rc=102;function nc(e){return e>=Xo&&e<=Wo?e-Xo:e>=$o&&e<=ec?e-($o-10):e>=tc&&e<=rc?e-(tc-10):void 0}function ic(e){if("string"!=typeof e)throw Error("hex string expected, got "+typeof e);if(Yo)return Uint8Array.fromHex(e);const t=e.length,r=t/2;if(t%2)throw Error("hex string expected, got unpadded hex of length "+t);const n=new Uint8Array(r);for(let t=0,i=0;t<r;t++,i+=2){const r=nc(e.charCodeAt(i)),s=nc(e.charCodeAt(i+1));if(void 0===r||void 0===s){const t=e[i]+e[i+1];throw Error('hex string expected, got non-hex character "'+t+'" at index '+i)}n[t]=16*r+s}return n}function sc(e){return"string"==typeof e&&(e=function(e){if("string"!=typeof e)throw Error("string expected");return new Uint8Array((new TextEncoder).encode(e))}(e)),Oo(e),e}function ac(...e){let t=0;for(let r=0;r<e.length;r++){const n=e[r];Oo(n),t+=n.length}const r=new Uint8Array(t);for(let t=0,n=0;t<e.length;t++){const i=e[t];r.set(i,n),n+=i.length}return r}let oc=class{};function cc(e){const t=t=>e().update(sc(t)).digest(),r=e();return t.outputLen=r.outputLen,t.blockLen=r.blockLen,t.create=()=>e(),t}const uc=cc;function hc(e=32){if(Mo&&"function"==typeof Mo.getRandomValues)return Mo.getRandomValues(new Uint8Array(e));if(Mo&&"function"==typeof Mo.randomBytes)return Uint8Array.from(Mo.randomBytes(e));throw Error("crypto.getRandomValues must be defined")}
 /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const lc=/* @__PURE__ */BigInt(0),fc=/* @__PURE__ */BigInt(1);function yc(e,t=""){if("boolean"!=typeof e){throw Error((t&&`"${t}"`)+"expected boolean, got type="+typeof e)}return e}function pc(e,t,r=""){const n=Lo(e),i=e?.length,s=void 0!==t;if(!n||s&&i!==t){throw Error((r&&`"${r}" `)+"expected Uint8Array"+(s?" of length "+t:"")+", got "+(n?"length="+i:"type="+typeof e))}return e}function dc(e){const t=e.toString(16);return 1&t.length?"0"+t:t}function gc(e){if("string"!=typeof e)throw Error("hex string expected, got "+typeof e);return""===e?lc:BigInt("0x"+e)}function wc(e){return gc(Jo(e))}function Ac(e){return Oo(e),gc(Jo(Uint8Array.from(e).reverse()))}function mc(e,t){return ic(e.toString(16).padStart(2*t,"0"))}function bc(e,t){return mc(e,t).reverse()}function kc(e,t,r){let n;if("string"==typeof t)try{n=ic(t)}catch(t){throw Error(e+" must be hex string or Uint8Array, cause: "+t)}else{if(!Lo(t))throw Error(e+" must be hex string or Uint8Array");n=Uint8Array.from(t)}const i=n.length;if("number"==typeof r&&i!==r)throw Error(e+" of length "+r+" expected, got "+i);return n}function Ec(e){return Uint8Array.from(e)}const vc=e=>"bigint"==typeof e&&lc<=e;function Kc(e,t,r,n){if(!function(e,t,r){return vc(e)&&vc(t)&&vc(r)&&t<=e&&e<r}(t,r,n))throw Error("expected valid "+e+": "+r+" <= n < "+n+", got "+t)}function Sc(e){let t;for(t=0;e>lc;e>>=fc,t+=1);return t}const Ic=e=>(fc<<BigInt(e))-fc;function Bc(e,t,r={}){if(!e||"object"!=typeof e)throw Error("expected valid options object");function n(t,r,n){const i=e[t];if(n&&void 0===i)return;const s=typeof i;if(s!==r||null===i)throw Error(`param "${t}" is invalid: expected ${r}, got ${s}`)}Object.entries(t).forEach((([e,t])=>n(e,t,!1))),Object.entries(r).forEach((([e,t])=>n(e,t,!0)))}function Cc(e){const t=new WeakMap;return(r,...n)=>{const i=t.get(r);if(void 0!==i)return i;const s=e(r,...n);return t.set(r,s),s}}
 /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */const Uc=BigInt(0),Pc=BigInt(1),Dc=/* @__PURE__ */BigInt(2),xc=/* @__PURE__ */BigInt(3),Qc=/* @__PURE__ */BigInt(4),Rc=/* @__PURE__ */BigInt(5),Tc=/* @__PURE__ */BigInt(7),Mc=/* @__PURE__ */BigInt(8),Lc=/* @__PURE__ */BigInt(9),Fc=/* @__PURE__ */BigInt(16);function Oc(e,t){const r=e%t;return r>=Uc?r:t+r}function Nc(e,t,r){let n=e;for(;t-- >Uc;)n*=n,n%=r;return n}function _c(e,t){if(e===Uc)throw Error("invert: expected non-zero number");if(t<=Uc)throw Error("invert: expected positive modulus, got "+t);let r=Oc(e,t),n=t,i=Uc,s=Pc;for(;r!==Uc;){const e=n%r,t=i-s*(n/r);n=r,r=e,i=s,s=t}if(n!==Pc)throw Error("invert: does not exist");return Oc(i,t)}function Hc(e,t,r){if(!e.eql(e.sqr(t),r))throw Error("Cannot find square root")}function zc(e,t){const r=(e.ORDER+Pc)/Qc,n=e.pow(t,r);return Hc(e,n,t),n}function Gc(e,t){const r=(e.ORDER-Rc)/Mc,n=e.mul(t,Dc),i=e.pow(n,r),s=e.mul(t,i),a=e.mul(e.mul(s,Dc),i),o=e.mul(s,e.sub(a,e.ONE));return Hc(e,o,t),o}function qc(e){if(e<xc)throw Error("sqrt is not defined for small field");let t=e-Pc,r=0;for(;t%Dc===Uc;)t/=Dc,r++;let n=Dc;const i=Xc(e);for(;1===Zc(i,n);)if(n++>1e3)throw Error("Cannot find square root: probably non-prime P");if(1===r)return zc;let s=i.pow(n,t);const a=(t+Pc)/Dc;return function(e,n){if(e.is0(n))return n;if(1!==Zc(e,n))throw Error("Cannot find square root");let i=r,o=e.mul(e.ONE,s),c=e.pow(n,t),u=e.pow(n,a);for(;!e.eql(c,e.ONE);){if(e.is0(c))return e.ZERO;let t=1,r=e.sqr(c);for(;!e.eql(r,e.ONE);)if(t++,r=e.sqr(r),t===i)throw Error("Cannot find square root");const n=Pc<<BigInt(i-t-1),s=e.pow(o,n);i=t,o=e.sqr(s),c=e.mul(c,o),u=e.mul(u,s)}return u}}function jc(e){return e%Qc===xc?zc:e%Mc===Rc?Gc:e%Fc===Lc?function(e){const t=Xc(e),r=qc(e),n=r(t,t.neg(t.ONE)),i=r(t,n),s=r(t,t.neg(n)),a=(e+Tc)/Fc;return(e,t)=>{let r=e.pow(t,a),o=e.mul(r,n);const c=e.mul(r,i),u=e.mul(r,s),h=e.eql(e.sqr(o),t),l=e.eql(e.sqr(c),t);r=e.cmov(r,o,h),o=e.cmov(u,c,l);const f=e.eql(e.sqr(o),t),y=e.cmov(r,o,f);return Hc(e,y,t),y}}(e):qc(e)}const Vc=["create","isValid","is0","neg","inv","sqrt","sqr","eql","add","sub","mul","pow","div","addN","subN","mulN","sqrN"];function Yc(e,t,r=!1){const n=Array(t.length).fill(r?e.ZERO:void 0),i=t.reduce(((t,r,i)=>e.is0(r)?t:(n[i]=t,e.mul(t,r))),e.ONE),s=e.inv(i);return t.reduceRight(((t,r,i)=>e.is0(r)?t:(n[i]=e.mul(t,n[i]),e.mul(t,r))),s),n}function Zc(e,t){const r=(e.ORDER-Pc)/Dc,n=e.pow(t,r),i=e.eql(n,e.ONE),s=e.eql(n,e.ZERO),a=e.eql(n,e.neg(e.ONE));if(!i&&!s&&!a)throw Error("invalid Legendre symbol result");return i?1:s?0:-1}function Jc(e,t){void 0!==t&&Fo(t);const r=void 0!==t?t:e.toString(2).length;return{nBitLength:r,nByteLength:Math.ceil(r/8)}}function Xc(e,t,r=!1,n={}){if(e<=Uc)throw Error("invalid field: expected ORDER > 0, got "+e);let i,s,a,o=!1;if("object"==typeof t&&null!=t){if(n.sqrt||r)throw Error("cannot specify opts in two arguments");const e=t;e.BITS&&(i=e.BITS),e.sqrt&&(s=e.sqrt),"boolean"==typeof e.isLE&&(r=e.isLE),"boolean"==typeof e.modFromBytes&&(o=e.modFromBytes),a=e.allowedLengths}else"number"==typeof t&&(i=t),n.sqrt&&(s=n.sqrt);const{nBitLength:c,nByteLength:u}=Jc(e,i);if(u>2048)throw Error("invalid field: expected ORDER of <= 2048 bytes");let h;const l=Object.freeze({ORDER:e,isLE:r,BITS:c,BYTES:u,MASK:Ic(c),ZERO:Uc,ONE:Pc,allowedLengths:a,create:t=>Oc(t,e),isValid:t=>{if("bigint"!=typeof t)throw Error("invalid field element: expected bigint, got "+typeof t);return Uc<=t&&t<e},is0:e=>e===Uc,isValidNot0:e=>!l.is0(e)&&l.isValid(e),isOdd:e=>(e&Pc)===Pc,neg:t=>Oc(-t,e),eql:(e,t)=>e===t,sqr:t=>Oc(t*t,e),add:(t,r)=>Oc(t+r,e),sub:(t,r)=>Oc(t-r,e),mul:(t,r)=>Oc(t*r,e),pow:(e,t)=>function(e,t,r){if(r<Uc)throw Error("invalid exponent, negatives unsupported");if(r===Uc)return e.ONE;if(r===Pc)return t;let n=e.ONE,i=t;for(;r>Uc;)r&Pc&&(n=e.mul(n,i)),i=e.sqr(i),r>>=Pc;return n}(l,e,t),div:(t,r)=>Oc(t*_c(r,e),e),sqrN:e=>e*e,addN:(e,t)=>e+t,subN:(e,t)=>e-t,mulN:(e,t)=>e*t,inv:t=>_c(t,e),sqrt:s||(t=>(h||(h=jc(e)),h(l,t))),toBytes:e=>r?bc(e,u):mc(e,u),fromBytes:(t,n=!0)=>{if(a){if(!a.includes(t.length)||t.length>u)throw Error("Field.fromBytes: expected "+a+" bytes, got "+t.length);const e=new Uint8Array(u);e.set(t,r?0:e.length-t.length),t=e}if(t.length!==u)throw Error("Field.fromBytes: expected "+u+" bytes, got "+t.length);let i=r?Ac(t):wc(t);if(o&&(i=Oc(i,e)),!n&&!l.isValid(i))throw Error("invalid field element: outside of range 0..ORDER");return i},invertBatch:e=>Yc(l,e),cmov:(e,t,r)=>r?t:e});return Object.freeze(l)}function Wc(e){if("bigint"!=typeof e)throw Error("field order must be bigint");const t=e.toString(2).length;return Math.ceil(t/8)}function $c(e){const t=Wc(e);return t+Math.ceil(t/2)}function eu(e,t,r){return e&t^~e&r}function tu(e,t,r){return e&t^e&r^t&r}class ru extends oc{constructor(e,t,r,n){super(),this.finished=!1,this.length=0,this.pos=0,this.destroyed=!1,this.blockLen=e,this.outputLen=t,this.padOffset=r,this.isLE=n,this.buffer=new Uint8Array(e),this.view=Go(this.buffer)}update(e){_o(this),Oo(e=sc(e));const{view:t,buffer:r,blockLen:n}=this,i=e.length;for(let s=0;s<i;){const a=Math.min(n-this.pos,i-s);if(a!==n)r.set(e.subarray(s,s+a),this.pos),this.pos+=a,s+=a,this.pos===n&&(this.process(t,0),this.pos=0);else{const t=Go(e);for(;n<=i-s;s+=n)this.process(t,s)}}return this.length+=e.length,this.roundClean(),this}digestInto(e){_o(this),Ho(e,this),this.finished=!0;const{buffer:t,view:r,blockLen:n,isLE:i}=this;let{pos:s}=this;t[s++]=128,zo(this.buffer.subarray(s)),this.padOffset>n-s&&(this.process(r,0),s=0);for(let e=s;e<n;e++)t[e]=0;!function(e,t,r,n){if("function"==typeof e.setBigUint64)return e.setBigUint64(t,r,n);const i=BigInt(32),s=BigInt(4294967295),a=Number(r>>i&s),o=Number(r&s),c=n?4:0,u=n?0:4;e.setUint32(t+c,a,n),e.setUint32(t+u,o,n)}(r,n-8,BigInt(8*this.length),i),this.process(r,0);const a=Go(e),o=this.outputLen;if(o%4)throw Error("_sha2: outputLen should be aligned to 32bit");const c=o/4,u=this.get();if(c>u.length)throw Error("_sha2: outputLen bigger than state");for(let e=0;e<c;e++)a.setUint32(4*e,u[e],i)}digest(){const{buffer:e,outputLen:t}=this;this.digestInto(e);const r=e.slice(0,t);return this.destroy(),r}_cloneInto(e){e||(e=new this.constructor),e.set(...this.get());const{blockLen:t,buffer:r,length:n,finished:i,destroyed:s,pos:a}=this;return e.destroyed=s,e.finished=i,e.length=n,e.pos=a,n%t&&e.buffer.set(r),e}clone(){return this._cloneInto()}}const nu=/* @__PURE__ */Uint32Array.from([1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225]),iu=/* @__PURE__ */Uint32Array.from([3238371032,914150663,812702999,4144912697,4290775857,1750603025,1694076839,3204075428]),su=/* @__PURE__ */Uint32Array.from([3418070365,3238371032,1654270250,914150663,2438529370,812702999,355462360,4144912697,1731405415,4290775857,2394180231,1750603025,3675008525,1694076839,1203062813,3204075428]),au=/* @__PURE__ */Uint32Array.from([1779033703,4089235720,3144134277,2227873595,1013904242,4271175723,2773480762,1595750129,1359893119,2917565137,2600822924,725511199,528734635,4215389547,1541459225,327033209]),ou=/* @__PURE__ */BigInt(2**32-1),cu=/* @__PURE__ */BigInt(32);function uu(e,t=!1){return t?{h:Number(e&ou),l:Number(e>>cu&ou)}:{h:0|Number(e>>cu&ou),l:0|Number(e&ou)}}function hu(e,t=!1){const r=e.length;let n=new Uint32Array(r),i=new Uint32Array(r);for(let s=0;s<r;s++){const{h:r,l:a}=uu(e[s],t);[n[s],i[s]]=[r,a]}return[n,i]}const lu=(e,t,r)=>e>>>r,fu=(e,t,r)=>e<<32-r|t>>>r,yu=(e,t,r)=>e>>>r|t<<32-r,pu=(e,t,r)=>e<<32-r|t>>>r,du=(e,t,r)=>e<<64-r|t>>>r-32,gu=(e,t,r)=>e>>>r-32|t<<64-r;function wu(e,t,r,n){const i=(t>>>0)+(n>>>0);return{h:e+r+(i/2**32|0)|0,l:0|i}}const Au=(e,t,r)=>(e>>>0)+(t>>>0)+(r>>>0),mu=(e,t,r,n)=>t+r+n+(e/2**32|0)|0,bu=(e,t,r,n)=>(e>>>0)+(t>>>0)+(r>>>0)+(n>>>0),ku=(e,t,r,n,i)=>t+r+n+i+(e/2**32|0)|0,Eu=(e,t,r,n,i)=>(e>>>0)+(t>>>0)+(r>>>0)+(n>>>0)+(i>>>0),vu=(e,t,r,n,i,s)=>t+r+n+i+s+(e/2**32|0)|0,Ku=/* @__PURE__ */Uint32Array.from([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]),Su=/* @__PURE__ */new Uint32Array(64);class Iu extends ru{constructor(e=32){super(64,e,8,!1),this.A=0|nu[0],this.B=0|nu[1],this.C=0|nu[2],this.D=0|nu[3],this.E=0|nu[4],this.F=0|nu[5],this.G=0|nu[6],this.H=0|nu[7]}get(){const{A:e,B:t,C:r,D:n,E:i,F:s,G:a,H:o}=this;return[e,t,r,n,i,s,a,o]}set(e,t,r,n,i,s,a,o){this.A=0|e,this.B=0|t,this.C=0|r,this.D=0|n,this.E=0|i,this.F=0|s,this.G=0|a,this.H=0|o}process(e,t){for(let r=0;r<16;r++,t+=4)Su[r]=e.getUint32(t,!1);for(let e=16;e<64;e++){const t=Su[e-15],r=Su[e-2],n=qo(t,7)^qo(t,18)^t>>>3,i=qo(r,17)^qo(r,19)^r>>>10;Su[e]=i+Su[e-7]+n+Su[e-16]|0}let{A:r,B:n,C:i,D:s,E:a,F:o,G:c,H:u}=this;for(let e=0;e<64;e++){const t=u+(qo(a,6)^qo(a,11)^qo(a,25))+eu(a,o,c)+Ku[e]+Su[e]|0,h=(qo(r,2)^qo(r,13)^qo(r,22))+tu(r,n,i)|0;u=c,c=o,o=a,a=s+t|0,s=i,i=n,n=r,r=t+h|0}r=r+this.A|0,n=n+this.B|0,i=i+this.C|0,s=s+this.D|0,a=a+this.E|0,o=o+this.F|0,c=c+this.G|0,u=u+this.H|0,this.set(r,n,i,s,a,o,c,u)}roundClean(){zo(Su)}destroy(){this.set(0,0,0,0,0,0,0,0),zo(this.buffer)}}class Bu extends Iu{constructor(){super(28),this.A=0|iu[0],this.B=0|iu[1],this.C=0|iu[2],this.D=0|iu[3],this.E=0|iu[4],this.F=0|iu[5],this.G=0|iu[6],this.H=0|iu[7]}}const Cu=/* @__PURE__ */(()=>hu(["0x428a2f98d728ae22","0x7137449123ef65cd","0xb5c0fbcfec4d3b2f","0xe9b5dba58189dbbc","0x3956c25bf348b538","0x59f111f1b605d019","0x923f82a4af194f9b","0xab1c5ed5da6d8118","0xd807aa98a3030242","0x12835b0145706fbe","0x243185be4ee4b28c","0x550c7dc3d5ffb4e2","0x72be5d74f27b896f","0x80deb1fe3b1696b1","0x9bdc06a725c71235","0xc19bf174cf692694","0xe49b69c19ef14ad2","0xefbe4786384f25e3","0x0fc19dc68b8cd5b5","0x240ca1cc77ac9c65","0x2de92c6f592b0275","0x4a7484aa6ea6e483","0x5cb0a9dcbd41fbd4","0x76f988da831153b5","0x983e5152ee66dfab","0xa831c66d2db43210","0xb00327c898fb213f","0xbf597fc7beef0ee4","0xc6e00bf33da88fc2","0xd5a79147930aa725","0x06ca6351e003826f","0x142929670a0e6e70","0x27b70a8546d22ffc","0x2e1b21385c26c926","0x4d2c6dfc5ac42aed","0x53380d139d95b3df","0x650a73548baf63de","0x766a0abb3c77b2a8","0x81c2c92e47edaee6","0x92722c851482353b","0xa2bfe8a14cf10364","0xa81a664bbc423001","0xc24b8b70d0f89791","0xc76c51a30654be30","0xd192e819d6ef5218","0xd69906245565a910","0xf40e35855771202a","0x106aa07032bbd1b8","0x19a4c116b8d2d0c8","0x1e376c085141ab53","0x2748774cdf8eeb99","0x34b0bcb5e19b48a8","0x391c0cb3c5c95a63","0x4ed8aa4ae3418acb","0x5b9cca4f7763e373","0x682e6ff3d6b2b8a3","0x748f82ee5defb2fc","0x78a5636f43172f60","0x84c87814a1f0ab72","0x8cc702081a6439ec","0x90befffa23631e28","0xa4506cebde82bde9","0xbef9a3f7b2c67915","0xc67178f2e372532b","0xca273eceea26619c","0xd186b8c721c0c207","0xeada7dd6cde0eb1e","0xf57d4f7fee6ed178","0x06f067aa72176fba","0x0a637dc5a2c898a6","0x113f9804bef90dae","0x1b710b35131c471b","0x28db77f523047d84","0x32caab7b40c72493","0x3c9ebe0a15c9bebc","0x431d67c49c100d4c","0x4cc5d4becb3e42b6","0x597f299cfc657e2a","0x5fcb6fab3ad6faec","0x6c44198c4a475817"].map((e=>BigInt(e)))))(),Uu=/* @__PURE__ */(()=>Cu[0])(),Pu=/* @__PURE__ */(()=>Cu[1])(),Du=/* @__PURE__ */new Uint32Array(80),xu=/* @__PURE__ */new Uint32Array(80);class Qu extends ru{constructor(e=64){super(128,e,16,!1),this.Ah=0|au[0],this.Al=0|au[1],this.Bh=0|au[2],this.Bl=0|au[3],this.Ch=0|au[4],this.Cl=0|au[5],this.Dh=0|au[6],this.Dl=0|au[7],this.Eh=0|au[8],this.El=0|au[9],this.Fh=0|au[10],this.Fl=0|au[11],this.Gh=0|au[12],this.Gl=0|au[13],this.Hh=0|au[14],this.Hl=0|au[15]}get(){const{Ah:e,Al:t,Bh:r,Bl:n,Ch:i,Cl:s,Dh:a,Dl:o,Eh:c,El:u,Fh:h,Fl:l,Gh:f,Gl:y,Hh:p,Hl:d}=this;return[e,t,r,n,i,s,a,o,c,u,h,l,f,y,p,d]}set(e,t,r,n,i,s,a,o,c,u,h,l,f,y,p,d){this.Ah=0|e,this.Al=0|t,this.Bh=0|r,this.Bl=0|n,this.Ch=0|i,this.Cl=0|s,this.Dh=0|a,this.Dl=0|o,this.Eh=0|c,this.El=0|u,this.Fh=0|h,this.Fl=0|l,this.Gh=0|f,this.Gl=0|y,this.Hh=0|p,this.Hl=0|d}process(e,t){for(let r=0;r<16;r++,t+=4)Du[r]=e.getUint32(t),xu[r]=e.getUint32(t+=4);for(let e=16;e<80;e++){const t=0|Du[e-15],r=0|xu[e-15],n=yu(t,r,1)^yu(t,r,8)^lu(t,0,7),i=pu(t,r,1)^pu(t,r,8)^fu(t,r,7),s=0|Du[e-2],a=0|xu[e-2],o=yu(s,a,19)^du(s,a,61)^lu(s,0,6),c=pu(s,a,19)^gu(s,a,61)^fu(s,a,6),u=bu(i,c,xu[e-7],xu[e-16]),h=ku(u,n,o,Du[e-7],Du[e-16]);Du[e]=0|h,xu[e]=0|u}let{Ah:r,Al:n,Bh:i,Bl:s,Ch:a,Cl:o,Dh:c,Dl:u,Eh:h,El:l,Fh:f,Fl:y,Gh:p,Gl:d,Hh:g,Hl:w}=this;for(let e=0;e<80;e++){const t=yu(h,l,14)^yu(h,l,18)^du(h,l,41),A=pu(h,l,14)^pu(h,l,18)^gu(h,l,41),m=h&f^~h&p,b=Eu(w,A,l&y^~l&d,Pu[e],xu[e]),k=vu(b,g,t,m,Uu[e],Du[e]),E=0|b,v=yu(r,n,28)^du(r,n,34)^du(r,n,39),K=pu(r,n,28)^gu(r,n,34)^gu(r,n,39),S=r&i^r&a^i&a,I=n&s^n&o^s&o;g=0|p,w=0|d,p=0|f,d=0|y,f=0|h,y=0|l,({h,l}=wu(0|c,0|u,0|k,0|E)),c=0|a,u=0|o,a=0|i,o=0|s,i=0|r,s=0|n;const B=Au(E,K,I);r=mu(B,k,v,S),n=0|B}({h:r,l:n}=wu(0|this.Ah,0|this.Al,0|r,0|n)),({h:i,l:s}=wu(0|this.Bh,0|this.Bl,0|i,0|s)),({h:a,l:o}=wu(0|this.Ch,0|this.Cl,0|a,0|o)),({h:c,l:u}=wu(0|this.Dh,0|this.Dl,0|c,0|u)),({h,l}=wu(0|this.Eh,0|this.El,0|h,0|l)),({h:f,l:y}=wu(0|this.Fh,0|this.Fl,0|f,0|y)),({h:p,l:d}=wu(0|this.Gh,0|this.Gl,0|p,0|d)),({h:g,l:w}=wu(0|this.Hh,0|this.Hl,0|g,0|w)),this.set(r,n,i,s,a,o,c,u,h,l,f,y,p,d,g,w)}roundClean(){zo(Du,xu)}destroy(){zo(this.buffer),this.set(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)}}class Ru extends Qu{constructor(){super(48),this.Ah=0|su[0],this.Al=0|su[1],this.Bh=0|su[2],this.Bl=0|su[3],this.Ch=0|su[4],this.Cl=0|su[5],this.Dh=0|su[6],this.Dl=0|su[7],this.Eh=0|su[8],this.El=0|su[9],this.Fh=0|su[10],this.Fl=0|su[11],this.Gh=0|su[12],this.Gl=0|su[13],this.Hh=0|su[14],this.Hl=0|su[15]}}const Tu=/* @__PURE__ */cc((()=>new Iu)),Mu=/* @__PURE__ */cc((()=>new Bu)),Lu=/* @__PURE__ */cc((()=>new Qu)),Fu=/* @__PURE__ */cc((()=>new Ru));class Ou extends oc{constructor(e,t){super(),this.finished=!1,this.destroyed=!1,No(e);const r=sc(t);if(this.iHash=e.create(),"function"!=typeof this.iHash.update)throw Error("Expected instance of class which extends utils.Hash");this.blockLen=this.iHash.blockLen,this.outputLen=this.iHash.outputLen;const n=this.blockLen,i=new Uint8Array(n);i.set(r.length>n?e.create().update(r).digest():r);for(let e=0;e<i.length;e++)i[e]^=54;this.iHash.update(i),this.oHash=e.create();for(let e=0;e<i.length;e++)i[e]^=106;this.oHash.update(i),zo(i)}update(e){return _o(this),this.iHash.update(e),this}digestInto(e){_o(this),Oo(e,this.outputLen),this.finished=!0,this.iHash.digestInto(e),this.oHash.update(e),this.oHash.digestInto(e),this.destroy()}digest(){const e=new Uint8Array(this.oHash.outputLen);return this.digestInto(e),e}_cloneInto(e){e||(e=Object.create(Object.getPrototypeOf(this),{}));const{oHash:t,iHash:r,finished:n,destroyed:i,blockLen:s,outputLen:a}=this;return e.finished=n,e.destroyed=i,e.blockLen=s,e.outputLen=a,e.oHash=t._cloneInto(e.oHash),e.iHash=r._cloneInto(e.iHash),e}clone(){return this._cloneInto()}destroy(){this.destroyed=!0,this.oHash.destroy(),this.iHash.destroy()}}const Nu=(e,t,r)=>new Ou(e,t).update(r).digest();Nu.create=(e,t)=>new Ou(e,t)